Una falla di sicurezza critica è stata resa pubblica da Cisco nel suo software Secure Firewall Management Center (FMC), permettendo potenzialmente a malintenzionati non autenticati di eseguire, a distanza, comandi shell a loro scelta con alti livelli di autorizzazione. La vulnerabilità, identificata come CVE-2025-20265 e a cui è stato assegnato il punteggio CVSS massimo di 10,0, rappresenta una delle falle di sicurezza più gravi scoperte quest’anno nell’infrastruttura firewall di Cisco.
Gli aggressori possono sfruttare questa vulnerabilitàinviando credenziali appositamente create durante il processo di autenticazione RADIUS consentendo loro di iniettare comandi shell dannosi che vengono successivamente eseguiti dal dispositivo di destinazione. Ciò che rende questa vulnerabilità particolarmente pericolosa è il fatto che non richiede alcuna autenticazione e può essere sfruttata da remoto tramite la rete.
La vulnerabilità di sicurezza risiede nell’implementazione del sottosistema RADIUS del software Secure FMC di Cisco e colpisce in particolare la fase di autenticazione, in cui l’input dell’utente viene gestito in modo improprio.
La vulnerabilità colpisce specificamente le versioni 7.0.7 e 7.7.0 del software Cisco Secure FMC, ma solo quando l’autenticazione RADIUS è abilitata per l’interfaccia di gestione basata sul web, per la gestione SSH o per entrambe. Le organizzazioni che non utilizzano l’autenticazione RADIUS non sono vulnerabili a questo specifico vettore di attacco.
La vulnerabilità deriva da una convalida insufficiente degli input durante il processo di verifica delle credenziali, creando un’opportunità per attacchi di iniezione di comandi quando il sistema elabora le richieste di autenticazione inviate al server RADIUS configurato.
Cisco ha rilasciato aggiornamenti le patch che risolvono la vulnerabilità e consiglia vivamente di applicare immediatamente le patch a tutti i sistemi interessati.
@Giornalismo e disordine informativo articolo21.org/2025/08/normale… Mi sono abituato. Viene giù un altro condominio in Ucraina, a causa di un bombardamento deliberato russo contro i civili: prima era un crimine di guerra, ora è normale. Si ribalta un barcone di migranti con molti annegati, tra cui anche una bimba di pochi mesi: prima era un’immorale omissione di soccorso, ora è normale. […] L'articolo Normale
Mentre l’ascesa dei robot in Cina, il più grande mercato e produttore di robot al mondo, sta attirando l’attenzione dell’industria globale dell’informatica (IT), l’emergere di un “robot fidanzata” sta creando scalpore. Questo piccolo robot, modellato su una giovane donna, può cantare e ballare come un gruppo di ragazze e persino impegnarsi in scambi emotivi. È stato recentemente venduto per circa 2 milioni di won a un’asta (circa 2000 euro).
Secondo media cinesi come Kwai Technology, l’azienda di robotica con sede a Shanghai Lingdong Robotics ha recentemente lanciato il suo primo prodotto robotico, il robot umanoide “NIA-F01” (nome cinese: “Nian”), al prezzo di 9.999 yuan (circa 1500 euro).
“Nian” è un robot da tavolo di 56 cm con l’aspetto di una giovane donna snella. Dotato di vista, udito e tatto, può percepire le parole e le espressioni facciali dell’utente, consentendo la comunicazione emotiva. La superficie del robot è ricoperta da un materiale in silicone che risulta molto simile alla pelle, mentre il suo scheletro è suddiviso in un totale di 34 articolazioni, che gli consentono di muovere il corpo liberamente.
Una caratteristica degna di nota è che gli utenti possono “personalizzare” il carattere del robot che desiderano. Attraverso un telaio auto-sviluppato, gli utenti possono cambiare il viso, l’acconciatura, gli abiti, ecc. a seconda dei propri gusti, e possono anche implementare il tutto inserendo una voce umana, linguaggio, movimenti, personalità, ecc. Gli utenti possono creare un “robot fidanzata personalizzato” in base ai propri gusti.
Lingdong Robot ha presentato “Nian” come “il primo robot desktop personalizzato al mondo con intelligenza artificiale“. Inoltre, alla “World Robot Conference (WRC) 2025”, tenutasi a Pechino dall’8 al 12, ha anche presentato il “primo gruppo di ragazze robot al mondo”, in cui diverse “Nian” hanno imparato canzoni e balli di gruppo e li hanno ballati e cantati direttamente.
Lingdong Robot ha attirato nuovamente l’attenzione quando ha messo “Nian” all’asta su una piattaforma. Lingdong Robot aveva fissato l’offerta minima a 1 won, ma “Nian” è stata venduto all’asta quel giorno per 15.800 yuan (circa 2 milioni di won), superando il prezzo di vendita (9.999 yuan).
I media locali hanno riferito che l’emergere di una “fidanzata robot” è un misto di attesa e scetticismo nel settore IT cinese.
I media e i blog tecnologici cinesi nutrono grandi aspettative per il futuro della robotica, considerando che non solo i robot che sostituiscono le attività umane, ad esempio quelli per l’assistenza clienti e la preparazione culinaria, ma anche quelli in grado di rispondere ai bisogni emotivi degli utenti, come i robot compagni e i robot amici, potrebbero costituire una novità importante nel campo della robotica.
I blog e le testate online cinesi si soffermano sulle potenzialità future dei robot che vanno oltre la semplice sostituzione dell’uomo nelle mansioni lavorative, prendendo in considerazione anche quelli capaci di interazione emotiva, ossia i robot amici e i robot da compagnia, che potrebbero rinnovare profondamente il panorama della robotica.
Una falla di sicurezza critica è stata individuata nell’implementazione HTTP/2 di Apache Tomcat. Questa vulnerabilità permette a malintenzionati di effettuare attacchi di tipo denial-of-service (DoS) dannosi sui server web.
La vulnerabilità, monitorata con la CVE-2025-48989 e soprannominata attacco “Made You Reset“, colpisce diverse versioni del popolare container dj servlet Java e pone rischi significativi per le applicazioni web in tutto il mondo. La falla di sicurezza, classificata come grave, colpisce le versioni di Apache Tomcat da 11.0.0-M1 a 11.0.9, da 10.1.0-M1 a 10.1.43 e da 9.0.0.M1 a 9.0.107.
La vulnerabilità è stata identificata dai ricercatori di sicurezza Gal Bar Nahum, Anat Bremler-Barr e Yaniv Harel dell’Università di Tel Aviv, che hanno reso noti i loro risultati il 13 agosto 2025. Anche le vecchie versioni ormai fuori produzione potrebbero essere vulnerabili, con il rischio di colpire migliaia di server web in tutto il mondo.
L’attacco “Made You Reset” sfrutta le debolezze nell’implementazione del protocollo HTTP/2 di Tomcat, prendendo di mira il meccanismo di ripristino della connessione. Se eseguito correttamente, l’attacco si manifesta come un OutOfMemoryError, che fa sì che il server preso di mira esaurisca le risorse di memoria disponibili e non risponda più alle richieste legittime.
La vulnerabilità risiede nel modo in cui Tomcat gestisce i ripristini dei flussi HTTP/2 e la gestione delle connessioni. Gli aggressori possono creare richieste HTTP/2 dannose che costringono il server ad allocare risorse di memoria eccessive senza rilasciarle correttamente. Questo comportamento di perdita di memoria può essere attivato ripetutamente, fino a sovraccaricare il pool di memoria disponibile del server e innescare una condizione di negazione del servizio.
Il vettore di attacco sfrutta la funzionalità di multiplexing HTTP/2, grazie alla quale più flussi possono essere elaborati simultaneamente su una singola connessione TCP.
Manipolando i frame di ripristino del flusso e la gestione dello stato di connessione, gli aggressori possono forzare Tomcat a mantenere numerose connessioni semiaperte o stati di flusso incompleti, con conseguente esaurimento delle risorse.
“Non ci sono due amori, ma uno solo e medesimo, che ci spinge a dare sia il pane materiale sia il Pane della Parola, che, a sua volta, per il suo stesso dinamismo, dovrà suscitare fame del Pane del cielo”.
There has been a huge proliferation in AI music creation tools of late, and a corresponding uptick in the number of AI artists appearing on streaming services. Well before the modern neural network revolution, though, there was an earlier tool in this same vein. [harke] tells us all about Microsoft Music Producer 1.0, a forgotten relic from the 1990s.
The software wasn’t ever marketed openly. Instead, it was a part of Microsoft Visual InterDev, a web development package from 1997. It allowed the user to select a style, a personality, and a band to play the song, along with details like key, tempo, and the “shape” of the composition. It would then go ahead and algorithmically generate the music using MIDI instruments and in-built synthesized sounds.
As [harke] demonstrates, there are a huge amounts of genres to choose from. Pick one, and you’ll most likely find it sounds nothing like the contemporary genre it’s supposed to be recreating. The more gamey genres, though, like “Adventure” or “Chase” actually sound pretty okay. The moods are hilariously specific, too — you can have a “noble” song, or a “striving” or “serious” one. [harke] also demonstrates building a full song with the “7AM Illusion” preset, exporting the MIDI, and then adding her own instruments and vocals in a DAW to fill it out. The result is what you’d expect from a composition relying on the Microsoft GS Wavetable synth.
Do you calibrate your digital meters? Most of us don’t have the gear to do a proper calibration, but [Mike Wyatt] shares his simple way to calibrate his DMMs using a precision resistor coupled with a thermistor. The idea is to use a standard dual banana plug along with a 3D-printed housing to hold the simple electronics.
The calibration element is a precision resistor. But the assembly includes a 1% thermistor. In addition to the banana plugs, there are test points to access the resistor and another pair for the thermistor.
In use, you plug the device into the unit you want to test. Then you clip a different temperature sensor to the integrated thermistor. Because the thermistor is in close proximity to the meter’s input, it can tell the difference between the ambient temperature and the meter. [Mike] says the bench meters get warmer than hand-held units.
This is, of course, not a perfect setup if you are a real metrology stickler. But it can be helpful. [Mike] suggests the precision resistor be over 100 ohms since anything less really isn’t a candidate for a precision measurement with two wires. Debating over calibration? We do that, too.
[mircemk] has been working on wireless power transmission. Using a Class-E Tesla coil with 12 turns on the primary and 8 turns on the secondary and a 12 volt input he can send a few milliwatts to power an LED over a distance of more than 40 centimeters or power a 10 watt bulb over a distance of about 10 centimeters. With the DC input set at 24 volts the apparatus can deliver 5 watts over a distance of a few centimeters and a light is still visible after separating the primary and secondary coils by more than 30 centimeters.
There are many types of Tesla coil and we can’t go into the details here but they include Spark-Gap Tesla Coils (SGTC) and Solid-State Tesla Coils (SSTC), among others. The Class-E coil demonstrated in this project is a type of SSTC which in general is more efficient than an SGTC alternative.
Please bear in mind that while it is perfectly safe to watch a YouTube video of a person demonstrating a functional Tesla coil, building your own is hazardous and probably not a good idea unless you really understand what you’re doing! Particularly high voltages can be involved and EMI/RFI emissions can violate regulations. You can damage your body with RF burns while not feeling any pain, and without even knowing that it’s happening.
non basta il complesso biden di trump credo a spiegare tutto 😀 va bene che lo aveva sulle palle però era dopo tutto un oppositore politico legittimo. e non è che con se stesso può tirare fuori i brogli elettorali. lui sa di averli fatti lui..
The United States Pirate Party is excited to announce our first of many candidates for the 2026 election cycle: AZPP Captain Blase Henry shall be running for Arizona’s 17th Legislative District!
Blase has been a rising star within the ranks of the United States Pirate Party, and with this announcement, he is officially the first Pirate we will be backing during the 2026 elections.
If elected, future State Rep. Henry has laid out to us some of the bills he plans on introducing, including but not limited to:
– A digital Bill of Rights for Arizona
– A bill banning ID requirement/age verification laws on the internet, AI or otherwise
– A bill similar to the “Stop Killing Games” initiative of Europe, aiming to protect video game consumers and players
– A bill that prevents internet service providers from sharing your data without your consent and make it so police need a warrant for your data
We are excited to share what will be the first of many Pirate candidates. Some candidates will appear on the ballot as independents, some as members of major parties and some, if they are so fortunate, will have “Pirate” next to their name on the ballot. No matter what it says next to their name on the ballot, we will throw our support behind our Pirate candidates.
NOTE: the US Pirate Party recently endorsed the gubernatorial campaign of Timothy Grady for Ohio. Timothy Grady is an independent candidate but is not officially a Pirate Party candidate. Blase Henry is the first official candidate announced from the US Pirate Party.
To quote Blase Henry himself: “Let’s Hoist the Colours and Join the Pirate Revolution! For if Buying isn’t Ownership, then Piracy isn’t Theft!”
You can visit his campaign website here, or if you’re an AZ resident, you can help get Blase on the ballot here.
The image displays a computer desktop screen with a stunning wallpaper of the Northern Lights over a snowy landscape. The aurora borealis, with its vibrant green and hints of purple, dominates the sky, creating a mesmerizing display against a backdrop of stars. Below, a mountainous terrain with patches of snow and a body of water reflects the aurora's glow. The desktop interface includes a taskbar at the top with various icons, including a Raspberry Pi logo, a trash bin labeled "Cestino," and a clock showing 22:10. The window title reads "Server Raspberry Pi 4," indicating the device's operating system. The overall scene combines the natural beauty of the aurora with the functional elements of a computer desktop.
Provided by @altbot, generated privately and locally using Ovis2-8B
L'immagine mostra uno schermo di un computer con un desktop che ha uno sfondo blu con forme ondulate. In alto a sinistra, c'è una finestra intitolata "VNC config" con opzioni di configurazione come "Accept clipboard from viewers", "Also set primary selection", "Send clipboard to viewers" e "Send primary selection to viewers", tutte disattivate. In basso, c'è una barra di stato con l'ora "mercoledì 10 settembre 2025 - 19:05" e un pulsante di spegnimento. Sullo schermo, c'è anche un simbolo di un giroscopio bianco.
Fornito da @altbot, generato localmente e privatamente utilizzando Ovis2-8B
[Electronoobs] is using some brushless motors to make a DIY wind turbine. His recent video isn’t about the turbine itself, but a crucial electronic part: the three-phase rectifier. The reason it is so important is due to the use of brushless motors. Normal motors are not ideal for generating power for several reasons, as explained in the video below.
The brushless motors have three windings and generate three outputs, each out of phase with the others. You can’t just join them together because they are 120 degrees out of phase. But a special rectifier can merge the inputs efficiently and output a low-ripple DC voltage.
The rectifier will have to handle a lot of power, so it uses beefy devices with heat sinks. The design is very similar to a full-wave bridge rectifier, but instead of two legs, each with two diodes, this one has three legs. This is still not as efficient as you would like. A synchronous rectifier would be even more efficient but also more complicated.
Still, we have no doubt the board will do its job. We’re anxious to see the turbine come together. Want to build your own? Maybe start smaller. Too big? You can strip it down even further.
Ecco i post su Mastodon con le tappe del mio viaggio di quest'estate in Mecklenburg-Vorpommern e Schleswig-Holstein (aprire sempre le didascalie/testi alternativi delle immagini per qualche particolare in più)
Oggi celebriamo l’assunzione di Maria al cielo. La sua esistenza così umana e divina ci interpella nel quotidiano per poter assumere uno stile di vita immerso nel Mistero.
If you want to blink an LED once every second, you could use just about any old timer circuit to create a 1 Hz signal. Or, you could go the complicated route like [Anthony Vincz] and grab 1 Hz off a radio clock instead.
The build is an entry for the 2025 One Hertz Challenge, with [Anthony] pushing himself to whip up a simple entry on a single Sunday morning. He started by grabbing a NE567 tone decoder IC, which uses a phase-locked loop to trigger an output when detecting a tone of a given frequency. [Anthony] had used this chip hooked up to an Arduino to act as a Morse decoder, which picked up sound from an electret mic and decoded it into readable output.
However, he realized he could repurpose the NE567 to blink in response to output from radio time stations like the 60 KHz British and 77.5 KHz German broadcasts. He thus grabbed a software-defined radio, tuned it into one of the time stations, and adjusted the signal to effectively sound a regular 800 Hz tone coming out of his computer’s speakers that cycled once every second. He then tweaked the NE567 so it would trigger off this repetitive tone every second, flashing an LED.
Is it the easiest way to flash an LED? No. It’s complicated, but it’s also creative. They say a one hertz signal is always in the last place you look.
I know many computer languages, but I’ve struggled all my life to learn a second human language. One of my problems is that I can’t stop trying to translate in my head. Just like Morse code, you need to understand things directly, not translate. But you have to start somewhere. One of the reasons metric never caught on in the United States is that it is hard to do exact translations while you are developing intuition about just how hot is 35 °C or how long 8 cm is.
If you travel, temperature is especially annoying. When the local news tells you the temperature is going to be 28, it is hard to do the math in your head to decide if you need a coat or shorts.
Ok, you are a math whiz. And you have a phone with a calculator and, probably, a voice assistant. So you can do the right math, which is (9/5) x °C + 32. But for those of us who can’t do that in our heads, there is an easier way.
Field Expedient
Close enough for a quick estimate Most of us can’t multiply by 9/5 in our heads. But 9/5 is very nearly two. So if you double the Celsius temperature, you are halfway there. Of course, the number will be too high. But to make up for it, instead of adding 32, just add 30. For weather temperatures, this gives you a ballpark estimate. For 0 °C, you get 30 °F instead of 32. For 20 °C, you get 70 °F instead of 68. For 35 °C, you get 100 °F instead of 95. All close enough.
If you want to flip the error as the temperature goes up, you can remember to add 25 instead of 30 if the temperature is more than, say 25 °C. Then 35 °C gives you 95 °F on the dot, although other temperatures will still have some error, of course.
The error gets worse as the temperature rises, but it has to get fairly high before it gets useless. For example, my AMD CPU is currently at 48 °C. Using the +25 estimate, that’s 121 °F, instead of the correct 118. But maybe it won’t help you set up your metal smelting furnace.
Other Estimates
Centimeters to inches the easy way. This is a useful way to embrace metric. Find rough estimates for units you deal with. For example, 2.54 cm/inch is not the easiest thing to apply. But if you remember that 5 cm is about 2 in, that works well. So a 160 mm rod is 16 cm. If you think of that as 3 x 5 + 1, you’ll know it is 6 inches plus an extra centimeter. The right answer is about 6.3 inches. Not close enough to start cutting things, but it does give you a feel for how big a thing you are talking about.
If you lived through the time when gasoline in the US went from less than $1/gallon to over, you might remember that many gas stations switched to liters because the pumps couldn’t be set for a dollar. The reason is a liter is very nearly a quart, and there are four quarts to a gallon. So 12 liters is practically 12 quarts or 3 gallons. This turns out to be very close.
Kilograms and kilometers are a bit trickier. The right way to imprecisely convert kilograms to pounds is to multiply by 2.2. But a nice mental math trick is to double it. Then remove the last digit and add the rest back in to the whole result. Then put the last digit you removed after the decimal point. So 8 kg would be 16+1 (throw away the six) or 17 pounds. Then put the 0.6 in for the correct answer of 17.6 pounds. Of course, the conversion factor isn’t exactly 2.2, but that’s what most people use anyway. If you are trying to be scientifically accurate, none of this is going to help you. Estimating kilometers. The factor for kilometers is roughly 0.6 km/mile or 1.6 miles/km. If you halve the kilometers, that will get you a fairly low estimate. So 35 km (21.7 miles) is easy to guess as more than 17.5 miles. That’s a pretty big difference, though. But if you then add 10% of the 35 back (3.5) you get 21 miles which is close.
Advice
I’m not trying to say that these rule-of-thumb tricks are good when you need an exact answer. But they are handy when you simply want a gut feel over some measure. Over time, you’ll just naturally know that 35 °C is summer-weather hot and you need more than a coffee mug to hold 3 liters.
Do you have a favorite fast conversion back or forth from metric? Share it in the comments. Americans love their strange measuring system. Turns out, some of the reasons we didn’t get metric was due to pirates, as you can see in the video below.
The texts were sent to a group called “Mass Text” and show ICE using DMV and license plate reader data in an attempt to find their target, copies of the messages obtained by 404 Media show.#News
ICE Adds Random Person to Group Chat, Exposes Details of Manhunt in Real-Time
Members of a law enforcement group chat including Immigration and Customs Enforcement (ICE) and other agencies inadvertently added a random person to the group called “Mass Text” where they exposed highly sensitive information about an active search for a convicted attempted murderer seemingly marked for deportation, 404 Media has learned.
The texts included an unredacted ICE “Field Operations Worksheet” that includes detailed information about the target they were looking for, and the texts showed ICE pulling data from a DMV and license plate readers (LPRs), according to screenshots of the chat obtained and verified by 404 Media. The person accidentally added to the group chat is not a law enforcement official or associated with the investigation in any way, and said they were added to it weeks ago and initially thought it was a series of spam messages.
The incident is a significant data breach and operational security failure for ICE, which has ramped up arrest efforts across the U.S. as part of the Trump administration’s mass deportation efforts. The breach also has startling similarities to so-called Signal Gate, in which a senior administration official added the editor-in-chief of The Atlantic to a group chat that contained likely classified information. These new ICE messages were MMS, or Multimedia Messaging Service messages, meaning they weren’t end-to-end encrypted, like texts sent over Signal or WhatsApp are.
“Going to need to roll out at 1000,” one of the messages, sent at 09:25 a.m. on Wednesday to the group, called “Mass Text,” reads.
“Copy. We can break it down at 10,” comes the reply.
💡 Do you want to contact me securely? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.
404 Media has verified that one of the members of the chat is an ICE official, and another appears to be from the U.S. Marshals Service.
The person accidentally added to the group chat, which appears to contain six people, said they had no idea why they had received these messages, and shared screenshots of the chat with 404 Media. 404 Media granted the person anonymity to protect them from retaliation.
“At first I thought it was just another series of spam messages like I get all the time from home improvement, car insurance , business loans, etc. Then I saw the rap sheet and license plate numbers and was like WTAF,” the person said in an online chat.
Screenshots of the messages. Redactions by 404 Media.
A DHS official not affiliated with the group chat told 404 Media, “This breach strikes me as indicative of the current carelessness of officers. They're concerned about pumping up arrest numbers, not about operating with the level of care and rigor we should expect from law enforcement officials.” 404 Media granted the source anonymity as they weren’t permitted to speak to the press.
404 Media only obtained text messages from the group sent on Wednesday and only learned of the issue at that time. They start early in the morning with one of the participants, which 404 Media has identified as an ICE official, sending a screenshot of the ICE field operations worksheet. This document names the target, lays out their criminal history, and includes personal information such as their Social Security Number, country of citizenship, and driver’s license number.
The target is a person who was previously convicted of attempted murder according to the document, and a search of the ICE Online Detainee Locator System returned no results.
Nearly an hour later, another member of the group replies with a series of license plates. The name registered to that number matches that of a U.S. Marshals Criminal Investigator, according to a freely available phone lookup tool and LinkedIn searches.
Screenshots of the messages. Redactions by 404 Media.
“Running those plates,” the ICE officer then replies. “In the mean time he has two vehicles,” the ICE officer adds, before uploading two photos of car registration data which appear to come from a DMV; one of the photos shows a PDF filename which includes “DMV.” ICE is able to access DMV data in many circumstances. The respective DMV for the state this investigation took place in acknowledged a request for comment but did not provide a response in time for publication.
Immediately after, the ICE official wrote “no LPR hits since March.” LPR cameras are made by various companies and are stationed all across the United States. These cameras typically scan any vehicles driving by them, recording the vehicle’s license plate, model, and color, and makes a timestamped record of where that car, and by extension person, was. For example, more than 9,000 ICE agents had access to an LPR database run by Vigilant Solutions, according to records the American Civil Liberties Union (ACLU) obtained in 2019. 404 Media also revealed that local police were tapping into Flock cameras on behalf of ICE and for immigration enforcement, sometimes in violation of the law.
“It’s possible it’s still a connected address. Could be family. The last name matches the female co-reg on one of his vehicles,” the ICE official writes, appearing to refer to some of the data he’s pulled up.
“Copy,” another participant replies.
“Ok I’ll call you,” another says.
By the time the chat members say they’re going to “roll out at 1000,” appearing to mean they will move at 10am, the ICE official says “I’ll have someone sit and try and get a pattern of life/pid.” Pattern of life is a general term law enforcement and intelligence agencies sometimes use to describe where someone may live, go to work, or spend their time.
The source who was accidentally added to the group chat said they haven’t received any more messages since then.
Neither DHS or the U.S. Marshals Service responded to requests for comment.
Trump signed the nearly 900-page bill into law on July 4, opening the door for ICE to hire 10,000 new officers and double its capacity to detain illegal immigrants.
No one likes cleaning out water spouts. [NeedItMakeIt] wanted to collect rainwater and was interested in using a Coanda filter that those used on hydroelectric plants to separate out debris. Ultimately, he decided to design his own and 3D print it.
The design uses a sloping surface with teeth on it to coax water to go in one direction and debris to go in another. It fits into a typical spout, and seems like it works well enough. Some commenters note that varying volumes of rain and different types of debris behave differently, which is probably true. However, there are similar commercial products, so you’d guess there would be some value to using the technique.
The water pushes the debris off the slope, so you end up losing a little water with the debris. So as always, there’s a trade-off. You can see in the video that if the water flow isn’t substantial, the debris tends to stall on the slope. Could the filter be improved? That was the point in trying a second design.
It wasn’t a big improvement. That’s where there’s a plot twist. Well, actually, a literal twist. Instead of making a flat slope, the new design is a conic shape with a spiral channel. That improved flow quite a bit. We weren’t clear from the video of exactly where the debris was going with the last version.
“Non siamo qui per fuggire dalla storia, ma per entrarci fino in fondo con la preghiera, che è grido, invocazione, umanità, consolazione, compassione”. Lo ha detto il card.
4K Blu-Ray of 22-Year-Old 'Master and Commander' Is Sold Out Everywhere, Being Scalped on eBay
August—2025. The new limited edition 4K Blu-ray of the 2005 film Master and Commander has sold out everywhere. Secondary markets are now battlefields.
There are two kinds of people in this world: those who read the above sentences and feel an intense pain and yearning for camaraderie and combat on the high seas, and those who have never seen Master and Commander: The Far Side of the World. playlist.megaphone.fm?p=TBIEA2… Copies of the new 4K release of the film are now selling on eBay for roughly double its MSRP, proof that physical media is not dead.
Released in 2005, Master and Commander is a war movie set in the Napoleonic period that focuses on the relationship between Captain Jack Aubrey of the Royal Navy and ship’s surgeon Stephen Maturin, played by Russell Crowe and Paul Bettany respectively. The film, which is based on a 20-book-long novel series of the same name, grossed $212 million on a $150 million budget but didn’t become a runaway hit at the time.
But in the two decades since it first hit screens, Master and Commander has grown in esteem, especially in American national security circles. It’s a cult favorite. The occasional live screenings at revival theaters routinely sell out, memes involving the film’s opening text are ubiquitous, and it often lands on lists of the the “best movies of the 2000s.” In the middle of July, a joint venture of Sony and Disney studios announced it would publish a high quality 4K UltraHD limited edition steelbook Blu-ray to be released in August. Fans went nuts.
This would be the highest quality home release of the beloved film ever seen. Fans tracked pre-orders as they went live on Amazon, Wal-Mart, and other retailers. It sold out in days, and has done so consistently every time it’s been restocked. Master and Commander heads are so hungry for 4K Crowe that they’re now paying double and triple the asking price for the steelbook copy on eBay and several notable people have posted about how they can’t find a copy.
It’s rare in 2025 that the physical release of a 20 year old film is met with such fervor. Delight is especially high among members of America’s military community. Soldiers, officers, journalists, and the extremely online NatSec weirdos love Master and Commander. Like Star Wars, the movie has become a lingua franca in U.S. military circles where it’s a source of memes and concepts that drives discussion.
“There's no doubt that Master and Commander is beloved within the national security community. What's harder to explain is ‘why,’” Robert Farley, a senior lecturer at the University of Kentucky, told 404 Media. Farley said he just rewatched the movie two weeks ago after forcing a friend to watch who’d never seen it.
“If I had to hazard a guess, it's because the movie depicts the tight functioning of a community of warfighters, a community that is mostly comfortable with itself…and yet is deeply grounded in English social structure,” Farley said. “As in any well-functioning military, everyone has a place to be and a job to do. Jack Aubrey isn’t so much brilliant as ‘lucky,’ which adds to the workmanlike aspect. I'd say that there's a male bonding aspect to it (I don't believe any female character has even a single line), but I know plenty of women in the NatSec space who will quote ‘Oceans are battlefields’ in everyday conversation.”
Pauline Shanks Kaurin, a former military ethics professor at the U.S. Naval War College, told 404 Media that she’d used Master and Commander in her classes as a way to teach Aristotle’s three kinds of friendship and, separately, the Ethics of Care. “I think it’s really about the friendship between the Captain and doctor, as well as a portrayal of leadership and comradeship that is still masculine and strong, but not brutal and gratuitous,” she said.
When reached for comment about the film, Remap Radio’s Robert Zacny—famously a fan of the film—was actively debating paying $140 for a copy of the 4K steelbook. 404 Media informed Zacny that eBay had listings for half that price and asked the Remap founder for his thoughts on the movie and its enduring legacy.
“There's a moment in the film where Aubrey snaps at Maturin about the things that hold together their ‘little wooden world.’ Master and Commander is a war movie where the entire concerns of the world are reduced to the interior or a single ship. But it's also a character study about the worlds held within and between individuals. The roles people have to inhabit and the things they have to do in service to duty, the state, to ethics, to morality. Yet this movie is also backdropped by the vastness and wonder of nature, of time considered on an evolutionary scale and the awareness that beyond that bubble of consciousness awaits eternity in the darkness of the sea. The oft-memed opening text is deceptive. It doesn't really matter that Napoleon is the master of Europe. The concept of a battlefield is meaningless to the ocean. The movie is about men waging battles inside themselves to reconcile their own contradictions and choose their own meaning. It's immaculately directed, acted, and scored, but so are a lot of movies. This one endures because it's always offering a berth on this voyage of introspection, and it's so much fun you don't even mind how insistently it reminds you to think about mortality.”
His thoughts exhausted, Remap’s founder pressed 404 Media for information. “Now link me some of these good deals on steelbooks,” he said. “I am gonna be buried with one.”
Ethics of care, feminist philosophical perspective that uses a relational and context-bound approach toward morality and decision making. The term ethics of care refers to ideas concerning both the nature of morality and normative ethical theory.
Walk into any pub and order a pint of Guinness, and you’ll witness a mesmerizing ritual. The bartender pulls the tap, fills the glass two-thirds full, then sets it aside to settle before topping it off with that iconic creamy head. But crack open a can of Guinness at home, and something magical happens without any theatrical waiting period. Pour it out, and you get that same cascading foam effect that made the beer famous.
But how is it done? It’s all thanks to a tiny little device that is affectionately known as The Widget.
Beer Engineering
A pint of Guinness, pictured with the iconic foamy head. Credit: Sami Keinänen, CC BY SA 2.0 In 1959, draught Guinness diverged from other beers. The pints served from the tap at the pub were charged with a combination of nitrogen gas and carbon dioxide, rather than just carbon dioxide alone. Nitrogen is less soluble in beer than carbon dioxide, and low temperatures and higher pressures are required to get it to stay in the fluid. Charging the beer in this way, and then forcing it through a tap with a restrictor plate with many fine holes, allows the pouring of a beer with small, fine bubbles. This is what gives Guinness its signature smooth, creamy texture and characteristic dense head. The lower carbon dioxide level also contributes to the flavor, removing some of the sharp taste present in regular carbonated beers.
When Guinness started using the nitrogenation method, it quickly gained popularity and became the default way to serve the draught beer. The problem was that it wasn’t initially practical to do the same for bottled Guinness. Without being poured through the fine holes of a special tap under pressure, it wasn’t possible to create the same foamy head. Bottled Guinness thus remained carbonated in the traditional manner, and it was thus very much unlike the draught beer served at the pub. The desire was to produce a better version—”bottled draught Guinness” was a term often bandied about. The company experimented with a variety of methods of serving nitrogenated Guinness from a bottle or can. It even sold some bottles with a special “initiator” syringe to generate head in select markets, but it was all too clumsy to catch on with the beer drinking public. A better solution was needed. The modern floating Guinness widget, pictured in a can that has been cut open. Credit: Duk, CC BY SA 3.0 The modern widget was developed as the technological solution to this fundamental problem in beverage physics. Guinness tackled this challenge by essentially putting a tiny pressure vessel inside the larger pressure vessel of the can itself. The widget is a small plastic sphere, hollow inside, with a tiny hole on the surface. The widget and beer are placed inside the can on the production line. Liquid nitrogen is then added, before the can’s lid is sealed. The can is then inverted as the liquid nitrogen quickly boils off into a gas. This effectively fills the widget with gaseous nitrogen under pressure, often along with a small amount of beer. It’s a charged pressure vessel lurking inside the can itself.
The magic happens when the beverage is served. When you crack open the can, the pressure inside drops rapidly to atmospheric pressure. The nitrogen under pressure in the widget thus wants to equalize with the now lower-pressure environment outside. Thus, the nitrogen sprays out through the tiny hole with tremendous force, creating countless microscopic bubbles that act as nucleation sites for the rest of the nitrogen dissolved in the surrounding beer. As the beer is poured into a glass, a foamy head forms, mimicking the product served fresh from the tap at the local pub.
Today’s widget, first marketed in 1997, is the floating sphere type, but the original version was a little different. The original widget launched in 1989 was a flat disc, which was mounted in the bottom of the can, but fundamentally worked in the same way. However, it had a tendency to cause rapid overflowing of the beer if opened when warm. The floating spherical widget reduced this tendency, though the precise engineering reasons why aren’t openly explained by the company. The fixed widget actually had a surprise return in 2020 due to COVID-19 supply chain issues, suggesting it was still mostly fit for purpose in the brewery’s eyes.
The key to the widget’s performance is in the filling and the construction. It’s important to ensure the widget is filled with pressurized gas, hence the inversion step used in the filling process. If the pressurized nitrogen was allowed to simply sit in the empty space in the top of the can, it would just vent out on opening without making any head. The orifice size on the widget is also critical. Too large, and the pressure equalizes too quickly without creating the necessary turbulence. Too small, and insufficient gas and beer volume flows through to generate adequate nucleation. The widget as it stands today is the result of much research and development to optimize its performance. A finned “rocket” widget as used in Guinness beer bottles. Credit: Joeinwap, CC0 Further different widget designs have emerged over the years. The company had mastered draught Guinness in a can, though it needed to be poured into a glass to be drank properly. The company later looked to create draught Guinness that could be drank straight from the bottle. This led to the creation of the “rocket widget.” It worked largely in the same way, but was designed to float while remaining in the correct orientation inside the neck of the bottle. Fins ensured it wouldn’t fall out of the bottle during drinking. It would charge the beer with bubbles when first opened, and continue to boost the head to a lesser degree each time the bottle was tilted for a sip.
Guinness could have left this problem unsolved. It could have remained a beautiful tap-based beer, while selling its lesser carbonated products in bottles and cans for home consumption. Instead, it innovated, finding a way to create the same creamy tap-poured experience right out of the can.
The next time you crack open a widget-equipped can and watch that mesmerizing cascade of bubbles, you’re witnessing a masterpiece of beverage engineering that took years to perfect. It’s a reminder that sometimes the most elegant engineering solutions hide in the most ordinary places, waiting for someone clever enough to recognize that a tiny plastic ball could revolutionize how we experience beer outside the pub.
Dopo la chiusura della piattaforma di phishingDarcula e del software Magic Cat utilizzato dai truffatori, la soluzione Magic Mouse ha guadagnato popolarità tra i criminali. Secondo gli specialisti di Mnemonic, Magic Mouse contribuisce già al furto di dati da almeno 650.000 carte bancarie al mese.
Recentemente abbiamo parlato del lavoro di Darcula e dell’indagine condotta dagli esperti di Mnemonic. Questa piattaforma PhaaS (phishing-as-a-service) ha preso di mira utenti Android e iPhone in oltre 100 paesi. Il servizio criminale ha utilizzato 20.000 domini che imitavano marchi noti per rubare credenziali.
Secondo gli analisti, gli operatori di Darcula sono stati responsabili del furto di 884.000 carte bancarie e le vittime di hacker in tutto il mondo hanno cliccato su link dannosi ricevuti tramite messaggi di testo 13 milioni di volte.
Poco dopo l’attività di Darcula è cessata, ma come hanno spiegato i ricercatori di Mnemonic al DEF CON, un altro servizio di phishing simile sta guadagnando popolarità tra i criminali informatici.
Gli esperti ricordano che il software Magic Cat ha svolto un ruolo chiave nel lavoro di Darcula. Ora Magic Cat è stato sostituito da una piattaforma simile, Magic Mouse, la cui popolarità è aumentata notevolmente dopo la chiusura di Darcula.
Gli esperti ritengono che Magic Mouse sia un’operazione nuova, con sviluppatori diversi dietro. Non è quindi correlato a Darcula. Tuttavia, l’attuale successo di Magic Mouse è dovuto in gran parte al fatto che nuovi operatori si sono appropriati dei kit di phishing che hanno reso così popolare il software del suo predecessore.
Questi kit contengono centinaia di modelli di siti di phishing che Magic Cat ha utilizzato per imitare pagine web legittime di importanti colossi tecnologici, noti servizi al consumatore e servizi di consegna. Tutti questi siti sono stati progettati per indurre le vittime a fornire i dati della propria carta di credito.
Sebbene Magic Mouse sia già popolare e potrebbe diventare ancora più pericoloso di Magic Cat in futuro, portando ai suoi operatori milioni di dollari di profitti (sotto forma di fondi rubati alle vittime), i ricercatori osservano che le forze dell’ordine “non riescono a vedere” oltre alcune segnalazioni isolate di frode. In altre parole, nessuno attualmente considera Magic Mouse una campagna fraudolenta su larga scala.
Allo stesso tempo, Mnemonic ritiene che gran parte della responsabilità dell’esistenza e della prosperità di tali schemi fraudolenti ricada sulle aziende tecnologiche e sui giganti della finanza, che continuano a rendere difficile ai truffatori l’utilizzo di carte rubate.
Dal 13 al 17 agosto Riccione sta ospitando la missione di evangelizzazione di strada evangelizzazione di strada “Chi ha sete venga a me”, promossa dalla diocesi di Rimini insieme al Punto Giovane, alla comunità Nuovi Orizzonti, alle Sentinelle del Ma…
We’re building something big — a European umbrella organisation working to support our pirate parties across Europe and amplify our shared political voice. Our movement is rooted in collaboration, grassroots empowerment, and making real impact at the EU level. To make this happen, we’re looking for motivated, reliable, and passionate people to take on Team Lead roles in our volunteer-run European secretariat.
As a Team Lead, you will:
Coordinate the work of your team and help shape its priorities
Collaborate closely with other team leads in the Management Team
Support volunteers, delegate tasks, and ensure smooth internal communication
Help develop the strategy and direction of our European-level work
We are currently seeking Team Leads for the following teams:
Communications Team
Community & Outreach Team
IT Team
Policy Team
Operations Team
You don’t need to be an expert or have years of experience — we value commitment, collaboration, and curiosity. We’re especially excited to hear from people with lived experience in grassroots activism, digital tools, or cross-border collaboration.
Time commitment: Flexible and part-time (volunteer-based). We expect most leads to dedicate around 4–6 hours per week, depending on availability.
@Informatica (Italy e non Italy 😁) Di recente l’abbiamo visto con NFCgate, ora lo scenario si ripete con l’emergere di PhantomCard, un malware Android sofisticato che sfrutta la tecnologia NFC per perpetrare frodi finanziarie. Scoperto in Brasile ma con potenziali ramificazioni globali, questo
John Lennon & Yoko Ono annunciata l’uscita del box Power To The People freezonemagazine.com/news/john… Esce il 10 ottobre il Box deluxe composto di nove CD + tre Blue-Ray più un libro di oltre duecento pagine dedicato a John Lennon e Yoko Ono. 31 brani live tratti dai due storici concerti di John e Yoko al One To One Concert, accompagnati dalla Plastic Ono Band, dagli Elephant’s Memory e da […] L'articolo John Lennon &
Per la prima volta dall’inizio della guerra in Ucraina, l’Europa ha superato gli Stati Uniti nella produzione e nella fornitura di materiale militare a Kyiv. Lo dicono i numeri diffusi dal Kiel Institute for the World Economy: tra febbraio 2022 e giugno 2025, la produzione militare europea
L'articolo proviene da #StartMag e viene ricondiviso sulla comunità Lemmy @Informatica (Italy e non Italy 😁) Il lavoro muscolare di Trump sta dando i suoi frutti: la necessità di Apple e Tesla di trovare una filiera statunitense sta portando Samsung a investire nuovamente negli States. La notizia comunque ha una
Il Dipartimento della Difesa degli Stati Uniti ha deciso di alzare il velo sull’architettura operativa del Golden Dome, il futuro sistema di difesa missilistica destinato a proteggere l’intero territorio statunitense – Alaska e Hawaii inclusi – contro le minacce balistiche,
OrionBelt©
in reply to simona • • •simona
in reply to simona • — (Livorno) •