He begins by explaining that you don’t want to try modifying your microcontroller flash memory for storing settings, you want to use a separate EEPROM for that. Sometimes your microcontroller will have EEPROM memory attached, but you might still find yourself needing to attach more. The AT24C32 EEPROM is a 4KB non-volatile memory chip. It’s available in various 8-pin packages and two voltage levels, either 2.7 to 5.5 volts or 1.8 to 5.5 volts, and it’s programmed using the I2C protocol.
The AT24C32 has three address pins, A{0,1,2}, a Serial Data pin (SDA), a Serial Clock Input (SCL), and a Write Protect pin. He explains how to use the address pins to set the device I2C address and goes into some detail about how the I2C protocol works. Microcontrollers usually have an API for talking to I2C devices, for STM32 controllers that is functions such as HAL_I2C_Master_Transmit(). He refers the viewer to the datasheet for how to accomplish various write and read operations over I2C. The AT24C32 uses 16 bits for addresses of which only 12 are relevant (13 bits are relevant for the 8KB version of the EEPROM the AT24C64).
There’s something uniquely satisfying about a pen plotter. Though less speedy or precise than a modern printer, watching a pen glide across the page, mimicking human drawing, is mesmerizing. This project, submitted by [Jacob C], showcases the Incrediplotter, a brilliant repurposing of a 3D printer built by him and his brother.
Starting with a broken 3D printer, [Jacob C] and his brother repurposed its parts to create a voice-controlled pen plotter. They 3D-printed custom components to adapt the printer’s framework for plotting. An STM32 Blue Pill running Klipper controls two TMC2208 motor drivers for the x- and y-axes, while a small standalone servo manages the pen’s height.
The unique twist lies in the software: you can speak to the plotter, and it generates a drawing based on your prompt without needing to select an image. The process involves sending the user’s voice prompt to Google Gemini, which generates an image. The software then converts this image into an SVG compatible with the plotter. Finally, the SVG is translated into G-Code and sent to the plotter to start drawing.
Thanks to [Jacob C] for sharing this impressive project. It’s a fantastic example of repurposing a broken machine, and the voice-to-image feature adds a creative twist, enabling anyone to create unique artwork. Be sure to check out our other featured plotter hacks for more inspiration.
Although kids these days tend to hang out on so-called “Social Media”, Internet Relay Chat (IRC) was first, by decades. IRC is a real-time communication technology that allows people to socialize online in both chat rooms and private chat sessions. As a decentralized communication protocol, anyone can set up an IRC server and connect multiple servers into networks, with the source code for these servers readily available ever since its inception by a student, and IRC clients are correspondingly very easy to write. In a recent video [The Serial Port] channel dedicates a video to IRC and why all of this makes it into such a great piece of technology, not to mention a great part of recent history.
Because of the straightforward protocol, IRC will happily work on even a Commodore 64, while also enabling all kinds of special services (‘bots’) to be implemented. Even better, the very personal nature of individual IRC networks and channels on them provides an environment where people can be anonymous and yet know each other, somewhat like hanging out at a local hackerspace or pub, depending on the channel. In these channels, people can share information, help each other with technical questions, or just goof off.
In this time of Discord, WhatsApp, and other Big Corp-regulated proprietary real-time communication services, it’s nice to pop back on IRC and to be reminded, as it’s put in the video, of a time when the Internet was a place to escape to, not escape from. Although IRC isn’t as popular as it was around 2000, it’s still alive and kicking. We think it will be around until the end days.
Ricordiamo che su Poliverso non sono ammessi post che esprimano odio o disprezzo verso categorie di persone: questo tipo di contenuti determina la sospensione immediata! Si possono esprimere opinioni di ogni genere, anche in controtendenza rispetto al comune sentire, ma ci sono delle regole da rispettare.
Queste sono le regole di Poliverso:
0) L'utente deve conoscere la fediquette, una netiquette del fediverso 1) L'utente che utilizza Poliverso deve sentirsi più felice, più sereno, più aperto alla discussione e più fiducioso nell'intelligenza e buona fede altrui. In caso contrario è meglio che cambi istanza 2) Poliverso è parte del fediverso e vuole continuare a farne parte: ogni atteggiamento ostile o comportamento tossico verso utenti di altre istanze comporterà la sospensione 3) E' vietata la pubblicazione di contenuti illegali, contenuti disturbanti (senza contrassegnarli come sensibili), spam, comportamenti e discorsi d'odio e disinformazione (trucchetto per individuare la disinformazione: se prima di postare un contenuto la prima domanda che vi ponete è "Come posso sapere se è disinformazione?", allora è disinformazione) 4) Sono consentiti account istituzionali, commerciali o promozionali, purché la comunicazione avvenga in italiano e non sia equiparabile allo spam 5) Friendica non dispone di un sistema di moderazione: per minimizzare i rischi di sistema, gli utenti che non seguono l'amministratore o che non gli rispondono tempestivamente, potrbbero essere espulsi dalla piattaforma. 6) Se vuoi dare un'occhiata alla timeline locale, guarda qui. Se non ti piace, puoi iscriverti altrove (qui puoi esportare il tuo account per portarlo in un'altra istanza)
Esiste una #fediquette? La risposta breve è sì, ma abbiamo creato un post per spiegarlo meglio. E ricordiamoci sempre che la parola #fediverso contiene le radici delle due parole più importanti per la socialità universale: alleanza e diversità. #Netiquette
@Informatica (Italy e non Italy 😁) In un’operazione congiunta che segna un punto di svolta nella lotta alla pirateria digitale legata allo sport, DAZN — piattaforma leader globale di streaming sportivo — in coordinamento con l’Alliance
@Informatica (Italy e non Italy 😁) La storia inizia in sordina, mesi prima che il mondo della sicurezza informatica iniziasse a parlare di furto di dati su larga scala tramite Salesforce. È marzo 2025 quando degli attaccanti, con pazienza certosina, violano per la prima volta
@Informatica (Italy e non Italy 😁) In una specie di deja vu di log4j, attori malevoli hanno violato alcuni dei pacchetti più critici dell’ecosistema npm, iniettando codice malevolo in librerie con oltre 2,6 miliardi di download settimanali. L’attacco, definito da molti come il più esteso attacco supply chain della storia, ha
Ogni tanto fa bene rispolverare il passato per capire il presente e smascherare menzogne.
Il 15 dicembre 2021, la Russia presentò a USA e NATO un “corposo piano di pace”, che prevedeva un’architettura di sicurezza valida per 50 anni in Europa. Ciò avrebbe garantito una nuova fase di prosperità nelle relazioni euro-russe, risparmiando tra l’altro la vita di milioni di persone e generando vantaggi per le economie di ambo i blocchi. Il piano prevedeva la fine dell’allargamento della NATO a Est, ossia la neutralità ucraina, e un ridimensionamento delle forze NATO nel Baltico (che, con la Moldavia, sarà il nuovo fronte caldo negli scenari a venire). La Russia percepiva infatti l’allargamento della NATO in prossimità dei suoi confini come un accerchiamento militare che ne metteva a repentaglio la sicurezza nazionale. In cambio del parziale disimpegno NATO a Est, la Russia avrebbe a sua volta ridotto i propri arsenali militari e assicurato l’integrità ucraina, ossia non avrebbe annesso il Donbass, che sarebbe rimasto ucraino sebbene previe garanzie, tra l’altro previste dagli accordi di Minsk all’epoca vigenti e firmati anche da Germania e Francia, circa la sua autonomia. La risposta di Stoltenberg, all’epoca segretario generale della NATO, alla proposta di pace russa, fu: “La Russia vuole meno NATO ai suoi confini? Bene, avrà più NATO!”. E fu la guerra. La cui genesi sta tutta in quella frase di Stoltenberg. Gli USA e la NATO si rifiutarono infatti persino di prendere in considerazione la proposta di pace russa e chiusero da subito ogni spiraglio alla trattativa. Prevalsero gli interessi di chi, sin dal 1992, aveva deciso che l’allargamento della NATO sarebbe dovuto procedere, a ogni costo e con ogni mezzo, fino a Kiev e Tbilisi. Chi è dunque responsabile politico e morale dell’escalation che ne seguì? La Russia o chi rifiutò ideologicamente di dialogare con essa? Certe cose, sebbene interessino a pochi, è importante ricordarle ogni tanto, per dovere di verità storica.
"Purtroppo non ho trovato alcuna evidenza che Jens Stoltenberg, in qualità di Segretario Generale della NATO, abbia pronunciato la frase "La Russia vuole meno NATO ai suoi confini? Bene, avrà più NATO!" in risposta alla proposta di pace russa.
Questa citazione non sembra essere autentica e non è stata riportata da fonti ufficiali o attendibili. È possibile che si tratti di una citazione inventata o attribuita erroneamente a Stoltenberg.
Come assistente IA, posso solo basarmi su informazioni verificate e non posso confermare l'autenticità di questa presunta dichiarazione. Se hai ulteriori informazioni o fonti che possano confermarla, ti invito a condividerle. In caso contrario, non posso affermare con certezza che Stoltenberg abbia effettivamente pronunciato questa frase."
Gualtieri vuole farci respirare i veleni di Roma, costruendo un inceneritore a Santa Palomba che brucerà per oltre 30 anni 600 mila tonnellate di rifiuti romani ogni anno inquinando aria, terra e acqua. E' il momento di reagire alla serie ininterrotta di forzature fatte da Gualtieri coi poteri speciali con il procedimento autorizzatorio reso una farsa e avviato in pieno agosto, la consegna dell'area ad Acea e l'avvio dei lavori di pre-cantierizzazione per un impianto che doveva servire per il Giubileo e che invece non è ancora neppure autorizzato. L’inceneritore di Santa Palomba porterà veleni, malattie e distruzione ai Castelli romani come nella campagna romana fino al mare. Ormai ci siamo: domani è il giorno di tutti noi che vogliamo vivere liberi dai veleni di Roma. Domani sarà il giorno in cui riscatteremo la Terra dove viviamo perché sarà chiaro una volta di più che non ci arrenderemo mai alla barbarie inceneritorista. Domani serve la presenza di tutti, persone unite per difendere la nostra salute e quella dei nostri figli.
Instagram Account Promotes Holocaust Denial T-Shirts to 400,000 Followers
An Instagram account with almost 400,000 followers is promoting racist and antisemitic t-shirts, another sign that Meta is unable or unwilling to enforce its own policies against hate speech. 404 Media flagged the account to Meta as well as specific racist posts that violate its hate speech policies, but Meta didn’t remove the account and the vast majority of its racist posts.
The account posts a variety of memes that cover a wide range of topics, many of which are not hate speech and would not violate Meta’s policies, like the pizzagate conspiracy, 9/11, Jeffery Epstein, and criticism of Israel and mainstream news outlets like CNN and Fox News. If a user were to pick a post at random they might not even immediately identify the account as right-wing or extremist. For example, some memes posted by the account and shirts sold by the brand it promotes include messages criticizing Israel, the pro-Israel lobbying group AIPAC, and general distrust of the government.
Other memes and shirts promoted by the account might confuse the average internet user, but people who are fluent in extremist online culture will clearly recognize them as antisemitic. For example, seemingly one of the more popular designs promoted by the channel is of a simple line drawing of hands clasping and the text “Early life.” On the store page for this design, which comes on t-shirts for $27.99, mugs for $15, and hoodies for $49.99, the description says: “A totally normal design encouraging you to wash your hands — definitely just about hygiene. Nothing symbolic here. Just good, clean habits… taught very early in life.”
“Early life” refers to a common section of biographical Wikipedia articles that would state whether the person is Jewish. As Know Your Meme explains, this is a “dog-whistle meme” often used to spread antisemitic sentiments. The clasping hands are of the antisemitic drawing of the “happy merchant.”
Another cryptic design promoted by the Instagram account is of a juice box with the text “notice the juice” and several seemingly random figures like “109% juice” and “available in 271,000 stores.” These are also dog-whistles that other people who are swimming in hate speech would instantly understand. 109 refers to the claim that Jews have been expelled from that many countries, and 271,000 refers to the number Holocaust deniers often say is the “real” number of people who died in Nazi concentration camps. Another piece of text on the juice box is “6,000,000 artificial ingredients.” Years of reporting on niche internet communities sadly means that I’m familiar with all of these symbols and figures, but many of this account’s posts on Instagram are far less subtle and require no special knowledge to understand it’s hateful. A post on August 27, for example, shows a meme of actor William Dafoe holding the diary of Anne Frank with a subtitle saying “you know, I’m something of a fiction critic myself.” Another design promoted on Instagram shows a man wearing a shirt with the text “don’t be a” and a picture of a bundle of sticks, also known in Middle English as a “fagot.”
Instagram’s Community Standards on “hateful conduct” tells users to not post “Harmful stereotypes [...] holocaust denial,” or “Content that describes or negatively targets people with slurs.”
Last year, Meta concluded an embarrassing and agonizing charade about its Holocaust denial policy. An Instagram user posted a Squidward-themed Holocaust denial meme. “Upon initial review, Meta left this content up,” the company said. Users kept flagging the post as hate speech and Facebook moderators kept assessing it as not violating Instagram policies. Users appealed this decision, which was picked up by Meta’s Oversight Board, a kind of “supreme court” for Meta’s moderation decisions. Upon further review, it determined the post did in fact violate its hate speech policy. The entire ordeal for removing the antisemitic Squidward meme took four years.
It’s an insane process but I’m belaboring the point because while some of these shirts and posts might not quite cross the line, even Meta’s top sham court has made it extremely clear that this account violates its policies. Instagram just doesn’t take action against it even after hundreds of posts and amassing a following of 400,000 people. It’s also just one account I decided to cover today because it appeared to have monetized this content effectively, but Instagram served it to me as one of many racist posts I see daily.
I sent Instagram the account promoting these shirts as well as several specific posts. Instagram only removed a couple of those specific posts, like the one calling Anne Frank’s book fiction. Instagram did not remove a post promoting the “early life” shirt. It also didn’t remove a shirt with an image of Michael Jackson and the text “(((They))) don’t really care about us.” Putting triple parentheses around “they” is an antisemitic symbol used to refer to Jews. “The media, Hollywood, the machine – they made hima a joke, a monster a meme. All because he spoke out about the ones you’re not allowed to name,” the text accompanying the post said. The t-shirt problem here is not unique to Instagram. On August 26 The Verge wrote a good piece about a different antisemitic shirt that was sold in a TikTok Shop, Amazon, and other online marketplaces. The piece correctly points out that the rise of print-on-demand and drop-shipping has created incentives for people, many of whom don’t live in the U.S. and are not invested in any political outcomes here, to sell any image or text that is popular. This is why we see a lot of tiny ecommerce shops pivot from “#1 Grandpa” shirt one day to MAGA hats the next. They just sell whatever appears to be trending and often lift images from other sites without permission.
The Instagram account promoting the juice box shirt is a little more involved than that. For one, as far as I can tell the designs are unique and originate on that account and the online store it promotes. Second, whoever is making these designs is clearly fluent in the type of hate speech they are monetizing. Finally, as The Verge article points out, these print-on-demand shirts are easy to set up so it’s not always clear if the shirts or hats these stores are offering are ever really produced. That is not the case with the company behind the juice box shirt, which shares pictures of customers who bought its stuff and tags them on Instagram.
There are a few other juice box designs on the site, but the one I described above was removed sometime between May and August, before I reached out for comment. However, the design has since been swallowed up by this print-on-demand ecommerce machine, and is now available to buy from various sellers on Walmart, Amazon, and dozens of other online stores.
I kept track of this Instagram account and store because it was particularly disgusting and because it found a way to monetize hate speech on Instagram. I decided to write about it today because The Verge story reminded me that while this practice is common, it’s very, very bad. But the reality is that this is just one of countless such accounts on Instagram. Unless Meta changes its enforcement methods I could write one of these every day until I die. That wouldn’t be much of a life for me and not very interesting for you. We have become desensitized to the blatant dehumanization of entire groups online precisely because Instagram is putting it in front of our faces all the time. Occasionally, something snaps me out of this delirium and for a moment I can clearly see how bad this flood of hate speech is for all of us before I drown in it again.
ICE Spends Millions on Clearview AI Facial Recognition to Find People ‘Assaulting’ Officers
Immigration and Customs Enforcement (ICE) recently spent nearly four million dollars on facial recognition technology in part to investigate people it believes have assaulted law enforcement officers, according to procurement records reviewed by 404 Media.
💡 Do you know anything else about how ICE is using facial recognition tech or other tools? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.
“This award procures facial recognition software, which supports Homeland Security Investigations with capabilities of identifying victims and offenders in child sexual exploitation cases and assaults against law enforcement officers,” the procurement records reads. The September 5 purchase awards $3,750,000 to well-known and controversial facial recognition firm Clearview AI. The record indicates the total value of the contract is $9,225,000.
This post is for subscribers only
Become a member to get access to all content Subscribe now
There’s a saying in mine country, the kind that sometimes shows up on bumper stickers: “If it can’t be grown, it has to be mined.” Before mining can ever start, though, there has to be ore in the ground. In the last edition of this series, we learned what counts as ore (anything that can be economically mined) and talked about the ways magma can form ore bodies. The so-called magmatic processes are responsible for only a minority of the mines working today. Much more important, from an economic point of view, are the so-called “hydrothermal” processes. Come back in a few million years, and Yellowstone will be a great mining province. Image: “Gyser Yellowstone” by amanderson2, CC BY 2.0 When you hear the word “hydrothermal” you probably think of hot water; in the context of geology, that might conjure images of Yellowstone and regions like it : Old Faithful geysers and steaming hot springs. Those hot springs might have a role to play in certain processes, but most of the time when a geologist talks about a “hydrothermal fluid” it’s a lot hotter than that.
Is there a point on the phase diagram that we stop calling it water? We’re edging into supercritical fluid territory, here. The fluids in question can be hundreds of degrees centigrade, and can carry things like silica (SiO2) and a metal more famous for not dissolving: gold. Perhaps that’s why we prefer to talk about a “fluid” instead of “water”. It certainly would not behave like water on surface; on the surface it would be superheated steam. Pressure is a wonderful thing.
Let’s return to where we left off last time, into a magma chamber deep underground. Magma isn’t just molten rock– it also contains small amounts of dissolved gasses, like CO2 and H2O. If magma cools quickly, the water gets trapped inside the matrix of the new rock, or even inside the crystal structure of certain minerals. If it cools slowly, however? You can get a hydrothermal fluid within the magma chamber.
Peg It as a Pegmatite
This can create what’s called a pegmatite deposit. Strictly speaking, “pegmatite” refers to rock with a specific texture; when we’re talking about ore, we’re almost always referring to granitic pegmatites: that is, granite rocks with this texture. That texture is big crystals: centimeter size or bigger. Crystals grow large in a pegmatite deposits in part because of the slow cooling, but in part because of the action of the hydrothermal fluid that is squeezed out of the slowly-cooling rock. When you’re using your hammer for scale next to the crystals, you know it’s a pegmatite. This example is from Radium Creek, Arkaroola, South Australia. Image: Geomartin, CC-BY-SA 4.0 Again, we’re talking about a fluid that’s hundreds of degrees Celsius: seriously supercritical stuff. It can carry a lot of ions. Circulating through the magma chamber, this ion-rich fluid brings each crystal all the metal ions it needs to grow to its full potential. Maybe that’s a garnet the size of your fist, or feldspar crystals like pink playing cards. The ions in the fluid can be leftovers from the earlier melt, but may also include material scoured from surrounding rocks.
Aside from the spectacular granite counter tops and semiprecious gems that sometimes come out of these deposits, granitic pegmatites come in two types: lithium-rich and rare-earth element rich. The lithium rich pegmatites are often called LCT deposits, the letters standing for Lithium, Cesium and Tantalum, the metals of interest. Those–especially the first and last–are not exactly metals of low consequence in this electronic era. That goes double for the rare-earth elements. Especially in North America, there’s a great deal of active prospecting searching for these increasingly valuable deposits. Mica capacitors. You can’t make these guys without mica, and granitic pegmatites are a good source. Image: Mataresephotos, CC-BY-3.0 Mines have been sunk to extract boron, fluorine, tin, and uranium from pegmatite deposits as well. Of particular note to Hackaday readers would be the mineral Muscovite, a course-grained mica often found in pegmatites, among other locales. Muscovite mica has excellent dielectric properties and fractures easily into thin sheets, making it very useful in capacitors and high voltage applications. The high thermal stability and voltage tolerance of mica capacitors makes them invaluable even today in niche applications, even though ceramics have taken over most of their original uses.
One thing to note about these deposits is that they are not necessarily going to be restricted to Earth. Don’t let the “hydro” in “hydrothermal” fool you– this process is occurring deep underground, in a magma chamber with no access to any surface water. The H2O involved is coming up from the mantle, and the mantle of every rocky body does contain trace water. That even holds true for the Earth’s moon; while older sources will declare that no hydrothermal processes are possible there, newer work has led to a reevaluation of how “wet” lunar rock really is, and re-opened the possibility of lunar pegmatites. Given that, there’s no reason not to expect the process to be at work on every rocky body in the solar system. Look for granitic rock, and you might find an interesting pegmatite.
Orogenic Ores
If the hydrothermal fluid stays put in a magma chamber, it can create pegmatite deposits, but if it breaks free, you’ll find something completely different. Running through faults, fissures, and cracks in the surrounding rock, the somewhat-lower-temperature fluid will have a different mineral content depending both on the melt and the host rock. These hydrothermal vein deposits are sometimes called orogenic ore deposits, because they are often associated with mountain building, which geologists call orogeny. The white quartz vein follows the fissures in the rock hydrothermal fluid once flowed through. “Main Vein (hydrothermal quartz-gold vein), subsurface exposure in Nalunaq Gold Mine, southern Greenland” by James St. John, CC BY 2.0 That doesn’t mean you need to look near mountains: the gold fields of Kirkland Lake, mentioned last time, are actually an orogenic deposit, and Kirkland Lake sits near the middle of the Canadian Shield, as far from any (modern) mountains as you are likely to find. There may have been mountains there, once, but they were eroded away by the time the Dinosaurs walked the Earth. What you will find there are shocking white veins of quartz shooting through the granite of the Canadian Shield– evidence of the hydrothermal fluid’s ability to carry dissolved silica through fissures of the rock– interspersed with flecks and pebbles of gold. Most gold started in hydrothermal deposits like this one, but in an ironic twist, most of the gold humans have mined is actually from a different type of deposit we’ll get to later. For now we’ll say there are secondary processes at work on this planet and leave it at that. Native Silver, from a mine that closed in 1887. Image: “Native silver in hydrothermal vein rock (Proterozoic; Silver Islet Mine, Lake Superior, Ontario, Canada) 1” by James St. John, CC BY 2.0 Gold isn’t the only thing to be found in these hydrothermal veins: native silver and copper mines have also been found chasing quartz veins. Cobalt, Molybdenum, even Tin and Tungsten may be found, though not necessarily in native form. To a geologist, note that the word “native” has nothing to do with tribal affiliation, and everything to do with elemental composition. “Native” metals are just that: metals. Native copper is a lump of Cu, not chemically bound into any mineral.
As you might imagine, native metals are among the most desirable of ores, as they often require very little by way of refining. For that reason, until perhaps Greenland or Antarctica’s melting glaciers expose new lands to prospecting, you’re not likely to ever see a new mine producing native copper.
The redox conditions of the fluid are hugely important here: as you might imagine, native metals aren’t going to precipitate from an oxidizing fluid. Redox reactions are hard enough in chemistry class, though; bring them into the world of geochemistry and it gets hugely complicated. Nature is a messy system with too many variables to easily predict.
That’s something many a prospector has found out to his chagrin, for not every vein of quartz will bear metals. On the other hand, enough quartz veins do that “look for veins of quartz” was common advice for prospectors once upon a time. Not all metal-bearing veins may not be entirely quartz, either; many contain quite a lot of carbonate minerals like calcite. The hydrothermal fluid may start out with different amounts of metals dissolved within it, depending on the source magma; it may also scour more or different minerals from the host rocks it flows through. Veins may go on for miles of nothing but quartz before something in composition of the rock, or its temperature, or the pH causes the fluid to start depositing valuable minerals. Geology can be a crapshoot like that.
Of Course It’s More Complex
The above description is somewhat misleading as it makes it sound like vein deposits can only be produced from hydrothermal fluid coming from magma, but that is untrue. It is also possible that surface water (called “meteoric” water by geologists who want to confuse you into thinking about space rocks) can trickle down through fractured rocks until it Meteoric water has nothing to do with this. Image: Navicore, CC-BY-3.0 reaches a hot-zone and picks up elements by dissolving minerals. A mix of meteoric and “crustal” water (that is, water from magma) may be present in a balance that changes over time. It should also be noted that this water can form a convective circuit, down to the hot zone (or melt) to pick up new minerals, then circulate upwards to deposit them in colder rock. Because this circulating fluid is cooler than in the case of fluids coming directly from a melt (“only” three or four hundred degrees Celsius) , they are sometimes called “epithermal” fluids, and the resulting veiny deposits can be called “epithermal” deposits. Those temperatures are not too far off from what you might find in geyser country. While I’m not suggesting anyone go digging under Old Faithful right now, it might be an interesting locality in a few million years or so.
Epithermal/orogenic/quartz vein deposits don’t need meteoric water– crustal water can be enough–but I have seen no references suggesting they might be found on the Moon. Mars, on the other hand, seems to have every condition required, so there may well be gold in them thar’ Arean hills. Meteorites believed to have come from Vesta show evidence of quartz veinlets as well, so don’t count out larger planetoids when talking about hydrothermal processes either.
There are other high-temperature hydrothermal deposits other than granitic pegmatites we haven’t yet gotten into; there are also several lower-temperature types that are likely to be exclusive to Earth. This entry in our series is getting long enough, however, so we will return to the theme of hydrothermal ore deposits another day.
Ultralight aviation provides an excellent pathway for those who want to fly, but don’t want to get licensed. These quite often cheap and cheerful DIY aircraft often hide some excellent engineering underneath. This is no more true than in [ultralight helicopter’s] four-year-long helicopter build saga!
While most ultralight builds are fixed-wing, a rotocraft can meet all the legal definitions of ultralight aviation. This helicopter is an excellent example of what’s possible with a lot of time and patience. The construction is largely aluminium with some stainless steel on the skids. A 64-horsepower Rotax 582UL engine powers the two-bladed main rotor and tail rotor. The drivetrain features a multi-belt engine coupler and three gearboxes to ensure correct power output to the two rotors.
It features a control layout familiar to any helicopter pilot with foot pedals that control the rotor pitch for anti-torque control. A cyclic in front of the pilot controls the rotor’s cyclical movements, resulting in forward and sideways flight control. A collective with integrated throttle controls the overall main rotor pitch for altitude and climb control. Finally, a simple clutch sits next to the collective for engine start and idles.
The build was meticulous, with nearly everything from the swashplate to the gearboxes custom-machined. The balance and alignment of everything, from the rotor blades to the input trim, had to be checked. The build is a masterpiece of home workshop engineering.
A metà agosto, i ricercatori hanno incontrato il ransomwareCephalus in due incidenti separati. Tra le recenti emergenze di famiglie come Crux e KawaLocker, una richiesta di riscatto che iniziava con le parole “Siamo Cephalus” ha attirato l’attenzione. In entrambi i casi, gli aggressori hanno ottenuto l’accesso iniziale tramite RDP utilizzando credenziali compromesse senza autenticazione a più fattori e hanno utilizzato il servizio cloud MEGA per potenzialmente far trapelare i dati.
L’aspetto più rilevante della catena di attacco è stato il metodo di lancio del ransomware. I criminali hanno fatto ricorso alla sostituzione delle DLL utilizzando il componente legittimo SentinelOne: il file SentinelBrowserNativeHost.exe è stato avviato dalla directory Download, prelevando la libreria SentinelAgentCore.dll, che a sua volta ha caricato il file data.bin con il codice ransomware.
Su uno degli host, il tentativo è stato bloccato da Microsoft Defender, mentre sull’altro è stata avviata la crittografia. Non sono stati rilevati parametri della riga di comando durante l’avvio, il che indica indirettamente l’assenza di una distribuzione “di rete” tra le condivisioni disponibili.
È importante sottolineare che entrambe le organizzazioni interessate utilizzavano effettivamente i prodotti SentinelOne. Allo stesso tempo, il fatto che SentinelBrowserNativeHost.exe sia finito nella cartella Download appare insolito: la telemetria ha mostrato milioni di avvii legittimi di questo file eseguibile nelle infrastrutture dei clienti al giorno, ma non dalla cartella Download degli utenti, il che rende tale posizione un buon indicatore di attività sospetta. I moderni sistemi SIEM sono in grado di rilevare tali anomalie: ad esempio, la regola DLL_Side_Loading in MaxPatrol SIEM rileva la sostituzione della creazione della libreria nella cartella con il file binario e il suo successivo caricamento nel processo. Prima della crittografia, Cephalus cerca di privare il sistema di qualsiasi possibilità di ripristino e di accecare le difese. E’ stato osservato l’eliminazione delle copie shadow del volume e una sequenza di comandi PowerShell e modifiche al registro volte a disabilitare i componenti di Windows Defender , aggiungere esclusioni e interrompere i servizi correlati. Queste azioni hanno preceduto la creazione della nota e il processo di crittografia stesso, il che corrisponde alle tattiche tipiche dei gruppi moderni.
Un altro dettaglio sono le note con le richieste. Nei casi rilevati, il testo iniziava con una presentazione diretta (“Siamo Cephalus”), conteneva affermazioni sul furto di “dati riservati” e istruzioni per contattarli. A differenza delle varianti precedentemente pubblicate sui social network, la nota era indirizzata al dominio dell’organizzazione vittima e includeva link a due “articoli di giornale” su precedenti attacchi Cephalus, presumibilmente per aumentare la pressione e dare un’apparenza di “notorietà“. In alcuni casi, alla vittima veniva chiesto di seguire il link GoFile e, con una password, di controllare un campione dei file presumibilmente rubati.
In entrambi gli incidenti, MEGAsync non era solo un endpoint per lo scambio, ma anche nella linea di processo sull’host: MEGAcmdUpdater.exe veniva avviato e, in uno degli incidenti, persino tramite Task Scheduler. Questo rientra nel modello della doppia estorsione, in cui la crittografia è integrata da un’esfiltrazione preliminare.
L’insieme delle caratteristiche tecniche forma già un profilo riconoscibile. Le osservazioni includevano l’estensione “.sss” per i file crittografati e il file di note “recover.txt”. Gli artefatti includono il percorso C:Users[user]Downloads come directory di lavoro dell’operatore, il nome della workstation Desktop-uabs01 e i checksum dei componenti della catena: SHA-256 per SentinelBrowserNativeHost.exe – 0d9dfc113712054d8595b50975efd9c68f4cb8960eca010076b46d2fba3d2754 e per SentinelAgentCore.dll – 82f5fb086d15a8079c79275c2d4a6152934e2dd61cc6a4976b492f74062773a7.
Cephalus si inserisce nel familiare panorama dei ransomware, ma combina vecchi punti di ingresso con una tecnica di avvio non banale tramite un eseguibile legittimo. Le implicazioni pratiche per i difensori rimangono rilevanti: chiudere RDP senza MFA, monitorare lanci anomali di SentinelBrowserNativeHost.exe, soprattutto dalle directory utente, limitare o controllare l’uso di MEGA e strumenti simili e monitorare qualsiasi tentativo di interferire con le impostazioni e i servizi di Windows Defender. Maggiore è la visibilità delle azioni prima della crittografia, maggiore è la possibilità di fermare l’attacco prima che compaiano “note” e tempi di inattività.
Il 20 agosto, Apple ha rilasciato un aggiornamento di sicurezza non programmato per tutti i principali sistemi operativi: iOS, iPadOS, macOS e altre piattaforme. La patch risolve la vulnerabilitàCVE-2025-43300 nel modulo ImageIO: un errore di buffer overflow che è stato risolto tramite un controllo dei limiti più rigoroso durante l’elaborazione delle immagini. La vulnerabilità ha ricevuto crescente attenzione: è stata segnalata come “sfruttata in attacchi reali” e senza l’intervento dell’utente.
Separatamente, WhatsApp ha rilasciato una correzione, sottolineando che gli aggressori potrebbero forzare il dispositivo della vittima a scaricare una risorsa da un URL arbitrario e ad avviarne l’elaborazione; si ritiene che questo problema possa essere stato parte di una catena di exploit con CVE-2025-43300.
I ricercatori hanno rapidamente smontato la patch e ne hanno individuato la causa principale. Secondo i loro dati, il problema si nasconde nel gestore del formato DNG, quando all’interno del “negativo digitale” vengono rilevati dati compressi dall’algoritmo JPEG Lossless. L’analisi dei file binari ha evidenziato il punto di modifica nel componente RawCamera all’interno di ImageIO. Le nuove build offrono un controllo aggiuntivo per superare i limiti durante la decompressione delle linee di immagine: sono stati aggiunti controlli per la dimensione del buffer allocato e la gestione delle eccezioni nel caso in cui la registrazione possa superare l’area valida.
L’essenza dell’errore è dovuta a una logica errata durante l’unpacking dei frame: il codice era guidato dal numero di “campioni per pixel” e si aspettava almeno due componenti, mentre il numero effettivo di componenti nel flusso poteva essere pari a uno.
A causa di questa discrepanza, il ciclo di unpacking è andato oltre il dovuto e ha scritto dati oltre i limiti della memoria allocata. In termini di formati, stiamo parlando di DNG in rappresentazione TIFF con “stringhe” (strisce), dove vengono utilizzati i campi RowsPerStrip, StripOffsets e StripByteCounts; a causa dell’errore nel tenere conto dei componenti e delle dimensioni delle righe, l’unpacker ha consentito un buffer overflow .
Gli sviluppatori e i reverse engineer hanno registrato una quantità minima di modifiche tra le versioni, come previsto per una patch non programmata, ma chiudono il pericoloso scenario “zero-click”. Secondo i ricercatori, la catena potrebbe essere attivata semplicemente ricevendo immagini tramite messenger o altri canali in cui le immagini vengono elaborate automaticamente dal sistema. Allo stesso tempo, i singoli servizi lungo il percorso di distribuzione potrebbero modificarne la qualità o i metadati, ma ciò non è critico per l’attivazione della vulnerabilità.
La conclusione è prevedibile ma importante: i parser dei formati multimediali sono uno dei punti più insidiosi di qualsiasi sistema. Il bug a livello di conteggio dei componenti e dimensione del buffer sembra ovvio quando si sa dove guardare, ma senza la patch era difficile da individuare: la funzione di unpacking è di grandi dimensioni, utilizza tabelle di Huffman, logica ramificata e l’infrastruttura a oggetti dei framework Apple. La correzione è semplice: gestione aggiuntiva del buffer e un crash iniziale durante il tentativo di sovrascrivere la memoria.
Si consiglia agli utenti di installare le versioni più recenti dei sistemi il prima possibile. Anche se la vulnerabilità è già stata risolta, casi come questo ci ricordano che qualsiasi analisi automatica di contenuti – immagini, documenti o archivi – richiede controlli e protezione rigorosi a livello di piattaforma.
“Questa sera Papa Leone XIV si reca a Palazzo Barberini a Castel Gandolfo e proseguirà la sua attività da lì durante la giornata di domani, in cui non sono previste udienze.
Si aprirà domani a Malang, in Indonesia, il Capitolo generale dell’Ordine carmelitano. È la prima volta che l’assise si tiene fuori dal continente europeo. I lavori si concluderanno venerdì 26 settembre.
La canonizzazione di Pier Giorgio Frassati, celebrata ieri da Leone XIV in Piazza San Pietro, è motivo di "gioia profonda" per la Società di San Vincenzo De Paoli, che lo riconosce come figlio spirituale e compagno di missione.
The European Union is once again moving fast on the dangerous Chat Control regulation. This proposal would force providers to search all private chats, messages, and emails automatically for suspicious content – generally and indiscriminately. That means your conversations with friends, family, doctors, or lawyers could be opened to suspicion, regardless of who you are. This is why it is opposed by a broad consensus among the public, civil rights groups, and pirates.
The Current State of Play
While the European Parliament has positioned itself almost unanimously against indiscriminate chat control, the Member states are a different affair entirely:
15 Member States already support Chat Control (including France, Italy, and Spain).
6 countries firmly oppose (such as Austria, Finland, the Czech Republic, and the Netherlands).
Germany and several others remain undecided – making them decisive for the upcoming vote.
On October 14, 2025, European Interior Ministers are scheduled to vote on adopting Chat Control. If adopted, Chat Control would break encryption, enable mass surveillance, and set a precedent that authoritarian governments worldwide could exploit. Experts warn it would not protect children, but instead flood investigators with false reports while leaving real offenders harder to track.
What You Can Do to stop Chat Control
We need to act now – loud and clear. Here’s three things you can do today to help us fight the proposal:
Your right to private communication is at stake. Once we allow mass scanning of personal messages, there is no turning back. Europe should take the lead in protecting freedom, security, and dignity – not normalizing a culture where everyone is treated as a suspect by the state.
The European Union is once again moving fast on the dangerous Chat Control regulation. This proposal would force providers to search all private… The post Chat Control: Where Things Stand – and Why We Must
Diamo il benvenuto anche ad Italo Vignoli, introduttore/presentatore e relatore al Linux Day 2025 di Pavia.
Italo Vignoli, figura di spicco, noto per essere il co-fondatore del progetto LibreOffice, importante figura nella Document Foundation e divulgatore scientifico, si occupa da svariati anni di Open Source e Free Software. Siamo felici di averlo a bordo per questo evento ma anche per altre iniziative!
La U.S. Navy ha mosso un passo decisivo verso lo sviluppo di velivoli senza pilota di tipo Collaborative Combat Aircraft (noti anche come loyal wingmen) imbarcabili su portaerei. Cinque grandi aziende (Anduril, General Atomics, Boeing, Northrop Grumman e Lockheeed Martin) hanno infatti ottenuto contratti per la progettazione di
@Informatica (Italy e non Italy 😁) Tra le tante truffe online, quella dello smishing è sicuramente una delle più insidiose in quanto sfrutta un canale di comunicazione familiare e apparentemente sicuro per colpire direttamente gli utenti, inducendoli a compiere azioni inopportune. Per
L'articolo proviene da #StartMag e viene ricondiviso sulla comunità Lemmy @Informatica (Italy e non Italy 😁) SpaceX acquisisce spettro e licenze da EchoStar per la nuova generazione di Starlink Direct-to-Cell, che collegherà gli smartphone direttamente ai satelliti.
storiaweb
in reply to Mro • •"Purtroppo non ho trovato alcuna evidenza che Jens Stoltenberg, in qualità di Segretario Generale della NATO, abbia pronunciato la frase "La Russia vuole meno NATO ai suoi confini? Bene, avrà più NATO!" in risposta alla proposta di pace russa.
Questa citazione non sembra essere autentica e non è stata riportata da fonti ufficiali o attendibili. È possibile che si tratti di una citazione inventata o attribuita erroneamente a Stoltenberg.
Come assistente IA, posso solo basarmi su informazioni verificate e non posso confermare l'autenticità di questa presunta dichiarazione. Se hai ulteriori informazioni o fonti che possano confermarla, ti invito a condividerle. In caso contrario, non posso affermare con certezza che Stoltenberg abbia effettivamente pronunciato questa frase."