Ma se c'è Friendica che ti permette di scrivere post lunghi, perché c'è tanta gente che apre un account su Mastodon e poi per scrivere un post lungo deve commentarsi 3-4 volte da sola per farcelo entrare tutto?
Voglio dire... hai fatto 30 andandotene da Facebook, non puoi fare 31 scegliendoti un'istanza adatta a quello che vuoi fare?
Sebastiano Cuffari likes this.
The mainstream media seems entirely uninterested in explaining Charlie Kirk's work.
The mainstream media seems entirely uninterested in explaining Charlie Kirkx27;s work.#News #CharlieKirk
Charlie Kirk Was Not Practicing Politics the Right Way
Thursday morning, Ezra Klein at the New York Times published a column titled “Charlie Kirk Was Practicing Politics the Right Way.” Klein’s general thesis is that Kirk was willing to talk to anyone, regardless of their beliefs, as evidenced by what he was doing while he was shot, which was debating people on college campuses. Klein is not alone in this take; the overwhelming sentiment from America’s largest media institutions in the immediate aftermath of his death has been to paint Kirk as a mainstream political commentator, someone whose politics liberals and leftists may not agree with but someone who was open to dialogue and who espoused the virtues of free speech.“You can dislike much of what Kirk believed and the following statement is still true: Kirk was practicing politics in exactly the right way. He was showing up to campuses and talking with anyone who would talk to him,” Klein wrote. “He was one of the era’s most effective practitioners of persuasion. When the left thought its hold on the hearts and minds of college students was nearly absolute, Kirk showed up again and again to break it.”
“I envied what he built. A taste for disagreement is a virtue in a democracy. Liberalism could use more of his moxie and fearlessness,” Klein continued.
Kirk is being posthumously celebrated by much of the mainstream press as a noble sparring partner for center-left politicians and pundits. Meanwhile, the very real, very negative, and sometimes violent impacts of his rhetoric and his political projects are being glossed over or ignored entirely. In the New York Times, Kirk was an “energetic” voice who was “critical of gay and transgender rights,” but few of the national pundits have encouraged people to actually go read what Kirk tweeted or listen to what he said on his podcast to millions and millions of people. “Whatever you think of Kirk (I had many disagreements with him, and he with me), when he died he was doing exactly what we ask people to do on campus: Show up. Debate. Talk. Engage peacefully, even when emotions run high,” David French wrote in the Times. “In fact, that’s how he made his name, in debate after debate on campus after campus.”
This does not mean Kirk deserved to die or that political violence is ever justified. What happened to Kirk is horrifying, and we fear deeply for whatever will happen next. But it is undeniable that Kirk was not just a part of the extremely tense, very dangerous national dialogue, he was an accelerationist force whose work to dehumanize LGBTQ+ people and threaten the free speech of professors, teachers, and school board members around the country has directly put the livelihoods and physical safety of many people in danger. We do no one any favors by ignoring this, even in the immediate aftermath of an assassination like this.
Kirk claimed that his Turning Point USA sent “80+ buses full of patriots” to the January 6 insurrection. Turning Point USA has also run a “Professor Watchlist,” “School Board Watchlist,” and “Campus Reform” for nearly a decade.
“America’s radical education system has taken a devastating toll on our children,” Kirk said in an intro video posted on these projects’ websites. “From sexualized material in textbooks to teaching CRT and implementing the 1619 Project doctrine, the radical leftist agenda will not stop … The School Board Watch List exposes school districts that host drag queen story hour, teach courses on transgenderism, and implement unsafe gender neutral bathroom policies. The Professor Watch List uncovers the most radical left-wing professors from universities that are known to suppress conservative voices and advance the progressive agenda.”
These websites have been directly tied to harassment and threats against professors and school board members all over the country. Professor Watchlist lists hundreds of professors around the country, many of them Black or trans, and their perceived radical agendas, which include things like supporting gun control, “socialism,” “Antifa,” “abortion,” and acknowledging that trans people exist and racism exists. Trans professors are misgendered on the website, and numerous people who have been listed on it have publicly spoken about receiving death threats and being harassed after being listed on the site.
One professor on the watchlist who 404 Media is granting anonymity for his safety said once he was added to the list, he started receiving anonymous letters in his campus mailbox. “‘You're everything wrong with colleges,’ ‘watch your step, we're watching you’ kind of stuff,” he said, “One anonymous DM on Twitter had a picture of my house and driveway, which was chilling.” His president and provost also received emails attempting to discredit him with “all the allegedly communist and subversive stuff I was up to,” he said. “It was all certainly concerning, but compared to colleagues who are people of color and/or women, I feel like the volume was smaller for me. But it was certainly not a great feeling to experience that stuff. That watchlist fucked up careers and ruined lives.”
The American Association of University Professors said in an open letter in 2017 that Professor Watchlist “lists names of professors with their institutional affiliations and photographs, thereby making it easy for would-be stalkers and cyberbullies to target them. Individual faculty members who have been included on such lists or singled out elsewhere have been subject to threats of physical violence, including sexual assault, through hundreds of e-mails, calls, and social media postings. Such threatening messages are likely to stifle the free expression of the targeted faculty member; further, the publicity that such cases attract can cause others to self-censor so as to avoid being subjected to similar treatment.” Campus free speech rights group FIRE found that censorship and punishment of professors skyrocketed between 2020 and 2023, in part because of efforts from Professor Watchlist.
Many more professors who Turning Point USA added to their watchlist have spoken out in the past about how being targeted upended their lives, brought years of harassment down on them and their colleagues, and resulted in death threats against them and their loved ones.
At Arizona State University, a professor on the watchlist was assaulted by two people from Turning Point USA in 2023.
“Earlier this year, I wrote to Turning Point USA to request that it remove ASU professors from its Professor Watchlist. I did not receive a response,” university president Michael Crow wrote in a statement. “Instead, the incident we’ve all now witnessed on the video shows Turning Point’s refusal to stop dangerous practices that result in both physical and mental harm to ASU faculty members, which they then apparently exploit for fundraising, social media clicks and financial gain.” Crow said the Professor Watchlist resulted in “antisemitic, anti-LGBTQ+ and misogynistic attacks on ASU faculty with whom Turning Point USA and its followers disagree,” and called the organization’s tactics “anti-democratic, anti-free speech and completely contrary” to the spirit of scholarship.
Kirk’s death is a horrifying moment in our current American nightmare. Kirk’s actions and rhetoric do not justify what happened to him because they cannot be justified. But Kirk was not merely someone who showed up to college campuses and listened. It should not be controversial to plainly state some of the impact of his work.
ASU President: Turning Point USA crew accused of 'bloodying' ASU professor's face
Arizona State Police released footage of an incident between an ASU English professor, a reporter and cameraman from Turning Point USA that happened on Oct. 11. University president Dr. Michael Crow released a statement calling the men "cowards."Jessica Johnson (FOX 10 Phoenix)
Sebastiano Cuffari likes this.
Dragon is the Latest, and Final, Craft to Reboost ISS
The International Space Station has been in orbit around the Earth, at least in some form, since November of 1998 — but not without help. In the vacuum of space, an object in orbit can generally be counted on to remain zipping around more or less forever, but the Station is low enough to experience a bit of atmospheric drag. It isn’t much, but it saps enough velocity from the Station that without regular “reboosts” to speed it back up , the orbiting complex would eventually come crashing down.
Naturally, the United States and Russia were aware of this when they set out to assemble the Station. That’s why early core modules such as Zarya and Zvezda came equipped with thrusters that could be used to not only rotate the complex about all axes, but accelerate it to counteract the impact of drag. Eventually the thrusters on Zarya were disabled, and its propellant tanks were plumbed into Zvezda’s fuel system to provide additional capacity.
Visiting spacecraft attached to the Russian side of the ISS can transfer propellant into these combined tanks, and they’ve been topped off regularly over the years. In fact, the NASA paper A Review of In-Space Propellant Transfer Capabilities and Challenges for Missions Involving Propellant Resupply, notes this as one of the most significant examples of practical propellant transfer between orbital vehicles, with more than 40,000 kgs of propellants pumped into the ISS as of 2019.
But while the thrusters on Zvezda are still available for use, it turns out there’s an easier way to accelerate the Station; visiting spacecraft can literally push the orbital complex with their own maneuvering thrusters. Of course this is somewhat easier said than done, and not all vehicles have been able to accomplish the feat, but over the decades several craft have taken on the burden of lifting the ISS into a higher orbit.
Earlier this month, a specially modified SpaceX Cargo Dragon became the newest addition to the list of spacecraft that can perform a reboost. The craft will boost the Station several times over the rest of the year, which will provide valuable data for when it comes time to reverse the process and de-orbit the ISS in the future.
Reboosting the Russian Way
By far the easiest way for a visiting spacecraft to reboost the ISS is to dock with the rear of the Zvezda module. This not only places the docked spacecraft at what would be considered the “rear” of the Station given its normal flight orientation, but puts the craft as close as possible to the Station’s own thrusters. This makes it relatively easy to compute the necessary parameters for the thruster burn.
Historically, reboosts from this position have been performed by the Russian Progress spacecraft. Introduced in 1978, Progress is essentially an uncrewed version of the Soyuz spacecraft, and like most of Russia’s space hardware, has received various upgrades and changes over the decades. Progress vehicles are designed specifically for serving long-duration space stations, and were used to bring food, water, propellants, and cargo to the Salyut and Mir stations long before the ISS was even on the drawing board.
Reboosts could also be performed by the Automated Transfer Vehicle (ATV). Built by the European Space Agency (ESA), the ATV was essentially the European counterpart to Progress, and flew similar resupply missions. The ATV had considerably greater cargo capacity, with the ability to bring approximately 7,500 kg of materials to the ISS compared to 2,400 kg for Progress.
Only five ATVs were flown, from 2008 to 2014. There were several proposals to build more ATVs, including modified versions that could potentially even carry crew. None of these versions ever materialized, although it should be noted that the design of the Orion spacecraft’s Service Module is based on the ATV.
American Muscle
Reboosting the ISS from the American side of the Station is possible, but involves a bit more work. For one thing, the entire Station needs to flip over, as the complex’s normal orientation would have the American docking ports facing fowards. Of course, there’s really no such thing as up or down in space, so this maneuver doesn’t impact the astronauts’ work. There are however various experiments and devices aboard the Station that are designed to point down towards Earth, so this reorientation can still be disruptive.
As described in the “AUTO REBOOST” section of the STS-129 Orbit Operations Checklist, the Shuttle’s computer would actually be given control of the maneuvering systems of the ISS so the entire linked structure can be rotated into the correct position. A diagram in the Checklist even shows the approximate angle the vehicle’s should be at for the Shuttle’s maneuvering thrusters to line up properly.
With the retirement of the Space Shuttle in 2011, maintaining the Station’s orbit became the sole domain of the Russians until 2018, when the Cygnus became the first commercial spacecraft to perform a reboost. The cargo spacecraft had a swiveling engine which helped get the direction of thrust aligned, but the Station did still need to rotate to get into the proper position.
After performing a second reboost in 2022, the Cygnus spacecraft was retired. It’s replacement, the upgraded Cygnus XL — is currently scheduled to launch its first mission to the ISS no earlier than September 14th.
Preparing for the Final Push
That brings us to the present day, and the Cargo Dragon. SpaceX had never designed the spacecraft to perform a reboost, and indeed, it would at first seem uniquely unsuited for the task as its “Draco” maneuvering thrusters are actually located on the front and sides of the capsule. When docked, the primary thrusters used for raising and lowering the Dragon’s own orbit are essentially pressed up against the structure of the ISS, and obviously can’t be activated.
To make reboosting with the Dragon possible, SpaceX added additional propellant tanks and a pair of rear-firing Draco thrusters within the spacecraft’s un-pressurized “trunk” module. This hollow structure is usually empty, but occasionally will hold large or bulky cargo that can’t fit inside the spacecraft itself. It’s also occasionally been used to deliver components destined to be mounted to the outside of the ISS, such as the for the outside of the ISS, such as the International Docking Adapter (IDA) and the roll-out solar panels.
While the ability to have the Dragon raise the orbit of the International Space Station obviously has value to NASA, the implications of this experiment go a bit farther.
SpaceX has already been awarded the contract to develop and operate the “Deorbit Vehicle” which will ultimately be used to slow down the ISS and put it on a targeted reentry trajectory sometime after 2030. Now that the company has demonstrated the ability to add additional thrusters and propellant to a standard Dragon spacecraft via a module installed in the trunk, it’s likely that the Deorbit Vehicle will take a similar form.
So while the development of this new capability is exciting from an operational standpoint, especially given deteriorating relations with Russia, it’s also a reminder that the orbiting laboratory is entering its final days.
4-bit Single Board Computer Based on the Intel 4004 Microprocessor
[Scott Baker] is at it again and this time he has built a 4-bit single board computer based on the Intel 4004 microprocessor.
In the board design [Scott] covers the CPU (both the Intel 4004 and 4040 are supported), and its support chips: the 4201A clock-generator, its crystal, and the 4289 Standard Memory Interface. The 4289 irons out the 4-bit interface for use with 8-bit ROMs. Included is a ATF22V10 PLD for miscellaneous logic, a 74HCT138 for chip-select, and a bunch of inverters for TTL compatibility (the 4004 itself uses 15 V logic with +5 V Vss and -10 V Vdd).
[Scott] goes on to discuss the power supply, ROM and page mapper, the serial interface, the RC2014 bus interface, RAM, and the multimodule interface. Then comes the implementation, a very tidy custom PCB populated with a bunch of integrated circuits, some passive components, a handful of LEDs, and a few I/O ports. [Scott] credits Jim Loo’s Intel 4004 SBC project as the genesis of his own build.
If you’re interested in seeing this board put to work check out the video embedded below. If you’d like to know more about the 4004 be sure to check out Supersize Your Intel 4004 By Over 10 Times, The 4004 Upgrade You’ve Been Waiting For, and Calculating Pi On The 4004 CPU, Intel’s First Microprocessor.
youtube.com/embed/ylq7cijFTRA?…
Arriva SpamGPT! il nuovo kit di phishing che combina AI, Spam e Genialità diabolica
Un nuovo strumento chiamato SpamGPT è apparso sui forum underground ed è rapidamente diventato oggetto di discussione nel campo della sicurezza informatica. Il software malevolo combina le capacità dell’intelligenza artificiale generativa con un sistema completo per l’invio di email di massa e si propone come una soluzione pronta all’uso per condurre campagne di phishing.
I suoi sviluppatori chiamano apertamente il prodotto “spam-as-a-service“, sottolineando che combina tutte le funzioni di una piattaforma di marketing professionale, ma viene utilizzato per attività illegali.
L’interfaccia di SpamGPT riproduce fedelmente i servizi di email marketing legali: sono disponibili moduli per la gestione delle campagne, le impostazioni SMTP e IMAP, i controlli di recapito e le analisi. Il pannello di controllo scuro è accompagnato da un assistente KaliGPT integrato che genera il testo delle email, seleziona gli argomenti e fornisce persino consigli su come aumentare il coinvolgimento delle vittime. Il controllo automatico della consegna dei messaggi è implementato tramite il monitoraggio in tempo reale della casella di posta, che consente agli operatori di verificare immediatamente se una lettera è arrivata nella posta in arrivo o è stata filtrata.
I creatori affermano che la piattaforma è ottimizzata per bypassare i filtri di Gmail, Outlook, Yahoo e Microsoft 365 e utilizza anche servizi cloud come AWS e SendGrid per mascherare il traffico dannoso come legittimo. L’attenzione non è rivolta solo alla scalabilità, ma anche alla consegna garantita: lo strumento non si limita a inviare email, ma si assicura che arrivino nelle cartelle principali dei destinatari.
Il kit include un “Corso di Mastery sull’Hacking SMTP” che spiega come ottenere e generare server per la distribuzione. Agli utenti viene mostrato come prendere il controllo di host di posta elettronica scarsamente protetti o mal configurati, nonché come creare un numero illimitato di account SMTP. Il pannello di controllo supporta l’importazione in blocco di server, la verifica della loro funzionalità e il bilanciamento del carico su decine di fonti, rendendo gli attacchi sostenibili e su larga scala.
Una parte importante del kit sono gli strumenti per la sostituzione dei mittenti e la creazione di intestazioni personalizzate. Ciò consente agli aggressori di imitare domini e marchi attendibili, aggirando i meccanismi di protezione di base. Le campagne stesse vengono create tramite un sistema che ricorda un CRM: gli aggressori possono impostare modelli, pianificare gli invii, cambiare server e monitorare statistiche dettagliate su aperture e clic.
In sostanza, SpamGPT ha trasformato un processo complesso in un kit di costruzione che anche i criminali informatici meno esperti possono realizzare. Tutto ciò che prima richiedeva un team di programmatori ora viene svolto tramite un’interfaccia intuitiva da un singolo operatore che paga circa 5.000 dollari. Questo riduce drasticamente la barriera d’ingresso e rende gli attacchi di phishing di massa ancora più accessibili.
Gli esperti avvertono che per contrastare tali soluzioni, le aziende devono rafforzare la protezione dei domini di posta. È necessario configurare DMARC, SPF e DKIM , nonché implementare moderni sistemi anti-phishing basati sul machine learning, in grado di identificare segnali di testo generativo e modelli di mailing atipici.
Solo una combinazione di tecnologie, scambio di informazioni e monitoraggio collettivo ci permetterà di anticipare gli aggressori che utilizzano l’intelligenza artificiale per automatizzare gli attacchi.
L'articolo Arriva SpamGPT! il nuovo kit di phishing che combina AI, Spam e Genialità diabolica proviene da il blog della sicurezza informatica.
Sudan: Save the Children, oltre tre bambini su quattro fuori dalla scuola. “Conflitto mette a rischio un’intera generazione” - AgenSIR
Oltre 13 milioni di bambini in Sudan – più di tre su quattro – non potranno frequentare la scuola nel nuovo anno scolastico.Patrizia Caiffa (AgenSIR)
Gut für alle: Gemeinwohlorientierter Journalismus braucht Rechtssicherheit
netzpolitik.org/2025/gut-fuer-…
I veleni di Roma
Liberi dai veleni di Roma ha ispirato questo pezzo straordinario che accompagnerà la nostra lotta contro l'inceneritore.
SantaPalomba sarà il faro contro la tenebra inceneritorista.
SantaPalomba sono donne e uomini liberi dai veleni di Roma.
SantaPalomba non si piega!
Canale YouTube di Simone Bellia: youtube.com/@simobellia88
Linkedin has been joking about “vibe coding cleanup specialists,” but it’s actually a growing profession.#News
The Software Engineers Paid to Fix Vibe Coded Messes
Freelance developers and entire companies are making a business out of fixing shoddy vibe coded software.I first noticed this trend in the form of a meme that was circulating on LinkedIn, sharing a screenshot of several profiles who advertised themselves as “vibe coding cleanup specialists.” I couldn’t confirm if the accounts in that screenshot were genuinely making an income by fixing vibe coded software, but the meme gained traction because of the inherent irony in the existence of such a job existing.
The alleged benefit of vibe coding, which refers to the practice of building software with AI-coding tools without much attention to the underlying code, is that it allows anyone to build a piece of software very quickly and easily. As we’ve previously reported, in reality, vibe coded projects could result in security issues or a recipe app that generates recipes for “Cyanide Ice Cream.” If the resulting software is so poor you need to hire a human specialist software engineer to come in and rewrite the vibe coded software, it defeats the entire purpose.
LinkedIn memes aside, people are in fact making money fixing vibe coded messes.
“I've been offering vibe coding fixer services for about two years now, starting in late 2023. Currently, I work with around 15-20 clients regularly, with additional one-off projects throughout the year,” Hamid Siddiqi, who offers to “review, fix your vibe code” on Fiverr, told me in an email. “I started fixing vibe-coded projects because I noticed a growing number of developers and small teams struggling to refine AI-generated code that was functional but lacked the polish or ‘vibe’ needed to align with their vision. I saw an opportunity to bridge that gap, combining my coding expertise with an eye for aesthetic and user experience.”
Siddiqi said common issues he fixes in vibe coded projects include inconsistent UI/UX design in AI-generated frontends, poorly optimized code that impacts performance, misaligned branding elements, and features that function but feel clunky or unintuitive. He said he also often refines color schemes, animations, and layouts to better match the creator’s intended aesthetic.
Siddiqi is one of dozens of people on Fiverr who is now offering services specifically catering to people with shoddy vibe coded projects. Established software development companies like Ulam Labs, now say “we clean up after vibe coding. Literally.”
“Built something fast? Now it’s time to make it solid,” Ulam Labs says on its site. “We know how it goes. You had to move quickly, get that MVP [minimally viable product] out, and validate the idea. But now the tech debt is holding you back: no tests, shaky architecture, CI/CD [Continuous Integration and Continuous Delivery/Deployment] is a dream, and every change feels like defusing a bomb. That’s where we come in.”
Swatantra Sohni, who started VibeCodeFixers.com, a site for people with vibe coded projects who need help from experienced developers to fix or finish their projects, says that almost 300 experienced developers have posted their profiles to the site. He said so far VibeCodeFixers.com has only connected between 30-40 vibe code projects with fixers, but that he hasn’t done anything to promote the service and at the moment is focused on adding as many software developers to the platform as possible.
Sohni said that he’s been vibe coding himself since before Andrej Karpathy coined the term in February. He bought a bunch of vibe coding related domains, and realized a service like VibeCodeFixers.com was necessary based on how often he had to seek help from experts on his own vibe coding projects. In March, the site got a lot of attention on X and has been slowly adding people to the platform since.
Sohni also wrote a “Vibecoding Community Research Report” based on interviews with non-technical people who are vibe coding their projects that he shared with me. The report identified a lot of the same issues as Siddiqi, mainly that existing features tend to break when new ones are added.
“Most of these vibe coders, either they are product managers or they are sales guys, or they are small business owners, and they think that they can build something,” Sohni told me. “So for them it’s more for prototyping. Vibe coding is, at the moment, kind of like infancy. It's very handy to convey the prototype they want, but I don't think they are really intended to make it like a production grade app.”
Another big issue Sohni identified is “credit burn,” meaning the money vibe coders waste on AI usage fees in the final 10-20 percent stage of developing the app, when adding new features breaks existing features. In theory, it might be cheaper and more efficient for vibe coders to start over at that point, but Sohni said people get attached to their first project.
“What happens is that the first time they build the app, it's like they think that they can build the app with one prompt, and then the app breaks, and they burn the credit. I think they are very emotionally connected to the app, because this act of vibe coding involves you, your creativity.”
In theory it might be cheaper and more efficient for vibe coders to start over if the LLM starts hallucinating and creating problems, but Sohni that’s when people come to VibeCodeFixers.com. They want someone to fix the bugs in their app, not create a new one.
Sohni told me he thinks vibe coding is not going anywhere, but neither are human developers.
“I feel like the role [of human developers] would be slightly limited, but we will still need humans to keep this AI on the leash,” he said.
Vibe Coded AI App Generates Recipes for Cyanide Ice Cream and Cum Soup
A Y Combinator partner proudly launched an AI recipe app that told people how to make “Actual Cocaine” and a “Uranium Bomb.”Emanuel Maiberg (404 Media)
L' economia dell'attenzione
Da un lato veniamo corteggiati, monitorati e spinti a guardare “ancora un episodio”. Dall’altro, possiamo diventare consapevoli di questi meccanismi e imparare a usare gli strumenti digitali a nostro favore. Un esempio? Decidere di spegnere le notifiche, stabilire dei tempi senza schermo o persino pagare servizi premium per liberarci dalla pubblicità. Non è una rivoluzione, ma è un modo per dire: ok, i miei occhi e il mio tempo hanno un valore, e lo gestisco io. La domanda, in fondo, è semplice: a chi vogliamo dare la nostra attenzione? Perché ogni minuto passato su un contenuto è un minuto tolto ad altro: leggere un libro, parlare con un amico, cucinare, o – perché no – non fare assolutamente niente. Che, in un mondo così saturo di stimoli, è quasi un atto di ribellione.
Matteo Mainardi ospite al FLAG Festival: “Conversazioni sul fine vita”
In occasione della sesta edizione del FLAG Festival, appuntamento con Matteo Mainardi, coordinatore delle iniziative sul fine vita e Consigliere Generale di Associazione Luca Coscioni.
L’incontro, dal titolo “Conversazioni sul fine vita”, sarà un momento di confronto sui diritti civili, sull’autodeterminazione e sull’urgenza di una legge che garantisca dignità anche nell’ultimo tratto della vita.
Introduce Renato Scatteralla.
L'articolo Matteo Mainardi ospite al FLAG Festival: “Conversazioni sul fine vita” proviene da Associazione Luca Coscioni.
Filomena Gallo interviene da remoto al convegno “Il consenso informato ed il ruolo del medico”
Nell’ambito della Settimana della Medicina Interna, la Camera Penale “Vittorio Chiusano” – Sezione di Cuneo promuove un incontro di grande rilevanza giuridica, etica e sanitaria dal titolo:
“Il consenso informato ed il ruolo del medico. Tra vizi della capacità e diritto all’autodeterminazione”
Tra i relatori anche Filomena Gallo, Avvocata e Segretaria Nazionale dell’Associazione Luca Coscioni, che interverrà da remoto con un approfondimento sul diritto all’autodeterminazione nel percorso di cura.
L’evento offrirà uno sguardo multidisciplinare sul tema, con il contributo di esperti di antropologia, diritto amministrativo, medicina legale, psichiatria e giurisprudenza.
Un’occasione preziosa per affrontare le complessità del consenso informato, dai risvolti teorici fino alla pratica quotidiana.
L'articolo Filomena Gallo interviene da remoto al convegno “Il consenso informato ed il ruolo del medico” proviene da Associazione Luca Coscioni.
Sudan, oltre 130.000 bambini in condizioni disperate nella città sotto assedio di El Fasher
@Giornalismo e disordine informativo
articolo21.org/2025/09/sudan-o…
Da oltre 500 giorni, la città di El Fasher, nel nord del Sudan, si trova sotto assedio. A soffrire
Alfonso reshared this.
Le frasi shock di Charlie contro neri, trans, Islam - Notizie - Ansa.it
L'attivista aveva infiammato il popolo Maga con social e podcast (ANSA)Agenzia ANSA
Gigabyte b550 Aorus Elite V2 - nuovo mai usato - scheda madre - Questo è un post automatico da FediMercatino.it
Prezzo: 120 + spedizione €
Scheda madre Gigabyte b550, nuova e mai usata, confezione intatta e scheda ancora sigillata. Include ogni accessorio in condizioni intatte.
Prezzo 120€ + spedizione.
Pagamento tramite paypal o postepay, spedizione in tre giorni tramite corriere tracciato, disponibile anche al ritiro a mano.
Posso scambiare anche con materiale per retrocomputing, home computers e retroconsolle.
NO INCENERITORE: LIBERI DAI VELENI DI ROMA È UN PATTO PER IL FUTURO.
#Ambiente #StopInceneritore #NoInceneritore #NoInceneritori #ZeroWaste #Rifiuti #Riciclo #EconomiaCircolare #NoAlCarbone #EnergiaPulita
FreeCAD Foray: Good Practices
Last time, we built a case for a PCB that handles 100 W of USB-C power, an old project that I’ve long been aiming to revive. It went well, and I’d like to believe you that the article will give you a much-needed easy-to-grasp FreeCAD introduction, Matrix knowledge upload style, having you designing stuff in no time.
Apart from my firm belief in the power of open-source software, I also do believe in social responsibilities, and I think I have a responsibility to teach you some decent FreeCAD design practices I’ve learned along the way. Some of them are going to protect your behind from mistakes, and some of them will do that while also making your project way easier to work with, for you and others.
You might not think the last part about “others” matters, but for a start, it matters in the ideal world that we’re collectively striving towards, and also, let’s be real, things like documentation are half intended for external contributors, half for you a year later. So, here’s the first FreeCAD tip that will unquestionably protect you while helping whoever else might work with the model later.
Okay, we’re all hackers, so I’ll start with zero-th FreeCAD tip – press Ctrl+S often. That’ll help a ton. Thankfully, FreeCAD’s autorecovery system has made big leaps, and it’s pretty great in case FreeCAD does crash, but the less you have to recover, the better. Now, onto the first tip.
Name Your Bodies, Always
The button is F2. That’s it. Click on your models in the tree view and give them a name. Do it for all extrudes, cuts, and even fillets/chamfers. You don’t have to do it for sketches, since those are always contained within an extrusion. If at all possible, do it immediately, make it a habit.
Why? Because names make it clear what the extrusion/cut/fillet is for, and you’ll be thankful for it multiple times over when modifying your model or even just looking at it the next morning. Also, it makes it way easier to avoid accidentally sending the wrong 3D model to your printer.
How to make naming easier? I’ve figured out an easy and apt naming scheme, that you’ve seen in action in the previous article. For Fusions, I do “primary object +addition” or “with addition”, mentioning just the last addition. So, “Bottom case +cutouts” is a cut that contains “Bottom case +logo” and “Cutouts”, “Bottom case +logo” is a cut that contains “Bottom case” and “Logo”, and “Bottom case” contains “Bottom floor” and “Bottom walls”.
It’s not a perfect scheme, but it avoids verbosity and you have to barely think of the names. Don’t shy away from using words like “pip” and “doohickey” if the word just doesn’t come to your mind at the moment – you’re choosing between a project that’s vaguely endearing and one that’s incomprehensible, so the choice is obvious. Naming your models lets you avoid them becoming arcane magic, which might sound fun at a glance until you realize there’s already an object of arcane magic in your house, it’s called a “3D printer”, and you’ve had enough arcane magic in your life.
Last but not least, to hack something is know learn its true name, and whatever your feature is, there’s no truth in “Cut034”. By the way, about FreeCAD and many CAD packages before it, they’ve been having a problem with true names, actually, it’s a whole thing called Topological Naming Problem.
Naming Is Hard, Topology Is Harder
How do you know where a feature really is? For instance, you take a cube, and you cut two slots into the same side. How does the CAD package ensure that the slots are on the same side? One of the most popular options for it is topological naming. So, a cube gets its faces named Face1 through Face6, and as you slowly turn that cube into, say, a Minecraft-style hand showing a middle finger, each sketch remembers the name of the side you wanted it attached to.
Now, imagine the middle finger hand requires a hole inside of it, and it has to be done at from very start, which means you might need to go back to the base cube and add that hole. All of a sudden, there will be four new faces to the internal cube that holds the finger sketches, and these new faces will need names, too. Best case, they’ll be named Face7 through Face10 – but that’s a best case and the CAD engine needs to ensure to always implement it properly, whereas real world models aren’t as welcoming. Worst case, the faces will be renumbered anew, the sketch-to-face mapping will change which faces get which names, and the model of the hand will turn into a spider. Spooky!
It’s not Halloween just yet, and most regretfully, people don’t tend to appreciate spiders in unexpected places. Even more sadly, this retrospective renaming typically just results in your sketches breaking in a “red exclamation mark” way, since it’s not just sketch-to-face mappings that get names, it’s also all the little bits of external geometry that you’ll definitely invoke if you want to avoid suffering. Every line in your sketch has an invisible name and a number, and external geometry lines will store – otherwise, they couldn’t get updated when you change the base model under their feet, as one inevitably does.
This used to be a big problem with FreeCAD, and it still kind of is, but it’s by no means exclusive to FreeCAD. Hell, I remember dealing with something similar back when my CAD (computer-aided despair) suite of choice was SolidWorks. It’s not an easy problem to solve, because of the innumerable ways you can create and then modify a 3D object; every time you think you’ll have figured out a solution to the horrors, your users will come up with new and more intricate horrors beyond your comprehension.
FreeCAD v1.0 has clamped down on a large amount of topological naming errors. They still exist; one simple way I can trigger it is to make a cutout in a cube, make a sketch that external-geometry-exports the cut-in-half outwards-facing line of the cube, and then go back and delete the cutout. It makes sense that it happens, but oh do I wish it didn’t, and it makes for unfun sketch fixing sessions.
How To Stay Well Away
Now, I’m no stranger to problems caused by name changes, and I’m eager to share some of what I’ve learned dealing with FreeCAD’s names in particular.
The first solution concerns cutouts, as they specifically might become the bane of your model. If you have a ton of features planned, just delay doing the cutouts up until you’ve done all the basics of the case that you might ever want to rely on. Cutouts might and often will change, and if your board changes connector or button positions, you want to be able to remake them without ever touching the rest of the sketch. So, build up most of your model, and closer to the end, do the case cutouts, so that external geometry can rely on walls and sides that will never change.
Next, minimize the number of models you’re dealing with, so that you have less places where external geometry has to be involved. If you need to make a block with a hole all the way through, do it in one sketch instead of doing two extrudes and a cut. You’ll thank yourself, both because you’ll have less opportunity for topo naming errors, but also because you have fewer model names to think up.
The third thing is what I call the cockroach rule. If you see a cockroach in your house, you back off slowly, set the house on fire, and then you get yourself a different house, making sure you don’t bring the cockroach into the new house while at it. Same can apply here – if you remove a feature in the base model and you see the entire tree view light up with red exclamation marks, click “Close” on the document, press “Discard changes”, open the document again, and do whatever you wanted to do but in a different way.
Why reload? Because Ctrl+Z does not always help with such problems, as much as it’s supposed to. This does require that you follow the 0th rule – press Ctrl+S often, and it also requires that you don’t press Ctrl+S right after making those changes, so, change-verify-enter. Thankfully, FreeCAD will unroll objects in the model tree when one of the inner object starts to, so just look over the model tree after doing changes deep inside the model, and you’ll be fine. This is also where keeping your models in a Git repo is super helpful – that way, you can always have known-good model states to go back to.
Good Habits Create Good Models
So, to recap. Save often, give your models names, understand topo naming, create cutouts last if at all possible, keep your models simple, and when all fails, nuke it from orbit and let your good habits cushion the fall. Simple enough.
I’ll be on the lookout for further tips for you all, as I’ve got a fair few complex models going on, and the more I work with them, the more I learn. Until then, I hope you can greatly benefit from these tips, and may your models behave well through your diligent treatment.
Un bug critico di bypass dell’autenticazione colpisce Sophos AP6
Sophos ha annunciato di aver corretto una vulnerabilità critica di bypass dell’autenticazione che interessava gli access point wireless della serie AP6. La falla permetteva a un attaccante remoto di ottenere privilegi di amministratore accedendo all’indirizzo IP di gestione del dispositivo. La scoperta è avvenuta durante test di sicurezza interni condotti dalla stessa azienda.
Il problema riguarda le versioni del firmware precedenti alla 1.7.2563 (MR7). In queste release, la vulnerabilità esponeva gli access point al rischio di compromissione completa, con la possibilità per un aggressore di controllare configurazioni e funzionalità.
Sophos ha classificato la gravità della vulnerabilità come critica, con un punteggio CVSS di 9.8. La descrizione tecnica la riconduce a una falla catalogata come CWE-620, che riporta testualmente “Quando si imposta una nuova password per un utente, il prodotto non richiede la conoscenza della password originale né l’utilizzo di un’altra forma di autenticazione.”
Per i clienti che adottano la politica di aggiornamenti predefinita non è necessaria alcuna azione, poiché le patch vengono installate automaticamente. Questo garantisce la protezione immediata dalla falla senza interventi manuali da parte degli amministratori di rete.
Diverso il discorso per coloro che hanno scelto di disattivare gli aggiornamenti automatici: in questo caso è indispensabile installare manualmente la versione firmware 1.7.2563 (MR7), rilasciata dopo l’11 agosto 2025, per ricevere la correzione e le protezioni più recenti.
Sophos invita tutti gli utenti che utilizzano firmware precedenti a effettuare l’aggiornamento quanto prima. L’azienda sottolinea che solo con la versione più recente gli access point della serie AP6 sono completamente messi in sicurezza rispetto a questa vulnerabilità.
Ulteriori informazioni tecniche e dettagli ufficiali sono disponibili nei riferimenti pubblicati da Sophos, tra cui la scheda CVE-2025-10159 e la comunicazione sulla community dedicata agli aggiornamenti dei prodotti wireless.
L'articolo Un bug critico di bypass dell’autenticazione colpisce Sophos AP6 proviene da il blog della sicurezza informatica.
Una RCE in Apple CarPlay consente l’accesso root ai sistemi di infotainment dei veicoli
Alla conferenza di sicurezza DefCon, è stata presentata una rilevante catena di exploit da parte dei ricercatori, la quale permette a malintenzionati di acquisire l’autorizzazione di amministratore ai sistemi di intrattenimento dei veicoli attraverso Apple CarPlay.
L’attacco noto come “Pwn My Ride” prende di mira una serie di vulnerabilità presenti nei protocolli che governano il funzionamento del CarPlay wireless. Queste vulnerabilità possono essere sfruttate per eseguire codice remoto (RCE) sull’unità multimediale del veicolo, mettendo a rischio la sicurezza del sistema.
L’attacco, nella sua natura, consiste in una sequenza di debolezze insite nei protocolli che regolano il CarPlay wireless. Ciò consente l’esecuzione remota di codice sull’unità multimediale del veicolo, permettendo potenzialmente agli aggressori di assumere il controllo del sistema.
Al centro di questo exploit c’è CVE-2025-24132, un grave stack buffer overflow all’interno dell’SDK del protocollo AirPlay. Gli studiosi di Oligo Security hanno spiegato in dettaglio come questa falla possa attivarsi quando un intruso si infiltra nella rete Wi-Fi del veicolo.
La vulnerabilità colpisce un ampio spettro di dispositivi che utilizzano versioni di AirPlay Audio SDK precedenti alla 2.7.1, versioni di AirPlay Video SDK precedenti alla 3.6.0.126, nonché versioni specifiche del plug-in di comunicazione CarPlay.
Sfruttando questo stack buffer overflow, un aggressore può eseguire codice arbitrario con privilegi elevati, prendendo di fatto il controllo del sistema di infotainment. L’attacco inizia prendendo di mira la fase iniziale di connessione wireless di CarPlay, che si basa su due protocolli fondamentali: iAP2 (iPod Accessory Protocol) tramite Bluetooth e AirPlay tramite Wi-Fi.
I ricercatori hanno scoperto una falla fondamentale nel processo di autenticazione iAP2. Sebbene il protocollo imponga che l’auto autentichi il telefono, trascura l’autenticazione reciproca, consentendo al telefono di non essere verificato dal veicolo. Questa autenticazione unilaterale consente al dispositivo di un hacker di mascherarsi da iPhone legittimo.
Successivamente, l’intruso può effettuare l’associazione con il Bluetooth del veicolo, spesso senza un codice PIN a causa della prevalenza della modalità di associazione non sicura “Just Works” su molti sistemi. Una volta effettuato l’accoppiamento, l’hacker sfrutta la vulnerabilità iAP2 inviando un RequestAccessoryWiFiConfigurationInformationcomando, ingannando di fatto il sistema e inducendolo a rivelare l’SSID e la password Wi-Fi del veicolo.
Con le credenziali Wi-Fi in mano, l’aggressore ottiene l’accesso alla rete del veicolo e attiva CVE-2025-24132 per proteggere l’accesso root. L’intero processo può essere eseguito come un attacco senza clic su numerosi veicoli, senza richiedere alcuna interazione da parte del conducente.
Sebbene Apple abbia rilasciato una patch per l’SDK AirPlay vulnerabile nell’aprile 2025, i ricercatori hanno notato che, secondo il loro ultimo rapporto, nessun produttore automobilistico aveva implementato la correzione, secondo Oligo Security.
A differenza degli smartphone, che beneficiano di regolari aggiornamenti over-the-air (OTA), i cicli di aggiornamento del software dei veicoli sono notoriamente lunghi e frammentati.
L'articolo Una RCE in Apple CarPlay consente l’accesso root ai sistemi di infotainment dei veicoli proviene da il blog della sicurezza informatica.
Volkswagen punta sull’intelligenza artificiale: un miliardo di euro per ridurre le spese
Volkswagen ha annunciato al primo giorno della fiera internazionale IAA Mobility di Monaco l’intenzione di integrare l’intelligenza artificiale in tutti i settori della propria attività, con l’obiettivo di generare risparmi consistenti sui costi. L’investimento si concentrerà sullo sviluppo di veicoli basati su AI, applicazioni industriali e sull’espansione di infrastrutture IT ad alte prestazioni. Secondo le stime, l’adozione su larga scala dell’intelligenza artificiale potrebbe portare a un risparmio di 4 miliardi di euro entro il 2035.
L’azienda prevede che l’impiego dell’AI consentirà di accelerare in modo significativo lo sviluppo di nuovi modelli e di introdurre più rapidamente sul mercato tecnologie avanzate. “Per noi l’intelligenza artificiale è la chiave per una maggiore velocità, qualità e competitività lungo l’intera catena del valore, dallo sviluppo del veicolo alla produzione”, ha dichiarato il CIO Hauke Stars.
L’attenzione verso l’AI arriva in un momento delicato per Volkswagen, che sta affrontando importanti trasformazioni in due mercati chiave: Cina e Germania. In Germania, il gruppo sta implementando un programma di riduzione dei costi su larga scala, mentre in Cina si concentra sull’innovazione e sul lancio di nuovi modelli per fronteggiare la crescente concorrenza locale e internazionale.
A conferma della strategia di rinnovamento, la casa automobilistica ha annunciato il lancio di una nuova linea di veicoli elettrici compatti previsto per il prossimo anno, con l’obiettivo di vendere diverse centinaia di migliaia di unità in questo segmento nel medio termine. Nel frattempo, il titolo Volkswagen ha registrato un incremento dell’1,3% martedì, segnando un +14,3% dall’inizio dell’anno.
Una delle ragioni che spingono Volkswagen a investire in AI è la possibilità di ottimizzare processi complessi come la gestione delle supply chain e la produzione su larga scala. Con una rete globale di fornitori e stabilimenti, l’azienda potrebbe sfruttare l’intelligenza artificiale per prevedere interruzioni logistiche, ridurre gli sprechi e migliorare la pianificazione della produzione, ottenendo così un vantaggio competitivo in un settore dove efficienza e rapidità sono cruciali.
Inoltre, l’integrazione dell’AI rappresenta un passo strategico per affrontare le sfide future della mobilità. Le tecnologie di intelligenza artificiale sono infatti alla base della guida autonoma, della personalizzazione dei servizi a bordo e dell’analisi predittiva dei dati dei veicoli.
Puntando su queste innovazioni, Volkswagen mira non solo a contenere i costi, ma anche a rafforzare il proprio posizionamento come leader nella transizione verso un ecosistema di mobilità più intelligente, sicuro e sostenibile.
L'articolo Volkswagen punta sull’intelligenza artificiale: un miliardo di euro per ridurre le spese proviene da il blog della sicurezza informatica.
