When you think of a US Nuclear accident, you probably think of Three Mile Island. However, there have been over 50 accidents of varying severity in the US, with few direct casualties. (No one died directly from the Three Mile Island incident, although there are some studies that show increased cancer rates in the area.)
Indeed, where there are fatalities, it hasn’t been really related to the reactor. Take the four people who died at the Surry Nuclear Power Plant accident: they were killed when a steam pipe burst and fatally scalded them. At Arkansas Nuclear One, a 525-ton generator was being moved, the crane failed to hold it, and one person died. That sort of thing could happen in any kind of industrial setting.
But one incident that you have probably never heard of took three lives as a direct result of the reactor. True, it was a misuse of the reactor, and it led to design changes to ensure it can’t happen again. And while the incident was nuclear-related, the radiation didn’t kill them, although it probably would have if they had survived their injuries.
Background
The large cylinder housed the SL-1 reactor. The picture is from some time before the accident (public domain). It may be a misattribution, but it is often said that Napoleon said something like, “An army marches on its stomach.” A modern army might just as well march on electrical power. So the military has a keen interest in small nuclear reactors to both heat sites in cold climates and generate electricity when in remote locations or in, as they like to call it, denied areas.
In the mid-1950s, the Army tasked Argonne National Laboratory to prototype a small reactor. They wanted it portable, so it had to break down to relatively small pieces, if you consider something weighing 10 tons as small, and could be set up in the field.
The resulting prototype was the Stationary Low-Power Reactor Number One, known as SL-1, operated by the Army in late 1958. It could provide about 400 kW of heating or 200 kW of electricity. The reactor core was rated for 3 MW (thermal) but had been tested at 4.7 MW a few times. It would end operations due to an accident in 1961.
Design
Sketch of the reactor internals (public domain). The reactor was a conventional boiling-water reactor design that used natural circulation of light water as both coolant and moderator. The fuel was in the form of plates of a uranium-aluminum alloy.
The reactor was inside a 48-foot-tall cylinder 38.5 feet in diameter. It was made of quarter-inch plate steel. Because the thing was in the middle of nowhere in Idaho, this was deemed sufficient. There was no containment shell like you’d find on reactors nearer to population centers.
The reactor, at the time of the accident, had five control rods, although it could accommodate nine. It could also hold 59 fuel assemblies, but only 40 were in use. Because of the reduced number of fuel plates, the reactor’s center region was more active than it would have been under full operation. The rods were eight in a circle with four dummies and a ninth one in the center. Because of the missing outer rods, the center control rod was more critical than the four others.
The Accident
In January of 1961, the reactor had been shut down for 11 days over the holiday. In preparation for restarting, workers had to reconnect the rods to their drive motors. The procedure was to pull the rod up four inches to allow the motor attachment. Cutaway of the SL-1 and the control building (public domain). There were three workers: Specialist Richard McKinley, Specialist John Byrnes, and a Navy Seabee Electrician First Class Richard Legg. Legg was in charge, and McKinley was a trainee.
From a post-accident investigation, they are fairly sure that Byrnes inexplicably pulled the center rod out 20 inches instead of the requisite four inches. The reactor went prompt critical, and, in roughly four milliseconds, the 3 MW core reached 20 GW. There wasn’t enough time for sufficient steam to form to trigger the safeties, which took 7.5 milliseconds.
The extreme heat melted the fuel, which explosively vaporized. The reactor couldn’t dissipate so much heat so quickly, and a pressure wave of about 10,000 pounds hit the top of the reactor vessel. The 13-ton vessel flew up at about 18 miles an hour, and plugs flew out, allowing radioactive boiling water and steam to spray the room. At about nine feet, it collided with the ceiling and a crane and fell back down. All this occurred in about two seconds.
As you might imagine, you didn’t want to be in the room, much less on top of the reactor. Two of the operators were thrown to the floor. Byrnes’ fall causes his rib to fatally pierce his heart. McKinley was also badly injured but only survived for about two hours after the accident. Legg was found dead and stuck to the ceiling, an ejected shield plug impaling him.
Why?
Actual photo of the destroyed reactor taken by a camera on the end of a crane. You can place a lot of blame here. Of course, you probably shouldn’t have been able to pull the rod up that far, especially given that it was carrying more of the load than the other rods. The contractor that helped operate the facility wasn’t available around the clock due to “budget reasons.” There’s no way to know if that would have helped, of course.
But the real question is: why did they pull the rod up 20 inches instead of four? We may never know. There are, of course, theories. Improbably, people have tried to explain it as sabotage or murder-suicide due to some dispute between Byrnes and one of the other men. But that doesn’t seem to be the most likely explanation.
Apparently, the rods sometimes stuck due to misalignment, corrosion, or wear. During a ten-month period, for example, about 2.5% of the drop-and-scram tests failed because of this sticking: a total of 40 incidents. However, many of those causes only apply when the rods are automatically moved. Logbooks showed that manual movement of the rods had been done well over 500 times. There was no record of any sticking during manual operations. Several operators were asked, and none could recall any sticking. However, the rate of sticking was increasing right before the incident, just not from manual motion.
However, it is easy to imagine the 48-pound rod being stuck, pulling hard on it, and then having it give way. We’ve all done something like that, just not with such dire consequences.
Aftermath
First responders had a difficult time with this incident due to radiological problems. There had been false alarms before, so when six firefighters arrived on the scene, they weren’t too concerned. But when they entered the building, they saw radiation warning lights on and their radiation detectors pegged.
Even specialized responders with better equipment couldn’t determine just how much radiation was there, except for “plenty.” Air packs were fogging, limiting visibility. During the rescue of McKinley, one rescuer had to remove a defective air pack and breathe contaminated air for about three minutes. Freeing Legg’s body required ten men working in pairs, because each team could only work in the contaminated zone for 65 seconds. The rule had been that you could tolerate 100 Röntgens (about 1 Sv or 100 rem) to save a life and 25 (0.25 Sv or 25 rem) to save valuable property. Of the 32 people involved in the initial response, 22 received between 3 and 27 Röntgens exposure. Further, 790 people were exposed to harmful radiation levels during the subsequent cleanup.
The reactor building did prevent most of the radioactive material from escaping, but iodine-131 levels in some areas reached about 50 times normal levels. The remains of the site are buried nearby, and that’s the source of most residual radiation.
Lessons Learned
Unsurprisingly, the SL-1 design was abandoned. Future designs require that the reactor be safe even if one rod is entirely removed: the so-called “one stuck rod” rule. This also led to stricter operating procedures. What’s more, it is now necessary to ensure emergency responders have radiation meters with higher ranges. Regulations are often written in blood.
The Atomic Energy Commission made a film about the incident for internal use but, of course, now, you can watch it from your computer, below.
You might also enjoy this presentation by one of the first responders who was actually there, which you can see below. If you want a more detailed history, check out Chapters 15 and 16 of [Susan M. Stacy’s] book “Proving the Principle” that you can read online.
La base militare di Amendola torna al centro dello scenario internazionale con Falcon strike 2025, l’esercitazione che riunisce le principali forze aeree della Nato per testare le capacità operative in contesti di alta complessità. Pensata come laboratorio di integrazione tra tecnologie e strategie,
US Army Tells Soldiers to Go to German Food Bank, Then Deletes It
A US Army website for its bases in Bavaria, Germany published a list of food banks in the area that could help soldiers and staff as part of its “Shutdown Guidance,” the subtext being that soldiers and base employees might need to obtain free food from German government services during the government shutdown.
The webpage included information about which services are affected by the ongoing shutdown of the federal government, FAQs about how to work during a furlough, and links to apply for emergency loans. After the shutdown guidance’s publication, the Army changed it and removed the list of food banks, but the original has been archived here. playlist.megaphone.fm?p=TBIEA2… The shutdown of the American federal government is affecting all its employees, from TSA agents to the troops, and the longer people go without paychecks, the more they’re turning to nonprofits and other services to survive. American military bases are like small cities with their own communities, stores, and schools. The US Army Garrison Bavaria covers four bases spread across the German state of Bavaria and is one of the largest garrisons in the world, hosting around 40,000 troops and civilians.
Like many other American military websites, the Garrison’s has stopped updating, but did publish a page of “Shutdown Guidance” to help the people living on its bases navigate the shutdown. At the very bottom of the page there was a “Running list of German support organizations for your kit bags” that included various local food banks. It listed Tafel Deutschland, which it called an “umbrella organization [that] distributes food to people in poverty through its more than 970 local food banks,” Foodsharing e.V, and Essen für Alle (Food for everyone). Image via the Wayback Machine. The guidance also provided a link to the German version of the Too Good to Go App, which it described as a service that sells surprise bags of food to reduce food waste. “These bags contain unsellable but perfectly good food from shops, cafés, and restaurants, which can be picked up at a reduced price. To obtain one of these bags, it must be reserved in the app and picked up at the store during a specified time window, presenting the reservation receipt in the app,” the US Army Garrison Bavaria’s shutdown guidance page said.
According to snapshots on the Wayback Machine, the list of food banks was up this morning but was removed sometime in the past few hours. The US Army Garrison Bavaria did not respond to 404 Media’s request for comment about the inclusion of the food banks on its shutdown guidance page.
The White House has kept paying America’s troops during the shut down, but not without struggle. At the end of October, the Trump administration accepted a $130 million donation from the billionaire Timothy Mellon to help keep America’s military paid. Though initially anonymous, The New York Times revealed Mellon’s identity. This donation only covered some of the costs,, however, and the White House has had to move money between accounts to keep the cash flowing to its troops.
But the US military isn’t just its soldiers, sailors, Marines, Guardians, and airmen. Every military base is staffed by thousands of civilian workers, many of them veterans, who do all the jobs that keep a base running. In Bavaria, those workers are a mix of German locals and Americans. The German government has approved a $50 million support package to cover the paychecks of its citizens affected by the shutdown. Any non-troop American working on those military bases is a federal employee, however, and they aren’t getting paid at all.
If the paychecks are delivered, it would be the second time the White House has avoided missing a pay period for troops during the shutdown, now in its 30th day.
Forza, voglio vedere chi è il primo delle persone che seguo a commentare l'arresto di Al Masri con qualcosa tipo "in Libia sì che rispettano il Diritto mica come qui da noi".
There are various CAD challenges out there that come with bragging rights. Some, like the Certified Solid Works Professional Exam (CWSP) might actually look good on a resume. [Deltahedra] is apparently not too interested in padding his resume, nor does he have much interest in SolidWorks, and so decided to conquer the CWSP with FreeCAD in the name of open source — and to show us all how he did it.
Because these CAD exams are meant to show your chops with the program, the resulting video makes an awesome FreeCAD tutorial. Spoiler alert: he’s able to model the part, though it takes him about 15 minutes. After modeling the part, the CWSP exam needs you to find the mass of the part, which [Deltahedra] does with the FCInfo macro — which, of course, he shows us how to install and use. The second and third questions are similar: change some variables (it is a parametric modeling software, after all) and find the new mass. In a second exercise, he needs to modify the model according to a new drawing. Modifying existing models can sometimes be more difficult than creating them, but [Deltahedra] and FreeCAD pass with flying colors once again.
If you’re at all curious about what FreeCAD can do, this video is a really impressive demonstration of FreeCAD’s part modeling workbench. We’ve had a few FreeCAD guides of our on on Hackaday, like this one on reverse engineering STLs and this one on best practices in the software, but if you’d asked us before the release of v1.0 we’d never have guessed you could use it for a SolidWorks exam in 2025. So while there are kudos due to [Deltahedra], the real accolades belong to the hardworking team behind FreeCAD that has brought it this far. Bravo!
Un’allerta urgente è stata diramata da Microsoft per gli utenti del sistema operativo Windows, in merito ad una problematica potenziale che, a partire dagli aggiornamenti di sicurezza distribuiti il 14 ottobre 2025, potrebbero causare l’avvio in alcuni dispositivi della schermata di ripristino BitLocker.
L’avviso sottolinea che non sono interessate le edizioni server, limitando l’ambito di applicazione agli ambienti client consumer e aziendali. Il problema riguarda tre piattaforme client chiave: Windows 11 versione 25H2 e 24H2, entrambe collegate all’articolo di origine della knowledge base KB5066835, e Windows 10 versione 22H2 nell’articolo KB5066791.
Una indagine approfondita è in corso da parte di Microsoft su specifiche versioni client di Windows, con un impatto soprattutto sui sistemi Intel-based che dispongono della funzione Connected Standby. Questa particolare opzione di risparmio energetico, permette ai dispositivi di rimanere connessi durante fasi di ridotto consumo di energia.
Sembra che i processori Intel dotati di supporto Connected Standby siano particolarmente esposti, in quanto la persistenza di rete propria di questa funzione potrebbe interferire con le procedure di avvio successive agli aggiornamenti. Gli aggiornamenti, volti a risolvere vulnerabilità critiche e a migliorare la stabilità del sistema, hanno inavvertitamente causato l’attivazione del comportamento di BitLocker sui dispositivi hardware compatibili.
Nonostante il problema non incida sulla sicurezza dei dati, può causare un’interruzione dei flussi di lavoro degli utenti, in quanto può essere necessario inserire la chiave di ripristino di BitLocker una volta al riavvio. Gli utenti coinvolti potrebbero essere tenuti a visualizzare la richiesta di ripristino durante l’avvio o nei riavvii successivi agli aggiornamenti, stando a quanto riportato nella documentazione sullo stato di salute delle versioni di Windows di Microsoft.
Una volta fornita la chiave, il dispositivo, dovrebbe riprendere il normale funzionamento senza ulteriori interruzioni. Questo modalità di ripristino è dovuto alle interazioni tra gli aggiornamenti e i meccanismi di crittografia di BitLocker, sebbene Microsoft non abbia ancora specificato la causa esatta.
Gli utenti possono fare riferimento ai tracker dei problemi di Microsoft, come WI1183025 per Windows 11 25H2, WI1183026 per 24H2 e WI1183027 per Windows 10 22H2, tramite il portale Windows Release Health per conoscere lo stato più recente.
Microsoft consiglia alle organizzazioni interessate di applicare un Known Issue Rollback (KIR) per aggirare il problema. Questo strumento di mitigazione, descritto in dettaglio nel blog IT Pro dell’azienda, richiede di contattare il Supporto Microsoft per le aziende per l’implementazione a livello aziendale.
I singoli utenti devono assicurarsi di avere a portata di mano le chiavi di ripristino di BitLocker, solitamente archiviate negli account Microsoft o stampate durante la configurazione, per evitare tempi di inattività prolungati.
I risultati approvati dal Consiglio di Amministrazione di Leonardo confermano la traiettoria di crescita e la solidità del gruppo lungo le direttrici del Piano Industriale 2025-2029. Nei primi nove mesi dell’anno, il colosso italiano dell’aerospazio e della difesa ha registrato un
@Informatica (Italy e non Italy 😁) È stato rilasciato l’Android Security Bulletin per il mese di novembre 2025: al suo interno, gli aggiornamenti per due vulnerabilità, di cui una di esecuzione remota del codice classificata come critica. Ecco i dettagli e i consigli per mettere in sicurezza
“La Charta resta una bussola che orienta il cammino ecumenico. La sua versione aggiornata è un ulteriore incoraggiamento a proseguire sulla strada intrapresa e ci conferma nella scelta di rinsaldare il rapporto di conoscenza, amicizia e accoglienza t…
When you hear it said that “Modern steel is disposable by design”, your ears perk up, as you just caught the unmistakable sound of faux romanticism along with ‘lost ancient technology‘ vibes. Although it happens sometimes that we did lose something important, as with for example the ancient Roman concrete that turns out to have self-healing properties as a result of so-called hot mixing, this is decidedly an exception.
We nearly lost that technology because of the technological and scientific bonfire that was the prelude to a thousand years of darkness over Europe: called the Dark Ages, Middle Ages as well as the medieval period. Thus when you come across a slideshow video with synthesized monotonal voice-over which makes the bold claim that somehow medieval iron was superior and today’s metallurgy both worse and designed to break, you really have to do a spit-take. The many corrections in the comment section further reinforces the feeling that it’s more slop than fact.
One of the claims made is that the bloomery furnace beats the blast furnace, due to beneficial additives to the iron. Considering that the video cites its sources, it’s at least worthy of a dive into the actual science here. Are modern iron and steel truly that inferior and disposable?
The Iron Age
Han Dynasty iron sickle and plow. (Credit: Gary Todd, Wikimedia) The Iron Age is defined as the point when a civilization begins to mass-produce tools and weapons made from processed iron ore rather than just the use of found meteoric iron. What makes this such a telling technological moment is because in order to smelt iron, you need to have a furnace capable of generating temperatures around 1,250 °C. The transition between the easier to process bronze and superior iron took place between 1,200 and 1,100 BCE in Europe, along with much of Asia, in particular India and China.
Processing iron ore to turn it into any of the types of iron alloys possible can be done in a variety of ways, with direct reduction through smelting commonly being used throughout history, alongside blast furnaces. These latter became the most common approach in the 20th century, using a two-stage process involving refining in a converter. Electric arc furnaces can take both the pig iron from blast furnaces and scrap metal as input. Regardless of the method used, the iron ore has to have its impurities removed or reduced to the desired levels for the target alloy. Bloomery smelting during the Middle Ages, as depicted in the De Re Metallica by Georgius Agricola, 1556 (Source: Wikimedia) Pig iron is the output of blast furnaces and can be used for cast iron when melted. This is different from the wrought iron, which traditionally was produced using the output from a bloomery. This is a type of metallurgical furnace capable of smelting iron ore. Using direct reduction with a reduction gas like carbon monoxide, methane or hydrogen, it produces direct reduced iron, also called sponge iron, with the intended reduction in carbon content. This can then be processed by a blacksmith into wrought iron products.
Blast furnaces also provide this carbon reduction, using coke or hydrogen as the redox agent, but as a continuous process the resulting pig iron has a carbon content of 3.8 – 4.7% compared to the higher purity of direct reduced iron that puts it on the level of scrap steel.
Currently blast furnaces and electric arc furnaces offer the most economical way to produce large amounts of steel. Modern direct reduction furnace types have been developed that while not directly competitive have certain advantages, such as being able to process certain ore types that blast furnaces struggle with.
That said, China in particular focused significantly on blast furnaces, with no significant use of bloomeries, but instead the use of finery forges to refine the pig iron from their blast furnaces. By using water power, the blast furnaces could produce massive amounts of pig iron, giving China a significant advantage over medieval Europe.
Archaeometallurgy
The Iron pillar of Delhi, erected around 400 CE. (Credit: Sujit Kumar, Wikimedia) So how did medieval iron alloys differ from that during the early days of the Iron Age in Europe and China, never mind during the technological boom of the ancient Roman Empire? Unsurprisingly the Early Middle Ages (500 – 1000 CE) saw mostly a sharp decline in mining and metallurgy that took until the High Middle Ages (11th to 13th centuries) to begin to recover and the Late Middle Ages to see a strong push for innovation. This was however not an easy period, as famine, war and pestilence kept ravaging economies and its people. Compared to the relative peace and structured society of the Roman times, things couldn’t have been more different.
The study of metallurgy from a historical context is called archaeometallurgy, which focuses on observable evidence such as slag and similar residues left over at former furnace and blacksmithing sites, as well as found metal artefacts. This latter aspect of found artefacts bears reminding, as these include the iron objects that survived often being buried for hundreds if not thousands of years. This risks indulging in survivorship bias, as we do not recover iron artefacts that did rust away, nor those that were tossed with other scrap metal into a furnace.
The iron pillar of Delhi is one such example. This six-ton, 7.21 m tall behemoth has drawn significant attention for its lack of corrosion despite having been exposed to the elements for more than a thousand years. After study of this pillar and other examples of Indian iron from roughly the same era, the levels of phosphor (P) were implicated in the formation of a corrosion resistant hydrate layer, as summarized in a 2000 article by R. Balasubramaniam in Corrosion Science. This is however a relatively thin and fragile layer. Before a protective cage was added, the constant touching of visitors would affect this layer, explaining why its bottom is rather rusty.
What this does however highlight is the importance of a passivation element in iron alloys to enable some level of corrosion resistance by preventing or slowing down the oxidation process. This, combined with environmental factors such as dry air and a low-oxygen environment can be key to the survival of an iron object. Spanish medieval gilded spur. 13th – 15th century as found (a) and preserved (b) (Credit: Marco Veneranda et al., 2016) In the case of modern stainless steel, this passivation is provided primarily by chromium which helps form a protective layer. As pre-Industrial Revolution iron alloys tended to have significant amounts of slag and other contaminants embedded in them, this provided enough opportunities for such a passivation layer to be formed.
A good study subject when it comes to medieval iron can be found in the surviving medieval structures, which are primarily churches and cathedrals. These have iron reinforcements that are exposed to various environments, ranging from an dry indoor climate to ones more conducive to corrosion. In a study of these iron rebars in the 13th century Bourges’ Cathedral attic, including a broken one, it was found that they were decidedly rusting away and that even these primarily indoor rebars need special preservation techniques to keep them from eventually failing.
During an excavation in a medieval necropolis in Spain, a gilded spur was uncovered. This was used for an experimental archaeological analysis method, detailing just how far this gilded, medieval iron object was decayed. While the gold layer provided some protection against corrosion, eventually moisture and oxygen managed to make its way past this layer and over the course of a few hundred years much of the spur decayed to the point where it was largely falling apart.
Modern Age
Although it’s tempting to hold modern day in contempt and indulge in romanticism of a past that never was, the fact of the matter is that these days we have ways to analyze and manipulate iron and other alloys in ways that the ancient Romans and medieval metallurgists could only dream of. While they had extensive institutional knowledge based on empirical findings, we can use methods like Raman spectroscopy to prod molecules to determine their identity and electron microscopes to find out their structure.
Whereas for ancient Roman concrete we can definitely state that it’s better in certain ways than the concrete we have been using since the Industrial Revolution, there we have the hard to miss evidence of Roman concrete structures like ancient seawalls and the Pantheon in Rome seemingly oblivious to the elements and weather of the past two thousand-odd years.
As far as miraculous ancient iron goes, there are definitely a few oddities out there like certain types of Indian iron, and using modern metallurgy we should definitely do our utmost to understand the materials science behind their longevity. That said, modern metallurgy is already pretty good. If your tools are rusting away, or your stainless steel car is taking on a disquieting orange sheen, you probably should have picked that 304 stainless steel instead of cheapening out with a 200-series or 301 stainless steel. We have the technology.
Come possono gli editori proteggersi dai browser “intelligenti” dotati di intelligenza artificiale se hanno l’aspetto di utenti normali? L’emergere di nuovi browser “intelligenti” basati sull’intelligenza artificiale sta mettendo in discussione i metodi tradizionali di protezione dei contenuti online.
Il browser Atlas di OpenAI, recentemente rilasciato, così come Comet di Perplexity e la modalità Copilot di Microsoft Edge, stanno diventando strumenti in grado di fare molto più che visualizzare pagine web: svolgono attività in più fasi, ad esempio raccogliendo informazioni di calendario e generando briefing per i clienti basati sulle notizie.
Le loro capacità stanno già ponendo serie sfide agli editori che cercano di limitare l’uso dell’intelligenza artificiale nei loro contenuti. Il problema è che tali browser sono esteriormente indistinguibili dagli utenti normali.
Quando Atlas o Comet accedono a un sito, vengono identificati come sessioni standard di Chrome, non come crawler automatici. Questo li rende impossibili da bloccare utilizzando il protocollo di esclusione dei robot, poiché bloccare tali richieste potrebbe contemporaneamente impedire l’accesso agli utenti normali. Il rapporto “State of the Bots” di TollBit osserva che la nuova generazione di visitatori AI è “sempre più simile a quella umana”, rendendo più impegnativo il monitoraggio e il filtraggio di tali agenti.
Un ulteriore vantaggio per i browser basati sull’intelligenza artificiale è il modo in cui sono strutturati gli abbonamenti a pagamento moderni. Molti siti web, tra cui MIT Technology Review, National Geographic e il Philadelphia Inquirer, utilizzano un approccio lato client: l’articolo viene caricato per intero ma viene nascosto dietro una finestra pop-up che offre un abbonamento. Mentre il testo rimane invisibile agli esseri umani, è accessibile all’intelligenza artificiale. Solo i paywall lato server, come quelli di Bloomberg o del Wall Street Journal, nascondono in modo affidabile i contenuti fino a quando l’utente non effettua l’accesso. Tuttavia, se l’utente ha effettuato l’accesso, l’agente di intelligenza artificiale può leggere liberamente l’articolo per suo conto. OpenAI Atlas ha ricevuto il testo completo di un articolo esclusivo per gli abbonati da MIT Technology Review (CJR).
Durante i test, Atlas e Comet hanno estratto facilmente il testo completo delle pubblicazioni classificate del MIT Technology Review, nonostante le restrizioni imposte da crawler aziendali come OpenAI e Perplexity.
In un caso, Atlas è anche riuscito a riassemblare un articolo bloccato di PCMag combinando informazioni provenienti da altre fonti, come tweet, aggregatori e citazioni di terze parti. Questa tecnica, soprannominata “digital breadcrumb”, è stata precedentemente descritta dallo specialista di ricerca online Henk van Ess.
OpenAI afferma che i contenuti visualizzati dagli utenti tramite Atlas non vengono utilizzati per addestrare i modelli, a meno che non sia abilitata la funzione “Memorie del browser”. Tuttavia, “ChatGPT ricorderà i dettagli chiave delle pagine visualizzate”, il che, come ha osservato Jeffrey Fowler, editorialista del Washington Post, rende l’informativa sulla privacy di OpenAI confusa e incoerente. Non è ancora chiaro in che misura l’azienda utilizzi i dati ottenuti tramite contenuti a pagamento.
Si osserva un approccio decisamente selettivo: Atlas evita di contattare direttamente i siti web che hanno intentato cause legali contro OpenAI , come il New York Times, ma cerca comunque di aggirare il divieto compilando un riassunto dell’argomento da altre pubblicazioni – The Guardian, Reuters, Associated Press e il Washington Post – che hanno accordi di licenza con OpenAI. Comet, al contrario, non mostra tale moderazione.
Questa strategia trasforma l’agente artificiale in un intermediario che decide quali fonti sono considerate “accettabili”. Anche se l’editore riesce a bloccare l’accesso diretto, l’agente sostituisce semplicemente l’originale con una versione alternativa degli eventi. Questo altera la percezione stessa dell’informazione: l’utente riceve non un articolo, ma un’interpretazione generata automaticamente.
I browser basati sull’intelligenza artificiale non hanno ancora raggiunto un’ampia diffusione, ma è già chiaro che le barriere tradizionali come i paywall e il blocco dei crawler non sono più efficaci. Se tali agenti dovessero diventare il mezzo principale per leggere le notizie, le case editrici dovranno trovare nuovi meccanismi per garantire la trasparenza e il controllo su come i loro contenuti vengono utilizzati dall’intelligenza artificiale.
Google ha emesso un avviso urgente riguardante una vulnerabilità critica in Android che consente agli aggressori di eseguire codice arbitrario sul dispositivo senza alcuna interazione da parte dell’utente. La vulnerabilità Zero Click è stata scoperta in componenti di sistema del sistema operativo e descritta nel Bollettino sulla sicurezza Android di novembre 2025.
La vulnerabilità, identificata come CVE-2025-48593, è considerata una delle più pericolose degli ultimi anni. Colpisce diverse versioni dell’Android Open Source Project (AOSP), dalla 13 alla 16, e può essere sfruttata per l’esecuzione di codice remoto ( RCE ) senza richiedere privilegi aggiuntivi o azioni da parte del proprietario del dispositivo.
Google stima che gli aggressori possano sfruttare il bug inviando pacchetti di rete appositamente creati o distribuendo app dannose tramite store di terze parti e installazioni sideloaded. Un attacco riuscito consente l’accesso completo al dispositivo, inclusa la possibilità di rubare dati, installare ransomware o trasformare lo smartphone in un componente botnet. Il problema è stato registrato internamente con l’ID bug Android A-374746961 ed è già stato risolto nelle ultime build di AOSP.
La vulnerabilità deriva da una gestione impropria dei processi di sistema, che consente l’iniezione di codice arbitrario durante le normali operazioni, ad esempio durante l’avvio di app o la sincronizzazione dei dati in background. I ricercatori osservano che i sintomi della vulnerabilità sono simili a quelli di precedenti episodi di danneggiamento della memoria utilizzati per aumentare i privilegi sul dispositivo.
Il bollettino identifica anche un’altra vulnerabilità, il CVE-2025-48581. È classificata come vulnerabilità di escalation dei privilegi (EoP) di gravità elevata ed è presente anche nel componente di sistema. A differenza dell’RCE, lo sfruttamento richiede un accesso preventivo al sistema, ma consente a un’applicazione di ottenere il controllo non autorizzato di funzioni sensibili del dispositivo.
I dispositivi con Android 10 e versioni successive potranno ricevere aggiornamenti di sicurezza, ma i possessori di modelli precedenti rischiano di rimanere senza protezione se i produttori ritardano il rilascio delle patch. Google consiglia a tutti gli utenti di verificare la presenza di aggiornamenti il prima possibile tramite Impostazioni > Sistema > Aggiornamento di sistema e di impostare il livello di patch di sicurezza al 2025-11-01, che risolve completamente questi problemi.
L’azienda sottolinea che non sono stati ancora registrati exploit attivi, ma la natura della vulnerabilità la rende particolarmente pericolosa per il governo e le personalità pubbliche, che sono spesso bersaglio di attacchi mirati.
La frammentazione di Android rimane un problema chiave nell’ecosistema, rendendo le risposte tempestive dei produttori fondamentali per la protezione degli utenti. Gli esperti raccomandano di abilitare gli aggiornamenti automatici ed evitare di installare app da fonti non attendibili: questo rimane il modo più affidabile per ridurre al minimo i rischi in un contesto di crescente minaccia per dispositivi mobili.
Allontanato dalla testata per cui si lavora per aver fatto una domanda scomoda durante una conferenza stampa. È quello che è accaduto a Gabriele Nunziati collaboratore dell’Agenzia Nova da Bruxelles. La colpa del collega è stata chiedere alla portavoce della Commissione dell’UE Paola Pinho se ritenesse che anche Israele a Gaza, come la Russia in Ucraina, dovesse farsi carico della ricostruzione. Pinho ha risposto con un imbarazzato no comment, rimbalzato sui social. Imbarazzo condiviso dall’editore di Nova Fabio Squillante, che ha interrotto il rapporto di collaborazione con Nunziati, cui va tutta la solidarietà di Stampa Romana. È un episodio gravissimo di lesione dell’autonomia professionale, che evidenzia ancora una volta la necessità di maggiori garanzie contrattuali per i collaboratori, i più esposti a pressioni e ingerenze.
Una mostra per prepararsi al viaggio del Santo Padre a Nicea. Si chiama “Luce da luce. Nicea 1700 anni dopo” e verrà presentata domani, 6 novembre, alle 12 presso la Sala Marconi (Piazza Pia, 3).
What’s the Difference Between AI Glasses and an iPhone? A Helpful Guide for Meta PR
Over the last few months 404 Media has covered some concerning but predictable uses for the Ray-Ban Meta glasses, which are equipped with a built-in camera, and for some models, AI. Aftermarket hobbyists have modified the glasses to add a facial recognition feature that could quietly dox whatever face a user is looking at, and they have been worn by CBP agents during the immigration raids that have come to define a new low for human rights in the United States. Most recently, exploitative Instagram users filmed themselves asking workers at massage parlors for sex and shared those videos online, a practice that experts told us put those workers’ lives at risk.
404 Media reached out to Meta for comment for each of these stories, and in each case Meta’s rebuttal was a mind-bending argument: What is the difference between Meta’s Ray-Ban glasses and an iPhone, really, when you think about it?
“Curious, would this have been a story had they used the new iPhone?” a Meta spokesperson asked me in an email when I reached out for comment about the massage parlor story.
Meta’s argument is that our recent stories about its glasses are not newsworthy because we wouldn’t bother writing them if the videos in question were filmed with an iPhone as opposed to a pair of smart glasses. Let’s ignore the fact that I would definitely still write my story about the massage parlor videos if they were filmed with an iPhone and “steelman” Meta’s provocative argument that glasses and a phone are essentially not meaningfully different objects.
Meta’s Ray-Ban glasses and an iPhone are both equipped with a small camera that can record someone secretly. If anything, the iPhone can record more discreetly because unlike Meta’s Ray-Ban glasses it’s not equipped with an LED that lights up to indicate that it’s recording. This, Meta would argue, means that the glasses are by design more respectful of people’s privacy than an iPhone.
Both are small electronic devices. Both can include various implementations of AI tools. Both are often black, and are made by one of the FAANG companies. Both items can be bought at a Best Buy. You get the point: There are too many similarities between the iPhone and Meta’s glasses to name them all here, just as one could strain to name infinite similarities between a table and an elephant if we chose to ignore the context that actually matters to a human being.
Whenever we published one of these stories the response from commenters and on social media has been primarily anger and disgust with Meta’s glasses enabling the behavior we reported on and a rejection of the device as a concept entirely. This is not surprising to anyone who has covered technology long enough to remember the launch and quick collapse of Google Glass, so-called “glassholes,” and the device being banned from bars.
There are two things Meta’s glasses have in common with Google Glass which also make it meaningfully different from an iPhone. The first is that the iPhone might not have a recording light, but in order to record something or take a picture, a user has to take it out of their pocket and hold it out, an awkward gesture all of us have come to recognize in the almost two decades since the launch of the first iPhone. It is an unmistakable signal that someone is recording. That is not the case with Meta’s glasses, which are meant to be worn as a normal pair of glasses, and are always pointing at something or someone if you see someone wearing them in public.
In fact, the entire motivation for building these glasses is that they are discreet and seamlessly integrate into your life. The point of putting a camera in the glasses is that it eliminates the need to take an iPhone out of your pocket. People working in the augmented reality and virtual reality space have talked about this for decades. In Meta’s own promotional video for the Meta Ray-Ban Display glasses, titled “10 years in the making,” the company shows Mark Zuckerberg on stage in 2016 saying that “over the next 10 years, the form factor is just going to keep getting smaller and smaller until, and eventually we’re going to have what looks like normal looking glasses.” And in 2020, “you see something awesome and you want to be able to share it without taking out your phone.” Meta's Ray-Ban glasses have not achieved their final form, but one thing that makes them different from Google Glass is that they are designed to look exactly like an iconic pair of glasses that people immediately recognize. People will probably notice the camera in the glasses, but they have been specifically designed to look like "normal” glasses.
Again, Meta would argue that the LED light solves this problem, but that leads me to the next important difference: Unlike the iPhone and other smartphones, one of the most widely adopted electronics in human history, only a tiny portion of the population has any idea what the fuck these glasses are. I have watched dozens of videos in which someone wearing Meta glasses is recording themselves harassing random people to boost engagement on Instagram or TikTok. Rarely do the people in the videos say anything about being recorded, and it’s very clear the women working at these massage parlors have no idea they’re being recorded. The Meta glasses have an LED light, sure, but these glasses are new, rare, and it’s not safe to assume everyone knows what that light means.
As Joseph and Jason recently reported, there are also cheap ways to modify Meta glasses to prevent the recording light from turning on. Search results, Reddit discussions, and a number of products for sale on Amazon all show that many Meta glasses customers are searching for a way to circumvent the recording light, meaning that many people are buying them to do exactly what Meta claims is not a real issue.
It is possible that in the future Meta glasses and similar devices will become so common that most people will understand that if they see them, they would assume they are being recorded, though that is not a future I hope for. Until then, if it is all helpful to the public relations team at Meta, these are what the glasses look like: And this is what an iPhone looks like: Photo by Bagus Hernawan / Unsplash Feel free to refer to this handy guide when needed.
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
“La terra non è un possesso, ma un dono. Essa ci precede e ci sarà tolta. È madre che nutre, non materia da sfruttare. Chi la coltiva con rispetto e sapienza partecipa all’opera creatrice di Dio e contribuisce alla pace tra gli uomini”.
L’Associazione Stampa Romana è al fianco di Giuseppe Bascietto, collega da sempre impegnato nell’attività di inchiesta sulla mafia che opera a Vittoria. Per lui da ieri sono state disposte dalle autorità di Ragusa misure di protezione personale. Bascietto si era recentemente occupato dei rapporti tra la criminalità organizzata siciliana e quella albanese e aveva ricevuto gravi minacce. Stampa Romana auspica che si concluda al più presto la procedura per garantire a Bascietto la tutela delle forze dell’ordine anche a Roma, città dove vive e lavora. La Segreteria dell’ASR
“Il compito principale di chi opera presso i Centri di ascolto è quello, delicatissimo, di essere il volto accogliente della Chiesa di fronte a persone che hanno subito abusi o che intendono segnalare abusi in ambito ecclesiale”.
Today, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) voted in favour of a new Europol Regulation, part of the EU’s so-called Facilitators Package, despite widespread warnings from civil society and the European Data Protection Supervisor. The vote was voted for by 59 MEPs, whilst 10 voted against and 4 abstained.
“Un momento di confronto e aggiornamento tra studiosi, restauratori e istituzioni, volto a ridefinire le prospettive di ricerca sui sarcofagi cristiani antichi, nella convinzione che la loro conoscenza resti fondamentale per comprendere la cultura fi…
Podcast: People Are Modding Meta Ray-Bans to Spy On You
We have something of a Meta Ray-Bans smart glasses bumper episode this week. We start with Joseph and Jason’s piece on a $60 mod that disables the privacy-protecting recording light in the smart glasses. After the break, Emanuel tells us how some people are abusing the glasses to film massage workers, and he explains the difference between a phone and a pair of smartglasses, if you need that spelled out for you. In the subscribers-only section, Jason tells us about the future of advertising: AI-generated ads personalized directly to you. playlist.megaphone.fm?e=TBIEA8… Listen to the weekly podcast on Apple Podcasts,Spotify, or YouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.
Tech News Podcast · Updated Weekly · Welcome to the podcast from 404 Media where Joseph, Sam, Emanuel, and Jason catch you up on the stories we published this week. 404 Media is a journalist-owned digital media company exploring the way …
Un calendario dell’Avvento in due versioni - cartacea e digitale - per accompagnare i fedeli verso il Natale con volti, parole e storie di vita vera: è la proposta del Servizio per la promozione del sostegno economico alla Chiesa cattolica, nell’ambi…
WELCOME BACK TO DIGITAL POLITICS. I'm Mark Scott, and have partnered with YouGov and Microsoft for a dinner in Brussels on Dec 10 to recap the digital policymaking highlights of 2025 and to look ahead to what is in store for next year.
If you would like to attend, please let me know here. The event will include exclusive insight from YouGov on Europeans' attitudes toward technology. Spaces are limited, so let me know asap.
— November will again show how much the European Union is split over the bloc's strategy toward technology.
— The annual climate change talks begin in Brazil on Nov 10. The tech industry's impact has gone from bad to worse.
— Big Tech firms have massively increased their spending on tech lobbying within the EU institutions. Here are the stats.
Let's get started:
IT'S THE EU, AND IT'S HERE TO HELP
IT'S GOING TO BE A BUSY MONTH. On Nov 18, France and Germany will gather officials, industry executives and (just a few) civil society groups in Berlin for the so-called "Summit on European Digital Sovereignty." The one-day conference (as well as a series of side events) is aimed at figuring out what the European Union's position on the topic should be — despite more than five years since the concept of digital sovereignty started during the rounds in Brussels.
Then, on Nov 19, the European Commission is expected to announce its so-called "Digital Omnibus," or Continent-wide effort to simplify the bloc's tech rules, primarily focused around the Artificial Intelligence Act, General Data Protection Regulation, Cybersecurity Act and the ePrivacy Directive. It's a response to the competitiveness report written by Mario Draghi, the former Italian prime minister, which suggested (without much evidence) that Europe's complex digital rulebook was a major reason why the Continent had failed to compete with the likes of China and the United States.
The one-two punch of the Digital Sovereignty summit and the Digital Omnibus represent the two countervailing strategies toward technology that are battling for supremacy in Brussels and other EU member capitals.
There's a long history about why France and Germany still don't see eye-to-eye on digital sovereignty. Paris would prefer to create national (read: French) tech champions that can then compete globally. Berlin would prefer to work with allies on tech issues, though the newly-installed government is starting to change its tune.
Thanks for reading the free monthly version of Digital Politics. Paid subscribers receive at least one newsletter a week. If that sounds like your jam, please sign up here.
Here's what paid subscribers read in October: — How social media failed to respond to the highest level of global conflict since WWII; The fight over semiconductors between China and the US is worsening the "splinternet;" DeepSeek's vaunted success may not what it first appears. More here. — The European Union's AI strategy is re-living mistakes of previous shifts in global technology; Domestic US politics overshadow the global attacks on online safety laws; The consequences of Big Tech's pullback on political ad transparency is a hit to free speech. More here. — Social media is no longer 'social.' That requires a rethink about how these platforms are overseen; How US tech companies are balancing domestic and international pledges on 'digital sovereignty;' Most governments don't have a plan to combat disinformation. More here. — Get ready for the rise of a 'digital age of minority;' AI-powered deepfakes are getting harder detect — even if they have yet to affect democratic elections; The global "AI Stack" is quickly consolidating around select few firms. More here. — The case for why everyone should double down on social media oversight despite the growing hype around artificial intelligence. More here.
Yet at its core, both countries are seeking to take a more hands-on approach to digital policymaking that focuses on digital public infrastructure, incentives tied to public tenders for technology contracts and greater government support for domestic companies to compete on the global stage. That could include nudging ministries to use local alternatives to American cloud providers like AWS or Google. It may involve government support for startups to hire the best talent and access new European (and global) markets. It could see officials actively embedding themselves in industrial policy decisions so that more high-end technology is built in Europe — as part of growing public support to wean the bloc off a perceived reliance on US Big Tech giants.
There's still uncertainty about what the communiqué that will arise from the Nov 18 event will say. US officials have been doing the rounds in EU capitals (and not just in Berlin and Paris) to warn national officials of promoting an "anti-American" slant to whatever Europe decides to do with its digital sovereignty ambitions. But, at its core, the summit will be dedicated to placing the government and policymakers at the center of digital policymaking changes to jumpstart the bloc's economy.
Contrast that to what the European Commission is slated to announce a day later on Nov 19 (though that date has yet to be officially confirmed.) As part of the Digital Omnibus, expect a slate of announcements to pare back Europe's digital rulebook in the name of economic growth.
There are rumors that parts of the AI Act will be shelved. I don't think that will happen. Instead, my bet is on a more protracted roll-out of the world's only comprehensive legislation for the emerging technology aimed at giving European firms more time to figure out their AI strategies. I would argue that few of these firms will be affected by the most stringent parts of the AI Act. But Henna Virkkunen, the European Commission's vice-president for technology sovereignty, security and democracy, has made it clear her priority when it comes to AI is about generating growth, not cumbersome regulation.
In other parts of the upcoming Digital Omnibus we'll also likely see other retrenchment from Europe's flaunted world-class digital regulation. This will be framed as unleashing the bloc's economic potential by making it easier for small- and medium-sized enterprises to sell their wares globally without falling afoul of the perceived excesses of digital regulation. Europe's privacy rules, in particular, will likely come under scrutiny because of the misunderstanding that such rules have made it harder for small firms to compete. When it comes to European bigger firms, that is certainly true. But I have seen little evidence to suggest that tough data protection rules, when implemented correctly, lead to burdensome oversight for smaller companies, almost all of which do not have to comply with the most stringent of oversight.
EU policymakers argue the dual events this month go hand-in-hand. That you can have a more top-down industrial policy directed by national leaders and an effort to reduce the digital regulatory burden to unleash the Continent's economic potential.
I don't buy that.
First, Europe needs to define what it wants out of its digital sovereignty agenda that remains divided between EU member countries' diverging interests and an inability to craft a coherent policymaking agenda when global competitors like the US and China are quickly moving ahead. Yes, the bloc is not a country, and such decisions are inherently slow. But Brussels has had more than five years to conjure up a digital sovereignty ethos, and it has failed to do so.
Second, the perception driven home by Draghi's competitiveness report that all digital regulation is harmful to the economy fundamentally misunderstands how Europe's digital economy works. It's not GDPR or the soon-to-be slow-rolled AI Act that is holding back Portugal or Sweden. It's the endemic failure of generations of EU policymakers to create a functioning digital single market that can allow European companies to leverage Continent-wide talent and financial resources.
Reining back digital rules may play into the politics of late 2025 when national leaders all want to <<checks talking points>> unleash the potential of AI onto society. But the Digital Omnibus will fail to grapple with the EU's underlying structural challenges that remain the main driver for why the bloc is third in the three-person race with China and the US on technology.
Until national leaders and policymakers clearly link their digital sovereignty ambitions with a well-thought-out strategy toward digital rulemaking, Europe's also-ran status is unlikely to change.
The two events later this month represent a missed opportunity to bring the dueling strategies — one pushing for greater government intervention, the other calling for less regulatory oversight — into one coherent message. That could have included finally articulating what a forward-looking digital sovereignty agenda would look like that focused on competitiveness, social cohesion and the promotion of Europe's fundamental values, at home and abroad.
Instead, the Nov 18 summit and the Nov 19 announcement will likely stand in contrast to one another as a sign that, again, the EU has failed to meet the opportunity presented by the US (the world's largest democratic power) pulling back from the global stage.
Chart of the week
LOBBYING IN BRUSSELS HAS NEVER BEEN at the same scale as what happens in Washington. In part, that's because the EU is not as transparent in forcing companies to disclose what they spend annually to nudge lawmakers in one way or another.
Still, tech companies have increased their collective lobbying spend by roughly one-third, to $174 million, in the latest 12 month period compared to 2023, according to figures collected by Corporate Europe Observatory and LobbyControl, two advocacy groups.
Below is the breakdown of the top spenders within the digital industry. It's not surprising that many on the list continue to face significant regulatory headwinds despite Brussels calming down on its appetite for more tech rules. Source: Corporate Europe Observatory; LobbyControlSource; EU Transparency Register
TECH INDUSTRY AND CLIMATE CHANGE
THE UNITED NATIONS ANNUAL CLIMATE CHANGE CONFERENCE will take place in Belén, Brazil from Nov 10-Nov 21. The outlook does not look good. As a lapsed climate change reporter, it's hard not to look at the current data and weep. The ten warmest years on record have all occurred between 2015-2024, according to data from the US NOAA National Centers for Environmental Information. Last year was the warmest year since global records began in 1850.
Yikes.
The tech industry, especially those firms powering the datacenter boom, must take responsibility for some of the current climate crisis.
Electricity consumption associated with datacenters, for instance, is expected to more than double by 2030, based on estimates from the International Energy Agency. By the end of the decade, that means these facilities, whose expansion is directly related to the AI boom currently engulfing the world, will need as much electricity, as a sector, as what Japan currently consumes in 2025. That's the same amount of electricity as the world's fourth largest economy.
Again, yikes.
Some of this datacenter boom will be powered by renewable energy like geothermal power. But in countries from Ireland to Chile, local residents are protesting the building of these facilities because of fears — and realities — that the new construction will either lead to rolling electricity blackouts or hikes in energy bills that will disproportionately harm lower income families.
The climate change risks are not just limited to electricity generation.
On everything from lithium battery production for electric vehicles to the waste produced by consumer electronic devices, the tech industry's effect on the wider environment can not be overstated. Yes, there are larger emitters, especially those associated with heavy industry and transport. But for a sector known for generating record profits (and now representing roughly a third of the overall market capitalization of the S&P 500 Index), the tech industry has significant cash stockpiles to address its climate change impact.
Sign up for Digital Politics
Thanks for getting this far. Enjoyed what you've read? Why not receive weekly updates on how the worlds of technology and politics are colliding like never before. The first two weeks of any paid subscription are free.
Subscribe Email sent! Check your inbox to complete your signup.
No spam. Unsubscribe anytime.
Some firms have started to do so. Many of the world's largest tech companies have best-in-class carbon offsetting programs and have invested billions in the reduction of so-called e-waste created by their consumer products. Still, it's not enough.
As national leaders and policymakers gather in Brazil for what is likely to be a damp squib of a climate conference, it's a reminder of the growing disconnect between the tech industry's climate change footprint and its ability to play a major role in averting the most harmful environmental impact — especially when 2024 was the first calendar year when the average global temperature exceeded 1.5°C above its pre-industrial levels.
Expect many of the companies to send representatives to Belén. It's a potentially good news story for some already investing in greener versions of tech infrastructure. But with total investment in data centers, alone, expected to hit almost $600 billion this year, it's hard to reconcile the growing carbon footprint of just one part of the tech industry and the stated green ambitions of the firms behind the current tech boom.
What I'm reading:
— Ahead of the upcoming social media ban for minors in Australia, the government conducted a feasibility study into whether it could implement so-called "age assurance" across the country. The results are here.
— The US Senate held another hearing into unproven claims that Big Tech companies worked with the federal government to censor mostly right-wing voices. Here's the transcript.
— The European Commission published its work plan for 2026, including major tech regulatory pushes like the Digital Fairness Act. More here.
— More than 70 countries signed the United Nations Cybercrime Convention on Oct 25 that had been criticized for failing to uphold basic fundamental rights. You can read the treaty here.
— Academics from Oxford University outlined a potential pathway forward in how the ways countries oversee artificial intelligence can be brought together. More here.
For most of us, the days of having to insert a disc to play our media are increasingly behind us. But if you’d like to provide your kids with the experience, you could use CardFlix.
For the electronics, [Udi] used the readily available ESP8266 D1 Mini module connected via I2C to a PN532 NFC reader. To trigger the different movies, there are over 50 cards, each with not only its unique NFC tag but also small posters that [Udi] printed showing the show and then laminated, ensuring they will survive plenty of use. The D1 Mini and NFC reader are housed in a 3D printed case, which ends up being almost smaller than the 5V DC adapter powering it, allowing it to be mounted above an outlet out of the way. The deck of movie cards is also housed in a pair of printed boxes: the larger one for the whole collection and a small one for the most often used shows. Should you want to print your own, all the design files are provided in the write-up.
The D1 Mini was programmed using ESPHome. This firmware allows it to easily connect back to Home Assistant, which does most of the heavy lifting for this project. When a card is scanned, Home Assistant can tell which TV the scanner was near, allowing this system to be used in more than one location. It also knows which card was scanned so it can play the right movie. Home Assistant also handles ensuring the TV in question is powered on, as well as figuring out what service should be called for that particular movie to be shown.
Be sure to check out some of the other projects we’ve featured that use ESPHome to automate tasks.
Papa Leone XIV riceverà domani, 6 novembre, Mahmoud Abbas, presidente dello Stato di Palestina. L'incontro tra Leone e Abu Mazen si terrà alle 10.30 al Palazzo apostolico vaticano, ha reso noto la Sala Stampa della Santa Sede.
Gli aggressori stanno utilizzando una tecnica avanzata che implica il caricamento laterale di DLL tramite l’applicazione Microsoft OneDrive. In questo modo riescono ad eseguire codice malevolo senza essere rilevati dai meccanismi di sicurezza.
L’attacco informatico utilizza una libreria dll modificata come strumento per deviare i processi legittimi di Windows e assicurare la persistenza sui sistemi infetti. Questo metodo si dimostra particolarmente efficace perché evita le modifiche persistenti al codice che i sistemi di rilevamento basati sulle firme solitamente identificano.
Secondo l’avviso di sicurezza di Kas-sec, gli aggressori hanno inserito un file version.dll contraffatto nella stessa directory di OneDrive.exe, sfruttando l’ordine di ricerca delle dipendenze dell’applicazione.
La tecnica prende di mira specificamente version.dll perché molte applicazioni Windows, tra cui OneDrive, si basano su questa libreria per recuperare informazioni sulla versione dei file. Quando OneDrive.exe viene avviato, carica la DLL dannosa dalla sua directory locale prima di cercare nelle directory di sistema.
Gli aggressori, posizionando in modo strategico la DLL malevola, sono in grado di eseguire codice all’interno del contesto fidato di un’applicazione Microsoft dotata di firma digitale, superando di fatto i controlli di sicurezza volti a monitorare i processi anomali. Al fine di salvaguardare la clandestinità e scongiurare interruzioni anomale delle applicazioni, gli aggressori utilizzano metodologie di proxy delle DLL.
La versione dannosa della dll esporta le stesse funzioni della libreria legittima, inoltrando chiamate di funzioni legittime alla versione System32 originale di Windows mentre esegue operazioni in background.
Questa doppia funzionalità garantisce che OneDrive.exe continui a funzionare normalmente, riducendo la probabilità di essere rilevato da utenti o software di sicurezza. L’attacco impiega una tecnica di hooking avanzata che sfrutta la gestione delle eccezioni e il flag di protezione della memoria PAGE_GUARD.
Invece dei tradizionali metodi di hooking inline facilmente rilevabili dagli strumenti di sicurezza, questo approccio attiva intenzionalmente eccezioni di memoria per intercettare le chiamate API. Quando OneDrive.exe tenta di chiamare funzioni specifiche come CreateWindowExW, il codice dannoso cattura il flusso di esecuzione tramite gestori di eccezioni e lo reindirizza alle funzioni controllate dall’aggressore.
L’hook si riarma dopo ogni intercettazione utilizzando eccezioni in un unico passaggio, mantenendo un controllo continuo sulle funzioni API mirate.
Nell'udienza di oggi, il Papa ha affermato che "ogni giorno è Pasqua", citando "una grande filosofa del Novecento", Edith Stein, per spiegare la tendenza dell'essere umano all'infinito e all'eterno, nonostante i propri limiti.
“La comunicazione non è una strategia: è una forma di presenza. Non è un adorno: è parte essenziale della missione. Comunicare è fare visibile l’amore di Dio nel mondo, è usare la parola per far conoscere la Parola”.
Mamdani a New York: vittoria simbolo, sfida per la sinistra italiana.
(177)
Nota: non voglio, e non ne ho facoltà, minimizzare la vittoria di Mamdani, nè pormi in contrasto con chi ne gioisce. Diciamo che non amo molto che le vittorie della sinistra all'estero siano prese come esempio in questo paese, che deve, comunque, fare i conti con la sua, di politica.
#ZohranMamdani, eletto sindaco di New York a soli 34 anni, rappresenta una svolta storica per la politica americana. Primo sindaco musulmano della città, Mamdani ha sconfitto l’ex governatore Andrew Cuomo con il 50,4% dei voti, conquistando consenso soprattutto tra giovani, immigrati e lavoratori grazie a una piattaforma basata su trasporti pubblici gratuiti, edilizia popolare e giustizia sociale.
Già nel suo discorso di vittoria, Mamdani ha lanciato una sfida diretta a #DonaldTrump, definendolo un “despota” e affermando che “...la città che lo ha creato può anche sconfiggerlo”. Da parte sua, Trump ha risposto con sarcasmo, minimizzando la sconfitta: «Io non ero sulla scheda elettorale» e accusando le tensioni a Washington di aver danneggiato il movimento repubblicano. A Mamdani ha rivolto l’epiteto di “Comunista” e ha minacciato tagli ai fondi federali: “Se vince un comunista, pronti a tagliare miliardi a New York”. Questa contrapposizione incarna uno scontro tra due visioni opposte, ma con un comune uso di retorica fortemente polarizzante.
Le vittorie parallele di Abigail Spanberger in Virginia e Mikie Sherrill nel New Jersey consolidano il successo dei democratici in territori chiave, ponendo un ulteriore freno alla spinta trumpiana e segnando un chiaro avvertimento verso la leadership repubblicana.
In Italia, il successo di Mamdani è stato accolto con entusiasmo da settori della sinistra, ma la realtà politica appare ben diversa rispetto a quella statunitense. Qui la sinistra è dilaniata da una cronica divisione tra anime moderata e radicale, che impedisce la costruzione di un progetto unitario e coerente. L’assenza di una leadership convincente che sappia parlare ai bisogni concreti della società limita molto la capacità di mobilitazione e di creare un’alternativa credibile al governo Meloni.
L’opposizione italiana tende spesso a rifugiarsi in tentativi di emulazione di modelli esteri senza riuscire a tradurli nel contesto nazionale, rimanendo così frammentata e marginale. Manca, inoltre, un dialogo autentico con le nuove generazioni e con i settori più vulnerabili, fattori che in America invece hanno fatto la differenza per Mamdani.
Solo un’analisi critica e profonda di queste difficoltà interne potrà avviare un processo di rinnovamento e rilancio della sinistra in Italia, partendo dalla concretezza e non dall’astrazione.
Mamdani e i successi democratici statunitensi mostrano dunque un modello efficace di politica progressista da cui trarre ispirazione, ma la sinistra italiana deve affrontare le proprie contraddizioni interne per poter davvero sognare una rinascita simile.
Gli scritti sono tutelati da “Creative Commons” (qui)
Tutte le opinioni qui riportate sono da considerarsi personali. Per eventuali problemi riscontrati con i testi, si prega di scrivere a: corubomatt@gmail.com
@Notizie dall'Italia e dal mondo A seguito del fragile cessate il fuoco imposto a Israele da Donald Trump, gli scambi di prigionieri previsti dal piano statunitense si sono conclusi. Gli ostaggi israeliani ancora in vita sono tornati alle loro case, mentre molti dei palestinesi arrestati durante il genocidio a Gaza L'articolo Marwan Barghouti, da
[quote]ROMA – Alle 11 e 30, i delegati di maggioranza del Senato hanno presentato alla Corte di Cassazione il testo sulla riforma della giustizia. Ieri, martedì 4 novembre, intanto, i… L'articolo Referendum sulla giustizia, depositato testo in Cassazione, parte il
[quote]GERUSALEMME – La tregua a Gaza si mostra ogni giorno più fragile, mentre proseguono le provocazioni dei coloni israeliani. Ieri, martedì 4 novembre, nella città di Aqraba, a sud di… L'articolo Medio Oriente, i coloni provocano: in 465 nella Moschea di
Image via the Wayback Machine.
Photo by Bagus Hernawan / Unsplash
Otttoz
in reply to Cybersecurity & cyberwarfare • • •