To our younger readers, a car without an all-touchscreen “infotainment” system may look clunky and dated, but really, you kids don’t know what they’re missing. Buttons, knobs, and switches all offer a level of satisfying tactility and feedback that touchscreens totally lack. [Garage Builds] on YouTube agrees; he also doesn’t like the way his aftermarket Kenwood head unit looks in his 2004-vintage Nissan. That’s why he decided to take matters into his own hands, and hack the buttons back on.

Rather than source a vintage stereo head unit, or try and DIY one from scratch, [Garage Builds] has actually hidden the modern touchscreen unit behind a button panel. That button panel is actually salvaged from the stock stereo, so the looks fit the car. The stereo’s LCD gets replaced with a modern color unit, but otherwise it looks pretty stock at the end.

Adding buttons to the Kenwood is all possible thanks to steering-wheel controls. In order to make use of those, the touchscreen head unit came with a little black box that translated the button press into some kind of one-wire protocol that turned out to be an inverted and carrier-less version of the NEC protocol used in IR TV remotes. (That bit of detective work comes from [michaelb], who figured all this out for his Ford years ago, but [Garage Builds] is also sharing his code on GitHub.)

Having the protocol, it simply becomes a matter of grabbing a microcontroller to scan the stock buttons and output the necessary codes to the Kenwood head unit. Of course now he has extra buttons, since the digital head unit has no tape or CD changer to control, nor AM/FM radio to tune. Those get repurposed for the interior and exterior RGB lighting [Garage Builds] has ̶i̶n̶f̶l̶i̶c̶t̶e̶d̶ mounted on this ̶p̶o̶o̶r̶ lovely car. (There’s no accounting for taste. Some of us love the look and some hate it, but he’s certainly captured an aesthetic, and now has easy control of it to boot.) [Garage Builds] has got custom digital gauges to put into the dash of his Nissan, and some of the extra buttons have been adapted to control those, too.

The whole car is actually a rolling hack as you can see from the back catalog of the [Garage Builds] YouTube channel, which might be worth a look if you’re in the intersection of the “electronics enthusiast” and “gearhead” Venn Diagram.

There’s no accounting for taste, but we absolutely agree with him that making everything black rectangles is the death of industrial design.

This isn’t the first time we’ve seen retro radios hacked together with micro-controllers; take a look at this one from a 1970s Toyota. Now that’s vintage!

hackaday.com/2025/11/05/hackin…

One of the joys of writing up the entries for the 2025 Component Abuse Challenge has come in finding all the different alternative uses for the humble transistor. This building block of all modern electronics does a lot more than simply performing as a switch, for as [Aleksei Tertychnyi] tells us, it can also function as a temperature sensor.

How does this work? Simple enough, the base-emitter junction of a transistor can function as a diode, and like other diodes, it shows a roughly 0.2 volt per degree voltage shift with temperature (for a silicon transistor anyway). Taking a transistor and forward biasing the junction with a 33 K resistor, he can read the resulting voltage directly with an analogue to digital converter and derive a temperature reading.

The transistor features rarely as anything but a power device in the projects we bring you in 2025. Maybe you can find inspiration to experiment for yourself, and if you do, you still have a few days in which to make your own competition entry.

hackaday.com/2025/11/05/2025-c…

When you think of a US Nuclear accident, you probably think of Three Mile Island. However, there have been over 50 accidents of varying severity in the US, with few direct casualties. (No one died directly from the Three Mile Island incident, although there are some studies that show increased cancer rates in the area.)

Indeed, where there are fatalities, it hasn’t been really related to the reactor. Take the four people who died at the Surry Nuclear Power Plant accident: they were killed when a steam pipe burst and fatally scalded them. At Arkansas Nuclear One, a 525-ton generator was being moved, the crane failed to hold it, and one person died. That sort of thing could happen in any kind of industrial setting.

But one incident that you have probably never heard of took three lives as a direct result of the reactor. True, it was a misuse of the reactor, and it led to design changes to ensure it can’t happen again. And while the incident was nuclear-related, the radiation didn’t kill them, although it probably would have if they had survived their injuries.

Background

The large cylinder housed the SL-1 reactor. The picture is from some time before the accident (public domain).
It may be a misattribution, but it is often said that Napoleon said something like, “An army marches on its stomach.” A modern army might just as well march on electrical power. So the military has a keen interest in small nuclear reactors to both heat sites in cold climates and generate electricity when in remote locations or in, as they like to call it, denied areas.

In the mid-1950s, the Army tasked Argonne National Laboratory to prototype a small reactor. They wanted it portable, so it had to break down to relatively small pieces, if you consider something weighing 10 tons as small, and could be set up in the field.

The resulting prototype was the Stationary Low-Power Reactor Number One, known as SL-1, operated by the Army in late 1958. It could provide about 400 kW of heating or 200 kW of electricity. The reactor core was rated for 3 MW (thermal) but had been tested at 4.7 MW a few times. It would end operations due to an accident in 1961.

Design

Sketch of the reactor internals (public domain).
The reactor was a conventional boiling-water reactor design that used natural circulation of light water as both coolant and moderator. The fuel was in the form of plates of a uranium-aluminum alloy.

The reactor was inside a 48-foot-tall cylinder 38.5 feet in diameter. It was made of quarter-inch plate steel. Because the thing was in the middle of nowhere in Idaho, this was deemed sufficient. There was no containment shell like you’d find on reactors nearer to population centers.

The reactor, at the time of the accident, had five control rods, although it could accommodate nine. It could also hold 59 fuel assemblies, but only 40 were in use. Because of the reduced number of fuel plates, the reactor’s center region was more active than it would have been under full operation. The rods were eight in a circle with four dummies and a ninth one in the center. Because of the missing outer rods, the center control rod was more critical than the four others.

The Accident

In January of 1961, the reactor had been shut down for 11 days over the holiday. In preparation for restarting, workers had to reconnect the rods to their drive motors. The procedure was to pull the rod up four inches to allow the motor attachment.
Cutaway of the SL-1 and the control building (public domain).
There were three workers: Specialist Richard McKinley, Specialist John Byrnes, and a Navy Seabee Electrician First Class Richard Legg. Legg was in charge, and McKinley was a trainee.

From a post-accident investigation, they are fairly sure that Byrnes inexplicably pulled the center rod out 20 inches instead of the requisite four inches. The reactor went prompt critical, and, in roughly four milliseconds, the 3 MW core reached 20 GW. There wasn’t enough time for sufficient steam to form to trigger the safeties, which took 7.5 milliseconds.

The extreme heat melted the fuel, which explosively vaporized. The reactor couldn’t dissipate so much heat so quickly, and a pressure wave of about 10,000 pounds hit the top of the reactor vessel. The 13-ton vessel flew up at about 18 miles an hour, and plugs flew out, allowing radioactive boiling water and steam to spray the room. At about nine feet, it collided with the ceiling and a crane and fell back down. All this occurred in about two seconds.

As you might imagine, you didn’t want to be in the room, much less on top of the reactor. Two of the operators were thrown to the floor. Byrnes’ fall causes his rib to fatally pierce his heart. McKinley was also badly injured but only survived for about two hours after the accident. Legg was found dead and stuck to the ceiling, an ejected shield plug impaling him.

Why?

Actual photo of the destroyed reactor taken by a camera on the end of a crane.
You can place a lot of blame here. Of course, you probably shouldn’t have been able to pull the rod up that far, especially given that it was carrying more of the load than the other rods. The contractor that helped operate the facility wasn’t available around the clock due to “budget reasons.” There’s no way to know if that would have helped, of course.

But the real question is: why did they pull the rod up 20 inches instead of four? We may never know. There are, of course, theories. Improbably, people have tried to explain it as sabotage or murder-suicide due to some dispute between Byrnes and one of the other men. But that doesn’t seem to be the most likely explanation.

Apparently, the rods sometimes stuck due to misalignment, corrosion, or wear. During a ten-month period, for example, about 2.5% of the drop-and-scram tests failed because of this sticking: a total of 40 incidents. However, many of those causes only apply when the rods are automatically moved. Logbooks showed that manual movement of the rods had been done well over 500 times. There was no record of any sticking during manual operations. Several operators were asked, and none could recall any sticking. However, the rate of sticking was increasing right before the incident, just not from manual motion.

However, it is easy to imagine the 48-pound rod being stuck, pulling hard on it, and then having it give way. We’ve all done something like that, just not with such dire consequences.

Aftermath

First responders had a difficult time with this incident due to radiological problems. There had been false alarms before, so when six firefighters arrived on the scene, they weren’t too concerned. But when they entered the building, they saw radiation warning lights on and their radiation detectors pegged.

Even specialized responders with better equipment couldn’t determine just how much radiation was there, except for “plenty.” Air packs were fogging, limiting visibility. During the rescue of McKinley, one rescuer had to remove a defective air pack and breathe contaminated air for about three minutes. Freeing Legg’s body required ten men working in pairs, because each team could only work in the contaminated zone for 65 seconds. The rule had been that you could tolerate 100 Röntgens (about 1 Sv or 100 rem) to save a life and 25 (0.25 Sv or 25 rem) to save valuable property. Of the 32 people involved in the initial response, 22 received between 3 and 27 Röntgens exposure. Further, 790 people were exposed to harmful radiation levels during the subsequent cleanup.

The reactor building did prevent most of the radioactive material from escaping, but iodine-131 levels in some areas reached about 50 times normal levels. The remains of the site are buried nearby, and that’s the source of most residual radiation.

Lessons Learned

Unsurprisingly, the SL-1 design was abandoned. Future designs require that the reactor be safe even if one rod is entirely removed: the so-called “one stuck rod” rule. This also led to stricter operating procedures. What’s more, it is now necessary to ensure emergency responders have radiation meters with higher ranges. Regulations are often written in blood.

The Atomic Energy Commission made a film about the incident for internal use but, of course, now, you can watch it from your computer, below.

youtube.com/embed/gIBQMkd96CA?…

You might also enjoy this presentation by one of the first responders who was actually there, which you can see below. If you want a more detailed history, check out Chapters 15 and 16 of [Susan M. Stacy’s] book “Proving the Principle” that you can read online.

youtube.com/embed/gMNqPUT-yP0?…

Nuclear accidents can ruin your day. We are always surprised at how many ordinary mistakes happen at reactors like Brown’s Ferry.

hackaday.com/2025/11/05/the-de…

There are various CAD challenges out there that come with bragging rights. Some, like the Certified Solid Works Professional Exam (CWSP) might actually look good on a resume. [Deltahedra] is apparently not too interested in padding his resume, nor does he have much interest in SolidWorks, and so decided to conquer the CWSP with FreeCAD in the name of open source — and to show us all how he did it.

Because these CAD exams are meant to show your chops with the program, the resulting video makes an awesome FreeCAD tutorial. Spoiler alert: he’s able to model the part, though it takes him about 15 minutes. After modeling the part, the CWSP exam needs you to find the mass of the part, which [Deltahedra] does with the FCInfo macro — which, of course, he shows us how to install and use. The second and third questions are similar: change some variables (it is a parametric modeling software, after all) and find the new mass. In a second exercise, he needs to modify the model according to a new drawing. Modifying existing models can sometimes be more difficult than creating them, but [Deltahedra] and FreeCAD pass with flying colors once again.

If you’re at all curious about what FreeCAD can do, this video is a really impressive demonstration of FreeCAD’s part modeling workbench. We’ve had a few FreeCAD guides of our on on Hackaday, like this one on reverse engineering STLs and this one on best practices in the software, but if you’d asked us before the release of v1.0 we’d never have guessed you could use it for a SolidWorks exam in 2025. So while there are kudos due to [Deltahedra], the real accolades belong to the hardworking team behind FreeCAD that has brought it this far. Bravo!

youtube.com/embed/VEfNRST_3x8?…

hackaday.com/2025/11/05/solidw…

Un’allerta urgente è stata diramata da Microsoft per gli utenti del sistema operativo Windows, in merito ad una problematica potenziale che, a partire dagli aggiornamenti di sicurezza distribuiti il 14 ottobre 2025, potrebbero causare l’avvio in alcuni dispositivi della schermata di ripristino BitLocker.

L’avviso sottolinea che non sono interessate le edizioni server, limitando l’ambito di applicazione agli ambienti client consumer e aziendali. Il problema riguarda tre piattaforme client chiave: Windows 11 versione 25H2 e 24H2, entrambe collegate all’articolo di origine della knowledge base KB5066835, e Windows 10 versione 22H2 nell’articolo KB5066791.

Una indagine approfondita è in corso da parte di Microsoft su specifiche versioni client di Windows, con un impatto soprattutto sui sistemi Intel-based che dispongono della funzione Connected Standby. Questa particolare opzione di risparmio energetico, permette ai dispositivi di rimanere connessi durante fasi di ridotto consumo di energia.

Sembra che i processori Intel dotati di supporto Connected Standby siano particolarmente esposti, in quanto la persistenza di rete propria di questa funzione potrebbe interferire con le procedure di avvio successive agli aggiornamenti. Gli aggiornamenti, volti a risolvere vulnerabilità critiche e a migliorare la stabilità del sistema, hanno inavvertitamente causato l’attivazione del comportamento di BitLocker sui dispositivi hardware compatibili.

Nonostante il problema non incida sulla sicurezza dei dati, può causare un’interruzione dei flussi di lavoro degli utenti, in quanto può essere necessario inserire la chiave di ripristino di BitLocker una volta al riavvio. Gli utenti coinvolti potrebbero essere tenuti a visualizzare la richiesta di ripristino durante l’avvio o nei riavvii successivi agli aggiornamenti, stando a quanto riportato nella documentazione sullo stato di salute delle versioni di Windows di Microsoft.

Una volta fornita la chiave, il dispositivo, dovrebbe riprendere il normale funzionamento senza ulteriori interruzioni. Questo modalità di ripristino è dovuto alle interazioni tra gli aggiornamenti e i meccanismi di crittografia di BitLocker, sebbene Microsoft non abbia ancora specificato la causa esatta.

Gli utenti possono fare riferimento ai tracker dei problemi di Microsoft, come WI1183025 per Windows 11 25H2, WI1183026 per 24H2 e WI1183027 per Windows 10 22H2, tramite il portale Windows Release Health per conoscere lo stato più recente.

Microsoft consiglia alle organizzazioni interessate di applicare un Known Issue Rollback (KIR) per aggirare il problema. Questo strumento di mitigazione, descritto in dettaglio nel blog IT Pro dell’azienda, richiede di contattare il Supporto Microsoft per le aziende per l’implementazione a livello aziendale.

I singoli utenti devono assicurarsi di avere a portata di mano le chiavi di ripristino di BitLocker, solitamente archiviate negli account Microsoft o stampate durante la configurazione, per evitare tempi di inattività prolungati.

L'articolo Microsoft avverte: Gli aggiornamenti di sicurezza causano problemi con BitLocker proviene da Red Hot Cyber.

When you hear it said that “Modern steel is disposable by design”, your ears perk up, as you just caught the unmistakable sound of faux romanticism along with ‘lost ancient technology‘ vibes. Although it happens sometimes that we did lose something important, as with for example the ancient Roman concrete that turns out to have self-healing properties as a result of so-called hot mixing, this is decidedly an exception.

We nearly lost that technology because of the technological and scientific bonfire that was the prelude to a thousand years of darkness over Europe: called the Dark Ages, Middle Ages as well as the medieval period. Thus when you come across a slideshow video with synthesized monotonal voice-over which makes the bold claim that somehow medieval iron was superior and today’s metallurgy both worse and designed to break, you really have to do a spit-take. The many corrections in the comment section further reinforces the feeling that it’s more slop than fact.

One of the claims made is that the bloomery furnace beats the blast furnace, due to beneficial additives to the iron. Considering that the video cites its sources, it’s at least worthy of a dive into the actual science here. Are modern iron and steel truly that inferior and disposable?

The Iron Age

Han Dynasty iron sickle and plow. (Credit: Gary Todd, Wikimedia)
The Iron Age is defined as the point when a civilization begins to mass-produce tools and weapons made from processed iron ore rather than just the use of found meteoric iron. What makes this such a telling technological moment is because in order to smelt iron, you need to have a furnace capable of generating temperatures around 1,250 °C. The transition between the easier to process bronze and superior iron took place between 1,200 and 1,100 BCE in Europe, along with much of Asia, in particular India and China.

Processing iron ore to turn it into any of the types of iron alloys possible can be done in a variety of ways, with direct reduction through smelting commonly being used throughout history, alongside blast furnaces. These latter became the most common approach in the 20th century, using a two-stage process involving refining in a converter. Electric arc furnaces can take both the pig iron from blast furnaces and scrap metal as input. Regardless of the method used, the iron ore has to have its impurities removed or reduced to the desired levels for the target alloy.
Bloomery smelting during the Middle Ages, as depicted in the De Re Metallica by Georgius Agricola, 1556 (Source: Wikimedia)
Pig iron is the output of blast furnaces and can be used for cast iron when melted. This is different from the wrought iron, which traditionally was produced using the output from a bloomery. This is a type of metallurgical furnace capable of smelting iron ore. Using direct reduction with a reduction gas like carbon monoxide, methane or hydrogen, it produces direct reduced iron, also called sponge iron, with the intended reduction in carbon content. This can then be processed by a blacksmith into wrought iron products.

Blast furnaces also provide this carbon reduction, using coke or hydrogen as the redox agent, but as a continuous process the resulting pig iron has a carbon content of 3.8 – 4.7% compared to the higher purity of direct reduced iron that puts it on the level of scrap steel.

Currently blast furnaces and electric arc furnaces offer the most economical way to produce large amounts of steel. Modern direct reduction furnace types have been developed that while not directly competitive have certain advantages, such as being able to process certain ore types that blast furnaces struggle with.

That said, China in particular focused significantly on blast furnaces, with no significant use of bloomeries, but instead the use of finery forges to refine the pig iron from their blast furnaces. By using water power, the blast furnaces could produce massive amounts of pig iron, giving China a significant advantage over medieval Europe.

Archaeometallurgy

The Iron pillar of Delhi, erected around 400 CE. (Credit: Sujit Kumar, Wikimedia)
So how did medieval iron alloys differ from that during the early days of the Iron Age in Europe and China, never mind during the technological boom of the ancient Roman Empire? Unsurprisingly the Early Middle Ages (500 – 1000 CE) saw mostly a sharp decline in mining and metallurgy that took until the High Middle Ages (11th to 13th centuries) to begin to recover and the Late Middle Ages to see a strong push for innovation. This was however not an easy period, as famine, war and pestilence kept ravaging economies and its people. Compared to the relative peace and structured society of the Roman times, things couldn’t have been more different.

The study of metallurgy from a historical context is called archaeometallurgy, which focuses on observable evidence such as slag and similar residues left over at former furnace and blacksmithing sites, as well as found metal artefacts. This latter aspect of found artefacts bears reminding, as these include the iron objects that survived often being buried for hundreds if not thousands of years. This risks indulging in survivorship bias, as we do not recover iron artefacts that did rust away, nor those that were tossed with other scrap metal into a furnace.

The iron pillar of Delhi is one such example. This six-ton, 7.21 m tall behemoth has drawn significant attention for its lack of corrosion despite having been exposed to the elements for more than a thousand years. After study of this pillar and other examples of Indian iron from roughly the same era, the levels of phosphor (P) were implicated in the formation of a corrosion resistant hydrate layer, as summarized in a 2000 article by R. Balasubramaniam in Corrosion Science. This is however a relatively thin and fragile layer. Before a protective cage was added, the constant touching of visitors would affect this layer, explaining why its bottom is rather rusty.

What this does however highlight is the importance of a passivation element in iron alloys to enable some level of corrosion resistance by preventing or slowing down the oxidation process. This, combined with environmental factors such as dry air and a low-oxygen environment can be key to the survival of an iron object.
Spanish medieval gilded spur. 13th – 15th century as found (a) and preserved (b) (Credit: Marco Veneranda et al., 2016)
In the case of modern stainless steel, this passivation is provided primarily by chromium which helps form a protective layer. As pre-Industrial Revolution iron alloys tended to have significant amounts of slag and other contaminants embedded in them, this provided enough opportunities for such a passivation layer to be formed.

A good study subject when it comes to medieval iron can be found in the surviving medieval structures, which are primarily churches and cathedrals. These have iron reinforcements that are exposed to various environments, ranging from an dry indoor climate to ones more conducive to corrosion. In a study of these iron rebars in the 13th century Bourges’ Cathedral attic, including a broken one, it was found that they were decidedly rusting away and that even these primarily indoor rebars need special preservation techniques to keep them from eventually failing.

During an excavation in a medieval necropolis in Spain, a gilded spur was uncovered. This was used for an experimental archaeological analysis method, detailing just how far this gilded, medieval iron object was decayed. While the gold layer provided some protection against corrosion, eventually moisture and oxygen managed to make its way past this layer and over the course of a few hundred years much of the spur decayed to the point where it was largely falling apart.

Modern Age

Although it’s tempting to hold modern day in contempt and indulge in romanticism of a past that never was, the fact of the matter is that these days we have ways to analyze and manipulate iron and other alloys in ways that the ancient Romans and medieval metallurgists could only dream of. While they had extensive institutional knowledge based on empirical findings, we can use methods like Raman spectroscopy to prod molecules to determine their identity and electron microscopes to find out their structure.

Whereas for ancient Roman concrete we can definitely state that it’s better in certain ways than the concrete we have been using since the Industrial Revolution, there we have the hard to miss evidence of Roman concrete structures like ancient seawalls and the Pantheon in Rome seemingly oblivious to the elements and weather of the past two thousand-odd years.

As far as miraculous ancient iron goes, there are definitely a few oddities out there like certain types of Indian iron, and using modern metallurgy we should definitely do our utmost to understand the materials science behind their longevity. That said, modern metallurgy is already pretty good. If your tools are rusting away, or your stainless steel car is taking on a disquieting orange sheen, you probably should have picked that 304 stainless steel instead of cheapening out with a 200-series or 301 stainless steel. We have the technology.

hackaday.com/2025/11/05/mediev…

Come possono gli editori proteggersi dai browser “intelligenti” dotati di intelligenza artificiale se hanno l’aspetto di utenti normali? L’emergere di nuovi browser “intelligenti” basati sull’intelligenza artificiale sta mettendo in discussione i metodi tradizionali di protezione dei contenuti online.

Il browser Atlas di OpenAI, recentemente rilasciato, così come Comet di Perplexity e la modalità Copilot di Microsoft Edge, stanno diventando strumenti in grado di fare molto più che visualizzare pagine web: svolgono attività in più fasi, ad esempio raccogliendo informazioni di calendario e generando briefing per i clienti basati sulle notizie.

Le loro capacità stanno già ponendo serie sfide agli editori che cercano di limitare l’uso dell’intelligenza artificiale nei loro contenuti. Il problema è che tali browser sono esteriormente indistinguibili dagli utenti normali.

Quando Atlas o Comet accedono a un sito, vengono identificati come sessioni standard di Chrome, non come crawler automatici. Questo li rende impossibili da bloccare utilizzando il protocollo di esclusione dei robot, poiché bloccare tali richieste potrebbe contemporaneamente impedire l’accesso agli utenti normali. Il rapporto “State of the Bots” di TollBit osserva che la nuova generazione di visitatori AI è “sempre più simile a quella umana”, rendendo più impegnativo il monitoraggio e il filtraggio di tali agenti.

Un ulteriore vantaggio per i browser basati sull’intelligenza artificiale è il modo in cui sono strutturati gli abbonamenti a pagamento moderni. Molti siti web, tra cui MIT Technology Review, National Geographic e il Philadelphia Inquirer, utilizzano un approccio lato client: l’articolo viene caricato per intero ma viene nascosto dietro una finestra pop-up che offre un abbonamento. Mentre il testo rimane invisibile agli esseri umani, è accessibile all’intelligenza artificiale. Solo i paywall lato server, come quelli di Bloomberg o del Wall Street Journal, nascondono in modo affidabile i contenuti fino a quando l’utente non effettua l’accesso. Tuttavia, se l’utente ha effettuato l’accesso, l’agente di intelligenza artificiale può leggere liberamente l’articolo per suo conto.

OpenAI Atlas ha ricevuto il testo completo di un articolo esclusivo per gli abbonati da MIT Technology Review (CJR).

Durante i test, Atlas e Comet hanno estratto facilmente il testo completo delle pubblicazioni classificate del MIT Technology Review, nonostante le restrizioni imposte da crawler aziendali come OpenAI e Perplexity.

In un caso, Atlas è anche riuscito a riassemblare un articolo bloccato di PCMag combinando informazioni provenienti da altre fonti, come tweet, aggregatori e citazioni di terze parti. Questa tecnica, soprannominata “digital breadcrumb”, è stata precedentemente descritta dallo specialista di ricerca online Henk van Ess.

OpenAI afferma che i contenuti visualizzati dagli utenti tramite Atlas non vengono utilizzati per addestrare i modelli, a meno che non sia abilitata la funzione “Memorie del browser”. Tuttavia, “ChatGPT ricorderà i dettagli chiave delle pagine visualizzate”, il che, come ha osservato Jeffrey Fowler, editorialista del Washington Post, rende l’informativa sulla privacy di OpenAI confusa e incoerente. Non è ancora chiaro in che misura l’azienda utilizzi i dati ottenuti tramite contenuti a pagamento.

Si osserva un approccio decisamente selettivo: Atlas evita di contattare direttamente i siti web che hanno intentato cause legali contro OpenAI , come il New York Times, ma cerca comunque di aggirare il divieto compilando un riassunto dell’argomento da altre pubblicazioni – The Guardian, Reuters, Associated Press e il Washington Post – che hanno accordi di licenza con OpenAI. Comet, al contrario, non mostra tale moderazione.

Questa strategia trasforma l’agente artificiale in un intermediario che decide quali fonti sono considerate “accettabili”. Anche se l’editore riesce a bloccare l’accesso diretto, l’agente sostituisce semplicemente l’originale con una versione alternativa degli eventi. Questo altera la percezione stessa dell’informazione: l’utente riceve non un articolo, ma un’interpretazione generata automaticamente.

I browser basati sull’intelligenza artificiale non hanno ancora raggiunto un’ampia diffusione, ma è già chiaro che le barriere tradizionali come i paywall e il blocco dei crawler non sono più efficaci. Se tali agenti dovessero diventare il mezzo principale per leggere le notizie, le case editrici dovranno trovare nuovi meccanismi per garantire la trasparenza e il controllo su come i loro contenuti vengono utilizzati dall’intelligenza artificiale.

L'articolo L’era dei Paywall è finita? I Browser intelligenti l’aggirano e controllarli è molto difficile proviene da Red Hot Cyber.

Google ha emesso un avviso urgente riguardante una vulnerabilità critica in Android che consente agli aggressori di eseguire codice arbitrario sul dispositivo senza alcuna interazione da parte dell’utente. La vulnerabilità Zero Click è stata scoperta in componenti di sistema del sistema operativo e descritta nel Bollettino sulla sicurezza Android di novembre 2025.

La vulnerabilità, identificata come CVE-2025-48593, è considerata una delle più pericolose degli ultimi anni. Colpisce diverse versioni dell’Android Open Source Project (AOSP), dalla 13 alla 16, e può essere sfruttata per l’esecuzione di codice remoto ( RCE ) senza richiedere privilegi aggiuntivi o azioni da parte del proprietario del dispositivo.

Google stima che gli aggressori possano sfruttare il bug inviando pacchetti di rete appositamente creati o distribuendo app dannose tramite store di terze parti e installazioni sideloaded. Un attacco riuscito consente l’accesso completo al dispositivo, inclusa la possibilità di rubare dati, installare ransomware o trasformare lo smartphone in un componente botnet. Il problema è stato registrato internamente con l’ID bug Android A-374746961 ed è già stato risolto nelle ultime build di AOSP.

La vulnerabilità deriva da una gestione impropria dei processi di sistema, che consente l’iniezione di codice arbitrario durante le normali operazioni, ad esempio durante l’avvio di app o la sincronizzazione dei dati in background. I ricercatori osservano che i sintomi della vulnerabilità sono simili a quelli di precedenti episodi di danneggiamento della memoria utilizzati per aumentare i privilegi sul dispositivo.

Il bollettino identifica anche un’altra vulnerabilità, il CVE-2025-48581. È classificata come vulnerabilità di escalation dei privilegi (EoP) di gravità elevata ed è presente anche nel componente di sistema. A differenza dell’RCE, lo sfruttamento richiede un accesso preventivo al sistema, ma consente a un’applicazione di ottenere il controllo non autorizzato di funzioni sensibili del dispositivo.

I dispositivi con Android 10 e versioni successive potranno ricevere aggiornamenti di sicurezza, ma i possessori di modelli precedenti rischiano di rimanere senza protezione se i produttori ritardano il rilascio delle patch. Google consiglia a tutti gli utenti di verificare la presenza di aggiornamenti il prima possibile tramite Impostazioni > Sistema > Aggiornamento di sistema e di impostare il livello di patch di sicurezza al 2025-11-01, che risolve completamente questi problemi.

L’azienda sottolinea che non sono stati ancora registrati exploit attivi, ma la natura della vulnerabilità la rende particolarmente pericolosa per il governo e le personalità pubbliche, che sono spesso bersaglio di attacchi mirati.

La frammentazione di Android rimane un problema chiave nell’ecosistema, rendendo le risposte tempestive dei produttori fondamentali per la protezione degli utenti. Gli esperti raccomandano di abilitare gli aggiornamenti automatici ed evitare di installare app da fonti non attendibili: questo rimane il modo più affidabile per ridurre al minimo i rischi in un contesto di crescente minaccia per dispositivi mobili.

L'articolo Un pericoloso Exploit Zero-day Zero-click minaccia miliardi di device Android proviene da Red Hot Cyber.

Allontanato dalla testata per cui si lavora per aver fatto una domanda scomoda durante una conferenza stampa. È quello che è accaduto a Gabriele Nunziati collaboratore dell’Agenzia Nova da Bruxelles. La colpa del collega è stata chiedere alla portavoce della Commissione dell’UE Paola Pinho se ritenesse che anche Israele a Gaza, come la Russia in Ucraina, dovesse farsi carico della ricostruzione. Pinho ha risposto con un imbarazzato no comment, rimbalzato sui social. Imbarazzo condiviso dall’editore di Nova Fabio Squillante, che ha interrotto il rapporto di collaborazione con Nunziati, cui va tutta la solidarietà di Stampa Romana. È un episodio gravissimo di lesione dell’autonomia professionale, che evidenzia ancora una volta la necessità di maggiori garanzie contrattuali per i collaboratori, i più esposti a pressioni e ingerenze.

La Segreteria dell’ASR

dicorinto.it/associazionismo/c…

dicorinto.it/associazionismo/g…

Today, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) voted in favour of a new Europol Regulation, part of the EU’s so-called Facilitators Package, despite widespread warnings from civil society and the European Data Protection Supervisor. The vote was voted for by 59 MEPs, whilst 10 voted against and 4 abstained.

The post European Parliament backs Europol expansion: “A dangerous step towards mass surveillance in the EU” appeared first on European Digital Rights (EDRi).