Perché “Agi” scuoterà OpenAi e Microsoft
L'articolo proviene da #StartMag e viene ricondiviso sulla comunità Lemmy @Informatica (Italy e non Italy 😁)
La definizione e la tempistica del raggiungimento dell’intelligenza artificiale generale potrebbero essere contestate in tribunale: se OpenAI dovesse dichiarare l’Agi o se il panel di esperti dovesse verificarla, le ripercussioni finanziarie e di controllo sarebbero immense.
"Fascism and AI, whether or not they have the same goals, they sure are working to accelerate one another."#AI #libraries
AI Is Supercharging the War on Libraries, Education, and Human Knowledge
This story was reported with support from the MuckRock Foundation.Last month, a company called the Children’s Literature Comprehensive Database announced a new version of a product called Class-Shelf Plus. The software, which is used by school libraries to keep track of which books are in their catalog, added several new features including “AI-driven automation and contextual risk analysis,” which includes an AI-powered “sensitive material marker” and a “traffic-light risk ratings” system. The company says that it believes this software will streamline the arduous task school libraries face when trying to comply with legislation that bans certain books and curricula: “Districts using Class-Shelf Plus v3 may reduce manual review workloads by more than 80%, empowering media specialists and administrators to devote more time to instructional priorities rather than compliance checks,” it said in a press release.
In a white paper published by CLCD, it gave a “real-world example: the role of CLCD in overcoming a book ban.” The paper then describes something that does not sound like “overcoming” a book ban at all. CLCD’s software simply suggested other books “without the contested content.”
Ajay Gupte, the president of CLCD, told 404 Media the software is simply being piloted at the moment, but that it “allows districts to make the majority of their classroom collections publicly visible—supporting transparency and access—while helping them identify a small subset of titles that might require review under state guidelines.” He added that “This process is designed to assist districts in meeting legislative requirements and protect teachers and librarians from accusations of bias or non-compliance [...] It is purpose-built to help educators defend their collections with clear, data-driven evidence rather than subjective opinion.”
Librarians told 404 Media that AI library software like this is just the tip of the iceberg; they are being inundated with new pitches for AI library tech and catalogs are being flooded with AI slop books that they need to wade through. But more broadly, AI maximalism across society is supercharging the ideological war on libraries, schools, government workers, and academics.
CLCD and Class Shelf Plus is a small but instructive example of something that librarians and educators have been telling me: The boosting of artificial intelligence by big technology firms, big financial firms, and government agencies is not separate from book bans, educational censorship efforts, and the war on education, libraries, and government workers being pushed by groups like the Heritage Foundation and any number of MAGA groups across the United States. This long-running war on knowledge and expertise has sown the ground for the narratives widely used by AI companies and the CEOs adopting it. Human labor, inquiry, creativity, and expertise is spurned in the name of “efficiency.” With AI, there is no need for human expertise because anything can be learned, approximated, or created in seconds. And with AI, there is less room for nuance in things like classifying or tagging books to comply with laws; an LLM or a machine algorithm can decide whether content is “sensitive.”
“I see something like this, and it’s presented as very value neutral, like, ‘Here’s something that is going to make life easier for you because you have all these books you need to review,’” Jaime Taylor, discovery & resource management systems coordinator for the W.E.B. Du Bois Library at the University of Massachusetts told me in a phone call. “And I look at this and immediately I am seeing a tool that’s going to be used for censorship because this large language model is ingesting all the titles you have, evaluating them somehow, and then it might spit out an inaccurate evaluation. Or it might spit out an accurate evaluation and then a strapped-for-time librarian or teacher will take whatever it spits out and weed their collections based on it. It’s going to be used to remove books from collections that are about queerness or sexuality or race or history. But institutions are going to buy this product because they have a mandate from state legislatures to do this, or maybe they want to do this, right?”
The resurgent war on knowledge, academics, expertise, and critical thinking that AI is currently supercharging has its roots in the hugely successful recent war on “critical race theory,” “diversity equity and inclusion,” and LGBTQ+ rights that painted librarians, teachers, scientists, and public workers as untrustworthy. This has played out across the board, with a seemingly endless number of ways in which the AI boom directly intersects with the right’s war on libraries, schools, academics, and government workers. There are DOGE’s mass layoffs of “woke” government workers, and the plan to replace them with AI agents and supposed AI-powered efficiencies. There are “parents rights” groups that pushed to ban books and curricula that deal with the teaching of slavery, systemic racism, and LGBTQ+ issues and attempted to replace them with homogenous curricula and “approved” books that teach one specific type of American history and American values; and there are the AI tools that have been altered to not be “woke” and to reenforce the types of things the administration wants you to think. Many teachers feel they are not allowed to teach about slavery or racism and increasingly spend their days grading student essays that were actually written by robots.
“One thing that I try to make clear any time I talk about book bans is that it’s not about the books, it’s about deputizing bigots to do the ugly work of defunding all of our public institutions of learning,” Maggie Tokuda-Hall, a cofounder of Authors Against Book Bans, told me. “The current proliferation of AI that we see particularly in the library and education spaces would not be possible at the speed and scale that is happening without the precedent of book bans leading into it. They are very comfortable bedfellows because once you have created a culture in which all expertise is denigrated and removed from the equation and considered nonessential, you create the circumstances in which AI can flourish.”
Justin, a cohost of the podcast librarypunk, told me that the project of offloading cognitive capacity to AI continues apace: “Part of a fascist project to offload the work of thinking, especially the reflective kind of thinking that reading, study, and community engagement provide,” Justin said. “That kind of thinking cultivates empathy and challenges your assumptions. It's also something you have to practice. If we can offload that cognitive work, it's far too easy to become reflexive and hateful, while having a robot cheerleader telling you that you were right about everything all along.”
These two forces—the war on libraries, classrooms, and academics and AI boosterism—are not working in a vacuum. The Heritage Foundation’s right-wing agenda for remaking the federal government, Project 2025, talks about criminalizing teachers and librarians who “poison our own children” and pushing artificial intelligence into every corner of the government for data analysis and “waste, fraud, and abuse” detection.
Librarians, teachers, and government workers have had to spend an increasing amount of their time and emotional bandwidth defending the work that they do, fighting against censorship efforts and dealing with the associated stress, harassment, and threats that come from fighting educational censorship. Meanwhile, they are separately dealing with an onslaught of AI slop and the top-down mandated AI-ification of their jobs; there are simply fewer and fewer hours to do what they actually want to be doing, which is helping patrons and students.
“The last five years of library work, of public service work has been a nightmare, with ongoing harassment and censorship efforts that you’re either experiencing directly or that you’re hearing from your other colleagues,” Alison Macrina, executive director of Library Freedom Project, told me in a phone interview. “And then in the last year-and-a-half or so, you add to it this enormous push for the AIfication of your library, and the enormous demands on your time. Now you have these already overworked public servants who are being expected to do even more because there’s an expectation to use AI, or that AI will do it for you. But they’re dealing with things like the influx of AI-generated books and other materials that are being pushed by vendors.”
The future being pushed by both AI boosters and educational censors is one where access to information is tightly controlled. Children will not be allowed to read certain books or learn certain narratives. “Research” will be performed only through one of a select few artificial intelligence tools owned by AI giants which are uniformly aligned behind the Trump administration and which have gone to the ends of the earth to prevent their black box machines from spitting out “woke” answers lest they catch the ire of the administration. School boards and library boards, forced to comply with increasingly restrictive laws, funding cuts, and the threat of being defunded entirely, leap at the chance to be considered forward looking by embracing AI tools, or apply for grants from government groups like the Institute of Museum and Library Services (IMLS), which is increasingly giving out grants specifically to AI projects.
We previously reported that the ebook service Hoopla, used by many libraries, has been flooded with AI-generated books (the company has said it is trying to cull these from its catalog). In a recent survey of librarians, Macrina’s organization found that librarians are getting inundated with pitches from AI companies and are being pushed by their superiors to adopt AI: “People in the survey results kept talking about, like, I get 10 aggressive, pushy emails a day from vendors demanding that I implement their new AI product or try it, jump on a call. I mean, the burdens have become so much, I don’t even know how to summarize them.”
“Fascism and AI, whether or not they have the same goals, they sure are working to accelerate one another"
Macrina said that in response to Library Freedom Project’s recent survey, librarians said that misinformation and disinformation was their biggest concern. This came not just in the form of book bans and censorship but also in efforts to proactively put disinformation and right-wing talking points into libraries: “It’s not just about book bans, and library board takeovers, and the existing reactionary attacks on libraries. It’s also the effort to push more far-right material into libraries,” she said. “And then you have librarians who are experiencing a real existential crisis because they are getting asked by their jobs to promote [AI] tools that produce more misinformation. It's the most, like, emperor-has-no-clothes-type situation that I have ever witnessed.”Each person I spoke to for this article told me they could talk about the right-wing project to erode trust in expertise, and the way AI has amplified this effort, for hours. In writing this article, I realized that I could endlessly tie much of our reporting on attacks on civil society and human knowledge to the force multiplier that is AI and the AI maximalist political and economic project. One need look no further than Grokipedia as one of the many recent reminders of this effort—a project by the world’s richest man and perhaps its most powerful right-wing political figure to replace a crowdsourced, meticulously edited fount of human knowledge with a robotic imitation built to further his political project.
Much of what we write about touches on this: The plan to replace government workers with AI, the general erosion of truth on social media, the rise of AI slop that “feels” true because it reinforces a particular political narrative but is not true, the fact that teachers feel like they are forced to allow their students to use AI. Justin, from librarypunk, said AI has given people “absolute impunity to ignore reality […] AI is a direct attack on the way we verify information: AI both creates fake sources and obscures its actual sources.”
That is the opposite of what librarians do, and teachers do, and scientists do, and experts do. But the political project to devalue the work these professionals do, and the incredible amount of money invested in pushing AI as a replacement for that human expertise, have worked in tandem to create a horrible situation for all of us.
“AI is an agreement machine, which is anathema to learning and critical thinking,” Tokuda-Hall said. Previously we have had experts like librarians and teachers to help them do these things, but they have been hamstrung and they’ve been attacked and kneecapped and we’ve created a culture in which their contribution is completely erased from society, which makes something like AI seem really appealing. It’s filling that vacuum.”
“Fascism and AI, whether or not they have the same goals, they sure are working to accelerate one another,” she added.
Public Library Ebook Service to Cull AI Slop After 404 Media Investigation
Hoopla has emailed librarians saying it’s removing AI-generated books from the platform people use to borrow ebooks from public libraries.Emanuel Maiberg (404 Media)
ABCCAD is Voxels Meets Legos in AR
We get it, CAD software can be daunting to learn. Somehow [Boaztheostrich] found it so daunting he procrastinated his way into a AR voxel-based CAD app he calls “ABCCAD”, written in Godot for the Meta Quest 3.
The app is simplicity itself: pressing A or X on the controller spawns a cube, which you can place wherever you like in virtual space by moving the controller in real space. The trigger then saves the cube position. Grabbing a cube uses the controller’s grab buttons. You can even change colors (with B or Y), but like in OpenSCAD it appears that’s not actually going to have any effect on the exported STL. Check it out in action in the demo video embedded below.
As far as CAD applications go, this is as simplistic as it gets, but there’s a certain charm to its simplicity. It’s almost like virtual legos. Besides, TinkerCAD wasn’t much more complicated when it started out, and look at it now.
Sure, one could say if [Boaz] wanted to do CAD he’d have been better off putting the time into learning good old OpenSCAD or FreeCAD (which can now get you SolidWorks certs, apparently), but this is a fun little app that let him stretch his chops in Godot, another great open-source tool. ABCCAD is, itself, open-source under an MIT license.
Thanks to [Boaztheostrich] for the tip.
We seem to have a paucity of posts under the Godot tag, so if you’ve got a hack that uses the open-source game engine, please send us a tip.
youtube.com/embed/4YC3ZkCB1po?…
Thanks for hunting cameras!
Thanks to everyone who came out for last weekend’s Pirate Meetup at the Boston Anarchist Bookfair. Thanks also to the Boston Anarchist Bookfair and everyone who attended, presented or had a table at it.
Previously, we recorded 20 cameras around the Cambridge Community Center. Over the two days, we added 134 cameras in that area. So many of those were motion-activated doorbell cameras. Now that Amazon will allow police to search the surveillance videos their cameras record via Flock’s surveillance system, it is important we know where they are.
If you want to add to the map, consult our Mapping Surveillance page with instructions on how to create an Open Street Map account, set up a client on your phone and start hunting for cameras!
We look forward to next year’s bookfair. We will find all the cameras in the area before then, so attendees can know how to protect themselves when they are walking there.
The FBI has subpoenaed the domain registrar of archive.today, demanding information about the owner.#fbi #Archiveis
FBI Tries to Unmask Owner of Infamous Archive.is Site
The FBI is attempting to unmask the owner behind archive.today, a popular archiving site that is also regularly used to bypass paywalls on the internet and to avoid sending traffic to the original publishers of web content, according to a subpoena posted by the website. The FBI subpoena says it is part of a criminal investigation, though it does not provide any details about what alleged crime is being investigated. Archive.today is also popularly known by several of its mirrors, including archive.is and archive.ph.This post is for subscribers only
Become a member to get access to all content
Subscribe now
Nancy Pelosi’s trades over the years have been so good that a startup was created to allow investors to directly mirror her portfolio. #Economics #NancyPelosi
One of the Greatest Wall Street Investors of All Time Announces Retirement
Nancy Pelosi, one of Wall Street’s all time great investors, announced her retirement Thursday.Pelosi, so known for her ability to outpace the S&P 500 that dozens of websites and apps spawned to track her seeming preternatural ability to make smart stock trades, said she will retire after the 2024-2026 season. Pelosi’s trades over the years, many done through her husband and investing partner Paul Pelosi, have been so good that an entire startup, called Autopilot, was started to allow investors to directly mirror Pelosi’s portfolio.
According to the site, more than 3 million people have invested more than $1 billion using the app. After 38 years, Pelosi will retire from the league—a somewhat normal career length as investors, especially on Pelosi’s team, have decided to stretch their careers later and later into their lives.
The numbers put up by Pelosi in her Hall of Fame career are undeniable. Over the last decade, Pelosi’s portfolio returned an incredible 816 percent, according to public disclosure records. The S&P 500, meanwhile, has returned roughly 229 percent. Awe-inspired fans and analysts theorized that her almost omniscient ability to make correct, seemingly high-risk stock decisions may have stemmed from decades spent analyzing and perhaps even predicting decisions that would be made by the federal government that could impact companies’ stock prices. For example, Paul Pelosi sold $500,000 worth of Visa stock in July, weeks before the U.S. government announced a civil lawsuit against the company, causing its stock price to decrease.
Besides Autopilot and numerous Pelosi stock trade trackers, there have also been several exchange traded funds (ETFs) set up that allow investors to directly copy their portfolio on Pelosi and her trades. Related funds, such as The Subversive Democratic Trading ETF (NANC, for Nancy), set up by the Unusual Whales investment news Twitter account, seek to allow investors to diversify their portfolios by tracking the trades of not just Pelosi but also some of her colleagues, including those on the other team, who have also proven to be highly gifted stock traders.
youtube.com/embed/YEm43kiGBsc?…
Fans of Pelosi spent much of Thursday admiring her career, and wondering what comes next: “Farewell to one of the greatest investors of all time,” the top post on Reddit’s Wall Street Bets community reads. The sentiment has more than 24,000 upvotes at the time of publication. Fans will spend years debating in bars whether Pelosi was the GOAT; some investors have noted that in recent years, some of her contemporaries, like Marjorie Taylor-Green, Ro Khanna, and Michael McCaul, have put up gaudier numbers. There are others who say the league needs reformation, with some of Pelosi’s colleagues saying they should stop playing at all, and many fans agreeing with that sentiment. Despite the controversy, many of her colleagues have committed to continue playing the game.Pelosi said Thursday that this season would be her last, but like other legends who have gone out on top, it seems she is giving it her all until the end. Just weeks ago, she sold between $100,000 and $250,000 of Apple stock, according to a public box score.
“We can be proud of what we have accomplished,” Pelosi said in a video announcing her retirement. “But there’s always much more work to be done.”
Pelosi Stock Tracker | Monitor Nancy Pelosi's Trading Portfolio
Track Nancy Pelosi's stock trades with real-time updates and portfolio insights. Educational analysis of publicly disclosed congressional trading data.Pelosi Tracker
Social Sciences Channel reshared this.
2025 Component Abuse Challenge: Reverse Biasing an NPN BJT
For the Component Abuse Challenge our hacker [Tim Williams] observes that N-P-N reads the same way forwards and backwards, so… what happens if we reverse bias one? (Note: this remark about N-P-N reading the same forward and backward is a lighthearted joke; in fact the level of doping in the emitter and collector is different so those Ns are not fungible and will exhibit different properties and have different characteristics.)
In his article [Tim] mentions that some transistors are specifically designed to operate when reverse biased, which [Tim] calls “inverted mode”, whereas most transistors are not designed to work in this fashion and that’s the sort of abuse that could damage the component and lead it to malfunction.
But what is Vout? [Tim] reports that he measured approximately -0.4 volts using his high-impedance meter. We tried this experiment in the lab ourselves but we were not able to duplicate [Tim]’s result; however there is a long list of potential reasons for such an outcome. If you do this experiment yourself we would love to hear about your results in the comments section!
If you’re still learning about transistors you might like to check out our five part series on transistors as amplifiers, starting here: Won’t Somebody, Please, Think Of The Transistors!
Thanks to [Tim] for his submission, we wish him the best of luck in the competition!
Making Steam-Powered LEGO Machines
Over the decades we have seen a lot of methods for powering LEGO-based contraptions, ranging from LEGO Technic pneumatics to electric motors, but what about steam power? We have all seen those cute little model steam engines that can definitely put out some power. Sure, you can just drop those in like a kind of confused internal combustion engine, or you can try to make a steam engine that actually tries to be directly compatible with LEGO.
While exploring this topic, [Jamie’s Brick Jams] on YouTube found that the primary concern here is simply the very hot steam produced by the boiler. While not a surprise to anyone who has ever run a model steam engine, this poses a major challenge to the thermoplastics used by LEGO.
Obviously a boiler cannot be made out of plastic, but the steam turbine can. That said, material selection here is key, as the hot, wet steam produced by the boiler demolishes PLA parts and ruined the original and very unsafe copper boiler in the process. Ultimately a LEGO Technic-compatible steam turbine was printed in high temperature resistant PAHT-CF and PC filament, which enables a steam-powered LEGO walker to come to life, albeit with a distinct lack of power.
Model steam engine enthusiasts are of course quick to point out that you should try to create dry steam through superheating, definitely add a safety valve and so on, all of which should make for an even more powerful and safe LEGO steam engine. For a rundown of how steam engines work, [Lawrie] did an excellent video on the basics a while back, as well as a video playlist full of demonstrations of both classical Mamod model engines and questionable modern takes.
Suffice it to say that although model steam engines look like toys, they involve fire, hot steam and other fascinating ways to melt things, light them on fire and cause painful injuries, so definitely follow a safety briefing before attempting any of it at home.
youtube.com/embed/g07xCV3uOJw?…
2025 Component Abuse Challenge: Overdriven LEDs Outshine the Sun
Tagging wildlife is never straightforward in the best of times, but it becomes a great deal more complicated when you’re trying to track flying insects. Instead of trying to use a sensor package, [DeepSOIC] attached tiny, light retroreflectors to bees and hornets, then used a pulsed infrared light mounted on a drone to illuminate them. Two infrared cameras on the drone track the bright dot that indicates the insect, letting the drone follow it. To get a spot bright enough to track in full sunlight, though, [DeepSOIC] had to drive some infrared LEDs well above their rated tolerances.
The LEDs manage to survive because they only fire in 15-µs pulses at 100 Hz, in synchrony with the frame rate of the cameras, rather like some welding cameras. The driver circuit is very simple, just a MOSFET switch driven by an external pulse source, a capacitor to steady the supply voltage, and a current-limiting resistor doing so little limiting that it could probably be removed. LEDs can indeed survive high-current pulses, so this might not really seem like component abuse, but the 5-6 amps used here are well beyond the rated pulse current of 3 amps for the original SFH4715AS LEDs. After proving the concept, [DeepSOIC] switched to 940 nm LEDs, which provide more contrast because the atmosphere absorbs more sunlight around this wavelength. These new LEDs were rated for 5A, so they weren’t being driven so far out of spec, but in tests they did survive current up to 10A.
We’ve seen a similar principle used to drive laser diodes in very high-power pulses a few times before. For an opposite approach to putting every last bit of current through an LED, check out this low-power safety light.
youtube.com/embed/cRh2XufYJws?…
Share Your Projects: Imperfectionism
Everyone has a standard for publishing projects, and they can get pretty controversial. We see a lot of people complain about hacks embedded in YouTube videos, social media threads, Discord servers, Facebook posts, IRC channels, different degrees of open-sourcing, licenses, searchability, and monetization. I personally have my own share of frustrations with a number of these factors.
It’s common to believe that hacking as a culture doesn’t thrive until a certain set of conditions is met, and everyone has their own set of conditions in mind. My own dealbreaker, as you might’ve seen, is open-sourcing of code and hardware alike – I think that’s a sufficiently large barrier for hacking being repeatable, and repeatability is a big part of how hacking culture spreads.
This kind of belief is often self-limiting. Many people believe that their code or PCB source file is not a good contribution to hacking culture unless it meets a certain cleanliness or completeness standard. This is understandable, and I do that, too.
Today, I’d like to argue against my own view, and show how imperfect publishing helps build hacking culture despite its imperfections. Let’s talk about open-source in context of 3D printing.
The Snazzy Ugly Duckling
One little-spoken aspect of 3D printing is how few models are open-source. Printable models published exclusively as STLs are commonplace, STEPs are much less popular, and from my experience, it’s soul-crushingly rare to see a source file attached to a model on Printables. I struggle to say that’s a good thing, and quite obviously, that negatively impacts 3D printing culture – getting into 3D modeling is that much harder if you can’t reference the sources for 95% of models you might get inspired by.
Of course, part of that is that 3D CADs are overwhelmingly closed-source paid software, and there are like five different ones with roughly equal shares of usage. It’s hard to meaningfully share sources from within a paywalled siloized market. Also, unlike software source code, STLs are very much cross-platform. Electronics has a way better analogy for STLs, they’re just like gerbers – gerbers are easy to export, and to inexperienced people, they’ll feel like all that anyone would ever need.
Then, there’s a self-consciousness and perfectionism. While rare, I’ve seen “I will clean this up and publish later” happen in 3D printing spaces too – it’s a thoroughly non-viable promise there too, but I get why people say that, I’ve personally made and failed on such promises a good few times myself. I’m glad that this isn’t a popular excuse so far, but, as more people adopt OpenSCAD, Blender, and FreeCAD, with their universally-accessible files, maybe we’ll see it resurface.
Asking for 3D model sources should probably become part of hacker culture, just like it helped with software. I don’t think it’s great that 3D printing so often implies closed-source 3D models, and undoubtedly that has limited the growth of 3D modeling as a hobby. I strongly wish I could git clone the 3D model projects I find online, and there’s a whole lot of models that are useless to me because I can’t git clone and modify them.
At the same time? 3D printing carries the hacker flag quite strongly, despite the imperfections, and you can notice it by just how often 3D printing appears on our pages. We can and should point at aspects of hacker culture that 3D printing doesn’t yet represent, and while at it, we benefit from the technology, as much as its imperfections hurt us.
Where Is Hackerdom Found?
Would I argue the same about Discord servers? Mastodon-hosted threads? YouTube videos? GitHub repos with barely-documented code? For sure. There’s no shortage of criticism about those, mostly about accessibility issues. Servers and videos are often not externally discoverable, which is surprisingly painful for hacker culture’s ability to thrive and grow. At the very least, we are badly missing out – for instance, I’d say Discord servers and YouTube videos alike are in dire need of external log/transcript hosting capabilities, and tech-oriented Discord servers specifically could benefit from public logs in the same way that modern Discourse forums have them from the get-go.
That’s for the disadvantages. As for upsides, YouTube videos make hardware hacking into entertainment for potential hackers not enthralled by scrolling through a blog interspersed with pictures, and, they position hacking culture in front of people who’d otherwise miss out on it. Let’s take [DIY Perks], a hugely popular YouTube channel. Would that dual-screen laptop build we covered have worked out great as a blog post, or maybe as a dual post-video, as some hackers do? For sure. At the same time, it gets hacking in front of people’s faces.
Discord blows as a platform, and I’ve written a fair bit about just how much it blows. One such snippet is in the article I wrote about the Beepy project, where the Discord server was crucial to growing Beepy as a community-contributed project. Would people benefit from the Beepy project having publicly available logs? Most certainly, and I’d argue it’s hurt the Beepy project being more externally discoverable. Is that all?
Discord has been an unprecedented communications platform for the Beepy project, and we’d outright lose out if there weren’t hardware hacking communities thriving on Discord, like Hackaday Discord does. I think we should remedy these kinds of problems by building helper tools and arguing for better cultural norms, just like we did with software licenses, because giving up on platforms like Discord currently has a significantly subpar cost-benefit analysis.
What about imperfect code? Sometimes, a hacker figures out a small part of a sensor’s protocol or a basic feature, and as much as the code might be insufficient or hastily written, they publish it. Have you ever stumbled upon such a repository? I have, sometimes I was happy, and sometimes I was disappointed, but either which way, such code tend to require extra work. In the end, I’ve noticed that it almost always helped way more than it hurt, which in turn has eventually led to me publishing more and more.
I think we’d benefit from a culture where “publish later after cleanup” is replaced by “here’s the code, and I might push some cleanup commits later”. It’s a better contribution to hacker culture and to people who enjoy your work, and the “might” part makes it more honest. It’ll also get your publishing muscles in better shape so that you’re quick to post about things you really ought to post about. For what it’s worth, I don’t think it hurts if this is assisted by social media likes, too.
Strength Through Presence
Survival of hacker culture has so far heavily relied on its presence in media all across, and an ability to press the “maybe I can hack too” button in other people’s brains through that presence. That said, every non-open 3D model, Discord server with non-public logs, YouTube channel with non-transcribed videos, or a completely ephemeral TikTok channel, still palpably paves a way for future hackers to join our communities, wherever hackerdom might be within ten years’ time.
I think the key to informational impedance mismatches is making it easier for people to meet the high standards we expect, and helping people meet them where appropriate, in large part, by example. It looks like hacking is strongest when present everywhere, even when some seams, and I hope that this kind of overwhelming presence helps us overcome modern-day unique cultural hurdles in a way we couldn’t hope for just a decade ago.
Cisco risolve vulnerabilità critiche in ASA, DTD e Unified Contact Center Express
Cisco ha reso noto recentemente di aver scoperto una nuova tipologia di attacco informatico mirato a compromettere i dispositivi che operano con i software Cisco Secure Firewall Adaptive Security Appliance (ASA) e Cisco Secure Firewall Threat Defense (FTD). I bug rilevati dal ricercatore di sicurezza Jahmel Harris sono monitorati con i codici CVE-2025-20333 e CVE-2025-20362.
Mentre lo sfruttamento riuscito di CVE-2025-20333 consente a un aggressore di eseguire codice arbitrario come rootutilizzando richieste HTTP contraffatte, attraverso il CVE-2025-20362 si può accedere a un URL limitato senza autenticazione. i prodotti interessati sono:
- Cisco Unified CCX versione 15.0 (corretto in 15.0 ES01)
- Cisco Unified CCX versione 12.5 SU3 e precedenti (corretto in 12.5 SU3 ES07)
L’aggiornamento arriva mentre Cisco ha risolto due falle di sicurezza critiche in Unified Contact Center Express (Unified CCX) che potrebbero consentire a un aggressore remoto non autenticato di caricare file arbitrari, aggirare l’autenticazione, eseguire comandi arbitrari ed elevare i privilegi a root.
“Questo attacco può causare il ricaricamento inaspettato dei dispositivi non aggiornati, dando luogo a condizioni di negazione del servizio (DoS)”, riporta Cisco allertando le aziende di effettuare le attività di patching quanto prima.
Entrambe le vulnerabilità sono state divulgate alla fine di settembre 2025, ma non prima di essere sfruttate come vulnerabilità zero-day in attacchi che veicolano malware come RayInitiator e LINE VIPER , secondo il National Cyber Security Centre (NCSC) del Regno Unito.
Oltre alle due vulnerabilità, Cisco ha distribuito patch per un bug DoS di gravità elevata (CVE-2025-20343, punteggio CVSS: 8,6) in Identity Services Engine (ISE) che potrebbe consentire a un aggressore remoto non autenticato di causare il riavvio imprevisto di un dispositivo vulnerabile.
“Questa vulnerabilità è dovuta a un errore logico durante l’elaborazione di una richiesta di accesso RADIUS per un indirizzo MAC che è già un endpoint rifiutato”, si legge nell’avviso di CISCO . “Un aggressore potrebbe sfruttare questa vulnerabilità inviando una sequenza specifica di più messaggi di richiesta di accesso RADIUS contraffatti a Cisco ISE.”
Sebbene non vi siano prove che una delle tre falle di sicurezza sia stata sfruttata indiscriminatamente, è essenziale che gli utenti applichino gli aggiornamenti il prima possibile per una protezione ottimale.
L'articolo Cisco risolve vulnerabilità critiche in ASA, DTD e Unified Contact Center Express proviene da Red Hot Cyber.
Rust si ribella! Nasce il fondo per pagare i manutentori dell’Open Source
La Rust Foundation ha annunciato il lancio del Maintainers Fund, un nuovo programma progettato per supportare gli sviluppatori responsabili della stabilità e dello sviluppo dell’ecosistema Rust. Questo passo mira ad affrontare uno dei problemi più antichi e urgenti del software open source: la mancanza di un supporto finanziario sostenibile per le persone che da anni lavorano sul codice e sull’infrastruttura.
Per ora, questa è solo una dichiarazione preliminare priva di dettagli. I rappresentanti della Fondazione non hanno divulgato l’entità del budget, il processo di distribuzione delle sovvenzioni o le condizioni di partecipazione.
La dichiarazione afferma semplicemente che il progetto si basa sull’esperienza precedente della Rust Foundation e mira a diventare una piattaforma permanente per supportare il nucleo tecnico della comunità. L’organizzazione ha promesso trasparenza e intende pubblicare dati su come vengono spesi i fondi e sulle attività che affrontano.
Nel mondo open source, questi specialisti si fanno carico del peso del lavoro. Controllano gli aggiornamenti, correggono i bug, esaminano le modifiche apportate da altri e monitorano la compatibilità dei componenti. Questo lavoro viene spesso svolto volontariamente, portando a burnout e perdita di interesse. I manutentori diventano eroi invisibili, senza i quali qualsiasi soluzione software si degrada rapidamente.
Rust ha dovuto affrontare sfide simili da tempo. Nel 2024, uno degli ingegneri a capo del progetto affermò che il numero di partecipanti che abbandonavano la community a causa dell’esaurimento emotivo era molto alto e che molti di quelli rimasti erano sull’orlo del baratro. Pertanto, ricompense simboliche come gadget gratuiti non vengono più prese sul serio: sono necessari veri e propri meccanismi di supporto.
La presidente del consiglio di amministrazione della Rust Foundation, Nell Shamrell-Harrington, ha sottolineato che il destino di qualsiasi progetto open source dipende dalle persone che ne garantiscono il funzionamento quotidiano. Secondo lei, il linguaggio non può evolversi e rimanere sicuro senza un sistema sostenibile di supporto per i suoi manutentori. Il nuovo programma mira a creare le condizioni affinché i manutentori del codice possano farlo in modo permanente.
Sebbene fosse stata promessa la massima trasparenza possibile nell’implementazione, la fonte dei finanziamenti e il processo di distribuzione rimangono poco chiari. I giornalisti hanno inviato richieste di informazioni sulla provenienza dei fondi e sui meccanismi di selezione dei partecipanti, ma non hanno ancora ricevuto risposta. La fondazione ha promesso di divulgare i dettagli solo man mano che le prime fasi del programma saranno sviluppate e di pubblicare una tempistica di lancio.
Il problema, tra l’altro, si estende ben oltre un singolo linguaggio. Alla conferenza State of Open 2025, gli esperti hanno discusso delle crescenti aspettative di utenti e aziende, che richiedono nuove funzionalità ma raramente forniscono risorse. Nel luglio dello stesso anno, GitHub ha pubblicato un rapporto in cui riconosceva che la maggior parte dei progetti open source continua a soffrire di una carenza di finanziamenti.
La creazione del Maintainers Fund può essere considerata un tentativo di cambiare la situazione in almeno un segmento dell’ecosistema. I rappresentanti della Rust Foundation riconoscono che non esistono soluzioni universali: ogni iniziativa richiede un approccio flessibile e la considerazione delle esigenze specifiche della comunità. Il loro obiettivo è semplice: fornire a coloro che mantengono Rust stabile e dinamico una base permanente per il loro lavoro e una meritata ricompensa per il loro impegno, finora passato in gran parte inosservato.
L'articolo Rust si ribella! Nasce il fondo per pagare i manutentori dell’Open Source proviene da Red Hot Cyber.
Digitaler Euro: Während das Parlament streitet, geht die Entwicklung weiter
netzpolitik.org/2025/digitaler…
Sulle case popolari in Piemonte l’assessore Marrone difende una norma discriminatoria
In Piemonte anche l’accesso alle case popolari, dopo il vergognoso bonus Vesta, diventa terreno di scontro ideologico per l’Assessore regionale alla Casa Maurizio Marrone (Fratelli d’Italia).
Protagonista suo malgrado una donna migrante, a cui il giudice ha riconosciuto di essere stata discriminata da una legge regionale secondo cui, per ottenere un alloggio di edilizia popolare, l’inquilino deve essere titolare di un contratto di lavoro. Ma questo vale solo se straniero.
Di fronte a questa sentenza, Marrone non ha aperto una riflessione sull’ingiustizia della norma che viola le direttive europee sui diritti delle persone con e senza cittadinanza ed è in contrasto con la Costituzione italiana e con ogni principio di umanità, ma ha scelto di attaccare il giudice e rilanciare la retorica della “difesa degli Italiani” – sempre con la maiuscola – trasformando un bisogno sociale primario in uno strumento di propaganda.
Non si tratta di una svista o di una frase sfuggita. È una strategia politica coerente, che punta a dividere, individuare un nemico, far credere che alcuni abbiano più diritto di altri di accedere ai servizi e alle tutele sociali. Non è un incidente: è un progetto politico.
Siamo di fronte a una legge che discrimina in modo esplicito e deliberato chi vive in Piemonte ma non ha cittadinanza italiana. La legge che Marrone difende è fascista nei fatti. A questo punto non serve più chiedergli se lui e il suo partito lo siano o meno: sarebbe come chiedere a chi impone una discriminazione se si considera discriminatorio, e poi usare la sua risposta per stabilire la verità. La realtà si misura nelle scelte, nelle norme, nelle vite che colpiscono. Non nelle etichette che uno si appiccica o evita.
Le istituzioni dovrebbero garantire equità e sostegno, non alimentare divisioni né usare la povertà come terreno di scontro politico.
Come Possibile, anche grazie al lavoro della nostra consigliera regionale Giulia Marro, continueremo a lavorare perché vengano riconosciuti i diritti di tutti e tutte, senza distinzioni arbitrarie.
Piemonte Possibile
L'articolo Sulle case popolari in Piemonte l’assessore Marrone difende una norma discriminatoria proviene da Possibile.
BgLUG Bergamo: Lettura e creatività con Ada & Zangemann - Sabato 15 novembre 2025
Segnalato dal calendario eventi di Linux Italia e pubblicato sulla comunità Lemmy @GNU/Linux Italia
Un pomeriggio di lettura e creatività manuale con Ada e un po’ di tecnologia libera!"
non so cosa esattamente stia succedendo, ma differx.noblogs.org sta ricevendo decine e decine di migliaia di visualizzazioni, ormai da mesi. probabilmente alcuni tag stanno diventando - involontariamente da parte mia - virali. o qualcosa del genere. fatto sta, l'analisi statistica mi dice che solo nella giornata di oggi, 7 novembre 2025, le visite al blog tramite browser diversi da chrome e firefox sono state leggermente superiori alle 110mila, quelle da firefox circa diecimila, e quelle da chrome 'appena' un migliaio, se leggo bene. (da notare che per il mio sito slowforward.net questi numeri, anche i più bassi, non sono che raramente raggiunti).
annotazione: non si tratta di bot, che hanno un contatore a parte.
anyway: cheers.
reshared this