We might just never get tired of covering cool small cheap MCUs, and CH552G sure fits this description. Just so you know, here’s a Hackaday.io project you should check out – a CH552G devboard that’s as simple as it sufficient, in case you needed a tangible reminder that this chip exists, has a lively community, and is very much an option for your projects.

The devboard design by [Dylan Turner] is so straightforward, it’s almost inspiring – a square of PCB with the chip in the center and plenty of empty space for your mods. Everything is open-source with KiCad sources stored on GitHub. The most lovely aspect of this board, no doubt, is having the pin mapping written on the bottom, with all the alternate pin functions – you won’t have to constantly glance at the datasheet while wiring this one up. Plus, of course, there’s the microUSB port for programming, and the programming mode button that a few CH552 projects tend to lack.

It’s simple, it’s self-documenting, it’s breadboardable, and it’s definitely worth putting into the shopping cart at your PCB fab of choice. Oh, and there are bringup instructions on GitHub, in case you need them. Whether you want to prototype the cheapest macropad or keyboard ever, or perhaps a reflow hotplate, the CH552 delivers. If these CH552 projects aren’t enough to light your fire, here are a dozen more.

One of the most basic tools for tinkering with electronics is a multimeter. Today, even a cheap meter has capabilities that would have been either very expensive or unobtainable back in the 1970s. Still, even then, a meter was the most affordable way to do various tasks around the shop. Is this cable open? Are these two wires shorted? What’s the value of this resistor? Is the circuit getting power? Is the line voltage dropping? You can answer all those questions — and many more — with a basic meter. But there’s one thing that hasn’t changed much over the years: probes. That’s a shame because there are a lot of useful options.

The probes that came with your meter probably have much in common with the probes a 1970-era meter had. Yeah, the banana plugs probably have a little plastic cover, and the plastic itself might be a little different. Parts are small these days, so the tips might be a little finer than older probes. But if you sent your probes back in time, few people would notice them.

The Blinders Syndrome

One problem is that those probes are usually good enough. We’ve all clipped an alligator clip to a test probe. I’ve even fashioned super pointy probes out of syringes. Years ago, I bought an expensive kit with many attachments I rarely use, like little hooks and spade lugs. Then, I happened to go down the wrong aisle at Harbor Freight.
Back probes ready for action.
In the automotive section, I noticed a tidy plastic box labeled “22 pc. back probe kit.” I’d never heard the term “back probe,” but it was clearly some sort of wire. It turns out the kit has a bunch of very fine needles on banana jacks and some patch cables to connect them to your meter.

They are “back probes” because you can jam them in the back of connectors next to the wire. There are five colors of needles, and each color set has three items: a straight needle, a bent needle, and a 90-degree bend needle.

I’d never heard of this, and that started me down the rabbit hole of looking at what other exotic probes were out there. If you search the usual sources for “back probe,” you’ll see plenty of variations. There are also tons of inexpensive probe kits with many useful tips for different situations. Like everything, the price was much lower than I had paid for the rarely used kit I bought years ago. The only thing I really use out of that kit are the test hook clips and you can buy those now for a few bucks that just push over your probes.

Choices

Wire-piercing probe works best for larger wires.
You could probably use the needles to stick through insulation, too. But if that’s your goal, they make piercing clip test probes specifically for that purpose. A little plastic holder has a hook for your wire and a needle that threads in to penetrate the wire.
These alligator clips fit over most probes.
I also picked up some little alligator clips that slide over standard 2mm probe tips. These are very handy and prevent you from having to clip a lead to your probe so you can clip the other end to the circuit. However, if you look for a “test lead kit,” you’ll find many options for about $20. One kit had interchangeable probe tips, alligator clips, spades, SMD tweezers, and tiny hooks for IC legs. The alligator clips on the one I bought are the newer style that has a solid insulating body — not the cheap rubbery covers. They feel better and are easier to handle, too.

Breadboarding

Some of the accessories in the test probe kit.
Of course, you can make your own solderless breadboard jumpers, and you’ve probably seen that you can buy jumpers of various kinds. But if you search, you can even find test probes with breadboard wire ends. The other end will terminate in a test hook or alligator clips. You can also get them with banana plugs on the end to plug right into your meter. You can usually find versions with the male pin for a breadboard or a female receptacle for connecting to pins.

Of course, we love hacking components to fit on breadboards. We’ve also seen custom slip-on adapters, which are worth checking out if you are looking to up your probe game.

The voice interface for the holodeck in Star Trek had users create objects by saying things like “create a table” and “now make it a metal table” and so forth, all with immediate feedback. This kind of interface may have been pure fantasy at the time of airing, but with the advent of AI and LLMs (large language models) this kind of natural language interface is coming together almost by itself.

A fun demonstration of that is [Dominic Pajak]’s demo project called VoxelAstra. This is a WebXR demo that works both in the Meta Quest 3 VR headset (just go to the demo page in the headset’s web browser) as well as on desktop.

The catch is that since the program uses OpenAI APIs on the back end, one must provide a working OpenAI API key. Otherwise, the demo won’t be able to do anything. Providing one’s API key to someone’s web page isn’t terribly good security practice, but there’s also the option of running the demo locally.

Either way, once the demo is up and running the user simply tells the system what to create. Just keep it simple. It’s a fun and educational demo more than anything and will try to do its work with primitive shapes like spheres, cubes, and cylinders. “Build a snowman” is suggested as a good starting point.

Intrigued by what you see and getting ideas of your own? WebXR can be a great way to give those ideas some life and looking at how someone else did something similar is a fine way to begin. Check out another of [Dominic]’s WebXR projects: a simulated BBC Micro, in VR.

The symbol of all that is wrong with football.
Another week in football, another VAR controversy to fill the column inches and rile up the fans. If you missed it, Coventry scored a last-minute winner in extra time in a crucial match—an FA Cup semi-final. Only, oh wait—computer says no. VAR ruled Haji Wright was offside, and the goal was disallowed. Coventry fans screamed that the system got it wrong, but no matter. Man United went on to win and dreams were forever dashed.

Systems like the Video Assistant Referee were brought in to make sport fairer, with the aim that they would improve the product and leave fans and competitors better off. And yet, years later, with all this technology, we find ourselves up in arms more than ever.

It’s my sincere belief that technology is killing sport, and the old ways were better. Here’s why.

The Old Days

Moments like these came down to the people on the pitch. Credit: Sdo216, CC BY-SA 3.0
For hundreds of years, we adjudicated sports the same way. The relevant authority nominated some number of umpires or referees to control the game. The head referee was the judge, jury, and executioner as far as rules were concerned. Players played to the whistle, and a referee’s decision was final. Whatever happened, happened, and the game went on.

It was not a perfect system. Humans make mistakes. Referees would make bad calls. But at the end of the day, when the whistle blew, the referee’s decision carried the day. There was no protesting it—you had to suck it up and move on.

This worked fine until the advent of a modern evil—the instant replay. Suddenly, stadiums were full of TV cameras that captured the play from all angles. Now and then, it would become obvious that a referee had made a mistake, with television stations broadcasting incontrovertible evidence to thousands of viewers across the land. A ball at Wimbledon was in, not out. A striker was on side prior to scoring. Fans started to groan and grumble. This wasn’t good enough!

And yet, the system hung strong. As much as it pained the fans to see a referee screw over their favored team, there was nothing to be done. The referee’s call was still final. Nobody could protest or overrule the call. The decision was made, the whistle was blown. The game rolled on.

Then somebody had a bright idea. Why don’t we use these cameras and all this video footage, and use it to double check the referee’s work? Then, there’ll never be a problem—any questionable decision can be reviewed outside of the heat of the moment. There’ll never be a bad call again!

Oh, what a beautiful solution it seemed. And it ruined everything.

The Villain, VAR

The assistant video assistant referees are charged with monitoring various aspects of the game and reporting to the Video Assistant Referee (VAR). The VAR then reports to the referee on the ground, who may overturn a decision, hold firm, or look at the footage themself on a pitchside display. Credit: Niko4it, CC BY-SA 4.0
Enter the Video Assistant Referee (VAR). The system was supposed to bring fairness and accuracy to a game fraught with human error. The Video Assistant Referee was an official that would help guide the primary referee’s judgement based on available video evidence. They would be fed information from a cadre of Assistant Video Assistant Referees (AVARs) who sat in the stadium behind screens, reviewing the game from all angles. No, I didn’t make that second acronym up.

It was considered a technological marvel. So many cameras, so many views, so much slow-mo to pour over. The assembed VAR team would look into everything from fouls to offside calls. The information would be fed to the main referee on the pitch, and they could refer to a pitchside video replay screen if they needed to see things with their own eyes.
A VAR screen mounted on the pitch for the main referee to review as needed. Credit: Carlos Figueroa, CC BY-SA 4.0
The key was that VAR was to be an assistive tool. It was to guide the primary referee, who still had the final call at the end of the day.

You’d be forgiven for thinking that giving a referee more information to do their job would be a good thing. Instead, the system has become a curse word in the mouths of fans, and a scourge on football’s good name.

From its introduction, VAR began to pervert the game of football. Fans were soon decrying the system’s failures, as entire championships fell the wrong way due to unreliability in VAR systems. Assistant referees were told to hold their offside calls to let the video regime take over. Players were quickly chided for demanding video reviews time and again. New rules would see yellow cards issued for players desperately making “TV screen” gestures in an attempt to see a rivals goal overturned. Their focus wasn’t on the game, but on gaming the system in charge of it.
Fans and players are so often stuck waiting for the penny to drop that celebrations lose any momentum they might have had. Credit: Rlwjones, CC BY-SA 4.0
VAR achieves one thing with brutal technological efficiency: it sucks the life out of the game. The spontaneity of celebrating a goal is gone. Forget running to the stands, embracing team mates, and punching the air in sweet elation. Instead, so many goals now lead to minute-long reviews while the referee consults with those behind the video screens and reviews the footage. Fans sit in a stunted silence, sitting in the dreaded drawn-out suspense of “goal” or “no goal.”

The immediacy and raw emotion of the game has been shredded to pieces. Instead of jumping in joy, fans and players sit waiting for a verdict from an unseen, remote official. The communal experience of instant joy or despair is muted by the system’s mere presence. What was once a straightforward game now feels like a courtroom drama where every play can be contested and overanalyzed.

It’s not just football where this is a problem, either. Professional cricket is now weighed down with microphone systems to listen out for the slightest snick of bat on ball. Tennis, weighed down by radar reviews of line calls. The interruptions never cease—because it’s in every player’s interest to whip out the measuring tape whenever it would screw over their rival. The more technology, the more reviews are made, and the further we get from playing out the game we all came to see.

Making Things Right

Enough of this nonsense! Blow the whistle and move on. Credit: SounderBruce, CC BY-SA 4.0
With so much footage to review, and so many layers of referees involved, VAR can only slow football down. There’s no point trying to make it faster or trying to make it better. The correct call is to scrap it entirely.

As it stands, good games of football are being regularly interrupted by frustrating video checks. Even better games are being ruined when the VAR system fails or a bad call still slips through. Moments of jubilant celebration are all too often brought to naught when someone’s shoelace was thought to be a whisker’s hair ahead of someone’s pinky toe in a crucial moment of the game.

Yes, bad calls will happen. Yes, these will frustrate the fans. But they will frustrate them far less than the current way of doing things. It’s my experience that fans get over a bad call far faster when it’s one ref and and a whistle. When it’s four referees, sixteen camera angles, and a bunch of lines on the video screen? They’ll rage for days that this mountain of evidence suggests their team was ripped off. They won’t get over it. They’ll moan about it for years.

Let the referees make the calls. Refereeing is an art form. A good referee understands the flow of the game, and knows when to let the game breathe versus when to assert control. This subtle art is being lost to the halting interruptions of the video inspection brigade.

Football was better before. They were fools to think they could improve it by measuring it to the nth degree. Scrap VAR, scrap the interruptions. Put it back on the referees on the pitch, and let the game flow.

Autore: Andrea Cavallini

Oggi è sempre più importante e significativo essere efficienti nel controllo delle proprie infrastrutture; le azioni da mettere in atto per questo processo di verifica richiedono un doppio approccio, uno proattivo e l’altro post-azione: quest’ultimo aspetto è fondamentale quando un attacco o, in generale, qualsiasi tentativo di comportamento dannoso viene condotto su un sistema oggetto e dobbiamo, in quanto amministratori, sapere tutto di questa azione, dal suo inizio alla sua parte finale.

Il paradigma “è successo e devo saperne tutto” può essere verificato in modo ottimale da Loki.

Loki è uno strumento open source, sviluppato in Python da Florian Roth (aka Neo23x0) ed è una suite di strumenti molto semplice, utilizzabile per il rilevamento IOC (Indicatore di compromissione) nei nostri sistemi.

Il punto di forza di Loki è l’interazione con un insieme dinamico di regole, liberamente aggiornabile, che sono applicate agli elementi del filesystem e non solo (ad esempio lato Windows ispeziona anche la memoria condivisa ad esempio); gli utenti possono personalizzare le regole o scriverne di nuove per essere costantemente aggiornati con gli ultimi modelli IOC.

Come menzionato nel repository ufficiale dello sviluppatore il rilevamento si basa su quattro metodi di ricerca:

• Nome file, utilizzando la corrispondenza tramite espressione regolare sul percorso/nome completo del file per cercare un nome file specifico
• Yara rule checksum, utilizzando la corrispondenza della firme Yara rilasciate verificando files e memoria dei processi
• Hash check, confrontando gli hash dannosi noti (MD5, SHA1, SHA256) con i file scansionati
• C2 back connect check, confrontando gli endpoint di connessione del processo con gli IOC di Command and Control

Loki può essere eseguito su sistemi operativi Linux, Mac e Windows, ma solo localmente. Partendo da un fork del prodotto sul mio repository GitHub è possibile l’esecuzione centralizzata mediante l’opzione –ip: Loki mapperà il filesystem remoto dell’host specificato tramite indirizzo IP mediante connessione SSH (è richiesto il pacchetto SSHFS localmente e che sul server remoto il demone SSH sia in esecuzione).

Questo è molto utile per le infrastrutture centralizzate per raccogliere in un unico punto i risultati di ogni scansione e, aggiungendo un’altra opzione che ho implementato (–locallogging), è anche possibile reindirizzare il log di Loki come output nel Syslog/Event Viewer per raccogliere i dati nei registri gestiti nativamente dal sistema operativo.

L'articolo Scopri LOKI: l’arma per il rilevamento di minacce informatiche proviene da il blog della sicurezza informatica.

We were sad to hear that after 52 years in operation, iconic ham radio supplier MFJ will close next month. On the one hand, it is hard not to hear such news and think that it is another sign that ham radio isn’t in a healthy space. After all, in an ideal world, [Martin Jue] — the well-known founder of MFJ — would have found an anxious buyer. Not only is the MFJ line of ham radio gear well regarded, but [Martin] had bought other ham radio-related companies over the years, such as Ameritron, Hygain, Cushcraft, Mirage, and Vectronics. Now, they will all be gone, too.

However, on a deeper reflection, maybe we shouldn’t see it as another nail in ham radio’s coffin. It is this way in every industry. There was a time when it was hard to imagine ham radio without, say, Heathkit. Yet they left, and the hobby continued. We could name a slew of other iconic companies that had their day: Eico, Hammarlund, Hallicrafters, and more. They live on at hamfests, their product lines are frozen in time, and we’re sure we’ll see a used market for MFJ gear well into the next century.

Maybe you aren’t a ham and wonder why you would care. Turns out MFJ made things of interest to anyone who worked with RF transmitting or receiving. If you were a shortwave listener, they had antennas and related gear for you. They also made antenna analyzers and network analyzers that were very cost-effective compared to other options. If you wanted clean power supplies, MFJ had quite the selection of those. They even had a great selection of variable capacitors and inductors, which are tough to find in small quantities. You could even get air-wound coil stock, knobs, meters, and toroids.

Sure, most of what they sold was things only hams or other radio operators wanted—that was the nature of the company. But their loss will be felt by more than just the ham community. Someone, of course, will step into the void as they always do.

So farewell MFJ. We will miss you, but we look forward to meeting your replacement, whoever that might be. While you can spend a lot of money on ham radio, you can get started for $50 or less. Oddly, we haven’t directly featured much MFJ gear on Hackaday over the years, but we have mentioned a few.

Like most waves in the electromagnetic spectrum, radio waves tend to bounce off of various objects. This can be frustrating to anyone trying to use something like a GMRS or LoRa radio in a dense city, for example, but these reflections can also be exploited for productive use as well, most famously by radar. Radar has plenty of applications such as weather forecasting and various military uses. With some software-defined radio tools, it’s also possible to use radar for tracking aircraft in real-time at home like this DIY radar system.

Unlike active radar systems which use a specific radio source to look for reflections, this system is a passive radar system that uses radio waves already present in the environment to track objects. A reference antenna is used to listen to the target frequency, and in this installation, a nine-element Yagi antenna is configured to listen for reflections. The radio waves that each antenna hears are sent through a computer program that compares the two to identify the reflections of the reference radio signal heard by the Yagi.

Even though a system like this doesn’t include any high-powered active elements, it still takes a considerable chunk of computing resources and some skill to identify the data presented by the software. [Nathan] aka [30hours] gives a fairly thorough overview of the system which can even recognize helicopters from other types of aircraft, and also uses the ADS-B monitoring system as a sanity check. Radar can be used to monitor other vehicles as well, like this 24 GHz radar module found in some modern passenger vehicles.

https://www.youtube.com/embed/FF2n28qoTQM?feature=oembed

Uno spettro s’aggira per il mondo – lo spettro dell’AI. Le nazioni più industrializzate sono a lavoro. Alcune riunite in una sacra alleanza digitale, altre, facendo leva solo sulle proprie risorse. L’obiettivo: riuscire a sfruttare il vantaggio tecnologico offerto dall’AI. La parte più progredita del pianeta in concorrenza con il resto del mondo cerca di guidare la corsa a questa nuova tecnologia che promette una rivoluzione, sociale ed economica, delle nostre comunità. In questo contesto anche la politica italiana si affida a lei.

Il 13 febbraio scorso, l’On. Anna Ascani (Partito Democratico) Vice Presidente della Camera dei Deputati e Presidente del Comitato di vigilanza sull’attività di documentazione della Camera, ha presentato in conferenza stampa, dalla Camera dei deputati, il report:” Utilizzare l’intelligenza artificiale a supporto del lavoro parlamentare.” Risultato di una indagine conoscitiva sull’intelligenza artificiale e sul contributo che l’AI – in particolare quella generativa – può dare all’attività parlamentare.

Il Documento

Risultato di un anno di lavoro. Anno in cui, le personalità politiche appartenenti al Comitato, hanno ascoltato ben 13 esperti nel campo della tecnologia e dell’etica e si sono interfacciati con vari enti di ricerca. Non solo, la delegazione parlamentare è stata in trasferta di studio negli Stati Uniti. La missione si è svolta dal 22 al 26 ottobre 2023 tra Seattle e San Francisco città nelle quali la delegazione ha visitato le sedi delle principali aziende protagoniste dello sviluppo dell’AI: la sede di OpenAI a San Francisco. Le sedi di altre Big tech: Google, Amazon, Meta, Microsoft. Infine, ha fatto visita alla Stanford University. Attività che hanno avuto come scopo quello di approfondire temi che riguardano le sfide etiche, giuridiche e politiche che l’adozione di questa nuova tecnologia pone ai Paesi democratici.

Il Report

Frutto di questo anno di lavoro è stato la presentazione del documento nel quale sono tracciati i princìpi che, ad avviso della Commissione, devono guidare l’utilizzo dei sistemi AI a supporto del lavoro parlamentare. Principi da rispettare per poter consentire l’utilizzo dell’intelligenza artificiale generativa all’interno della Camera dei deputati.

Il Vicepresidente della Camera dei deputati ha tenuto a sottolineare che “il Parlamento italiano si appresta ad essere il primo, in Europa, ad aver concluso un’indagine conoscitiva specifica”. Avrà il primato, insieme con il Congresso degli Stati Uniti, di impiegare strumenti di AI nell’ambito delle istituzioni.

I Rischi

La Commissione ha fatto un bilancio generale rischi-benefici allo scopo di valutare i pericoli insiti nell’adozione di queste tecnologie. Considerando pericoli quali: Deepfake, impatto dell’AI generativa sulla disinformazione, il rischio della sicurezza dei dati legato allo sviluppo della tecnologia dei Cloud. Rischi legati alla privacy dei cittadini, insidiata da un’idea orwelliana di un possibile controllo pervasivo delle persone, cosa che queste tecnologie rendono possibile. Protezione del diritto d’autore legato ai dati che queste applicazioni utilizzano. L’importanza e la necessità di definire nuove regole che impediscano a chi detiene temporaneamente il potere di esercitarlo per un controllo non democratico. Nonostante tutte queste minacce, la Commissione è giunta alla conclusione che non è possibile privarsi delle opportunità derivanti dall’utilizzo di queste nuove tecnologie.

I Principi

La Commissione ha inoltre chiesto il parere ad esperti nazionali che hanno tenuto conto anche di modelli di riferimento europei. Personalità come: Roberto Viola, Direttore Generale di DG CONNECT (Direzione generale delle Reti di comunicazione, dei contenuti e delle tecnologie) presso la Commissione Europea. L’AI ACT, insieme a tutto quello che l’Europa sta facendo in questo ambito hanno fornito un contributo fondamentale alla definizione di queste norme. Principi quali: trasparenza, responsabilità umana, accountability sono vincolanti. Tutto questo allo scopo di mettere la tecnologia al servizio dei cittadini e non viceversa.

Politica, cittadini e tecnologia

Nonostante in Parlamento si adottino già tecnologie basate sull’ intelligenza artificiale, in particolare, per la trascrizione immediata degli interventi fatti in Aula, le opportunità offerte dall’AI sono tantissime non solo per la politica. Dalla produzione industriale all’ambito sanitario, alla maggiore capacità di partecipazione dei cittadini. Oltre la stesura del report la Commissione ha anche lanciato due bandi, rivolti a ricercatori e studiosi, allo scopo di strutturare due prototipi. Il primo in supporto al lavoro dell’amministrazione parlamentare per redigere dossier e documentazione. Il secondo in supporto al lavoro dei parlamentari per rendere più efficace ed efficiente il contesto informativo e legislativo. Oltre a tutto questo è stata lanciata una accountability dell’istituzione, ovvero una maggiore apertura e trasparenza del Parlamento verso i cittadini.

Un upgrade degli strumenti che oggi sono utilizzati ma che non essendo basati su tecnologie di AI sono meno efficienti. Insomma, il Parlamento italiano, dopo un lungo lavoro di consultazione e di ascolto si apre in maniera pioneristica all’innovazione tecnologica.

L'articolo L’Intelligenza Artificiale Arruolata dalla Politica Italiana proviene da il blog della sicurezza informatica.

Recentemente sulla nostra email whistleblower è arrivato un messaggio contenente un allegato in formato .PDF relativo ad una campagna di phishing contro Zimbra. L’utente che ci ha inviato la segnalazione – e che ovviamente ringraziamo – ha effettuato una serie di verifiche che andremo ad analizzare di seguito.

Ovviamente questo genere di segnalazioni sono molto importanti(non mi stancherò mai di ripeterlo) sia perché ci permettono di essere aggiornati sulle campagne di phishing in atto e sia perché ci possono fornire un’occasione per parlarne andando ad aggiungere – soprattutto per gli utenti meno esperti – via via nuove tecniche di “know how” e di prevenzione.

I passaggi che vedremo di seguito potrebbero risultare cose estremamente complesse ad un utente poco pratico ma in realtà sono passaggi che vengono effettuati molto più frequentemente di quanto si possa immaginare…

Come si è comportato il segnalante verso il sito di phishing?

Per prima cosa ha aperto il link di phishing inserendo credenziali fittizie così da poter effettuare un’analisi dei pacchetti con Wireshark
La pagina di phishing Così scopriamo l’indirizzo IP 167.250.5.36 ed il sito pjabogados.com.ar
A questo punto il nostro segnalante ha effettuato un’analisi del codice sorgente della pagina di phishing alla ricerca di indizi
Molto interessante, uno script che rimanda a https://pjabogados.com.ar/manam/main.php
Navigando all’interno della directory ci si accorge di una cartella di log contente un file denominato “emails.txt”

All’interno dell’allora file “emails.txt”(il file viene sovrascritto ogni giorno con nuove credenziali raccolte nell’arco della giornata), il segnalante ha trovato un indirizzo IP che, una volta analizzato, è risultato essere riconducibile alla Tunisia
Il risultato dell’analisi dell’IP e relativa geolocalizzazione

Come ci siamo comportati noi – Parte “passiva”:

Una volta verificato che la pagina di phishing risulta ancora attiva, abbiamo inserito anche noi dei falsi dati che, come abbiamo visto, è una prassi molto comune:
Il nostro login con il furto delle “nostre” credenziali
Una volta inserite le “credenziali” abbiamo ricevuto un messaggio di errore, infatti i siti di phishing generalmente si comportano in due modi:

1. Forniscono un messaggio di errore invitandoti a reinserire le credenziali
2. Reindirizzano verso il sito legittimo dell’azienda colpita dall’attacco

Il finto messaggio di errore si concentra sulle maiuscole
A questo punto siamo andati nella cartella di log indicata dal segnalante, abbiamo aperto il file “emails.txt” e, tra le altre(fortunatamente tutte fittizie), abbiamo trovato le nostre credenziali:
I “nostri” dati, interessante notare come il campo “Desc” rimandi ad una pagina autentica per effettuare il login all’interno di una webmail…
Queste sono le nostre azioni di verifica, sicuramente interessanti ed utili, tuttavia, abbiamo – ovviamente – effettuato anche delle azioni proattive per contrastare attivamente la minaccia

Come ci siamo comportati noi – Parte “attiva” contro il phishing:

Una volta verificata l’esistenza della minaccia e la sua attualità, ci siamo ovviamente mobilitati per poterne ridurre l’impatto e per danneggiarne gli autori. Spesso infatti molti utenti si domandano cosa sia possibile fare – oltre ovviamente a cancellare le email di phishing – per contrastare questo genere di minacce aiutando gli altri utenti del web

Ecco le segnalazioni che abbiamo inviato per ridurre l’impatto della minaccia contribuendo quindi attivamente a depotenziarla:

1. Abbiamo segnalato il sito a “Navigazione Sicura” di Google
2. Segnalazione inviata ad Avast, un antivirus molto popolare
3. URL caricato su VirusTotal, siamo stati i primi a segnalarlo
4. Inviata segnalazione a Netcraft, anche qui siamo stati i primi
5. URL inviato a Fortinet

Questa è la history dell’URL in questione su VirusTotal:
Il primo invio su VirusTotal della risorsa di phishing Il report su NetCraft con l’attribuzione del relativo credito, il che significa che NetCraft non conosceva la risorsa e, quindi, ci ha dato un credito La risposta di Fortinet alla nostra segnalazione dove ci informano che l’URL segnalato è stato analizzato ed è stato correttamente inserito nella categoria “Phishing”

Ma tutte queste procedure sono legali?

Tutto quello che avete visto in questo articolo è assolutamente legale e totalmente legittimo. Utilizzare Wireshark sulla propria rete non costituisce alcun illecito, così come effettuare analisi del proprio traffico di rete.

Inoltre, andare ad analizzarne i risultati utilizzando servizi pubblicamente disponibili è assolutamente legittimo e, anzi, in molti casi sarebbe da consigliare Anche inserire false ed ovviamente inesistenti credenziali su siti di phishing è una prassi molto comune ed è assolutamente legittima.

Questa prassi permette di analizzare il traffico senza fornire alcun dato utile ai cybercriminali.

Ma perché questa campagna?

Andando a leggere il file di log “emails.txt” di cui vi ho già ampiamente parlato, è possibile trovare un URL all’interno del campo “Desc” che rimanda ad una pagina di login a Zimbra:
Pagina di login alla webmail contenuta nel campo “Desc”
Il fatto che nella “Desc” sia contenuto l’URL di una webmail realmente esistente potrebbe portarci a pensare che la campagna sia stata originariamente rivolta verso una specifica organizzazione e che potrebbe essere stata promossa all’interno del mondo degli IAB.

Probabilmente, successivamente la campagna è stata estesa ad altre organizzazioni, Zimbra è una piattaforma molto utilizzata in tutto il mondo.

Queste figure una volta acquisite le credenziali possono rivenderle all’interno del darkweb a soggetti che, per le vostre organizzazioni, sono ben più pericolosi di loro(basti pensare agli affiliati ad una cybergang ransomware o, magari, ad aziende concorrenti che potrebbero comprare gli accessi per effettuare spionaggio industriale e molto altro).

Infatti, allo stato attuale, risulterebbe molto ingenuo considerare il darkweb come un luogo frequentato esclusivamente da criminali e da ragazzini con “felpa e cappuccio”, la realtà come sappiamo è ben diversa, si tratta infatti di un luogo molto frequentato da persone in giacca e cravatta, spesso con un buon livello di istruzione ed in grado di comunicare agevolmente in diverse lingue.

Conclusioni

Come già detto questo articolo è partito da una segnalazione arrivata alla nostra email dedicata al whistleblower che, chiunque abbia notizie che vuole inviarci in maniera più riservata, può utilizzare.

Quindi, questo articolo non sarebbe mai potuto esistere senza un’attività di collaborazione interna alla community e, per questo, mi sento in dovere di ringraziare l’autore dell’email.

Inoltre, con questo articolo ho cercato di fornire alcuni dettagli ed alcune risorse per permettere a chiunque di essere in prima linea contro il phishing e di poter dare il proprio contributo nel rendere il web un posto più sicuro per tutti.

L'articolo Campagna di phishing contro Zimbra. Come depotenziarla attraverso le risorse online proviene da il blog della sicurezza informatica.

La RHC Conference 2024, è un evento annuale gratuito creato dalla community di RHC per promuovere l’interesse verso le tecnologie digitali, l’innovazione e la consapevolezza dei rischi informatici. Quest’anno, l’edizione della conferenza si è svolta a Roma il 19 e 20 aprile 2024 presso il Teatro Italia a Roma.

Uno dei momenti salienti della conferenza è stato il panel dedicato al tema “Cybersecurity ed innovazione tecnologica in Italia: tra minacce informatiche e intelligenza artificiale”. Durante questo panel, esperti di sicurezza e professionisti del settore hanno discusso delle sfide e delle opportunità legate alla sicurezza informatica e all’intelligenza artificiale nel contesto italiano.

Di seguito i relatori che sono intervenuti:

1. Dott. Mario Nobile: Direttore Generale di AGID (Agenzia per l’Italia Digitale).
2. Dott. Umberto Rosini: Direttore Sistemi Informativi alla Presidenza del Consiglio dei Ministri – Dipartimento della Protezione Civile.
3. Dott. Paolo Galdieri: Avvocato penalista, Cassazionista e Docente universitario di Diritto penale dell’informatica.
4. Ing. David Cenciotti: Giornalista aerospaziale, ex ufficiale dell’Aeronautica Militare, ingegnere informatico ed esperto di cybersecurity.

Durante il panel, sono stati affrontati diversi temi collegati all’intelligenza artificiale e la sicurezza informatica. In particolare, si è discusso dell’introduzione di un intero capitolo dedicato all’intelligenza artificiale nel nuovo Piano Triennale per l’Informatica nella Pubblica Amministrazione 2024-2025 e come le AI possano essere utili in vari contesti tecnologici, oltre ad analizzare il tutto dal punto di vista legale.

Questo piano industriale coinvolge non solo le 23.000 pubbliche amministrazioni, ma anche università, centri di ricerca e imprese del settore ICT. Si è parlato delle principali obiettivi di questo capitolo e di come l’AI Act dell’Unione Europea e altri documenti internazionali influenzino le politiche sull’intelligenza artificiale in Italia.

Intervento di Mario Nobile

Mario Nobile affronta principalmente due temi: l’intelligenza artificiale (IA) e la cybersecurity, focalizzandosi sul nuovo Piano Triennale per l’informatica nella pubblica amministrazione 2024-2025.

Nel primo segmento, discute dell’importanza del piano e dei suoi obiettivi. “Oltre a descrivere qual è la strategia bisogna dare degli strumenti … Per usare l’intelligenza artificiale generativa una pubblica amministrazione o una impresa deve stare attenta a tre pilastri” riporta Nobile.

I tre pilastri cruciali per l’implementazione dell’IA spiega Nobile sono: “la qualità del dato, le competenze interne ed esterne, e una chiara definizione dei controlli e delle autorizzazioni”. Questi tre elementi che a livello teorico possono essere importanti, sono stati inseriti in dei toolkit spiegando a grandi aziende di stato o ai piccoli comuni, quella che è l’esperienza di specifici soggetti.
Dott. Mario Nobile: Direttore Generale di AGID, l’agenzia per l’Italia digitale
Successivamente Nobile affronta il legame tra l’accessibilità digitale e la cybersecurity, sottolineando “c’è sempre un antagonismo su chi vuole ampliare l’esperienza dell’utente e chi vuole proteggere un sistema informativo”.

Sottolinea che mentre l’accessibilità digitale è un diritto costituzionale che va garantito, è fondamentale mantenere la robustezza dei sistemi attraverso misure di sicurezza informatica, specialmente considerando i rischi come gli attacchi di privacy, gli abusi l’induzione di comportamenti errati nei sistemi automatizzati. “Se il mio servizio digitale amenità i suoi gradi di libertà per consentire ad una persona disabile … evidentemente il layer della sicurezza, dell’intelligenza artificiale, ci aiuta a mantenere la robustezza di quel sistema. E’ un punto facile a dire nei convegni ma molto complicato da realizzare”.

Per risolvere questo equilibrio, Nobile suggerisce l’implementazione di ridondanze informative e meccanismi di controllo dei dati in tempo reale, per garantire che i servizi digitali siano inclusivi ma anche protetti da potenziali minacce. Inoltre, sottolinea l’importanza di mantenere un elevato livello di qualità dei dati e di collaborazione tra le istituzioni coinvolte nella gestione dei sistemi digitali.

Intervento di Umberto Rosini

Umberto Rosini riporta che “IT Alert” è entrato in produzione dal 13 di Febbraio. “IT Alert si poggia su 3 pilastri fondamentali, le procedure, la comunicazione e poi la parte tecnologica … on top su tutte la parte di controllo e di miglioramento continuo dei sistemi” riporta Rosini.

“Attualmente, abbiamo attivato l’allertamento sulle industrie a rischio rilevante, quelle industrie che hanno quella produzione per il quale un incidente fisico può compromettere la salute e la sicurezza dei cittadini come il rischio nucleare e sui vulcani”.

Rosini sottolinea l’importanza del controllo e del monitoraggio della catena di trasmissione dei messaggi: “tutta parte dalla conoscenza e il monitoraggio della catena, capire da quando viene generato un messaggio e quando viene inviato” anche attraverso attività di OSINT per ottenere informazioni aggiuntive.
Dott. Umberto Rosini, Direttore Sistemi Informativi alla Presidenza del Consiglio dei Ministri – Dipartimento della Protezione Civile
Nell’affrontare le sfide future, Rosini discute dell’importanza dell’intelligenza artificiale (IA) riportando “oggi l’intelligenza artificiale oggi deve essere un copilota dei tecnici” e non un sistema senza controllo umano. L’IA può migliorare l’operatività dei sistemi in emergenza tramite algoritmi per l’elaborazione delle informazioni, il monitoraggio continuo e il miglioramento dei processi.

Rosini evidenzia il ruolo cruciale della tecnologia insieme alle competenze umane, sia tecniche che psicologiche, nell’affrontare le emergenze in modo efficace.

Infine, sottolinea il lavoro delle organizzazioni come l’Agenzia per l’Italia Digitale e l’Agenzia per la Cybersicurezza Nazionale nell’adozione e nello sviluppo di tecnologie innovative per migliorare la preparazione e la risposta alle crisi.

https://www.youtube.com/embed/dEQzCF-nfMY?feature=oembed
Il Video del panel “Cybersecurity ed innovazione tecnologica in Italia: tra minacce informatiche e intelligenza artificiale“

Intervento di Paolo Galdieri

Paolo Galdieri affronta la questione della cybersecurity da una prospettiva legale. Ricorda che la cybersecurity non è stata inizialmente considerata un tema giuridico ma tecnico: “Dalla direttiva NIS, si è iniziato a parlare di sicurezza anche del punto di vista giuridico e oggi è un tema più giuridico che informatico … e si crea delle difficoltà”.

Galdieri rileva la mancanza di normative specifiche che delineino chiaramente l’ambito della cybersecurity, notando che l’evoluzione normativa ha portato a un’ampia interpretazione dei reati informatici attraverso l’uso di nuove tecnologie: “Abbiamo fatto dei processi dove degli esperti di sicurezza informatica sono stati accusati di aver commesso degli accessi non autorizzati, perché secondo i pubblici ministeri erano andati al di là di quello che erano i loro compiti. Questo paralizza l’attività in quanto per contratto devo mettere in sicurezza dei sistemi, ma allo stesso tempo ho paura di subire un procedimento penale.”

Nel contesto della responsabilità legale, Galdieri analizza la distinzione tra reati dolosi e colposi commessi tramite l’uso dell’intelligenza artificiale, mettendo in evidenza il rischio di interpretazioni errate da parte del sistema giudiziario, spesso non esperto in materia informatica. Egli osserva che le normative penali devono adattarsi all’evoluzione tecnologica, affrontando la complessità dei reati commessi tramite IA.
Dott. Paolo Galdieri: Avvocato penalista, Cassazionista, è Docente universitario di Diritto penale dell’informatica
“L’intelligenza artificiale interessa il diritto penale sotto due punti di vista. Il primo è sui reati che possono essere commessi, un secondo è come può aiutare i giudici o le forze dell’ordine” riporta Galdieri. Esamina l’applicazione dell’intelligenza artificiale nel contesto giuridico, discutendo l’importanza di evitare la cosiddetta “giustizia predittiva”, che potrebbe condizionare le decisioni giudiziarie. Sottolinea la necessità di una supervisione umana nell’utilizzo dei dati e dei sistemi automatizzati per prevenire discriminazioni e decisioni ingiuste.

Infine, affronta il tema dell’utilizzo di robot e sistemi automatizzati nelle forze dell’ordine, evidenziando le complessità legate alla responsabilità in caso di comportamenti anomali o incidenti. Relativamente a SPOT, la mascotte della Red Hot Cyber Conference 2024 Galdieri dice per fare un esempio: “ll robottino che si muoveva qui, se aggrediva colui che stava parlando chi ne risponde da un punto di vista colposo?”.

In sintesi, Galdieri evidenzia le sfide legali e etiche legate all’uso dell’intelligenza artificiale e delle tecnologie emergenti nel contesto giuridico, sottolineando la necessità di normative chiare e di una supervisione umana attenta per garantire un’applicazione equa e giusta della legge.

Intervento di David Cenciotti

David Cenciotti evidenzia come l’intelligenza artificiale (IA) sia già una realtà nel campo dell’aviazione e della difesa militare, non solo un progetto futuro: “Pensare oggi che si possa rimuovere l’elettronica da un qualsiasi tipologia di velivolo è utopistico. Si va esattamente nella direzione opposta. I velivoli sono caratterizzati da capacità computazionale e di networking elevatissima“.

Cenciotti illustra come la quinta generazione di velivoli già impieghi l’IA per gestire e funzionare una vasta quantità di informazioni provenienti da vari sistemi a bordo e riporta: “Pilotare un velivolo oggi è molto più facile. La condotta del mezzo è semplificata, quello che è aumentata è la gestione di tutti i sistemi”. Questo consente ai piloti di concentrarsi solo sulle informazioni cruciali per le loro decisioni, riducendo il carico cognitivo e migliorando la loro capacità decisionale.

Pertanto, l’IA è essenziale per ottimizzare le prestazioni e la sicurezza nell’aviazione moderna e relativamente alla sicurezza dei nuovi velivoli riporta: “I velivoli moderni sono diversi milioni di righe di codice che volano ed è necessario metterle in sicurezza come un sistema complesso”.

Utilizza l’esempio del recente attacco dei droni da parte dell’Iran, è stato contrastato dal sistema Iron Dome il quale ha avuto un successo pari al 99%. Il sistema ha impiegano l’IA per priorizzare minacce e calcolare il momento migliore per lanciare i missili. Questa applicazione dell’IA consente una maggiore precisione e efficacia nella difesa contro attacchi nemici.
Ing. David Cenciotti: Giornalista aerospaziale, ex ufficiale dell’AM, ingegnere informatico ed esperto di cybersecurity
Infine, Cenciotti suggerisce che l’IA diventerà ancora più centrale nel futuro, con sviluppi tecnologici che continueranno a integrarla sempre più nel contesto militare e dell’aviazione.

Questo indica che l’IA sarà fondamentale per affrontare le sfide future e migliorare ulteriormente le capacità operative e difensive nelle operazioni aeree.

L'articolo I Video della RHC Conference 2024: Il Panel “Cybersecurity in Italia, tra minacce informatiche ed Intelligenza Artificiale” proviene da il blog della sicurezza informatica.

Dalle nostre attività di monitoraggio che svolgiamo costantemente nelle underground, è emerso che il 27 aprile un messaggio misterioso è comparso su Breach Forums, un noto rifugio per traffici illegali di dati. L’utente, con una buona reputazione nel sottobosco criminale, ha pubblicato informazioni riguardanti una violazione dei dati dell’UNICEF, l’organizzazione internazionale dedicata alla protezione dei diritti dei bambini.

Ancora non sappiamo con precisione se tali dati siano di proprietà dell’UNICEF, in quanto non è ancora presente all’interno del sito web alcun comunicato stampa relativo all’accaduto.

La portata di questa violazione è inquietante da quanto riportato nel post: i dati provenienti da 11 paesi sono stati compromessi, rivelando una vasta gamma di informazioni sensibili. Il threat actors riporta con un successivo messaggio che sono presenti 11 file .csv e il numero totale dei record ammonta a circa 179.000.

Tra questi, si annoverano nomi, indirizzi, numeri di telefono, nonché dettagli riguardanti il livello di istruzione e le coordinate geografiche. Questo attacco non solo mette a repentaglio la privacy di migliaia di individui, ma solleva anche domande sulle vulnerabilità dei sistemi informatici delle organizzazioni internazionali.

Breach Forums è un luogo virtuale dove gli utenti commerciano informazioni rubate, è stato il palcoscenico di questa rivelazione sconcertante. Questa piattaforma, rinomata per il suo ruolo nell’economia sotterranea digitale, facilita lo scambio di dati rubati, vulnerabilità informatiche e altro ancora. L’anonimato è la regola d’oro su Breach Forums, dove pseudonimi comuni e transazioni avvengono spesso con criptovalute per mantenere l’opacità degli scambi.

La pubblicazione del messaggio da parte dell’utente è stata accompagnata da una nota di sfida: “comunità di Breach Forums, oggi ho caricato i dati UNICEF da scaricare, grazie per aver letto e buon divertimento!” Queste parole, apparentemente casuali, indicano la spregiudicatezza degli attori dietro questa violazione. Per loro, questi dati non sono solo risorse da sfruttare, ma anche oggetto di divertimento.

La reazione dell’UNICEF e delle autorità competenti deve essere immediata e decisa. Il furto e la divulgazione di dati sensibili possono mettere a repentaglio la sicurezza e la fiducia non solo delle singole persone coinvolte, ma anche dell’intera organizzazione. È essenziale investigare sull’incidente per comprendere esattamente la portata dell’incidente di sicurezza informatica.

Questa violazione non è solo un crimine contro l’organizzazione, ma anche contro la missione stessa dell’UNICEF di proteggere i diritti dei bambini in tutto il mondo. Mentre il mercato underground continua a prosperare, è urgente che la comunità globale si unisca per contrastare questa minaccia crescente e proteggere la sicurezza e la privacy di tutti.

Come nostra consuetudine, lasciamo sempre spazio ad una dichiarazione da parte dell’azienda qualora voglia darci degli aggiornamenti sulla vicenda. Saremo lieti di pubblicare tali informazioni con uno specifico articolo dando risalto alla questione.

RHC monitorerà l’evoluzione della vicenda in modo da pubblicare ulteriori news sul blog, qualora ci fossero novità sostanziali. Qualora ci siano persone informate sui fatti che volessero fornire informazioni in modo anonimo possono utilizzare la mail crittografata del whistleblower.

L'articolo I dati dell’UNICEF sono Online! 179.000 record provenienti da 11 paesi sono in vendita nelle underground proviene da il blog della sicurezza informatica.

There are many claims in the air about the capabilities of AI systems, as the technology continues to ascend the dizzy heights of the hype cycle. Some of them are true, others stretch definitions a little, while yet more cross the line into the definitely bogus. [J] has one that is backed up by real code though, a compression scheme for text using an AI, and while there may be limitations in its approach, it demonstrates an interesting feature of large language models.

The compression works by assuming that for a sufficiently large model, it’s likely that many source texts will exist somewhere in the training. Using llama.cpp it’s possible to extract the tokenization information of a piece of text contained in its training data and store that as the compressed output. The decompressor can then use that tokenization data as a series of keys to reassemble the original from its training. We’re not AI experts but we are guessing that a source text which has little in common with any training text would fare badly, and we expect that the same model would have to be used on both compression and decompression. It remains a worthy technique though, and no doubt because it has AI pixie dust, somewhere there’s a hype-blinded venture capitalist who would pay millions for it. What a world we live in!

Oddly this isn’t the first time we’ve looked at AI text compression.

There’s always an appeal to a cool-looking computer case or cyberdeck – and with authentic-looking Vault-Tec style, [Eric B] and [kc9psw]’s fallout-themed cyberdeck is no exception.

The case looks like it came straight out of one of the Fallout games and acts the part: while (obviously) not capable of withstanding a direct nuclear bomb impact, it can protect the sensitive electronics inside from the electromagnetic pulse and shockwave that follows – if you keep it closed.

And it’s not just the case that’s cool: This cyberdeck is packed full of goodies like long-range radios, SDRs, ADSB receivers, a Teensy 4.1, and dual Raspberry Pis. But that’s just the hardware! It also comes with gigabytes upon gigabytes of Wikipedia, Wikihow, TED talks, and other information/entertainment, for the less eventful days in the wastelands.

If you, too, would like to have one, fret not! The parts list and design files are public, even though some assembly is required.

Well, it’s official — AI is ruining everything. That’s not exactly news, but learning that LLMs are apparently being used to write scientific papers is a bit alarming, and Andrew Gray, a librarian at University College London, has the receipts. He looked at a cross-section of scholarly papers from 2023 in search of certain words known to show up more often in LLM-generated text, like “commendable”, “intricate”, or “meticulous”. Most of the words seem to have a generally positive tone and feel a little fancier than everyday speech; one rarely uses “lucidly” or “noteworthy” unless you’re trying to sound smart, after all. He found increases in the frequency of appearance of these and other keywords in 2023 compared to 2022, when ChatGPT wasn’t widely available.

It doesn’t always take a statistical analysis of word distributions to detect the footprints of an LLM, though. The article includes examples of text copied and pasted directly from the chatbot, without any attempt at editing or even basic proofreading. How not only the authors of the papers but also the journal editors and reviewers managed not to pick up an obvious chatbot error message that had been copy-pasted is hard to imagine. And let’s not even get started on the Midjourney-generated diagram of a monstrously well-endowed rat that was used to illustrate an article (since retracted) on spermatogenesis, complete with nonsensical captions and callouts to non-existent body parts. This is why we can’t have nice things.

Speaking of nice things, did you know that the largest manufacturer of vintage lamps in history is a little company called “Underwriter’s Laboratory”? At least it seems that way looking at eBay, where sellers listing old lamps often claim the manufacturer is the storied safety standards organization. We suppose it makes sense if the only label on an old lamp is the UL listing label and you had no idea what UL is. But really, that’s the least of the problems with some of these listings. “Vintage” is a stretch for a green banker’s lamp with a polarized plug that was clearly made sometime in the last 30 years.

Switching gears a bit, it’s one thing to know that everything you do online is tracked, but it’s quite another thing to find out exactly how much information is shooting back and forth between your computer and the Hive Mind. That’s what Bert Hubert built Tracker Beeper to do, and it’s a little terrifying. The tool emits a short beep every time your computer sends off a bit of data to a tracker. It started just monitoring data going to Google, which was alarming enough. The tool was later modified to include most of the trackers we’re likely to come across in our daily travels, and wow! It sounds like a Geiger counter when the tube gets saturated by a highly active source. Probably just as dangerous, too.

Heads up — the HOPE conference is gearing up. Hackers on Planet Earth XV will be held July 12-14 on the campus of St. John’s University in Queens, New York. The “Call for Participation” is now open; it’s always nice to see a big Hackaday contingent at HOPE, so make sure you get your proposals for talks, workshops, or panels together soon.

And finally, what should you do if the FCC comes knocking at your door? It’s not just an academic question; the US Federal Communications Commission does a lot of field investigation, and if you do any kind of RF experimentation, there’s a non-zero chance that you’ll make some kind of spurious emission that gets their attention. Josh from Ham Radio Crash Course dropped a video that addresses the dreaded knock. TL;DW — come back with a warrant. But it’s more complicated than that, as illustrated by a hilarious IRL account of one such encounter. We won’t spoil the surprise, but suffice it to say that if your house is under the approach to a major international airport, you probably want to be extra careful with anything radio-related.

https://www.youtube.com/embed/B-3-GFv8u5U?feature=oembed

What do you do when you find an ancient piece of test gear and want to have fun? Well, you can always try getting BASIC running on it, and that’s precisely what [David Kuder] did.

The HP4952A Protocol Analyzer actually looks a lot like an old computer, even if it was never meant for general-purpose use. The heart of the machine is a Zilog Z80 CPU, though, so it shares a lot in common with microcomputers of its era.

Among other hacks, [David] worked to get Microsoft Basic-80 running on the machine. Initially, he was only able to get it up and running on the display, with no way to read the keyboard, disk, or access the serial port. Eventually, by diving into the nitty-gritty of the machine, he was able to at least get the keyboard working along with some basic BASIC programs. Usable memory is just 8KB, but you can do a fair bit with that when you’ve only got a 32×16 display for output anyway!

It’s a neat hack and one that was extendable to the HP4957A as well. We’ve seen similar machines on these pages before, too! If you’ve got your own neat retro hacks on the boil, don’t hesitate to drop us a line!

[Thanks to Christopher Zell for the tip!]

[Steve Mould] came across an interesting little phenomenon of blue flames zipping around a circular track. This led to diving down a bit of a rabbit hole about excitable mediums, ultimately leading him to optimize the shapes and come up with some pretty wild variations which he shows off in a video (also embedded below.)

After figuring out that the moving flame depended on combustion of fuel vapor in an environment that didn’t allow for the whole surface to stay lit at once, [Steve] tried to optimize the design of 3d-printed channels and raceways to encourage this effect, and he came up with some pretty novel ones. The 3D models are here if you’d like to try them for yourself (we especially like the “figure eight” and “rays” models.)

The video is an excellent show & tell of everything [Steve] dove into, complete with plenty of demonstrations of harnessing this effect to create some nifty running flames. Check it out in the video below, and if unintuitive physical effects are your thing, don’t miss [Steve]’s peeling apart of the turntable paradox.

https://www.youtube.com/embed/SqhXQUzVMlQ?feature=oembed

I ricercatori hanno scoperto un nuovo trojan bancario Brokewell. Il malware si maschera da falsi aggiornamenti per Chrome ed è in grado di intercettare qualsiasi evento avvenga sul dispositivo, dai clic e le informazioni visualizzate sullo schermo al testo inserito e alle applicazioni avviate dall’utente.

ThreatFabric si è imbattuto in Brokewell dopo aver scoperto una falsa pagina di aggiornamento di Chrome che conteneva il payload del malware.
Pagina Chrome reale (a sinistra) e aggiornamento falso (a destra)
Dopo aver studiato le campagne precedenti, i ricercatori hanno concluso che Brokewell si era precedentemente mascherato da servizi “acquista ora, paga dopo”, nonché dall’applicazione di autenticazione digitale austriaca ID Austria.

Le principali funzionalità di Brokewell, che è ancora in fase di sviluppo attivo, sono incentrate sul furto di dati e sulla fornitura agli aggressori del controllo remoto di un dispositivo infetto. Pertanto, Brokewell dispone di tutte le funzionalità standard dei trojan bancari e fornisce anche accesso remoto agli aggressori.

E’ quindi in grado di

• utilizzare overlay, ovvero imitare pagine di accesso per applicazioni target (al fine di rubare credenziali);
• utilizzare il proprio WebView per intercettare e recuperare i cookie dopo che un utente accede a un sito legittimo;
• Intercettare qualsiasi azione della vittima, inclusi clic, scorrimento e digitazione, al fine di rubare dati sensibili visualizzati o immessi sul dispositivo;
• raccogliere informazioni sull’hardware e sul software del dispositivo;
• recuperare i registri delle chiamate;
• determinare la posizione fisica del dispositivo;
• catturare l’audio utilizzando il microfono del dispositivo;
• fornire a un utente malintenzionato l’opportunità di vedere lo schermo del dispositivo in tempo reale;
• eseguire da remoto vari gesti (tocchi e passaggi);
• fare clic da remoto su elementi o coordinate specificati sullo schermo;
• simulare lo scorrimento e inserire il testo nei campi specificati;
• simulare la pressione di pulsanti fisici come Indietro, Home e App recenti;
• attivare da remoto lo schermo del dispositivo per rendere qualsiasi informazione disponibile per l’acquisizione;
• Regolare le impostazioni come luminosità e volume.

Secondo ThreatFabric, lo sviluppatore di Brokewell è un hacker criminale con il soprannome di Baron Samedit, che da almeno due anni vende strumenti per il controllo di conti rubati.

Va inoltre notato che lo studio ha rivelato un altro strumento chiamato Brokewell Android Loader, anch’esso creato da questo autore. Lo strumento era ospitato su uno dei server di controllo di Brokewell. In particolare, questo downloader è in grado di aggirare le restrizioni introdotte da Google in Android 13 e versioni successive del sistema operativo per combattere l’abuso del servizio di accessibilità da parte degli APK caricati al di fuori del Google Play Store.

Gli esperti concludono che molto probabilmente Brokewell verrà finalizzato e nel prossimo futuro inizierà a essere venduto ad altri criminali sulla darknet secondo lo schema Malware-as-a-Service (MaaS).

L'articolo Una nuova MaaS fa capolino. E’ Brokewell: Il malware che colpisce con falsi aggiornamenti di Chrome proviene da il blog della sicurezza informatica.

[Nick Lombardy] took on a job almost every maker imagines themselves doing at some point. He built a giant LED wall and he did a damn fine job of it, too. Introducing BoneBlocker.

BoneBlocker is an 8 x 14 wall of glass blocks that lives at a bar called Coin-Op. Each block was given a length of WS2812B LED strip. 30 LED/meter strips were chosen, as initial maths on the 60 LED/meter strips indicated the whole wall would end up drawing 1.5 kW. Discretion, and all that.
The glowing game controller.
The whole display is run from a WT32-ETH01 board, which is a fast ESP32-based module that has onboard Ethernet to boot. [Nick] used the WLED library as he’d seen others doing great things with it, performance-wise. He ended up using one board per column to keep things fast, but he reckons this was also probably a little bit of overkill.

His article steps through the construction of the wall, the electronics, and the software required to get some games working on the display. The final result is quite something. Perhaps the best bit is his explanation of the custom controller he built for the game. Dig into it, you won’t be disappointed.

In particular, we love how the glass blocks elevate this display to a higher aesthetic level. We’ve seen other great projects tread this same route, too. Video after the break.

https://www.youtube.com/embed/ocrCUYP6DxY?feature=oembed

It’s with a tinge of sadness that we and many others reported on the recent move by Zilog to end-of-life the original Z80 8-bit microprocessor. This was the part that gave so many engineers and programmers their first introduction to a computer of their own. Even though now outdated its presence has been a constant over the decades. Zilog will continue to sell a Z80 derivative in the form of their eZ80, but that’s not the only place the core can be found on silicon. [Rejunity] is bringing us an open-source z80 core on real hardware, thanks of course to the TinyTapeout ASIC project. The classic core will occupy two tiles on the upcoming TinyTapeout 7. While perhaps it’s not quite the same as a real 40-pin DIP in your hands, like all of the open-source custom silicon world, it’s as yet early days.

The core in question is derived from the TV80 open-source core, which we would be very interested to compare when fabricated at TinyTapeout’s 130nm process with an original chip from a much larger 1970s process. While It’s true that this project is more of an interesting demonstration of TinyTapeout than a practical everyday Z80, it does at least serve as a reminder that there may be a future point in which a run of open-source real Z80s or other chips might become possible.

This isn’t the first time we’ve featured a TinyTapeout project.

[Andrej Karpathy] recently released llm.c, a project that focuses on LLM training in pure C, once again showing that working with these tools isn’t necessarily reliant on sprawling development environments. GPT-2 may be older but is perfectly relevant, being the granddaddy of modern LLMs (large language models) with a clear heritage to more modern offerings.

LLMs are fantastically good at communicating despite not actually knowing what they are saying, and training them usually relies on PyTorch deep learning library, itself written in Python. llm.c takes a simpler approach by implementing the neural network training algorithm for GPT-2 directly. The result is highly focused and surprisingly short: about a thousand lines of C in a single file. It is a highly elegant process that does the same thing the bigger, clunkier methods accomplish. It can run entirely on a CPU, or it can take advantage of GPU acceleration, where available.

This isn’t the first time [Andrej Karpathy] has bent his considerable skills and understanding towards boiling down these sorts of concepts into bare-bones implementations. We previously covered a project of his that is the “hello world” of GPT, a tiny model that predicts the next bit in a given sequence and offers low-level insight into just how GPT (generative pre-trained transformer) models work.

The Pi Pico is a capable microcontroller that can do all kinds of fun and/or useful things. In the former vein, [antirez] has ported a ZX Spectrum emulator to the Pi Pico.

ZX2040, as it is known, is a port of [Andre Weissflog’s] existing ZX spectrum emulator. It’s designed for use on the compact embedded Pi Pico platform, using ST77xx TFT displays. To that end, it has a UI optimized for small, low resolution screens and minimal buttons. After all, very few Pi Picos come with a full QWERTY keyboard attached.

Certain hacks are necessary to make it all work; the chip is overclocked to get things humming fast enough. The emulator also runs upscaling or downscaling in realtime as needed. This allows the emulator to run with a variety of displays, almost none of which are a direct match for the ZX Spectrum’s original resolution of 256×192 pixels.

Code is on Github for the curious, including a great run down from [antirez] on everything that makes it tick. If you want to play ZX Spectrum games on a keychain, you’d do well to start here. There are other projects to emulate it on the Pico, too! Video after the break.

https://www.youtube.com/embed/Xxz8N-SCUJU?feature=oembed

Aluminum beverage cans are used for all kinds of drinks, but when it comes to wine there are some glitches. Chief among them is the fact that canned wine occasionally smelled like rotten eggs. Thankfully, researchers have figured out why that happens, and how to stop it. How was this determined? As the image above hints at, lots and lots of samples and testing.

What causes this, and why don’t other beverages have this problem? Testing revealed that the single most important factor was the presence of molecular sulfur dioxide (SO2), a compound commonly used in winemaking as an antioxidant and antimicrobial.

It turns out that the thin plastic lining on the inside of beverage cans doesn’t fully stop molecular SO2 from reacting with the surrounding aluminum, creating hydrogen sulfide (H2S) in the process. H2S has a very noticeable rotten egg smell, even in low concentrations.

Researchers discovered that if a canned beverage contained more than 0.5 ppm of molecular SO2, a noticeable increase in hydrogen sulfide was likely to be present within four to eight months. The problem is that since most wines aim for around 0.5 ppm of SO2, the average can on wine sitting on a shelf will have a problem sooner rather than later. The more SO2 in the wine (reds tend to contain less, whites more), the worse the problem.

Simply increasing the thickness of the plastic liner is an imperfect solution since it increases manufacturing costs as well as waste. So, researchers believe the right move is to use a more durable liner formulation combined with a lower SO2 concentration than winemakers are usually comfortable with. Unlike bottles, cans can be hermetically sealed which should offset the increased oxidation risk of using a lower concentration of SO2. The result should be wine as a canned beverage, with a shelf life of at least 8 months.

The research is published here and gives a great look at just how one approaches this kind of scientific problem, as well as highlighting just how interesting the humble aluminum beverage can really is.

Who says a clock can’t be both useful and beautiful? That seems to be the big idea behind the lovely little HexaClock from [Bulduper]. And boy, is it both.

Probably the most important part of this well-illuminated clock is the light sensor, which allows it to adjust the brightness automatically. If you’re not into that, well, there’s a really nice web app that’ll let you program the dickens out of it.

The brains of this thing is an ESP8266 on a custom PCB which controls the 127 individually addressable RGB LEDs. The clock may look large, but the big printed parts just fit on the bed of a Prusa i3. [Bulduper] used ABS because the LED strip and the PCB might get a little warm; they didn’t want to risk using PLA and having it turn into a Salvador Dali clock (although that could be cool).

Speaking of heat, make sure to use 18 AWG or thicker wires as [Bulduper] advises. LEDs may be efficient, but this clock uses lots of them! If you want to build one of these to bathe your wall in useful light, everything you need is available on GitHub. Watch HexaClock do its thing in the brief demo and walk-through video after the break.

If this is a little too bright for your tastes, check out this synesthesia clock.

https://www.youtube.com/embed/w_1LYgWK9bU?feature=oembed

So often, we see 3D printers used to create some nifty little tool for a tricky little job. Maybe it’s to lock cams together for a timing belt change, or to work as a jig for soldering some complex device. However, some hacks are even simpler than that. [maker_guy] realized that eating nuggets in the car could be easier than ever with a little printed adapter.

The print is simple. It’s a round caddy for the nugget sauces given out by Chick-fil-A restaurants. Why round? Because it lets the nugget sauce sit neatly in your car’s cupholder at an accessible height. Put the sauce tub in the adapter, peel it open, and you can dip to your heart’s content.
So simple, yet a game changer all the same.
No more delicately balancing Zesty Buffalo by the gearstick while you try and chow down. Nor will your seat covers be tainted with Honey Mustard!

“Not a hack!” you scream. “It’s frivolous nonsense!” To that I say, are you a nugget eater or not? I myself partake, and I can absolutely see the value in this. You see, us journalists work hard. We’re often stuck eating substandard food in our cars on the way from one thing to another, like so many others in busy professions. If a smart little 3D-printed adapter can make mealtime easier and save some mess, I’m calling that a win.

You should never be afraid to use your creativity to make tools to improve your life. Parts are on Thingiverse if you need to print your own. Mod it to suit McDonald’s product if you need. Heck, print in black and it’d look like a stock part of the car!

You don’t have to like this simple adapter, but you can’t deny its utility! Share your own nifty little adapter ideas in the comments.

In what is probably the longest-distance tech support operation in history, the Voyager mission team succeeded in hacking their way around some defective memory and convincing their space probe to send sensor data back to earth again. And for the record, Voyager is a 46-year old system at a distance of now 24 billion kilometers, 22.5 light-hours, from the earth.

While the time delay that distance implies must have made for quite a tense couple days of waiting between sending the patch and finding out if it worked, the age of the computers onboard probably actually helped, in a strange way. Because the code is old-school machine language, one absolutely has to know all the memory addresses where each subroutine starts and ends. You don’t call a function like do_something(); but rather by loading an address in memory and jumping to it.

This means that the ground crew, in principle, knows where every instruction lives. If they also knew where all of the busted memory cells were, it would be a “simple” programming exercise to jump around the bad bits, and re-write all of the subroutine calls accordingly if larger chunks had to be moved. By “simple”, I of course mean “incredibly high stakes, and you’d better make sure you’ve got it right the first time.”

In a way, it’s a fantastic testament to simpler systems that they were able to patch their code around the memory holes. Think about trying to do this with a modern operating system that uses address space layout randomization, for instance. Of course, the purpose there is to make hacking directly on the memory harder, and that’s the opposite of what you’d want in a space probe.

Nonetheless, it’s a testament to careful work and clever software hacking that they managed to get Voyager back online. May she send for another 46 years!

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

A cornerstone of early 1970s rock music culture was the British singer David Bowie in his Ziggy Stardust persona, along with his backing band the Spiders from Mars. You can tell that the PR department at the European Space Agency were beside themselves with glee at the opportunity to reference them when their Mars Express spacecraft snapped a picture of some of the planets surface structures which bear a passing resemblance to Earth-bound spiders. We can’t blame them, we’d have done the same.

While these spiders are definitely not arachnid in origin, they are no less interesting. Over the Martian winter there form layers of carbon dioxide ice, which turn to gas under the influence of the Sun. This gas becomes trapped underneath layers of ice, until it forms sufficient pressure to burst through and escape. In doing so it brings up dark dust which settles along fissures in the ice, leading to the spider-like patterns when viewed from orbit.

So no life on Mars then, at least as yet. But it’s an interesting observation, and another little piece in the puzzle of understanding our planetary neighbor, as well as an excuse for a classic rock earworm. Meanwhile, this isn’t the first time we’ve reported on the ESA Mars probes.

The PlayStation 2 was a revelation when it hit the market in 2000, and yet by modern standards, it’s almost hopelessly weak. In fact, it’s so under-powered, Rockstar developers had to pull every trick in the book to make Grand Theft Auto III even work on the platform.

The story comes to us from developer [Obbe Vermeij]. He explains that the PlayStation 2 couldn’t keep the entire open-world game map in its tiny 32 MB of RAM. Instead, models had to be streamed from the DVD drive as the player moved around the world. However, even the DVD drive wasn’t fast enough. If the player moved too quickly, they would outpace the system’s ability to load new assets, and the world would fall apart. Roads would vanish, buildings simply wouldn’t appear before the player passed by them.

According to [Obbe], getting around this challenge was the job of one [Adam Fowler]. He notes that even optimizing the layout of data on the DVD wasn’t enough to help. Nifty hacks had to be employed to slow the player down. Road networks were changed to stop the player speeding towards areas that needed lots of new models. In other areas, vehicles in the game would experience a nearly-imperceptible 5% increase in air drag to dull their speed. This was chosen as a more invisible solution; cutting engine power directly was audible to players as the audio changed.

It shows you just how hard developers had to work back when resources were far more constrained than they are today!

Tenendo in considerazione i 22 milioni di dollari pagati agli aggressori per il riscatto, a questi si sommano 850 milioni di dollari causati dalle successive conseguenze. Ecco perché la sicurezza informatica la paghi sempre e se non la paghi prima, il prezzo è molto ma molto più salato.

UnitedHealth, la società madre di Change Healthcare, è stata colpita da un attacco ransomware a febbraio del 2024. L’azienda ha affermato che i costi totali per affrontare l’attacco informatico ammontano a 872 milioni di dollari nel solo primo trimestre del 2024.

I costi di un attacco ransomware

Oltre a questo importo, UnitedHealth ha fornito finanziamenti anticipati e prestiti senza interessi per un importo di oltre 6 miliardi di dollari stanziati per sostenere le istituzioni mediche colpite dall’incidente.

Nella sua relazione trimestrale, UnitedHealth ha chiarito che l’impatto totale dell’attacco sui risultati finanziari della società nel primo trimestre è stato stimato in 0,74 dollari per azione. Si prevede che la cifra salirà a 1,15-1,35 dollari per azione entro la fine dell’anno.

L’azienda continua a spendere per mitigare le conseguenze dell’attacco e si prevede che il costo totale dell’interruzione e del ripristino supererà il miliardo di dollari. Tale importo include il pagamento di un riscatto di 22 milioni di dollari agli estorsori.

In confronto, la catena di casinò MGM Resorts , anch’essa vittima di un attacco informatico l’anno scorso, non ha pagato il riscatto, ma i costi per ripristinare i sistemi e eliminare le conseguenze dell’attacco ammontavano a 100 milioni di dollari, comprese le perdite dovute ai tempi di inattività e alle interruzioni operative. nonché fughe di dati.

L’impatto sulle azioni dell’azienda

Per il primo trimestre, UnitedHealth ha registrato un fatturato di 7,9 miliardi di dollari e una perdita netta di 1,221 miliardi di dollari (15,46%). Le negoziazioni preliminari delle azioni UnitedHealth hanno mostrato un guadagno del 7,5% dopo la pubblicazione dei risultati finanziari, una svolta positiva dopo un calo significativo dopo l’attacco.
Prezzo delle azioni UnitedHealth

Secondo Andrew Whitty, CEO di UnitedHealth Group, la massima priorità dell’azienda rimane il miglioramento dei servizi ai nostri clienti e la garanzia di una crescita sostenibile, nonostante la risposta rapida ed efficace all’attacco contro Change Healthcare.

Pagato il riscatto, criminali fuggiti

Change Healthcare risente ancora dell’accaduto. La complessità della situazione è aggravata dal fatto che il ransomware ALPHV ha frodato l’azienda, scomparendo poco dopo aver ricevuto il pagamento del riscatto.

Secondo alcune indiscrezioni, gli affiliati del gruppo non hanno mai ricevuto la loro parte del ricavato, motivo per cui hanno iniziato a collaborare con il gruppo RansomHub e continuano a ricattare Change Healthcare utilizzando gli stessi dati rubati.

L'articolo Un Attacco Ransomware fa molto male! Un miliardo di dollari spesi dalla Change Healthcare proviene da il blog della sicurezza informatica.

We all have our shiny, modern computers for interacting with the modern world, but at times they can seem a little monochromatic. Even the differences between something like macOS and Windows for the average user often boil down to which operating system loads an Internet browser. There are obviously more differences than that, but back in the 80s it was much more extreme with interoperability a pipe dream in most cases. What keeps drawing people to maintaining and using computers from that chaotic era is more tangible compared to modern machines, and that is meant quite literally; computers from this era can be saved from an extreme amount of degradation like this Commodore that was nearly completely destroyed before it was re-discovered.

The first step was to restore the case of this Commodore PC20-III, but the restoration of the computer’s internals took a bit more time. First, the entire board was de-soldered, with any rare chips being set aside for future use. Unfortunately the board itself was too corroded and otherwise damaged to be used, but since these were just two-layer boards it could be photographed and then re-created in CAD software to make a near-perfect duplicate of the original. The team at [The Cave] took the opportunity to add patch wires which would have been present in the original machine into the PCB, and made some other upgrades as well like adding sockets to various chips that would have been originally soldered to the board.

The passive components, especially capacitors, were brand new as well and some period-correct components such as a monitor and keyboard finish out the build. The computer boots on the first try, and is quickly put through its paces testing the hard disk drive, using the old floppy drive, and even playing a few video games from the era. The fact that retrocomputers like these are easy (by modern standards) to reverse engineer and restore surely leads to their continued popularity, and we’ve seen everything from C64s to this 128DCR get a similar full restoration.

https://www.youtube.com/embed/7bf-Stkm_4A?feature=oembed

The educational sector is usually the first to decry large language models and AI, due to worries about cheating. The State Library of Queensland, however, has embraced the technology in controversial fashion. In the lead-up to Anzac Day, the primarily Australian war memorial holiday, the library released a chatbot intended to imitate a World War One veteran. It went as well as you’d expect.
The highlighted line was apparently added to the chatbot’s instructions later on to help shut down tomfoolery.
Twitter users immediately chimed in with dismay at the very concept. Others showed how easy it was to “jailbreak” the AI, convincing Charlie he was actually supposed to teach Python, imitate Frasier Crane, or explain laws like Elle from Legally Blonde. One person figured out how to get Charlie to spit out his initial instructions; these were patched later in the day to try and stop some of the shenanigans.

From those instructions, it’s clear that this was supposed to be educational, rather than some sort of macabre experiment. However, Charlie didn’t do a great job here, either. As with any Large Language Model, Charlie had no sense of objective truth. He routinely spat out incorrect facts regarding the war, and regularly contradicted himself.

Generally, any plan that includes the words “impersonate a veteran” is a foolhardy one at best. Throwing a machine-generated portrait and a largely uncontrolled AI into the mix didn’t help things. Regardless, the State Library has left the “Virtual Veterans” experience up at the time of writing.

The problem with AI is that it’s not a magic box that gets things right all the time. It never has been. As long as organizations keep putting AI to use in ways like this, the same story will keep playing out.

With the demands of modern computing, from video editing, streaming, and gaming, many of us will turn to a monitoring system of some point to keep tabs on CPU usage, temperatures, memory, and other physical states of our machines. Most are going to simply display on the screen but this data can be sent to external CPU monitors as well. This retro-styled monitor built on analog voltmeters does a great job of this and adds some flair to a modern workstation as well.

The build, known as bbMonitor, is based on the ESP32 platform which controls an array of voltmeters via PWM. The voltmeters have been modified with a percentage display to show things like CPU use percentage. Software running on the computers sends this data in real time to the ESP32 so the computer’s behavior can be viewed at a glance. Each voltmeter is also augmented with RGB LEDs that change color from green to red as use increases as well. The project’s creator, [Corebb], also notes that the gauges will bounce around if the computer is under heavy load but act more linearly when under constant load, also helping to keep an eye on computer status.

While the build does seem to rely on a Windows machine to run the software for export to the monitor, all of the code is open-sourced and available on the project’s GitHub page and could potentially be adapted for other operating systems. And, as far as the voltmeters themselves go, there have been similar projects in the past that use stepper motors as a CPU usage monitor instead.

https://www.youtube.com/embed/KMqlBF-dVS4?feature=oembed

We’ve all seen a million videos online with singing Tesla coils doing their thang. [Zach Armstrong] wasn’t content to just watch, though. He went out and built one himself! Even better, he’s built a guide for the rest of us, too!

His guide concerns the construction of a Class-E solid state Tesla coil. These are “underrated” in his opinion, as they’re simple, cheap, and incredibly efficient. Some say up to 95% efficient, in fact! It’s not something most Tesla coil fans are concerned with, but it’s nice to save the environment while making fun happy sparks, after all.

[Zach]’s guide doesn’t just slap down a schematic and call it good. He explains the theory behind it, and the unique features too. He uses an adjustable Schmitt trigger oscillator for the build, and he’s naturally given it an audio modulation capability because that’s a good laugh, too.

If you’ve ever wanted to convince you’re friends you’re incredibly smart and science-y, you can’t go wrong with a singing Tesla coil. This beats out Jacob’s ladder and most other plasma experiments for sheer mad scientist cred.

Have fun out there! Video after the break.

https://www.youtube.com/embed/Hez-R-WF5P0?feature=oembed

Ah, dogs. They sure like to bark, don’t they? [rrustvold]’s dog likes to bark at the door when a package arrives. Or when someone walks by the house, or whenever the mood strikes, really. To solve the barking issue, at least near the front door, [rrustvold] built a spray bottle turret to teach the dog through classical conditioning.

As you can see from the image, it’s all about pulling the trigger on a standard spray bottle at the right time. This machine only sprays when two conditions are met: it hears noise (like barking) and detects motion (like overzealous tail wagging). It also has heat-seeking abilities thanks to a Raspberry Pi thermal camera.

To do the actual spraying, there’s a DC motor mounted behind the bottle which turns a pulley that’s mounted to its shaft. Around the pulley is a string that wraps around the spray bottle’s trigger. To complete the build, everything is mounted on a lazy Susan so there’s nowhere for Fido to hide-o.

If you’ve a dog whose bite is worse than its bark, consider building a custom dog door to keep it out of the cat box.

The 2024 Home Sweet Home Automation contest has officially wrapped — we’re counting the votes now, so stay tuned for an announcement about the winners shortly.

How not to program an EPROM
Elliot and Dan got together to enshrine the week’s hacks in podcast form, and to commiserate about their respective moms, each of whom recently fell victim to phishing attacks. It’s not easy being ad hoc tech support sometimes, and as Elliot says, when someone is on the phone telling you that you’ve been hacked, he’s the hacker. Moving on to the hacks, we took a look at a hacking roadmap for a cheap ham radio, felt the burn of AM broadcasts, and learned how to program old-school EPROMs on the cheap.

We talked about why having a smart TV in your house might not be so smart, especially for Windows users, and were properly shocked by just how bad wireless charging really is. Also, cheap wind turbines turn out to be terrible, barnacles might give a clue to the whereabouts of MH370, and infosec can really make use of cheap microcontrollers.

https://html5-player.libsyn.com/embed/episode/id/31001508/height/90/theme/custom/thumbnail/yes/direction/backward/render-playlist/no/custom-color/000000/
Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

• iTunes
• Spotify
• Stitcher
• RSS
• YouTube
• Check out our Libsyn landing page

Grab a copy for yourself if you want to listen offline.

Episode 268 Show Notes:

News:

• NASA’s Voyager 1 Resumes Sending Engineering Updates To Earth

What’s that Sound?

• Congrats to [Medic456] for recognizing a radio time signal — in this case DCF77.
• Radio Station WWV: All Time, All The Time, which was Dan’s guess.

Interesting Hacks of the Week:

• How Wireless Charging Works And Why It’s Terrible
• Reverse Engineering The Quansheng Hardware
  
  • Deconstructing PCBs
  • Remoticon Video: How To Reverse Engineer A PCB

  
  

• Your Smart TV Does 4K, Surround Sound, Denial-of-service…
  
  • Help with figuring out what is causing waitchain/deadlock in dashost (causing TaskMgr, Settings hang or any app that uses WiFi/BT) – Microsoft Q&A

  
  

• Radio Frequency Burns, Flying A Kite, And You
  
  • We made a hot dog talk… with RF – YouTube
  • Retrotechtacular: A Tour Of WLW, A 500,000 Watt Radio Transmitter

  
  

• Flute Now Included On List Of Human Interface Devices
  
  • Wonka Whistle – YouTube

  
  

• Relatively Universal ROM Programmer Makes Retro Tech Hacking Accessible
  
  • Hackaday Prize 2023: 65uino 6502 Learning In A Familiar Package

  
  

Quick Hacks:

• Elliot’s Picks
  
  • The Performance Impact Of C++’s `final` Keyword For Optimization
  • Implantable Battery Charges Itself
  • Chip Mystery: The Case Of The Purloined Pin
  • The MUSE Permanent Magnet Stellarator: Fusion Reactor With Off-The-Shelf Parts

  
  

• Dan’s Picks:
  
  • Bad Experiences With A Cheap Wind Turbine
  • AM Radio Broadcast Uses Phasor To Let Eight Towers Spray One Big Signal
  • Ancient Cable Modem Reveals Its RF Secrets

  
  

Can’t-Miss Articles:

• Supercon 2023: Alex Lynd Explores MCUs In Infosec
  
  • DNS Tunneling: Getting The Data Out Over Other Peoples’ WiFi

  
  

• The Hunt For MH370 Goes On With Barnacles As A Lead

Per consentire una crescita globale dell’intelligenza artificiale, occorre risolvere il problema della mancanza di elettricità. Secondo i rappresentanti delle principali aziende tecnologiche, tra cui il miliardario Elon Musk, questo problema sta già limitando lo sviluppo di tecnologie avanzate. In precedenza, l’intelligenza artificiale soffriva di carenza di microcircuiti, ma ora la barriera principale sembra essere l’alimentazione.

Il CEO di Amazon, Andy Jesse, ha anche confermato che le attuali riserve energetiche non sono sufficienti per alimentare nuovi servizi di intelligenza artificiale generativa.

Per questo motivo, aziende come Amazon, Microsoft e Alphabet (società madre di Google) stanno investendo miliardi di dollari in infrastrutture e costruendo data center che richiedono anni per essere pianificati e costruiti.
Investimenti congiunti di Microsoft, Amazon e Alphabet sulle tecnologie cloud. Previsioni per il 2024 e il 2025

Tuttavia, la costruzione di tali impianti richiede non solo tempo, ma anche luoghi in cui sia ancora possibile aumentare la capacità energetica. Inoltre, anche l’accesso all’elettricità è importante, poiché i problemi con la rete elettrica possono rappresentare un serio ostacolo allo sviluppo dell’intelligenza artificiale.

Pankaj Sharma, vicepresidente esecutivo della divisione data center di Schneider Electric, ha osservato che la domanda di data center è sempre stata elevata, ma ora ha raggiunto il massimo storico. Si prevede che entro il 2030 sarà necessaria una capacità notevolmente maggiore di quella attualmente disponibile.

Inoltre, il crescente interesse per i data center sta accrescendo le preoccupazioni sull’impatto ambientale. Molti paesi si stanno muovendo verso le energie rinnovabili e l’elettrificazione in risposta al cambiamento climatico. Amazon, ad esempio, sta discutendo attivamente la questione con i funzionari americani.

L’Agenzia internazionale per l’energia prevede che il consumo di elettricità dei data centerhttps://iea.blob.core.windows.net/assets/6b2fd954-2017-408e-bf08-952fdd62118a/Electricity2024-Analysisandforecastto2026.pdfraddoppierà entro il 2026, raggiungendo i 1.000 terawattora, paragonabili al consumo annuale del Giappone. Tali indicatori sfidano la comunità globale a migliorare l’efficienza e la regolamentazione per frenare la crescita del consumo energetico.

Alcune regioni stanno già affrontando sfide legate al consumo energetico con l’aumento della domanda di intelligenza artificiale. La grande azienda energetica americana Dominion Energy, ad esempio, ha temporaneamente sospeso la connessione di nuovi data center finché non sarà risolto il problema del crescente consumo di elettricità. Alla luce di tali sfide, le organizzazioni sono alla ricerca di nuovi siti in diverse parti del mondo, tra cui Stati Uniti, Italia ed Europa dell’Est. La continua ricerca di nuove sedi per la costruzione di data center sta raggiungendo un livello internazionale.

L'articolo L’Intelligenza Artificiale rallenta la sua crescita. Occorre più elettricità in un mondo così inquinato proviene da il blog della sicurezza informatica.

There’s a trend recently, of big-name security appliances getting used in state-sponsored attacks. It looks like Cisco is the latest victim, based on a report by their own Talos Intelligence.

This particular attack has a couple of components, and abuses a couple of vulnerabilities, though the odd thing about this one is that the initial access is still unknown. The first part of the infection is Line Dancer, a memory-only element that disables the system log, leaks the system config, captures packets and more. A couple of the more devious steps are taken, like replacing the crash dump process with a reboot, to keep the in-memory malware secret. And finally, the resident installs a backdoor in the VPN service.

There is a second element, Line Runner, that uses a vulnerability to arbitrary code from disk on startup, and then installs itself onto the device. That one is a long term command and control element, and seems to only get installed on targeted devices. The Talos blog makes a rather vague mention of a 32-byte token that gets pattern-matched, to determine an extra infection step. It may be that Line Runner only gets permanently installed on certain units, or some other particularly fun action is taken.

Fixes for the vulnerabilities that allowed for persistence are available, but again, the initial vector is still unknown. There’s a vulnerability that just got fixed, that could have been such a vulnerability. CVE-2024-20295 allows an authenticated user with read-only privileges perform a command injection as root. Proof of Concept code is out in the wild for this one, but so far there’s no evidence it was used in any attacks, including the one above.

Mitel Pop From the Front Panel

The good folks at Baldur decided to go hunting for bugs in Mitel VoIP phones. These are pretty commonly used in businesses and hotel back offices. And the first brilliant find was a system compromise just from punching buttons on the phone. Under diagnostics in the menu, the diagnostic server setting is used to upload logs and system information. That setting apparently gets passed into a shell command, as an ampersand is all it takes to execute commands. You can bet that the next time I’m around a Mitel phone, I’m trying &reboot;. That’s technically protected by an admin password — which is usually set to “1234”.

But wait, there’s more. The front panel hack was useful for getting a toehold to run a debugger and other tools, but we need to go deeper. There’s a webserver on port 80, for doing device configuration. It has GET requests locked down reasonably well, but there’s a really odd quirk, that POST requests don’t have to be authorized, so long as a valid GET request has been made within the last 10 minutes. That would be something on it’s own, but even better is the fact that there are a few GET requests that trigger the timer, and don’t require authentication. The winner here is the humble favicon.

The last step was finding a buffer overflow in a routine that sets the MAC address from within the web interface. The tricky thing here is that the overflow code first gets handled by a strcat and strcpy, meaning a NULL byte ends the exploit data. It took some doing, but the team found a gadget chain that got to shellcode while walking the tightrope. They celebrated with a bit of the Imperial march.

False Flag Malware

What happens when you have a database where a user can upload arbitrary data, and an over-zealous pattern-matching anti-malware engine is running? Database deletion wasn’t on my bingo card, but here we are. It’s a literal false flag: create a fake malicious signature, to trick the anti-malware into doing the malicious thing instead. Microsoft Defender and Kaspersky EDR are the two applications called out here, though it’s likely other anti-virus programs would be subject to similar tricks. Microsoft issued a CVE and has shipped a fix, and Kaspersky rolled out some mitigations as well.

False Flag Slander

And then there was this AI-enabled false flag. A school principal was “caught” on a hot mic, expressing some concerning and racially-charged opinions about students, community members, and other school staff. The audio was leaked, the student body got wind of it, and the principle’s scalp was metaphorically called for.

But it was the school’s athletic director, with a speech-cloning service, and he has been arrested, which is sure to lead to an interesting court case. And sadly, this isn’t an isolated incident, as hoaxes have become relatively common, and this isn’t the first time an AI voice has been used maliciously. As much as we hate to say it, look for more of this to come.

Zombie Worm

What happens with a self-propagating worm gets its head cut off? Apparently it turns into a zombie worm. A strain of PlugX malware gained the ability to hop a ride on USB drives a few years back, with all of those infected machines reporting to a single C&C server. That server went offline, and researchers managed to snag the IP address. That’s important to prevent someone else raising the zombies back to unlife, but it also gives us a really interesting look into the infected machine stats.

Nigeria seems to hold the crown for the most infected machines, with India holding down second place. Some researchers have seen a Chinese theme in the data, suggesting China was patient zero, the origin of the worm, or maybe both. With researchers in control of the C&C IP, there is the possibility of issuing remote uninstall commands, but there are both legal and logistical challenges to that idea.

PSA: phpecc

And here’s a PSA for you PHP programmers. (We know you’re out there!) The phpecc library appears to have been abandoned. Statistics suggest it’s still getting over a thousand downloads a day, which isn’t great given that there are some outstanding CVEs in the codebase.

The codebase has been forked by Paragon Initiative Enterprises, P.I.E., who warn against fully trusting the code until an audit has completed. This is one to watch for a while, and be aware of the potential faults of the older versions.

Bits and Bytes

Phylum is back, reporting more malicious packages in NPM. These seem to be coming from the same threat actors as have uploaded malware before, and thought to be North Korean actors. It’s fairly straightforward, with a preinstall hook running obfuscated JS code. This one is interesting, as it seems to be going after MacOS systems. There’s also an interesting bashism that has sneaked into the malicious JS, using the logical OR || instead of an if statement. 'linux' === type || exec() Though due to a typo, it looks like this particular sample will never deploy a payload on Linux. os.type() uses the uname output, which always capitalizes Linux. Your English teacher was right! Capitalization does matter.

Earlier this month a series of CVEs against the Robot Operating System (ROS) came across my desk. I opted not to cover them, as it was a wall of CVEs with hardly any detail in any of them. I filed it away mentally, to check back later. It’s later, and I was apparently not the only observer that thought the report was quite thin on substance. It’s beginning to look like the CVEs are bogus, and the “research paper” was a hastily reworded copy of the ROS beginner tutorial. The most convincing evidence of this is that the presumably fake researchers claimed that security updates were coming soon, while core ROS developers never received reports on the CVEs.

And finally, maybe ransomware is good for one thing — keeping the lights on? Oh, no. Those lights are supposed to turn off during the day. Leiccester has had an attack of the ever-lit street lights, after a ransomware attack forced a shutdown a couple months back.

Microsoft e IBM hanno reso open source MS-DOS 4.0, un sistema operativo a riga di comando legacy su cui le due aziende hanno lavorato insieme oltre 40 anni fa.

Questa versione segue l’open source di due precedenti versioni MS-DOS, 1.25 e 2.0, rilasciate nel 2019.

La versione Microsoft di MS-DOS 4.0 fu originariamente rilasciata nel 1986 dopo uno sviluppo congiunto con IBM per parti del codice, e un rapporto piuttosto difficile tra i due all’epoca portò alla fine al rilascio di due rami, MS-DOS 4.0 e quello che ora è indicato come IBM DOS 4.0.

“C’è una storia alquanto complessa e affascinante dietro le versioni 4.0 di DOS, poiché Microsoft ha collaborato con IBM per porzioni di codice ma ha anche creato un ramo di DOS chiamato Multitasking DOS che non ha visto un ampio rilascio”, ha riportato Jeff Wilcox e Scott Hanselman di Microsoft nel post dell’annuncio . “Questo codice occupa un posto importante nella storia ed è una lettura affascinante di un sistema operativo che è stato scritto interamente in codice assembly 8086 quasi 45 anni fa.”

Qualche settimana fa Scott chiedeva su Facebook se qualcuno avesse unità disco da 5,25 pollici.

Ora sappiamo il perchè di questa insolita richiesta. Ha lavorato con l’entusiasta Jeff Sponaugle per creare un’immagine dei dischi originali MS-DOS 4.0 che erano stati scoperti da Connor Hyde, un ricercatore in Inghilterra.

C’è tutta una storia che coinvolge l’ex direttore tecnico di Microsoft Ray Ozzie e altre persone. Hyde intende documentare la relazione tra DOS 4, MT-DOS e quello che alla fine sarebbe diventato OS/2. Roba affascinante per gli amanti del vintage.

Il codice sorgente per MS-DOS 4.0 si unisce al codice sorgente e ai file binari compilati per MS-DOS 1.25 e 2.0 su GitHub e ciascuno è concesso in licenza con la licenza MIT.

Microsoft nota di aver eseguito con successo MS-DOS 4 negli emulatori PCem e 86box e, sul serio, su un PC IBM XT originale e anche su un PC basato su Pentium più recentemente.

L'articolo Microsoft nostalgic-mode: rende open source il codice per MS-DOS 4.0 proviene da il blog della sicurezza informatica.

We’re not 100% sure which phase of Microsoft’s “Embrace, Extend, and Extinguish” gameplan this represents, but just yesterday the Redmond software giant decided to grace us with the source code for MS-DOS v4.0.

To be clear, the GitHub repository itself has been around for several years, and previously contained the source and binaries for MS-DOS v1.25 and v2.0 under the MIT license. This latest update adds the source code for v4.0 (no binaries this time), which originally hit the market back in 1988. We can’t help but notice that DOS v3.0 didn’t get invited to the party — perhaps it was decided that it wasn’t historically significant enough to include.

That said, readers with sufficiently gray beards may recall that DOS 4.0 wasn’t particularly well received back in the day. It was the sort of thing where you either stuck with something in the 3.x line if you had older hardware, or waited it out and jumped to the greatly improved v5 when it was released. Modern equivalents would probably be the response to Windows Vista, Windows 8, and maybe even Windows 11. Hey, at least Microsoft keeps some things consistent.

It’s interesting that they would preserve what’s arguably the least popular version of MS-DOS in this way, but then again there’s something to be said for having a historical record on what not to do for future generations. If you’re waiting to take a look at what was under the hood in the final MS-DOS 6.22 release, sit tight. At this rate we should be seeing it sometime in the 2030s.

It’s a sad fact of owning older machinery, that no matter how much care is lavished upon your pride and joy, the inexorable march of time takes its toll upon some of the parts. [Jason Scatena] knows this only too well, he’s got a 1976 Honda CJ360 twin, and the rubber bushes that secure its side panels are perished. New ones are hard to come by at a sensible price, so he set about casting his own in silicone.

Naturally this story is of particular interest to owners of old motorcycles, but the techniques should be worth a read to anyone, as we see how he refined his 3D printed mold design and then how he used mica powder to give the clear silicone its black colour. The final buses certainly look the part especially when fitted to the bike frame, and we hope they’ll keep those Honda side panels in place for decades to come. Where this is being written there’s a CB400F in storage, for which we’ll have to remember this project when it’s time to reactivate it.

If fettling old bikes is your thing then we hope you’re in good company here, however we’re unsure that many of you will have restored the parts bin for an entire marque.