CrowdStrike: la Sicurezza Informatica entra nell’era degli agenti AI
Al Fal.Con 2025, la conferenza annuale che raduna migliaia di esperti di cybersecurity da tutto il mondo, CrowdStrike ha messo in chiaro un concetto: la difesa informatica sta entrando in una nuova era, quella degli “agenti AI”.
Dall’endpoint all’agente: l’evoluzione della difesa digitale
Per anni CrowdStrike ha guidato il settore con la protezione degli endpoint e il modello di Endpoint Detection and Response. Oggi lo stesso approccio viene traslato sull’intelligenza artificiale. Con l’acquisizione della startup Pangea, l’azienda vuole blindare ogni aspetto dell’AI aziendale: dai modelli agli agenti virtuali, fino alle semplici conversazioni con un chatbot.
Nasce così il concetto di AI Detection and Response (AIDR), una sorta di “antivirus del futuro” capace di intercettare attacchi sofisticati come i prompt injection e di prevenire abusi o utilizzi rischiosi dei sistemi generativi.
Il SOC “agentico”: quando gli analisti non sono più da soli
Il CEO George Kurtz ha parlato di un vero cambio di paradigma per i Security Operations Center. Oggi gli attacchi non si misurano più in giorni o ore, ma in secondi. Per questo CrowdStrike propone il SOC agentico: non più una squadra di analisti sommersi dagli alert, ma un ambiente dove agenti digitali intelligenti lavorano al fianco delle persone, analizzano anomalie, prendono decisioni e agiscono in autonomia.
Protagonista di questa rivoluzione per Crowdstrike è Charlotte AI, il sistema che orchestra gli agenti e ne coordina le azioni. Non solo: grazie a Agent Works, ogni azienda potrà creare i propri agenti personalizzati con un’interfaccia no-code, come se stesse “assumendo” nuovi colleghi digitali specializzati in sicurezza.
Enterprise Graph: il gemello digitale dell’impresa
Il CTO Elia Zaitsev ha poi presentato l’Enterprise Graph, un modello che ricostruisce in tempo reale l’intera infrastruttura aziendale – utenti, asset, identità e dati – offrendo una visione unificata e interrogabile in linguaggio naturale. Un approccio che permette di passare in pochi istanti dall’individuazione di una vulnerabilità alla generazione automatica di un piano di remediation, riducendo drasticamente i tempi di risposta.
Al Fal.Con è stato presentato anche l’Adversary Strategy Program, con cui CrowdStrike replica e anticipa le mosse degli hacker per rendere la piattaforma sempre più resiliente. Da qui nascono soluzioni come Apex, un modello AI in grado di smascherare l’uso malevolo di processi legittimi, e nuove tecniche per contrastare ransomware e l’abuso di strumenti di gestione remota.
La sfida del futuro
In un mondo in cui “i prompt sono i nuovi malware”, come è stato detto sul palco, CrowdStrike punta a trasformare la paura dell’AI in un’opportunità: se i criminali informatici sfruttano i modelli generativi per accelerare i loro attacchi, le aziende possono rispondere con agenti AI che lavorano senza sosta, 24 ore su 24, al fianco dei team di sicurezza.
La promessa è chiara: con Falcon, Pangea e l’ecosistema di agenti intelligenti, CrowdStrike vuole fare con l’AI ciò che anni fa fece con gli endpoint: alzare l’asticella e ridefinire, ancora una volta, cosa significa “fermare le violazioni”.
L'articolo CrowdStrike: la Sicurezza Informatica entra nell’era degli agenti AI proviene da il blog della sicurezza informatica.
Pill Sized Scoop of Your Internals
Taking a look inside the human body has never been easier — just swallow a camera in the shape of a pill. However, what is not quite as easy is retrieving a piece of whatever you’re viewing. This is exactly what researchers from HIT Shenzhen have attempted to solve with their magnetic capsule bot.
When traditional procedures want to take a sample somewhere in the intestinal tract they generally require somewhat invasive procedures sticking something up…well you know. With this pill, robot magnetic control allows physicians to choose exactly where and when to take a sample, all without shoving unpleasant objects into…again you know.
A magnetic field is generated to open the capsule and suck liquids inside. This traps a sample that can be retrieved through later bowel movements. The technology hasn’t been tested on a living patient yet, but but animal trials are planned for the foreseeable future.
Check out the fine details with the paper itself here. Biomedical engineering is always an interesting topic with so much potential for more hacking. We at Hackaday are no strangers to this wonderful world of bodily hacks.
How Regulations Are Trying To Keep Home Battery Installs Safe
The advent of rooftop solar power generation was a huge step forward for renewable energy. No longer was generating electricity the sole preserve of governments and major commercial providers; now just about any homeowner could start putting juice into the grid for a few thousand dollars. Since then, we’ve seen the rise of the home battery, which both promises to make individual homes more self sufficient, whilst also allowing them to make more money selling energy to the grid where needed.
Home batteries are becoming increasingly popular, but as with any new home utility, there come risks. After all, a large capacity battery can present great danger if not installed or used correctly. In the face of these dangers, authorities in jurisdictions around the world have been working to ensure home batteries are installed with due regard for the safety of the occupants of the average home.
Hot Stuff
Home batteries exist for one reason—to store electrical energy for later use. Currently, this is most effectively achieved with the use of lots of lithium-ion cells. While the dangers of lithium-ion cells are often overstated and dramatized, they do nonetheless pose a safety risk when things go wrong. There is of course, the electrical danger, however adherence to proper wiring standards and such typically manages that problem. The greater concern when it comes to home battery installations is around fire. If a large bank of lithium cells catches alight, either through its own malfunction or an external cause, the resultant blaze can be fierce, and incredibly difficult to extinguish. It is for this reason that authorities have developed extensive regulations around home battery installations. The aim is generally to avoid the likelihood of ignition or fire wherever possible, and limit the possible harms if such a thing should occur.
Basically, you don’t want a massive lithium battery fire to overwhelm you with smoke and flames, trap you in your home, or otherwise cause great injury. Thus, most jurisdictions post strict regulations about where a battery may be installed in a typical home. For example, in the US, NFPA rules mandate that residential batteries can only be installed in garages, on exterior walls or outdoors at least three feet away from windows, or in utility closets and storage spaces. Regulations in other jurisdictions are similarly strict; Australian rules ban installations under stairs or ventilation ducts, for example, along with any installations in ceilings or wall cavities. It might feel convenient to tuck batteries away where they can’t be seen, but the risks are considered too great. It’s just generally considered a bad idea to pack your walls or roof full of highly-combustible material.
Often, many jurisdictions also require some level of non-combustible barrier to protect nearby structures that are made of combustible material. For example, if installing a battery near a wooden part of a building, regulations may insist upon the use of materials like brick or concrete that won’t readily catch alight if the battery enters thermal runaway. Capacity limits are also typical, as it’s undesirable to have an excessively large battery in a residential installation where it could one day become an unstoppable inferno in an inhabited area.
It might then seem, based on all the safety concerns around putting big batteries near inhabited structures, that a more remote installation would be best. However, standalone outdoor installations are often also subject to their own restrictions. For example, in Australia’s hot climate, outdoor installs must be protected to some degree from direct sunlight to avoid overheating issues that could lead to disaster. Garage or garage-adjacent installations generally require protection against potential vehicles impacts, too. For example, the NFPA 855 standard requires the use of hefty 4-inch bollards set 3-feet deep in concrete to protect against accidental vehicle impact in commercial installations, while noting that any risk of impact is unacceptable for residential garage installations.
These are just some of the hurdles you will have to clear if you wish to install a large storage battery in your home. There are so many others, from regulations around approved batteries and inverters, wiring rules, as well as the necessary signage to indicate to tradespeople and first responders that a large battery is connected to the home’s electrical supply. It can be a lot to take in, though for the average customer, it’s up to their home battery installer to ensure compliance in these regards. If you’re looking at such an installation, though, and you’re wondering why you can’t put your battery exactly where you like, just know that there are likely many good reasons behind it!
Who Wants a Rusty Old Smartphone?
If we’re talking about oxidized iron… probably nobody. If we’re talking about Rust the programming language, well, that might be a different story. Google agrees, and is working on bringing the language into Android. That’s not enough for [Paul Sanja], who has the first Redox OS smartphone.
Redox OS is a Unix-like operating system written entirely in Rust, and somehow we haven’t covered it until now. Unlike Asterinas, a project to recreate the Linux kernel in Rust, Redox has few pretensions of being anything but its own thing, and that’s great! On desktop, Redox has a working windowing system and many utilities, including a basic browser in the form of NetSurf.
It’s claims to be source-compatible with Linux and BSD programs, and partially POSIX compliant. A certain someone around here might want to try it as a daily driver. The header image is a desktop screenshot, because there’s more to see there and it fits our aspect ratio.
On smartphones, it… boots. Some smartphones, anyway. It’s actually a big first step. That booting is possible is actually thanks to the great work put in by the Postmarket OS team to get Uboot working on select android devices. That uboot loader doesn’t need to load the Linux-based Postmarket OS. It can be used for anything compatible. Like, say, Redox OS, as [Paul] shows us.
Of course, Redox OS has no drivers for the touchscreen or anything else, so at the moment that rusty smartphone can only boot to a login screen. But thanks to Rust, you can rest assured that login screen hasn’t got any memory leaks! Jokes aside, this is a great start and we’re hoping to see more.
Redox is a promising project on mobile or desktop, and its development seems a much better use of time and effort than fighting over Rust in the Linux kernel.
hackaday.com/2025/09/24/who-wa…
RTINGS 10-Year Equivalent TV Longevity Update With Many Casualties
For the past two-and-half years Canadian consumer testing outfit RTINGS has been running an accelerated aging experiment across a large number of TVs available to a North-American audience. In their most recent update, we not only find out about the latest casualties, but also the impending end of the experiment after 18,000 hours — as the TVs are currently failing left and right as they accelerate up the ascending ramp of the bathtub curve.
The dumbest failure type has to be the TVs (such as the Sony X90J) where the failure of a single dead backlight LED causes the whole TV to stop working along with series-wired LED backlights where one dead LED takes out a whole strip or zone. Other failures include degrading lightguides much as with our last update coverage last year, which was when edge-lit TVs were keeling over due to overheating issues.
Detailed updates can be found on the constantly updating log for the experiment, such as on the failed quantum dot diffusor plate in a TCL QLED TV, as the quantum dots have degraded to the point of green being completely missing. Although some OLEDs are still among the ‘living’, they’re showing severe degradation – as pictured above – after what would be the equivalent of ten years of typical usage.
Once the experiment wraps up it will be fascinating to see who the survivors are, and what the chances are of still using that shiny new TV ten years from now.
youtube.com/embed/Chcwz5LYiHs?…
Come disabilitare un EDR tramite registro? Con il DedicatedDumpFile
Ho lavorato per diversi anni come System Engineer e uno dei compiti che ho svolto è stata la gestione di Citrix PVS. Uno dei problemi con PVS era l’analisi dei file di dump. L’unico modo per generare un file di dump completo era utilizzare l’ opzione DedicatedDumpFile, disponibile come chiave di registro in HKLMSYSTEMCurrentControlSetControlCrashControl.
Un ostacolo significativo quando il file DedicatedDumpFile è abilitato e configurato è la sua eliminazione, poiché è sempre in uso da parte di un processo.
Il crash dump viene creato dal kernel di Windows (ntoskrnl.exe) in collaborazione con il driver Crashdmp.sys. Per garantire che il file sia sempre contiguo, non frammentato e disponibile al momento del crash, il kernel lo mantiene aperto e riservato mentre il sistema è in esecuzione.
Ora, cosa succede se il valore della chiave di registro DedicatedDumpFile non è un file .dmp?
Per impostazione predefinita, Windows non verifica se il valore della chiave punta a un file .dmp. Se inseriamo il percorso di un file .exe (ad esempio, EDR.exe) nella chiave DedicatedDumpFile , Windows aprirà il file all’avvio, causando l’utilizzo del file .exe.
Questo può causare il crash di un processo protetto, come un EDR? Certo che sì.
Ho creato un semplice script PowerShell che aggiunge la chiave DedicatedDumpFile con il valore di un percorso .exe (EDRService.exe).
Come puoi vedere nell’immagine sottostante, la chiave è stata aggiunta correttamente.
Naturalmente è necessario un riavvio perché la chiave venga aggiunta in HKLM .
Dopo il riavvio, come accennato in precedenza, il processo EDR non può essere avviato perché il servizio è in uso.
Ora siamo in grado di eseguire le azioni desiderate senza l’interazione dell’EDR.
Questa tecnica è stata testata su otto EDR e solo uno di essi l’ha bloccata, non a causa di DedicatedDumpFile, ma perché controlla se una chiave di registro è scritta con il suo nome.
L'articolo Come disabilitare un EDR tramite registro? Con il DedicatedDumpFile proviene da il blog della sicurezza informatica.
Dodecahedron Speaker Is Biblically Accurate
Once upon a time, many radios and TVs only came with a single (mono) speaker. Then someone decided all audio hardware should have as many speakers as we have ears. That was until [Olivia] came along, and whipped up a dodecahedron speaker as an educational piece for workshops. Really, it shows us that twelve speakers should be the minimum standard going forward.
The speaker relies on a 3D-printed frame. The dodecahedron shell is assembled from 12 individual faces, each of which hosts a small individual speaker. Multichannel audio fans shouldn’t get too excited—all twelve speakers are wired to the same input in four groups of three, making this essentially an exceptionally complicated mono device. It might sound silly, but it’s actually a great way to deliver audio in many directions all at once. [Olivia] even went to the effort of running some sweep tests in anechoic and reverberation chambers to see how they performed, which is a fun bit of extra detail in the build log.
[Olivia] notes that these unique speakers are great as a beginner workshop build. They’re easy to modify in various ways to suit different ideas or levels of ability, and they can be made for less than $30 a pop. We’d love to see an advanced version that maybe packed in a lithium battery and a Bluetooth module to make them a standalone audio device. Video after the break.
youtube.com/embed/bOk2Ty-xNDM?…
How A Failed Video Format Spawned A New Kind of Microscope
The video cassette tape was really the first successful home video format; discs just couldn’t compete back in the early days. That’s not to say nobody tried, however, with RCA’s VideoDisc a valiant effort that ultimately fell flat on its face. However, the forgotten format did have one benefit, in that it led to the development of an entirely new kind of microscope, as explained by IEEE Spectrum.
The full story is well worth the read; the short version is that it all comes down to capacitance. RCA’s VideoDisc format was unique in that it didn’t use reflective surfaces or magnetic states to represent data. Instead, the data was effectively stored as capacitance changes. As a conductive stylus rode through an undulating groove in a carbon-impregnated PVC disc, the capacitance between the stylus and the disc changed. This capacitance was effectively placed into a resonant circuit, where it would alter the frequency over time, delivering an FM signal that could be decoded into video and audio by the VideoDisc player.
The VideoDisc had a capacitance sensor that could detect such fine changes in capacitance, that it led to the development of the Scanning Capacitance Microscope (SCM). The same techniques used to read and inspect VideoDiscs for quality control could be put to good use in the field of semiconductors. The sensors were able to be used to detect tiny changes in capacitance from dopants in a semiconductor sample, and the SCM soon became an important tool in the industry.
It’s perhaps a more inspiring discovery than when cheeky troublemakers figured out you could use BluRay diodes to pop balloons. Still fun, though. An advertisement for the RCA VideoDisc is your video after the break.
youtube.com/embed/h184c9WJ8uY?…
Build Your Own 6K Camera
[Curious Scientist] has been working with some image sensors. The latest project around it is a 6K camera. Of course, the sensor gives you a lot of it, but it also requires some off-the-shelf parts and, of course, some 3D printed components.
An off-the-shelf part of a case provides a reliable C mount. There’s also an IR filter in a 3D-printed bracket.
The processor gets hot, so he used different heat sinks and a fan, too. Overall, this isn’t much custom electronics, but this is an excellent example of assembling existing parts with high-quality 3D printed components.
Heat-set inserts provide a tripon mount. There’s also a custom HDMI monitor mount if you don’t want to use your phone as a viewfinder. One neat oddity that helps is a USB-A cable that splits into three USB-C connectors. Of course, only one of them has data lines. The other two feed power to different parts of the camera.
A good-looking build. At a glance, you could easily think this was a commercial product. We do like these digital camera builds, but we also find 3D printed film cameras fascinating. If 6K is too much for you, you can always downsize.
youtube.com/embed/idA1_AyZoek?…
Calculator Battery Mod Lets You Go the Distance
Disposable batteries seem so 1990s. Sure, it’s nice to be able to spend a couple of bucks at the drugstore and get a flashlight or TV remote back in the game, but when the device is a daily driver, rechargeable batteries sure seem to make more financial sense. Unfortunately, what makes sense to the end user doesn’t always make sense to manufacturers, so rolling your own rechargeable calculator battery pack might be your best option.
This slick hack comes to us from [Magmabow], who uses a Casio FXCG50 calculator, a known battery hog. With regular use, it goes through a set of four alkaline AA batteries every couple of months, which adds up quickly. In search of a visually clean build, [Magmabow] based the build around the biggest LiPo pillow-pack he could find that would fit inside the empty battery compartment, and planned to tap into the calculator’s existing USB port for charging. A custom PCB provides charging control and boosts the nominal 3.7-volt output of the battery to the 5-ish volts the calculator wants to see. The PCB design is quite clever; it spans across the battery compartment, with its output feeding directly into the spring contacts normally used for the AAs. A 3D-printed insert keeps the LiPo and the PCB in place inside the battery compartment.
Almost no modifications to the calculator are needed, other than a couple of bodge wires to connect the battery pack to the calculator’s USB port. The downside is that the calculator’s battery status indicator won’t work anymore since the controller will just shut the 5-volt output down when the LiPo is discharged. It seems like there might be a simple fix for that, but implementing it on such a small PCB could be quite a challenge, in which case a calculator with a little more room to work with might be nice.
youtube.com/embed/S9CCIyYRlEc?…
Automatic Feeder Keeps Fish Sated
[Noisy Electrons] is a maker who also likes to keep fish. He sometimes needs to travel and keep his fish fed in the meantime, so he created an automated solution to handle that for him.
The build is based around an STM32 microcontroller, paired with a MCP7940N real-time clock to keep time. The microcontroller is hooked up to a few buttons and a small display to serve as an interface, allowing the feeding times and dosage amounts to be configured right on the device. Food is distributed from a 3D printed drum with a hole in it, which is rotated via a stepper motor. Each time the drum rotates, some food falls through the hole and into the tank. Dosage amount is measured in rotations — the more times the drum rotates, the more food is delivered to the fish.
[Noisy Electron] built three of these devices for three separate tanks. Thus far, it’s been three weeks and all the fish are still alive, so we’ll take that as a vote of confidence in the build. We’ve featured some other great pet feeders over the years, too
youtube.com/embed/mMoiuHav7VQ?…
Hacking RAN: i servizi segreti USA scoprono una rete cellulare clandestina a New York
I servizi segreti statunitensi hanno riferito di aver scoperto e sequestrato una rete di apparecchiature di telecomunicazione nell’area di New York in grado di interrompere il servizio di telefonia mobile.
I dispositivi si trovavano nei pressi dell’Assemblea Generale delle Nazioni Unite, alla quale questa settimana hanno partecipato decine di leader mondiali.
Secondo l’agenzia, la rete comprendeva oltre 100.000 schede SIM e circa 300 server. Le apparecchiature consentivano l’invio di messaggi anonimi crittografati e potevano interferire con i servizi di emergenza.
Secondo un funzionario, il sistema era in grado di inviare fino a 30 milioni di messaggi di testo al minuto e i Servizi Segreti non avevano mai assistito a un’operazione di tale portata prima.
“Considerati i tempi, il luogo e il potenziale di notevoli disagi alle reti di telecomunicazioni di New York City che questi dispositivi avrebbero potuto causare, l’agenzia è intervenuta rapidamente per chiudere la rete“, ha affermato il Secret Service in una nota.
L’attrezzatura è stata scoperta ad agosto in diversi siti entro un raggio di 56 chilometri dalla sede centrale delle Nazioni Unite.
La scoperta è avvenuta a seguito di un’indagine durata mesi, iniziata dopo che tre alti funzionari statunitensi avevano ricevuto “minacce telefoniche” anonime in primavera. Tra loro c’erano un agente dei Servizi Segreti e due funzionari della Casa Bianca.
Un’analisi iniziale dei dati di alcune schede SIM ha rivelato collegamenti con almeno un governo straniero, nonché con criminali già noti alle forze dell’ordine statunitensi, inclusi membri di un cartello.
“Continueremo a indagare su chi si cela dietro questa rete e quali fossero i suoi obiettivi, inclusa la potenziale interruzione delle comunicazioni governative e di emergenza durante la visita dei leader mondiali a New York“, ha dichiarato Matt McCool, capo dell’ufficio newyorkese dei Servizi Segreti.
Le fotografie pubblicate mostrano rack di server pieni di schede SIM e antenne. Secondo McCool, questa rete avrebbe potuto disabilitare le torri cellulari e “paralizzare di fatto le reti mobili”.
Gli esperti hanno definito l’operazione costosa e tecnologicamente avanzata. Secondo Anthony Ferrante, responsabile della sicurezza informatica presso la società di consulenza FTI ed ex funzionario della Casa Bianca e dell’FBI, la rete scoperta era probabilmente un’operazione di spionaggio. Ha aggiunto che tali apparecchiature potrebbero essere utilizzate anche per intercettare le comunicazioni.
L’operazione ha coinvolto anche il Dipartimento di Giustizia degli Stati Uniti, il Dipartimento di Polizia di New York, l’Office of National Intelligence e l’Homeland Security Investigations. Secondo McCool, l’indagine è in corso e “non c’è motivo di credere che dispositivi simili non vengano trovati in altre città”.
Durante la perquisizione, oltre ai server SIM, gli agenti hanno scoperto anche sostanze proibite, armi illegali, computer e telefoni cellulari.
L'articolo Hacking RAN: i servizi segreti USA scoprono una rete cellulare clandestina a New York proviene da il blog della sicurezza informatica.
2025 Hackaday Superconference: Announcing our Workshops and Tickets
Can you feel the nip of fall in the air? That can only mean one thing: Supercon is just around the corner. The next few weeks are going to bring a blitz of Supercon-related reveals, and we’re starting off with a big one: the workshops.
Supercon is the Ultimate Hardware Conference, and you need to be there to attend a workshop. Both workshop and general admission tickets are on sale now! Don’t wait — they sell out fast.
Kody Kinzie
Meshtastic for Beginners: Solder Your Own Cat-Themed LoRa Weather Station!
If you’ve wanted to create off-grid, encrypted mesh networks that can span over a hundred miles, this class will serve as a beginner’s guide to Meshtastic. We’ll be soldering and setting up our own custom cat-themed Meshtastic weather station nodes!
Seth Hillbrand
Level Up Your Board Game with KiCad
This workshop will teach you how to use KiCad with other common open-source tools, including Inkscape and FreeCAD, to level up your board game. We’ll make a beautiful PCB-based board game. You’ll learn techniques for better circuit layout, art transfer, case fitting, and 3D modeling.
Pat Deegan
Tiny Tapeout
In this workshop, participants will get the opportunity to design and manufacture their own design on an ASIC! Participants will learn the basics of digital logic, the basics of how semiconductors are designed and made, how to use an online digital design tool to build and simulate a simple design, and how to create the GDS files for manufacture on the open-source Sky130 PDK. Participants will have the option to submit their designs for manufacturing on the next shuttle as part of the Tiny Tapeout project.
Estefannie and Bob Hickman
Bling It On: Programming Your Own Generative Art Matrix
In this intermediate-level maker workshop, you will learn the fundamentals of generative algorithms and apply them using either Circuit Python or C++ to create a dynamic display that can pull data over WiFi from one or more APIs and use the data to visualize some generative art. The results will be beautiful and practical, and attendees will leave with an amazing 130 mm x 130 mm LED matrix.
Shawn Hymel
Introduction to Embedded Rust
Rust curious? This hands-on workshop will introduce you to this fascinating (relatively) new language and how you can use it to develop firmware for your various microcontroller projects. We’ll cover the basics of Rust’s ownership model, blink an LED (as you do), and read from an I2C sensor. (Shawn’s workshop is sponsored by DigiKey.)
November is just around the corner. Get your tickets now and we’ll see you at Supercon!
Using Moondream AI to Make Your Pi “See” Like a Human
[Jaryd] from Core Electronics shows us human-like computer vision with Moondream on the Pi 5.
Using the Moondream visual language model, which runs directly on your Raspberry Pi, and not in the cloud, you can answer questions such as “are the clothes on the line?”, “is there a package on the porch?”, “did I leave the fridge open?”, or “is the dog on the bed?” [Jaryd] compares Moondream to an alternative visual AI system, You Only Look Once (YOLO).
Processing a question with Moondream on your Pi can take anywhere from just a few moments to 90 seconds, depending on the model used and the nature of the question. Moondream comes in two varieties, based on size, one is two billion parameters and the other five hundred million parameters. The larger model is more capable and more accurate, but it has a longer processing time — the fastest possible response time coming in at about 22 to 25 seconds. The smaller model is faster, about 8 to 10 seconds, but as you might expect its results are not as good. Indeed, [Jaryd] says the answers can be infuriatingly bad.
In the write-up, [Jaryd] runs you through how to use Moonbeam on your Pi 5 and the video (embedded below) shows it in action. Fair warning though, Moondream is quite RAM intensive so you will need at least 8 GB of memory in your Pi if you want to play along.
If you’re interested in machine vision you might also like to check out Machine Vision Automates Trainspotting With Unique Full-Length Portraits.
youtube.com/embed/ADuaiRnX5X0?…
The Impending CRT Display Revival Will Be Televised
Until the 2000s vacuum tubes practically ruled the roost. Even if they had surrendered practically fully to semiconductor technology like integrated circuits, there was no escaping them in everything from displays to video cameras. Until CMOS sensor technology became practical, proper video cameras used video camera tubes and well into the 2000s you’d generally scoff at those newfangled LC displays as they couldn’t capture the image quality of a decent CRT TV or monitor.
For a while it seemed that LCDs might indeed be just a flash in the pan, as it saw itself competing not just with old-school CRTs, but also its purported successors in the form of SED and FED in particular, while plasma TVs made home cinema go nuts for a long while with sizes, fast response times and black levels worth their high sale prices.
We all know now that LCDs survived, along with the newcomer in OLED displays, but despite this CRTs do not feel like something we truly left behind. Along with a retro computing revival, there’s an increasing level of interest in old-school CRTs to the point where people are actively prowling for used CRTs and the discontent with LCDs and OLED is clear with people longing for futuristic technologies like MicroLED and QD displays to fix all that’s wrong with today’s displays.
Could the return of CRTs be nigh in some kind of format?
What We Have Lost
As anyone who was around during the change from CRT TVs to ‘flat screen’ LCD TVs can attest to, this newfangled display technology came with a lot of negatives. Sure, that 21″ LCD TV or monitor no longer required a small galaxy of space behind the display on the desk or stand, nor did it require at least two people to transport it safely, nor was the monitor on your desk the favorite crispy warm napping spot of your cat.
The negatives mostly came in the form of the terrible image quality. Although active matrix technology fixed the smearing and extreme ghosting of early LC displays at higher refresh rates, you still had multi-millisecond response times compared to the sub-millisecond response time of CRTs, absolutely no concept of blacks and often horrendous backlight bleeding and off-angle visual quality including image inverting with TN-based LCD panels. This is due to how the stack of filters that make up an LC display manipulate the light, with off-angle viewing disrupting the effect.
Meanwhile, CRTs are capable of OLED-like perfect blacks due to phosphor being self-luminous and thus requiring no backlight. This is a feat that OLED tries to replicate, but with its own range of issues and workarounds, not to mention the limited lifespan of the organic light-emitting diodes that make up its pixels, and their relatively low brightness that e.g. LG tries to compensate for with a bright white sub-pixel in their WOLED technology.
Even so, OLED displays will get dimmer much faster than the phosphor layer of CRTs, making OLED displays relatively fragile. The ongoing RTINGS longevity test is a good study case of a wide range of LCD and OLED TVs here, with the pixel and panel refresh features on OLEDs turning out to be extremely important to even out the wear.
CRTs are also capable of syncing to a range of resolutions without scaling, as CRTs do not have a native resolution, merely a maximum dot pitch for their phosphor layer beyond which details cannot be resolved any more. The change to a fixed native resolution with LCDs meant that subpixel rendering technologies like Microsoft’s ClearType became crucial.
To this day LCDs are still pretty bad at off-angle performance, meaning that you have to look at a larger LCD from pretty close to forty-five degrees from the center line to not notice color saturation and brightness shifts. While per-pixel response times have come down to more reasonable levels, much of this is due to LCD overdriving, which tries to compensate for ghosting by using higher voltages for the pixel transitions, but can lead to overshoot and a nasty corona effect, as well as reduce the panel’s lifespan.
Both OLEDs and LCDs suffer from persistence blurring even when their pixel-response times should be fast enough to keep up with a CRT’s phosphors. One current workaround is to insert a black frame (BFI) which can be done in a variety of ways, including strobing the backlight on LCDs, but this is just one of many motion blur reduction workarounds.
As noted by the Blur Busters article, some of these blur reduction approaches work better than others, with issues like strobe crosstalk generally still being present, yet hopefully not too noticeably.
In short, modern LCDs and OLED displays are still really quite bad by a number of objective metrics compared to CRTs, making it little wonder that there’s a strong hankering for something new, along with blatant nostalgia for plasma and CRT technology, flawed as they are. That said, we live in 2025 and thus do not have to be constrained by the technological limitations of 1950s pre-semiconductor vacuum tube technology.
The SED Future
One major issue with CRTs is hard to ignore, no matter how rose-tinted your nostalgia glasses are. Walking into an electronics store back in the olden days with a wall of CRT TVs on display you’re hit by both the high-pitched squeal from the high-voltage flyback converters and the depth of these absolute units. While these days you got flat panel TVs expanding into every larger display sizes, CRT TVs were always held back by the triple electron gun setup. These generate the electrons which are subsequently magnetically guided to the bit of phosphor that they’re supposed to accelerate into.
Making such CRTs flat can be done to some extent by getting creative with said guidance, but with major compromises like divergence and you’ll never get a real flat panel. This dilemma led to the concept of replacing the glass tube and small number of electron guns with semiconductor or carbon-nanotube electron emitters. Placed practically right on top of the phosphor layer, each sub-pixel could have its own miniscule electron gun this way, with the whole setup being reminiscent of plasma displays in many ways, just thinner, less power-hungry and presumably cheaper.
Canon began research on Surface-conduction Electron-Emitter Display (SED) technology in 1986 as a potential successor to CRT technology. This was joined in 1991 by a similar ‘ThinCRT’ effort that used field emission, which evolved into Sony’s FED take on the very similar SED technology. Although both display technologies are rather similar, they have a very different emitter structure, which affects the way they are integrated and operated.
Both of them have in common that they can be very thin, with the thickness determined by the thickness of the cathode plate – featuring the emitters – combined with that of the anode and the vacuum space in between. As mentioned in the review article by Fink et al. from 2007, the vacuum gap at the time was 1.7 mm for a 36″ SED-type display, with spacers inside this vacuum providing the structural support against the external atmosphere not wanting said vacuum to exist there any more.
This aspect is similar to CRTs and vacuum fluorescent displays (VFDs), though one requirement with both SED and FED is to have a much better vacuum than in CRTs due to the far smaller tolerances. While in CRTs it was accepted that the imperfect vacuum would create ions in addition to electrons, this molecule-sized issue did necessitate the integration of so-called ion traps in CRTs prior to aluminized CRT faces, but this is not an option with these new display types.
For SEDs and FEDs there is fortunately a solution to maintain a pure vacuum through the use of so-called getters, which is a reactive material that reacts with gas molecules to remove them from the vacuum gap. With all of this in place and the unit sealed, the required driving voltage for SED at the time was about 20V compared to 50-100V for FED, which is still far below the kilovolt-level driving voltage for CRTs.
A Tenuous Revival
Both the companies behind SED and Sony decided to spin down their R&D on this new take on the veritable CRT, as LCDs were surging into the market. As consumers discovered that they could now get 32+” TVs without having to check the load-bearing capacity of their floor or resorting to the debauchery of CRT (rear) projectors, the fact that LCD TVs weren’t such visual marvels was a mere trifle compared to the fact that TVs were now wall-mountable.
Even as image quality connoisseurs flocked first to plasma and then OLED displays, the exploding market for LCDs crowded out alternatives. During the 2010s you’d find CRTs discarded alongside once prized plasma TVs, either given away for practically free or scrapped by the thousands. Then came the retro gaming revival, which is currently sending the used CRT market skyrocketing, and which is leading us to ask major questions about where the display market is heading.
Although CRTs never really went away from a manufacturing point of view, it’s mostly through specialized manufacturers like Thomas Electronics who will fulfill your CRT fix, though on a strict ‘contact us for a quote’ basis. Restarting a mass-manufacturing production line for something like once super-common CRT TVs would require a major investment that so far nobody is willing to front.
Meanwhile LCD and OLED technology have hit some serious technological dead-ends, while potential non-organic LED alternatives such as microLED have trouble scaling down to practical pixel densities and yields.
There’s a chance that Sony and others can open some drawers with old ‘thin CRT’ plans, dust off some prototypes and work through the remaining R&D issues with SED and FED for potentially a pittance of what alternative, brand-new technologies like MicroLED or quantum dot displays would cost.
Will it happen? Maybe not. It’s quite possible that we’ll still be trying to fix OLED and LCDs for the next decade and beyond, while waxing nostalgically about how much more beautiful the past was, and the future could have been, if only we hadn’t bothered with those goshdarn twisting liquid crystals.
Arriva EDR-Freeze! Mette in coma profondo Windows senza driver vulnerabili
Uno specialista di Zero Salarium ha presentato un metodo che disabilita temporaneamente i processi antivirus e gli agenti EDR su Windows utilizzando strumenti di sistema integrati.
L’articolo descrive in dettaglio il concetto e lo strumento operativo, EDR-Freeze, un modo per interrompere specificamente i processi di monitoraggio senza installare driver vulnerabili aggiuntivi, basandosi sul comportamento dei componenti nativi del sistema operativo e sulle condizioni di competizione tra i processi.
Il trucco sta nel fatto che MiniDumpWriteDump sospende forzatamente tutti i thread del processo di destinazione durante la creazione di uno snapshot, e il processo associato che attiva il dump è responsabile della sua ripresa. La ricerca dimostra come forzare WerFaultSecure a essere eseguito con privilegi di processo protetto (PPL) a livello WinTCB e avviare un dump del PID desiderato.
WerFaultSecure si sospende quindi in un momento critico. Di conseguenza, il processo di destinazione rimane “in stato comatoso” perché anche l’initiator, che avrebbe potuto sbloccarlo, è bloccato.
Per illustrare questo approccio, l’autore utilizza CreateProcessAsPPL, i parametri di avvio WerFaultSecure, il controllo dello stato del processo e la chiamata a NtSuspendProcess sul processo initiator al momento opportuno. Il meccanismo in sé non richiede exploit di driver di terze parti e funziona in modalità utente, rendendolo comodo per test rapidi e l’escalation delle capacità di bypass del monitoraggio.
L’articolo descrive lo strumento EDR-Freeze con un repository GitHub ed esempi di runtime: l’utilità accetta il PID del programma di destinazione e il tempo di pausa in millisecondi, quindi esegue quanto descritto e mantiene il processo antivirus sospeso. La dimostrazione dimostra che MsMpEng.exe (un servizio di Windows Defender) su Windows 11 24H2 è stato sospeso con successo per un periodo di tempo specificato e il suo stato monitorato tramite Process Explorer. L’autore sottolinea che questa tecnica funge da alternativa agli approcci BYOVD ed elimina la necessità di trasferire driver vulnerabili al computer di test.
Lo specialista consiglia di monitorare WerFaultSecure per rilevare parametri di avvio anomali: se i suoi argomenti puntano ai PID di servizi sensibili (LSASS, processi antivirus o agenti EDR ), è opportuno indagare. Inoltre, la protezione richiede meccanismi per controllare le catene di avvio dei processi protetti e verificare la presenza di sequenze insolite durante la creazione di dump.
L'articolo Arriva EDR-Freeze! Mette in coma profondo Windows senza driver vulnerabili proviene da il blog della sicurezza informatica.
Heart Rate Measurement via WiFi, The DIY Way
A few weeks back, we reported on a research group that figured out how to measure heartrate using perturbations in WiFi signals. [Nick Bild] was interested in this so-called “Pulse-Fi” technique, but noted the paper explaining it was behind a paywall. Thus, he worked to recreate the technology himself so he could publish the results openly for anyone eager to learn.
[Nick] paid for the research paper, and noted that it was short on a few of the finer details and didn’t come with any code or data from the original research team. He thus was left to figure out the finer details of how to measure heart rate via WiFi in his own way, though he believes his method is quite close to the original work.
The basic concept is simple enough. One ESP32 is set up to transmit a stream of Channel State Information packets to another ESP32, with a person standing in between. As the person’s heart beats, it changes the way the radio waves propagate from the transmitting unit to the receiver. These changes can be read from the packets, and processed to estimate the person’s heart rate. [Nick] explains the various data-massaging steps involved to go from this raw radio data to a usable heart rate readout.
It’s a great effort from [Nick] to recreate this research all on his own in his home lab. Files are on GitHub for the curious. If you’re eager to learn more about these innovative measurement techniques, you might like to read our prior reporting on the tech. Also, it’s worth remembering—don’t use your homebrew prototypes for any serious healthcare purposes.
youtube.com/embed/Cf6_PGuEiZY?…
Il Re dei DDoS è qui! 40 secondi a 22,2 terabit mitigati da Cloudflare
Il colosso Cloudflare ha reso noto di aver gestito in autonomia un attacco DDoS (Distributed Denial-of-Service) senza precedenti, il più grande mai visto fino ad ora.
L’attacco ipervolumetrico ha raggiunto un picco senza precedenti di 22,2 terabit al secondo (Tbps) e 10,6 miliardi di pacchetti al secondo (Bpps), stabilendo un nuovo e allarmante punto di riferimento per la portata delle minacce informatiche.
Tale attacco segnala un’escalation significativa nelle capacità degli attori malintenzionati e delle botnet da loro controllate. Il record precedente era un attacco UDP Flood da 11,5 terabit al secondo. Questo attacco è durato 35 secondi.
L’attacco da record si è distinto non solo per le sue dimensioni, ma anche per la sua brevità. L’intero evento è durato solo circa 40 secondi, una tattica studiata per sopraffare le difese prima che avessero la possibilità di rispondere pienamente.
Attacco DDoS da 22,2 Tbps definisce un nuovo record mondiale. Gli aggressori utilizzano sempre più spesso questi attacchi DDoS per causare il massimo danno in un lasso di tempo minimo, rendendo il rilevamento e la mitigazione automatizzati e in tempo reale assolutamente essenziali.
Tali attacchi ipervolumetrici vengono solitamente lanciati da enormi botnet , reti di computer compromessi e dispositivi IoT, che vengono sfruttate per inondare i server di un bersaglio con una quantità enorme di traffico, rendendo i suoi servizi non disponibili agli utenti legittimi.
Cloudflare afferma che i suoi sistemi hanno autonomamente identificato e fermato l’attacco, escludendo qualsiasi necessità di intervento manuale. Questa efficace strategia di difesa sottolinea l’importanza di un fondamentale cambio di passo nella sicurezza informatica, ovvero l’adozione di sistemi automatizzati che sfruttano l’intelligenza artificiale per rispondere alle minacce che si evolvono alla stessa velocità dei computer.
Grazie alla sua vasta capacità, la rete globale di Cloudflare è riuscita ad assorbire e neutralizzare il traffico dannoso ai margini, vicino alla fonte. Ciò ha impedito all’attacco di raggiungere e sopraffare l’obiettivo previsto, garantendo che i suoi servizi online rimanessero disponibili e funzionanti durante il breve ma intenso assalto.
L'articolo Il Re dei DDoS è qui! 40 secondi a 22,2 terabit mitigati da Cloudflare proviene da il blog della sicurezza informatica.
Il Gruppo Warlock: nuovo attore nel mercato dei ransomware
Il gruppo Warlock, noto anche come Storm-2603 e GOLD SALEM, è passato dall’essere un nuovo arrivato a un attore di spicco nel mercato dei ransomware in pochi mesi. I ricercatori di Sophos riferiscono che l’attività del gruppo è iniziata a marzo 2025 e che a settembre aveva già creato un proprio portale di fuga di dati, “Warlock Client Data Leak Show”, dove sono state pubblicate 60 vittime. Gli aggressori operano in tutto il mondo, colpendo piccole agenzie governative e aziende commerciali a multinazionali in Nord e Sud America ed Europa.
Warlock ricevette particolare attenzione dopo gli incidenti di agosto: i criminali si vantarono di aver compromesso le società francese Orange e britannica Colt. In quest’ultimo caso, affermarono di aver rubato un milione di documenti e annunciarono persino un’asta per l’archivio.
Successivamente, la stessa risorsa ha elencato la Star Alliance tra le sue vittime, sebbene non sia arrivata alcuna conferma ufficiale da parte dell’organizzazione, e il post stesso era accompagnato da una nota sulla vendita del set di dati rubato. A differenza di altri gruppi ransomware, Warlock non pubblica le date degli attacchi e raramente mostra esempi di materiale rubato, limitandosi a laconiche note sullo stato del riscatto o a un collegamento a un archivio.
Lo stile negoziale di Warlock è palesemente duro: sul loro sito web, accusano le organizzazioni di irresponsabilità e promettono di divulgare i dati se si rifiutano di contattarle. Allo stesso tempo, per le grandi aziende che detengono informazioni estremamente sensibili, dichiarano che l’intera portata dei dati rubati non sarà resa pubblica. Questo approccio consente al gruppo di minare contemporaneamente la reputazione della vittima e di mantenere vivo l’interesse degli acquirenti del mercato nero.
Il rapporto di Sophos pone particolare enfasi sulle tecniche di attacco. Warlock è apparso pubblicamente per la prima volta a giugno su un forum di hacker, dove un rappresentante del gruppo era alla ricerca di exploit per applicazioni aziendali come Veeam, ESXi e SharePoint, nonché di strumenti per bypassare i sistemi EDR.
A luglio, Microsoft aveva già rilevato che il gruppo stava utilizzando una nuova vulnerabilità zero-day sui server SharePoint locali.
L’exploit è stato inizialmente distribuito dal gruppo cinese Salt Typhoon il 18 luglio, ma un aggiornamento problematico ha lasciato vulnerabili decine di migliaia di sistemi, inclusi server governativi. Warlock ha approfittato della situazione e ha implementato la propria catena ToolShell per installare web shell e ottenere persistenza di rete tramite un server Golang personalizzato basato su WebSocket.
Inoltre, gli aggressori combinano attivamente metodi collaudati: utilizzano Mimikatz per rubare le credenziali, PsExec e Impacket per gli spostamenti laterali e distribuiscono il ransomware sulla rete tramite policy di gruppo. Per il traffico nascosto, utilizzano strumenti legittimi, in particolare Velociraptor. Questa combinazione rende i loro attacchi flessibili e difficili da rilevare. Sophos sottolinea che questo mix di tecniche standard e innovazioni mirate dimostra l’elevato livello di preparazione e coraggio degli autori.
In breve tempo, Warlock è entrato nella lista delle 20 operazioni ransomware più attive dell’ultimo anno. Gli esperti stimano che sia improbabile che un’ulteriore pressione sulle infrastrutture aziendali possa essere fermata senza misure aggressive da parte degli operatori di sicurezza.
Per mitigare i rischi, gli esperti consigliano alle organizzazioni di prestare maggiore attenzione al monitoraggio della superficie di attacco, all’applicazione tempestiva di patch ai servizi pubblici e al mantenimento della prontezza per una risposta rapida agli incidenti. Sophos sottolinea che comprendere le tattiche dei Warlock è essenziale per rafforzare le difese prima che il gruppo selezioni un nuovo obiettivo.
L'articolo Il Gruppo Warlock: nuovo attore nel mercato dei ransomware proviene da il blog della sicurezza informatica.
Play Capacitor Cupid With The Matchmaker
Occasionally a design requires capacitors that are much closer to being identical in value to one another than the usual tolerance ranges afford. Precision matching of components from parts on hand might sound like a needle-in-a-haystack problem, but not with [Stephen Woodward]’s Capacitor Matchmaker design.
The Matchmaker is a small circuit intended to be attached to a DVM, with the output voltage indicating whether two capacitors (A and B) are precisely matched in value. If they are not equal, the voltage output indicates the degree of the mismatch as well as which is the larger of the two.
The core of the design is complementary excitation of the two capacitors (the CD4013B dual flip-flop achieves this) which results in a measurable signal if the two capacitors are different; nominally 50 mV per % of mismatch. Output polarity indicates which of the capacitors is the larger one. In the case of the two capacitors being equal, the charges cancel out.
Can’t precision-matched capacitors be purchased? Absolutely, but doing so is not always an option. As [Stephen] points out, selection of such components is limited and they come at an added cost. If one’s design requires extra-tight tolerances, requires capacitor values or types not easily available as precision pairs, or one’s budget simply doesn’t allow for the added cost, then the DIY approach makes a lot more sense.
If you’re going to go down this road, [Stephen] shares an extra time-saving tip: use insulated gloves to handle the capacitors being tested. Heating up a capacitor before testing it — even just from one’s fingers — can have a measurable effect.
[Stephen]’s got a knack for insightful electronic applications. Check out his PWMPot, a simple DIY circuit that can be an awfully good stand-in for a digital potentiometer.
DK 10x03 - Il futuro secondo Babbeo
Dopo una intro che è più un rant, parliamo di come El Zucko continua a pensare di avere qualcosa da dire sul "futuro" e soprattutto che a qualcuno interessino le sue idee da quattro soldi al riguardo. Sì, parliamo di Meta Ray-Ban Display (sono stupidi smart glass, nonostante il nome roboante).
spreaker.com/episode/dk-10x03-…
Cyberwar in Italia: il governo porta l’esercito nel cyberspazio
Il cyberspazio non è più una dimensione marginale ma un vero e proprio dominio operativo strategico. La sua rilevanza è oggi equiparabile a quella di terra mare aria e spazio. L’accelerazione tecnologica trainata dall’Intelligenza Artificiale e dalla digitalizzazione diffusa ha trasformato infrastrutture critiche, servizi sanitari, università e comunicazioni personali in superfici di attacco permanenti. In questo scenario la linea di confine tra criminalità informatica, attivismo politico e minacce di matrice statale si è progressivamente assottigliata dando vita a nuove forme di conflitto ibrido.
In Italia questa trasformazione si riflette nel dibattito sul disegno di legge presentato dal presidente della Commissione Difesa Nino Minardo che attribuisce alle Forze Armate un ruolo operativo anche al di fuori dei tradizionali contesti bellici. L’iniziativa si colloca in un percorso avviato in sede NATO che dal 2016 riconosce il cyberspazio come dominio operativo. L’urgenza della proposta nasce dalla crescita esponenziale di attacchi informatici diretti verso istituzioni imprese e cittadini.
Il contenuto del disegno di legge
Il testo introduce modifiche al codice dell’ordinamento militare, prevedendo la creazione di una riserva ausiliaria composta da ex militari e la possibilità di integrare competenze esterne altamente specializzate. Questo personale civile affiancherebbe i militari nelle operazioni digitali e verrebbe equiparato per alcuni profili giuridici agli operatori delle Forze Armate.
Si tratta di una scelta che apre scenari innovativi e al tempo stesso complessi. Non siamo davanti a una semplice esternalizzazione di servizi ma alla creazione di un nuovo attore ibrido dotato di una speciale causa di giustificazione. Tale istituto, già previsto per l’intelligence, consente di escludere la rilevanza penale di condotte poste in essere nell’interesse istituzionale. L’estensione al dominio militare e a figure civili rischia tuttavia di creare un’area di opacità difficilmente compatibile con le esigenze di trasparenza e con la giurisdizione della magistratura ordinaria.
Le ragioni di una scelta
Il contesto che ha spinto il legislatore a proporre questo intervento è chiaro. Tra gennaio 2023 e luglio 2024 l’Italia ha registrato oltre 19 mila attacchi informatici con una media di più di trenta al giorno. Nei primi sei mesi del 2025 l’Agenzia per la Cybersicurezza Nazionale ha rilevato un aumento del 53 per cento rispetto all’anno precedente con quasi trecentocinquanta incidenti a impatto confermato.
Gli attacchi colpiscono soprattutto i settori dell’energia e dell’acqua ma anche pubblica amministrazione università e telecomunicazioni. L’episodio del ransomware che nel 2021 paralizzò la Regione Lazio resta un caso emblematico della vulnerabilità del sistema Paese e del potenziale impatto delle minacce ibride. Nonostante non fosse un atto di guerra il blocco dei servizi sanitari e delle prenotazioni vaccinali produsse effetti paragonabili a quelli di un’azione militare convenzionale.
Il nodo della governance
Il disegno di legge apre inevitabilmente una riflessione sul coordinamento istituzionale. L’Italia dispone già di un’autorità civile unica l’Agenzia per la Cybersicurezza Nazionale con il compito di prevenire mitigare e certificare la sicurezza informatica. L’ingresso delle Forze Armate con funzioni operative anche in tempo di pace solleva il rischio di un doppio binario che potrebbe replicare frammentazioni già sperimentate in passato.
Una difesa cibernetica efficace richiede al contrario una strategia unitaria che definisca ruoli e responsabilità senza sovrapposizioni. La Difesa può avere un ruolo centrale nella risposta attiva, mentre l’Agenzia dovrebbe mantenere la funzione di coordinamento della resilienza nazionale. Una governance competitiva anziché integrata rischierebbe di indebolire il sistema complessivo.
Il confronto con i modelli internazionali
Gli alleati occidentali hanno già affrontato sfide simili. Negli Stati Uniti lo US Cyber Command opera come comando unificato con meccanismi di supervisione civile e un sistema di accountability consolidato. Nel Regno Unito il GCHQ gestisce la maggior parte delle operazioni mantenendo una chiara separazione tra compiti civili e militari.
Il caso più vicino all’Italia è la Germania che ha istituito il Comando per lo Spazio Cibernetico e delle Informazioni all’interno della Bundeswehr. Anche lì il tema della compatibilità costituzionale e del controllo parlamentare è ancora aperto. L’esperienza tedesca dimostra che un trasferimento diretto di poteri alla Difesa non basta a risolvere le criticità legali e democratiche del dominio cibernetico.
Verso un equilibrio tra sicurezza ed equità giuridica
Il rafforzamento della capacità di risposta è una priorità strategica ma non può tradursi in un indebolimento delle garanzie dello stato di diritto. L’attribuzione di poteri eccezionali a militari e civili specializzati deve essere accompagnata da una cornice normativa chiara che definisca presupposti limiti e modalità di intervento.
Occorre inoltre investire nelle competenze con un polo formativo cyber interforze che coinvolga università e industria e attragga talenti con strumenti di lungo periodo. La trasparenza deve restare un pilastro anche quando le operazioni richiedono riservatezza. La rendicontazione parlamentare non può essere un atto formale ma deve tradursi in un controllo sostanziale.
Il futuro della difesa cibernetica in Italia
Il disegno di legge Minardo rappresenta una tappa significativa nell’evoluzione della difesa nazionale. La sua attualità deriva dall’urgenza di affrontare minacce crescenti che non conoscono confini né dichiarazioni di guerra. Ma la vera sfida per l’Italia è costruire un’architettura di sicurezza cibernetica solida sul piano operativo coerente sul piano istituzionale e inattaccabile sul piano democratico.
Solo superando le frammentazioni, definendo regole certe e valorizzando le competenze, sarà possibile proteggere il Paese dalle guerre ibride senza sacrificare i diritti civili e i principi costituzionali che ne garantiscono la coesione.
L'articolo Cyberwar in Italia: il governo porta l’esercito nel cyberspazio proviene da il blog della sicurezza informatica.
Apple attacca Google Chrome: “Passa a Safari per proteggere la tua privacy”
Apple ha lanciato un severo avvertimento: smettete di usare Google Chrome. Il browser più popolare al mondo sta tenendo testa sia ai computer che agli smartphone, sottraendo gradualmente quote di mercato ad Apple. Ma l’azienda ha deciso di non arretrare e sta rispondendo con un attacco diretto.
“Passa a un browser che protegga davvero la tua privacy”, afferma Apple nel suo annuncio.
Secondo l’azienda, Safari offre una protezione avanzata contro il tracciamento cross-site, nasconde il tuo indirizzo IP ai tracker noti e molto altro. A differenza di Chrome, Safari, sottolinea Apple, aiuta davvero a preservare la tua privacy.
Microsoft sta usando una tattica simile, avvertendo gli utenti Windows dei pericoli di Chrome e promuovendo il suo browser Edge. Ma mentre Edge non è riuscito a prendere il sopravvento, Safari, il browser predefinito sugli iPhone, è in una categoria completamente diversa.
Apple ha persino pubblicato una tabella comparativa delle funzionalità: blocco dei tracker, protezione da estensioni dannose e occultamento dell’IP. In ogni riga, solo Safari è selezionato, mentre Chrome, secondo Apple, non esegue nessuna di queste.
L’elenco, tuttavia, non menziona il fingerprinting dei dispositivi, la tecnologia di tracciamento occulto che Google ha reintrodotto quest’anno, nonostante il precedente divieto. Questo tracciamento è impossibile da disattivare: raccoglie numerose caratteristiche tecniche e crea un profilo utente univoco.
Tuttavia, Apple afferma di aver trovato un modo per contrastare parzialmente questo metodo. La nuova modalità di protezione avanzata da tracciamento e impronte digitali, precedentemente disponibile solo in navigazione privata, è ora abilitata di default per tutti gli utenti in iOS 26. Questa modalità intasa il sistema di riconoscimento con dati non necessari, rendendo estremamente difficile per il browser identificare i veri parametri del dispositivo.
In altre parole, Safari ha persino una protezione integrata contro l’impronta digitale, mentre Chrome su iPhone non offre tale protezione. Apple lo dice chiaramente: la scelta del browser determina direttamente il livello di sicurezza online.
L'articolo Apple attacca Google Chrome: “Passa a Safari per proteggere la tua privacy” proviene da il blog della sicurezza informatica.
Reviving a Scrapped Sound Blaster 2.0 ISA Soundcard
What do you do when you find a ISA Sound Blaster 2.0 card in a pile of scrap? Try to repair the damage on it to give it a second shot at life, of course. This is what [Adrian Black] did with one hapless victim, with the card in question being mostly in good condition minus an IC that had been rather rudely removed. The core Creative CT1336A and Yamaha YM3812 ICs were still in place, so the task was to figure out what IC was missing, find a replacement and install it.
The CT1350 is the final revision of the original 8-bit ISA Sound Blaster card, with a number of upgrades that makes this actually quite a desirable soundcard. The CT1350B revision featured here on a card from 1994 was the last to retain compatibility with the C/MS chips featured on the original SB card. After consulting with [Alex] from the Bits und Bolts YT channel, it was found that not only is the missing IC merely an Intel 8051-based Atmel MCU, but replacements are readily available. After [Alex] sent him a few replacements with two versions of the firmware preflashed, all [Adrian] had to do was install one.
Before installation, [Adrian] tested the card to see whether the expected remaining functionality like the basic OPL2 soundchip worked, which was the case. Installing the new MCU got somewhat hairy as multiple damaged pads and traces were discovered, probably because the old chip was violently removed. Along the way of figuring out how important these damaged pads are, a reverse-engineered schematic of the card was discovered, which was super helpful.
Some awkward soldering later, the card’s Sound Blaster functionality sprung back to life, after nudging the volume dial on the card up from zero. Clearly the missing MCU was the only major issue with the card, along with the missing IO bracket, for which a replacement was printed after the video was recorded.
youtube.com/embed/40nBje9KRTk?…
Samsung sotto attacco in Italia: telefoni presi in ostaggio dal ransomware
Da qualche giorno sta circolando la notizia, che al momento non mi risulta sia stata confermata da fonti ufficiali, di un attacco ransomware veicolato attraverso la funzionalità di gestione delle “flotte aziendali” (E-FOTA) di Samsung.
A quanto risulta dal post di un utente sul forum FibraClick, pubblicato qualche giorno fa, questo attacco si sta diffondendo anche in Italia. In sostanza, i cybercriminali inducono l’utente che sta navigando sul Web con il suo smartphone Samsung a far aprire un link appositamente creato di questo tipo:
intent://signin[.]samsung[.]com/key/yphxkjlx?modelName=SAMSUNG#intent;scheme=https;package=com.osp.app.signin;end.
- intent:// = lo schema del generico URI di Android;
- signin[.]samsung[.]com = l’URI di destinazione, assolutamente legittimo e quindi non bloccato da eventuali sistemi di protezione;
- /key/yphxkjlx = l’identificatore, in forma accorciata, della chiave di licenza E-FOTA usata dall’attaccante;
- ?modelName=SAMSUNG = il valore “SAMSUNG” usato per la variabile modelName è necessario per attivare il popup sullo smartphone della vittima, inducendola ad accedere usando il proprio account Samsung;
che fa aprire sullo smartphone della vittima un popup per chiedere l’accesso, attraverso il proprio account Samsung. Se la vittima approva il login, lo smartphone entra a far parte della “flotta aziendale” del cybercriminale, che a quel punto ha il totale controllo del terminale (MDM).
Ovviamente l’occasione non viene fatta sfuggire: il cybercriminale disconnette la vittima dal Suo account Samsung e assegna lo smartphone ad un altro account, impostando il relativo PIN di protezione e segnalandolo come perso/rubato: la vittima è di fatto tagliata fuori dal suo dispositivo. Come dall’articolo originale che descrive tecnicamente questo attacco, pubblicato sul forum XDA-Developers (e poi rimosso), “This security state effectively prevents flashing via Odin, and causes the “KG Status: LOCKED (01)” message to appear in Download Mode.“
A questo punto la vittima viene contattata per la richiesta di un riscatto, che deve essere pagato in criptovaluta, in cambio del PIN di sblocco.
Tecnicamente è un attacco ransomware, anche se con modalità diverse dal consueto. Gli autori dell’attacco prendono il controllo del dispositivo da remoto, tenendo in ostaggio non solo i dati dell’utente, ma anche il telefono stesso. A quanto si legge sempre in questo articolo, attualmente reperibile su archive.org, gli aggressori utilizzano un
gruppo Telegram e un bot automatizzato per facilitare l’estorsione, lasciando una richiesta di riscatto sulla schermata di blocco del dispositivo con le istruzioni su come contattarli.
Se sei stato vittima di questo attacco, è estremamente importante non pagare questi truffatori.Il motivo è semplice: anche se paghi e ti sbloccano il dispositivo, tutto ciò che hanno fatto è cambiare lo stato da “smarrito” a “ritrovato”. Questo significa che il dispositivo è ancora associato alla licenza E-FOTA del cybercriminale e non risulterebbe esserci alcuna intenzione di rimuovere questa associazione. Il rischio è che l’attaccante potrà bloccare nuovamente lo smartphone, chiedendo nuovamente il riscatto per sbloccarlo. Consiglio quindi di recarsi alla Polizia Postale per sporgere regolare denuncia, allegando i dati tecnici del terminale (IMEI) e chiedendo a Samsung Italia, possibilmente via PEC, il rilascio dello smartphone dall’MDM fraudolento.
Al momento la soluzione tecnica più veloce per impedire attacchi di questo tipo su smartphone Samsung è disabilitare la funzione “Apri collegamenti supportati” da abilitato a disabilitato: Impostazioni -> Applicazioni -> Samsung account -> Imposta come predefinita -> Apri collegamenti supportati
Valgono comunque, in ogni caso, sempre le medesime regole di precauzione: non usare lo smartphone per siti web di dubbia sicurezza e mai cliccare su link senza prima una attenta verifica degli stessi. Inoltre, alla richiesta di login usando l’account Samsung, fermarsi e verificare attentamente ciò che ci viene richiesto di fare.
Tecnicamente parlando, la funzionalità E-FOTA di Samsung è perfettamente legittima e utilizzata da migliaia di realtà aziendali senza problemi. Tuttavia, la facilità con cui un attaccante può acquistare una licenza di questo tipo, al costo qualche decina di $, rende questo attacco piuttosto semplice da implementare.
Samsung potrebbe, nel caso, disattivare le licenze E-FOTA rilasciate a questi attori malevoli, in seguito a denuncia delle vittime, rilasciando i relativi IMEI e sbloccando, di conseguenza, gli smartphone dei malcapitati. A quanto viene però sottolineato nell’articolo già citato, “Samsung has made it extremely difficult for me and others to reach out, with their support team sending generic email responses without escalating the issue to their Knox department.”.
L'articolo Samsung sotto attacco in Italia: telefoni presi in ostaggio dal ransomware proviene da il blog della sicurezza informatica.
Blue Alchemist Promises Rocket Fuel From Moon Dust
Usually when an alchemist shows up promising to turn rocks into gold, you should run the other way. Sure, rocket fuel isn’t gold, but on the moon it’s worth more than its weight in the yellow stuff. So there would be reason to be skeptical if this “Blue Alchemist” was actually an alchemist, and not a chemical reactor under development by the Blue Origin corporation.
The chemistry in question is quite simple, really: take moon dust, which is rich in aluminum silicate minerals, and melt the stuff. Then it’s just a matter of electrolysis to split the elements, collecting the gaseous oxygen for use in your rockets. So: moon dust to air and metals, just add power. Lots and lots of power.
Melting rock takes a lot of temperature, and the molten rock doesn’t electrolyse quite as easily as the water we’re more familiar with splitting. Still, it’s very doable; this is how aluminum is produced on Earth, though notably not from the sorts of minerals you find in moon dust. Given the image accompanying the press release, perhaps on the moon the old expression will be modified to “make oxygen while the sun shines”.
Hackaday wasn’t around to write about it, but forward-looking researchers at NASA, expecting just such a chemical reactor to be developed someday, proposed an Aluminum/Liquid Oxygen slurry monopropellant rocket back in the 1990s.
That’s not likely to be flying any time soon, but of course even with the Methalox rockets in vogue these days, there are appreciable cost savings to leaving your oxygen and home. And we’re not biologists, but maybe Astronauts would like to breathe some of this oxygen stuff? We’ve heard it’s good for your health.
Full Scale Styrofoam DeLorean Finally Takes Flight
It’s 2025 and we still don’t have flying cars– but we’ve got this full-scale flying DeLorean prop from [Brian Brocken], and that’s almost as good. It’s airborne and on camera in the video embedded below.
We’ve written about this project before– first about the mega-sized CNC router [Brian] used to carve the DeLorean body out of Styrofoam panels, and an update last year that showed the aluminum frame and motorized louvers and doors.
Well, the iconic gull-wing doors are still there, and still motorized, and they’ve been joined by a tire-tilting mechanism for a Back To The Future film-accurate flight mode. With the wheels down, the prop can use them to steer and drive, looking for all the world like an all-white DMC-12.
The aluminum frame we covered before is no longer in the picture, though. It’s been replaced by a lighter, stiffer version made from carbon fibre. It’s still a ladder frame, but now with carbon fiber tubes and “forged” carbon fiber corners made of tow and resin packed in 3D printed molds. There’s been a tonne of work documented on the build log since we last covered this project, so be sure to check it out for all the details.
Even in unpainted white Styrofoam, it’s surreal to see this thing take off; it’s the ultimate in practical effects, and totally worth the wait. Honestly, with talent like [Brian] out there its a wonder anyone still bothers with CGI, economics aside.
Thanks to [Brian] for the tip! If you have a project you’ve hit a milestone with, we’d love to see it, even if it doesn’t trigger the 80s nostalgia gland we apparently all have embedded in our brains these days. Send us a tip!
youtube.com/embed/MybApXQIO5Q?…
Building Your Own DVB-S2 Receiver
Generally, a digital TV tuner is something you buy rather than something you make yourself. However, [Johann] has always been quite passionate about the various DVB transmission standards, and decided he wanted to build his own receiver just for the fun of it.
[Johann]’s build is designed to tune in DVB-S2 signals transmitted from satellites, and deliver that video content over a USB connection. When beginning his build, he noted it was difficult to find DVB reception modules for sale as off-the-shelf commercial parts. With little to nothing publicly available, he instead purchased a “Formuler F1 Plug & Play DVB-S2 HDTV Sat Tuner” and gutted it for the Cosy TS2M08-HFF11 network interface module (NIM) inside. He then paired this with a Cypress CY7C68013A USB bridge to get the data out to a PC. [Johann] then whipped up a Linux kernel driver to work with the device.
[Johann] doesn’t have hardcore data on how his receiver performs, but he reports that it “works for me.” He uses it in South Germany to tune in the Astra 19.2E signal.
We don’t talk a lot about DVB these days, since so much video content now comes to us over the Internet. However, we have still featured some nifty DVB hacks in the past. If you’re out there tinkering with your own terrestrial or satellite TV hardware, don’t hesitate to notify the tipsline!
Robot Balances Ball On A Plate
Imagine trying to balance a heavy metal ball bearing on a cafeteria tray. It’s not the easiest thing in the world! In fact, it’s perhaps a task better automated, as [skulkami3000] demonstrates with this robotic build.
The heart of the build is a flat platform fitted with a resistive touchscreen panel on top. The panel is hooked up to a Teensy 4.0 microcontroller. When a heavy ball bearing is placed on the touch panel, the Teensy is thus able to accurately read its position. It then controls a pair of NEMA 17 stepper motors via TCM2208 drivers in order to tilt the panel in two axes in order to keep the ball in the centre of the panel. Thanks to its quick reactions and accurate sensing, it does a fine job of keeping the ball centred, even when the system is perturbed.
Projects like these are a great way to learn the basics of PID control. Understanding these concepts will serve you well in all sorts of engineering contexts, from controlling industrial processes to building capable quadcopter aircraft.
youtube.com/embed/vo-K9wCnmB4?…
Jenny’s Daily Drivers: KDE Linux
That’s not to say that there’s no space for a Linux distro on these pages if it is merited though, as for example we marked its 30th anniversary with a look at Slackware. If a distro has something interesting to offer it’s definitely worth a look, which brings us to today’s subject.
KDE Linux is an eponymous distro produced by the makers of the KDE Plasma desktop environment and associated applications, and it serves as a technical demo of what KDE can be, a reference KDE-based distribution, and an entirely new desktop Linux distribution all in one. As such, it always has the latest in all things KDE, but aside from that perhaps what makes it even more interesting is that as an entirely new distribution it has a much more modern structure than many of the ones we’re used to that have their roots in decades past. Where in a traditional distro the system is built from the ground up on install, KDE Linux is an immutable base distribution, in which successive versions are supplied as prebuilt images on which the user space is overlaid. This makes it very much worth a look.
New From The First Boot
The first thing any would-be KDE Linux user in 2025 should understand is that this bears no relation to the previous KDE Neon distro, it’s a very new distro indeed, and still at an alpha testing phase. That’s not to say it’s not very usable, but it’s worth remembering that for now it’s not something you should trust your digital existence to. Stripping away the cruft of legacy distros is evident right from the start, as even the USB installer will only boot in UEFI mode. You might be surprised how many machines try to boot external drives in BIOS mode by default, but this one requires a trip to your motherboard settings to force UEFI. The USB disk boots straight to a KDE desktop from which you can run the installer, and as you might expect, everything is graphical. That immutable base delivers probably the most hassle-free install process of any modern Linux system, and in no time you’re booting your machine into KDE Linux.
KDE is a very slick desktop, and this distro gives you the environment at its most well-oiled. I’m a GNOME user in my day to day life, but I say that not in some vi-versus-emacs sense of a software holy war; this is an environment in which everything is just right where you expect it. The sense of hitting the ground running is high here.
KDE Linux does not have a traditional package manager due to its immutable nature, but we’re told it is capable of using Arch packages. Instead of a package manager it has Discover, which handles both updates and finding applications as prepackaged Flatpaks. As someone who’s had a very bad experience with Ubuntu’s frankly awful Snap packaging, I am instinctively suspicious of packaged applications, but I have to concede the experience of using Flatpak is much less painful than the Ubuntu equivalent. I installed my usual LibreOffice and GIMP alongside Firefox, and got on with writing and editing some Hackaday.
So, What’s It Like To Use?
My test machine for this distro is not particularly quick, packing as it does a dual-core Sandy Bridge Pentium G630 and six gigabytes of memory. It’s saved from terminal sluggishness by having an SSD, but this is still decade old hardware at best. I selected it on purpose to gain a real idea of the performance; I know this machine is acceptable for day to day use running Manjaro so it gives me a good point for comparison.
Since I’ve been using it now for a few days to do my work, I guess KDE Linux makes the grade. There are none of the endless wait dialogues I got with Ubuntu Snaps on a far faster machine, and while you can certainly feel the age of the hardware at times, it’s just as usable as the native Manjaro installation on the same hardware.
You come into contact with that immutable base every time you reboot your system, as recent upgrades appear in the boot menu. If something is wrong with the latest base version then booting back into the previous one is particularly easy and seamless. The disadvantage is that you won’t have all the nuts-and-bolts configuration you are used to with more conventional distros, and some software such as older Nvidia graphics card drivers may have problems.
So in KDE Linux, there’s a new-from-the-ground-up distribution that not only has the reference implementation of KDE, but also a well-thought-out and modern structure behind it. It’s alpha software at the moment so you may not want to make the jump just yet, but it definitely doesn’t feel like an alpha. This is probably the most pain-free Linux install and user experience I have ever had. It’s a definite everyday contender, and over the last three decades I must have installed a large number of different distros. If they can keep it maintained and reach a stable version there’s no reason why this shouldn’t become one of the go-to desktop distributions, which as I see it is quite an achievement. Well done KDE!
Quando Unicode diventa arma e la posta ti tradisce arriva Inboxfuscation
I malintenzionati stanno sempre più utilizzando le funzionalità della casella di posta in arrivo di Microsoft Exchange per garantirsi la persistenza e rubare informazioni sensibili all’interno dei network aziendali.
Inboxfuscation, sviluppato da Permiso, è un framework che dimostra come gli aggressori possano sfruttare il motore delle regole di Exchange come arma, creando meccanismi di persistenza furtivi che eludono sia la revisione umana sia il rilevamento basato sul codice.
Inboxfuscation sfrutta tecniche di offuscamento basate su Unicode per generare regole di posta in arrivo dannose, che riescono a bypassare i sistemi di sicurezza tradizionali.
Nel passato le regole dannose per la posta in arrivo erano spesso semplici da individuare: parole chiave evidenti abbinate ad azioni come eliminare o inoltrare messaggi verso caselle controllate dagli aggressori. I tradizionali strumenti di sicurezza facevano affidamento su rilevamenti basati su parole chiave e su espressioni regolari, strategie che risultavano efficaci contro regole visivamente ovvie.
La disponibilità di un vasto repertorio di caratteri Unicode ha però aperto nuove vie di elusione. Sostituendo caratteri ASCII con varianti visivamente simili o sfruttando processi di normalizzazione eseguiti dal sistema, è possibile creare regole che sembrano innocue alla lettura ma che funzionano in modo differente sul piano logico, sfuggendo così ai meccanismi di rilevamento che si basano esclusivamente su corrispondenza testuale semplice. Pur non essendo state ancora osservate campagne che usino massicciamente queste tecniche, la fattibilità tecnica rappresenta un punto cieco che richiede attenzione.
Alcune categorie di caratteri rendono l’offuscamento particolarmente insidioso. Varianti dei caratteri permettono di replicare l’aspetto di lettere comuni; caratteri a larghezza zero possono essere inseriti tra lettere per interrompere la corrispondenza dei modelli senza alterare l’aspetto visivo; controlli bidirezionali possono ribaltare o riordinare il rendering del testo; varianti cerchiate o racchiuse alterano ulteriormente la percezione visiva. L’ampiezza dell’insieme Unicode offre molte opportunità di inganno visivo e funzionale.
Le tecniche di offuscamento si organizzano in approcci diversi che possono essere usati singolarmente o combinati. La sostituzione dei caratteri sostituisce simboli riconoscibili con equivalenti Unicode; l’iniezione a larghezza zero interrompe pattern con caratteri invisibili; la manipolazione bidirezionale sfrutta controlli di direzionalità per confondere il rendering; combinazioni ibride mixano questi metodi per massimizzare l’evasione. Queste strategie permettono a regole apparentemente innocue di eludere sia il giudizio umano sia il rilevamento automatizzato.
Oltre ai trucchi di offuscamento testuale, esistono tecniche funzionali che alterano il comportamento delle regole di posta. È possibile deviare automaticamente messaggi verso cartelle non convenzionali rendendoli non visibili nelle viste normali, inserire caratteri nulli o spazi che fanno sì che una condizione si applichi a tutti i messaggi, o sfruttare la normalizzazione di parametri di dimensione per creare filtri che si attivano su ogni email. Tali manipolazioni possono trasformare regole apparentemente innocue in meccanismi di persistenza o di occultamento.
Per rispondere a queste minacce il quadro di rilevamento presentato adotta un approccio multistrato e compatibile con diversi formati di log di Exchange. Il sistema individua categorie Unicode sospette, analizza registri in diversi formati e produce output strutturati per l’integrazione con sistemi di security operations. Le azioni raccomandate includono la scansione delle caselle di posta per rilevare offuscamenti, l’analisi storica dei registri di controllo per individuare compromissioni passate e l’integrazione dei risultati nei processi SIEM e di risposta agli incidenti. La ricerca evidenzia lacune nelle difese attuali, rischi di compliance e difficoltà forensi legate alla complessità Unicode, invitando a sviluppare capacità proattive.
L'articolo Quando Unicode diventa arma e la posta ti tradisce arriva Inboxfuscation proviene da il blog della sicurezza informatica.
This Device Is A Real Page Turner
You can read e-books on just about anything—your tablet, your smartphone, or even your PC. However, the interface can be lacking somewhat compared to a traditional book—on a computer, you have to use the keyboard or mouse to flip the pages. Alternatively, you could do what [NovemberKou] did, and build a dedicated page-turning device.
The device was specifically designed for use with the Kindle for Mac or Kindle for PC reader apps, allowing the user to peruse their chosen literature without using the keyboard to change pages. It consists of a thumb wheel, rotary encoder, and an Arduino Pro Micro mounted in a 3D printed shell. The Pro Micro is set up to emulate a USB keyboard, sending “Page Up” or “Page Down” key presses as you turn the thum bwheel in either direction.
Is it a frivolous device with a very specific purpose? Yes, and that’s why we love it. There’s something charming about building a bespoke interface device just to increase your reading pleasure, and we wholeheartedly support it.
youtube.com/embed/0ZbzzK9iitg?…
Meta’s Ray-Ban Display Glasses and the New Glassholes
It’s becoming somewhat of a running gag that any device or object will be made ‘smart’ these days, whether it’s a phone, TV, refrigerator, home thermostat, headphones or glasses. This generally means somehow cramming a computer, display, camera and other components into the unsuspecting device, with the overarching goal of somehow making it more useful to the user and not impacting its basic functionality.
Although smart phones and smart TVs have been readily embraced, smart glasses have always been a bit of a tough sell. Part of the problem here is of course that most people do not generally wear glasses, between people whose vision does not require correction and those who wear e.g. contact lenses. This means that the market for smart glasses isn’t immediately obvious. Does it target people who wear glasses anyway, people who wear sunglasses a lot, or will this basically move a smart phone’s functionality to your face?
Smart glasses also raise many privacy concerns, as their cameras and microphones may be recording at any given time, which can be unnerving to people. When Google launched their Google Glass smart glasses, this led to the coining of the term ‘glasshole‘ for people who refuse to follow perceived proper smart glasses etiquette.
Defining Smart Glasses
Most smart glasses are shaped like rather chubby, often thick-rimmed glasses. This is to accommodate the miniaturized computer, battery and generally a bunch of cameras and microphones. Generally some kind of projection system is used to either project a translucent display on one of the glasses, or in more extreme cases a laser directly projects the image into your retina. The control interface can range from a smartphone app to touch controls, to the new ‘Neural Band’ wristband that’s part of Meta’s collaboration with Ray-Ban in a package that some might call rather dorky.
This particular device crams a 600 x 600 pixel color display into the right lens, along with six microphones and a 12 MP camera in addition to stereo speakers. Rather than an all-encompassing display or an augmented-reality experience, this is more of a display that you reportedly see floating when you glance somewhat to your right, taking up 20 degrees of said right eyepiece.
Perhaps most interesting is the neural band here, which uses electromyography (EMG) to detect the motion of muscles in your wrist by their electrical signals to determine the motion that you made with your arm and hand. Purportedly you’ll be able to type this way too, but this feature is currently ‘in beta’.
Slow March Of Progress
When we compare these Ray-Ban Display smart glasses to 2013’s Google Glass, when the Explorer Edition was made available in limited quantities to the public, it is undeniable that the processor guts in the Ray-Bans are more powerful, it’s got double the Flash storage, but the RAM is the same 2 GB, albeit faster LPRDDR4x. In terms of the display it’s slightly higher resolution and probably slightly better fidelity, but this still has to be tested.
Both have similar touch controls on the right side for basic control, with apparently the new wristband being the major innovation here. This just comes with the minor issue of now having to wear another wrist-mounted gadget that requires regular charging. If you are already someone who wears a smart watch or similar, then you better have some space on your other wrist to wear it.
One of the things that Google Glass and similar solutions have really struggled with – including Apple’s Vision AR gadget – is that of practical use cases. As cool as it can be to have a little head-mounted display that you can glance at surreptitiously, with nobody else around you being able to glance at the naughty cat pictures or personal emails currently being displayed, this never was a use case that convinced people into buying their own Google Glass device.
In the case of Meta’s smart glasses, they seem to bank on Meta AI integration, along with real-time captions for conversations in foreign languages. Awkward point here is of course that none of these features are impossible with a run-of-the-mill smartphone, and those can do even more, with a much larger display.
Ditto with the on-screen map navigation, which overlays a Meta Maps view akin to that of Google’s and Apple’s solutions to help you find your way. Although this might seem cool, you will still want to whip out your phone when you have to ask a friendly local when said route navigation feature inevitably goes sideways.
Amidst the scrambling for a raison d’être for smart glasses, it seems unlikely that society’s attitude towards ‘glassholes’ has changed either.
Welcome To The Panopticon
The idea behind the panopticon design, as created by Jeremy Bentham in the 18th century, is that a single person can keep an eye on a large number of individuals, all of whom cannot be certain that they are or are not being observed at that very moment. Although Bentham did not intent for it to be solely used with prisons and similar buildings, this is where it found the most uptake. Inspired by this design, we got more modern takes, such as the Telescreens in Orwell’s novel Nineteen-Eighty Four whose cameras are always on, but you can not be sure that someone is watching that particular screen.
In today’s modern era where cameras are basically everywhere, from CCTV cameras on and inside buildings, to doorbells and the personal surveillance devices we call ‘smartphones’, we also got areas where people are less appreciative of having cameras aimed on them. Unlike a smartphone where it’s rather obvious when someone is recording or taking photos, smart glasses aren’t necessarily that obvious. Although some do light up a LED or such, it’s easy to miss this sign.
In that article a TikTok video is described by a woman who was distraught to see that the person at the wax salon that she had an appointment at was wearing smart glasses. Unless you’re actively looking at and listening for the cues emitted by that particular brand of smart glasses, you may not know whether your waxing session isn’t being recorded in glorious full-HD or better for later sharing.
This is a concern that blew up during the years that Google Glass was being pushed by Google, and so far it doesn’t appear that people’s opinions on this have changed at all. Which makes it even more awkward when those smart glasses are your only prescription glasses that you have on you at the time. Do you still take them off when you enter a place where photography and filming is forbidden?
Dumber Smart Glasses
Although most of the focus in the media and elsewhere is on smart glasses like Google Glass and now Meta/Ray-Ban’s offerings, there are others too that fall under this umbrella term. Certain auto-darkening sunglasses are called ‘smart glasses’, while others are designed to act more like portable screens that are used with a laptop or other computer system. Then there are the augmented- and mixed-reality glasses, which come in a wide variety of forms and shapes. None of these are the camera-equipped types that we discussed here, of course, and thus do not carry the same stigma.
Whether Meta’s attempt where Google Glass failed will be more successful remains to be seen. If the criteria is that a ‘smart’ version of a device enhances it, then it’s hard to argue that a smart phone isn’t much more than just a cellular phone. At the same time the ‘why’ for cramming a screen and computer into a set of dorky glasses remains much harder to answer.
Feel free to sound off in the comments if you have a good use case for smart glasses. Ditto if you would totally purchase or have already purchased a version of the Ray-Ban Display smart glasses. Inquisitive minds would like to know whether this might be Google Glass’ redemption arch.
The United Nations goes big on AI
IT'S MONDAY, AND THIS IS DIGITAL POLITICS. I'm Mark Scott, and I give you my top grammar joke of the week. Yes, that's a thing. #GrammarPedant.
— An inside look into the United Nations' game plan for artificial intelligence, and why that's going to lead to problems.
— The United Kingdom just signed up to the United States' "AI Stack" in a demonstration of Washington's newly-formed foreign policy toward the emerging technology.
— The threat posed by the spread of false online information is perceived to be greater than that associated with a faltering global economy or terrorism.
Let's get started.
iPhone Air Still Apparently Repairable Despite Its Compact Construction
Miniaturization is a trend that comes and goes in the cellular phone space. For a while, our phones were all getting smaller, then they started getting bigger again as screens expanded to show us ever more content and advertising. The iPhone air is going back the other way, with a design that aims to sell based on its slimness. [iFixit] reckons that despite its diminutive dimensions, it should still be quite repairable.
“Thinner usually means flimsier, harder to fix, and more glued-down parts, but the iPhone Air proves otherwise,” states Elizabeth Chamberlain for the repair outlet. Much of this comes down to clever design, that makes repair possible at the same time as ensuring compactness. A big part of this is the way that Apple made the bottom half of the phone pretty much just battery. Most of the actual electronic components are on a logic board up by the camera. Segmenting the phone in this way makes it easier to access commonly-replaced parts like the battery without having to pull a lot of other parts out of the way first.
[iFixit] refers to this as flattening the “disassembly tree”—minimizing the number of components you have to touch to replace what you’re there to fix. In this regard, the thinness of the iPhone Air is actually a boon. The phone is so thin, it wasn’t possible to stack multiple components on top of each other, so everything is easier to get to. The design is also reasonably modular, which should make routine repairs like USB C port swaps relatively straightforward.
Whatever smartphone you’re working on, it often helps to have a disassembly guide to ensure you don’t wreck it when you’re trying to fix something. [iFixit] remains a stellar resource in that regard.
youtube.com/embed/woya8vjeFpo?…
Restoring a Vintage Computer And Its Plotter
Repairing vintage computers is bread-and-butter for many of us around here. The machines themselves tend to be fairly fixable, assuming spare parts are available and there hasn’t been too much physical damage. Peripherals can be another matter, though. Since they interface with the real world they can have more esoteric problems that aren’t always solvable. [joekutz] was handed just such a device in the form of a CE-150 docking station for a Sharp PC1500 Pocket Computer, which has a plotter built in. Here’s his “tip” for getting plotters like these working again.
The first step here is to disassemble the original, dried out pens to scavenge a few of the parts. The outer case needs to be kept so that it can be put back into the plotter, and a small O-ring is saved as well. To replace the dried-out tips [joekutz] discards the original tips and replaces them with tips from a common ink pen, using shrink wrap tubing to help fit the pen’s tip into the original plotter cylinder. He also takes the ink from the pen to fill the plotter’s cartridge, completing the surgery on the multi-colored plotter and bringing it back to life.
Of course this build goes well beyond the plotter, including bringing the PC1500 back to life as well. There are a few other videos about this project covering that original restoration as well as demonstrating some of the quirks of how this computer is meant to be programmed. But we mostly focused on the plotter here since that is a little bit out of the ordinary, and we’re also sure that refilling ink cartridges of any sort gets under the skin of everyone at HP.
youtube.com/embed/t3N8k_GEYL4?…
Gli USA a caccia di 3 hacker iraniani. 10 milioni di dollari la ricompensa per gli APT
Seyyed Ali Aghamiri , Yasar Balaghi e Masoud Jalili sono ricercati per la loro presunta partecipazione ad attività informatiche dannose associate ad attori di minacce persistenti avanzate (APT) affiliati al Corpo delle Guardie della Rivoluzione Islamica (IRGC) del governo iraniano.
Il programma Rewards For Justice del Dipartimento di Stato degli Stati Uniti offre una ricompensa fino a 10 milioni di dollari per informazioni su questi individui.
La presunta attività informatica dell’IRGC ha preso di mira vari individui associati alle campagne presidenziali degli Stati Uniti del 2024, nonché personale con legami con gli affari iraniani e mediorientali, come attuali o ex alti funzionari governativi, alti funzionari di think tank, giornalisti, attivisti e lobbisti dal 2019 a oggi.
I mandati di arresto federali sono stati emessi per ciascuno degli uomini presso la Corte Distrettuale degli Stati Uniti, Distretto di Columbia, Washington, DC, il 27 settembre 2024, dopo essere stati accusati di molteplici reati informatici.
Questi casi si inseriscono in un contesto sempre più complesso, in cui gli attori statali e i gruppi affiliati sfruttano il cyberspazio come strumento di pressione geopolitica e destabilizzazione. Le campagne attribuite all’IRGC dimostrano come la cyberwarfare sia ormai una componente fondamentale delle strategie di sicurezza nazionale di diversi Paesi.
L’inserimento di figure come Aghamiri, Balaghi e Jalili nella lista dei ricercati internazionali rafforza il messaggio che le attività di cyber spionaggio e di influenza non restano senza conseguenze. Gli Stati Uniti intendono così inviare un segnale chiaro, sottolineando l’importanza della cooperazione globale nel contrasto alle minacce informatiche.
Per governi, istituzioni e organizzazioni private, questi episodi rappresentano un ulteriore monito a rafforzare i propri sistemi di difesa. La consapevolezza dei rischi, unita a investimenti in tecnologia e formazione, diventa cruciale per prevenire intrusioni e salvaguardare la sicurezza delle informazioni in un contesto digitale sempre più ostile.
L'articolo Gli USA a caccia di 3 hacker iraniani. 10 milioni di dollari la ricompensa per gli APT proviene da il blog della sicurezza informatica.
Maxi leak su DarkForums: 196 siti italiani esposti con credenziali FTP in chiaro
Il 20 settembre 2025 alle 23:52 è comparso su DarkForums un thread dal titolo “FRESH FTP LEAK”, pubblicato dall’utente Hackfut. Il materiale esporrebbe accessi a server FTP distribuiti in diversi Paesi, tra cui Italia, Paesi Bassi, Filippine, Perù, Cile, Australia e Lettonia. I target comprendono aziende, scuole, strutture ricettive, siti di eventi, e-commerce e media.
Il contenuto del dump consiste in hostname/FTP domains, username e password in chiaro. Purtroppo la cosa che risulta critica per il nostro paese è il numero importante di domini italiani presenti all’interno della collection, resa disponibile in forma gratuita agli utenti del forum underground.
L’impatto per l’Italia
Dall’analisi del sample offerto da Hackfut emerge che su un totale di 250 record, 196 sono attribuibili a domini italiani. Molti di questi appartengono a istituti scolastici, PMI e strutture turistiche, evidenziando ancora una volta la superficie di attacco fragile del nostro Paese.
Le password appaiono in gran parte attuali, non semplici residui di vecchie compromissioni. Alcune password contengono la stringa 2024, questo ci consente di comprendere che tale collection potrebbe essere attuale oppure leggermente datata.
Ciò implica che gli accessi pubblicati sono potenzialmente ancora validi e immediatamente sfruttabili da attori malevoli.
Rischi concreti
- Defacement di siti web istituzionali.
- Distribuzione di malware tramite upload di file dannosi.
- Esfiltrazione di dati conservati sui server FTP.
- Phishing e abuso reputazionale, sfruttando domini legittimi compromessi.
Il post non include la lista integrale: per ottenerla l’attore invita a un contatto privato su Telegram, pratica comune nei circuiti underground per distribuire i dati in modo controllato. È verosimile che Hackfut disponga in realtà di un dataset molto più esteso, potenzialmente contenente migliaia di credenziali riconducibili a target italiani.
Conclusione
Il dump pubblicato da Hackfut non rappresenta solo un insieme di credenziali esposte, ma un ulteriore segnale della persistente esposizione di asset italiani a pratiche di sicurezza obsolete. La disponibilità di accessi FTP attivi in ambienti scolastici, aziendali e turistici può generare conseguenze concrete, dall’abuso reputazionale all’infrastruttura di phishing.
Questo nuovo leak conferma come i dati di accesso agli FTP siano ancora oggi merce ricercata nei circuiti cybercriminali, poiché permettono un controllo diretto e immediato dell’infrastruttura di un sito. Le aziende coinvolte sono chiamate ad agire tempestivamente con il reset delle credenziali, l’adozione di autenticazione a due fattori (2FA) ove possibile e una revisione completa delle misure di sicurezza per mitigare i rischi derivanti da questa compromissione.
Chi desidera verificare se il proprio dominio rientra nella lista può contattare la redazione, che fornirà i dettagli in modo controllato e riservato. Il disservizio derivante da un attacco di questo tipo non si limiterebbe al danno di immagine per le aziende coinvolte, ma potrebbe avere ripercussioni economiche rilevanti, specialmente per i portali che gestiscono transazioni online.
L'articolo Maxi leak su DarkForums: 196 siti italiani esposti con credenziali FTP in chiaro proviene da il blog della sicurezza informatica.
Mandrel Magic: Small Box Assembly with 3D Printing
Often, we face tedious tasks with no way around them. Sometimes, you just have to grit your teeth and push through. But small tweaks can make the onerous task a bit easier to handle. [James Bowman] sent in his latest quick project that helps him fold small boxes more efficiently.
To fulfill orders on his previously covered TermDriver2, [James Bowman] is faced with folding thousands of small boxes. To aid in this daunting task, he had the idea of making a tool to streamline the process — every second saved adds up when you’re repeating a task thousands of times. He designed a 3D printed mandrel that pops the flat box blank open as it’s slid over the tapered top, shaping it into a perfect rectangle for easy folding of the top flaps.
The nice thing about 3D printng is how easy it is to iterate on a design. Once James had the first version printed and verified it worked as hoped, he had ideas to improve it, such as adding a second mandrel to twist the box from both the inside and outside and adding a guide on one side to enhance rigidity.
While we often think of 3D printers producing ready-to-use parts, but printed tooling holds great potential for repetitive tasks, and is a huge cost saver compared to traditional methods.
IO E CHATGPT E17: L'allenamento del pensiero critico e del dibattito
In questo episodio esploriamo un uso avanzato: come utilizzare l’IA per sviluppare il pensiero critico, l’arte del dibattito e la capacità di argomentare.
zerodays.podbean.com/e/io-e-ch…