If you’re taking any medication, you probably need to take it in a certain dose on a certain schedule. It can quickly become difficult to keep track of when you’re taking multiple medications. To that end, [Mellow_Labs] built an automated pill dispenser to deliver the right pills on time, every time.

The pill dispenser is constructed out of 3D printed components. As shown, it has two main bins for handling two types of pills, controlled with N20 gear motors. The bins spin until a pill drops through a slot into the bottom of the unit, with the drop detected by a piezo sensor. It uses a Beetle ESP32 as the brains of the operation, which is hooked up with a DS1307 real-time clock to ensure it’s dosing out pills at the right time. It’s also wired up with a DRV8833 motor driver to allow it to run the gear motors. The DRV8833 can run up to four motors in unidirectional operation, so you can easily expand the pill dispenser up to four bins if so desired.

We particularly like how the pill dispenser is actually controlled — [Mellow_Labs] used the ESP32 to host a simple web interface which is used for setting the schedule on which each type of pill should be dispensed.

We’ve featured some other pill dispenser builds before, too.

youtube.com/embed/1kCoDDYpgkE?…

Thanks to [Prankhouz] for the tip!

hackaday.com/2025/02/12/automa…

You know the problem. You are ready to melt some metal in your microwave oven, and you don’t have any crucibles. Not to worry. [Shake the Future] will show you how to make your own. All you need is some silicon carbide, some water glass (sodium silicate), and some patience.

The crucible takes the shape of a glass container. Don’t get too attached to it because the glass will break during the crucible construction. You can also use 3D-printed forms.

You can shape the vessel before it cures and after. Then, you give it a heat treatment. [Shake The Future] also recommends you harden it at the end. This is optional; he tells you how to decide if you need it.

Hardening helps prevent cracking during use. The process involves wrapping the vessel in a ceramic sheet and heating it until the crucible turns red. The ceramic sheet is somewhat dangerous to work with because it has such tiny fibers and dust, so he only treats the crucibles when necessary.

We always enjoy watching [Shake] casting metal. He’s even done a Benchy.

youtube.com/embed/e7f9H9_5Wp0?…

hackaday.com/2025/02/12/diy-mi…

Building a robotic arm and hand that matches human dexterity is tougher than it looks. We can create aesthetically pleasing ones, very functional ones, but the perfect mix of both? Still a work in progress. Just ask [Sarah de Lagarde], who in 2022 literally lost an arm and a leg in a life-changing accident. In this BBC interview, she shares her experiences openly – highlighting both the promise and the limits of today’s prosthetics.

The problem is that our hands aren’t just grabby bits. They’re intricate systems of nerves, tendons, and ridiculously precise motor control. Even the best AI-powered prosthetics rely on crude muscle signals, while dexterous robots struggle with the simplest things — like tying shoelaces or flipping a pancake without launching it into orbit.

That doesn’t mean progress isn’t happening. Researchers are training robotic fingers with real-world data, moving from ‘oops’ to actual precision. Embodied AI, i.e. machines that learn by physically interacting with their environment, is bridging the gap. Soft robotics with AI-driven feedback loops mimic how our fingers instinctively adjust grip pressure. If haptics are your point of interest, we have posted about it before.

The future isn’t just robots copying our movements, it’s about them understanding touch. Instead of machine learning, we might want to shift focus to human learning. If AI cracks that, we’re one step closer.

Original photo by Marco Bianchetti on Unsplash

hackaday.com/2025/02/12/will-e…

This week, Jonathan Bennett talks Thunderbird with Ryan Sipes! What’s the story with almost becoming part of LibreOffice, How has Thunderbird collected so many donations, and more!

• blog.thunderbird.net/2023/11/t…
• techcrunch.com/2012/07/06/so-t…

youtube.com/embed/yoc7gSPcxSM?…

Did you know you can watch the live recording of the show right on our YouTube Channel? Have someone you’d like us to interview? Let us know, or contact the guest and have them contact us! Take a look at the schedule here.

play.libsyn.com/embed/episode/…

Direct Download in DRM-free MP3.

If you’d rather read along, here’s the transcript for this week’s episode.

Places to follow the FLOSS Weekly Podcast:

• Spotify
• RSS

Theme music: “Newer Wave” Kevin MacLeod (incompetech.com)

Licensed under Creative Commons: By Attribution 4.0 License

hackaday.com/2025/02/12/floss-…

Today’s PCB design review is a board is from [Wificable]. iI’s a novel dual-SSD laptop adapter board! See, CPUs and chipsets often let you split wide PCIe links into multiple smaller width links. This board relies on a specific laptop with a specific CPU series, and a BIOS mod, to put two M.2 NVMe SSDs into a single SSD slot of a specific series’ laptop.

This board has two crucial factors – mechanical compatibility, and electrical function. Looking into mechanics, it’s a 0.8 mm thick PCB that plugs into a M.2 socket, and it has sockets for two SSDs on it – plenty of bending going on. For electronics, it has a PCIe REFCLK clock buffer, that [Wificable] found on Mouser – a must have for PCIe bifurcation, and a must-work for this board’s core! Apart from that, this is a 4-layer board, it basically has to be for diffpairs to work first-try.

Of course, the clock buffer chip is the main active component and the focus of the board, most likely mistakes will happen there – let’s look at the chip first.

All Eyes On Chip

The schematic is from a server board schematic – which is wonderful! Datasheet schematics are not always as complete or as succinct as you’d like them to be, and it’s super helpful to have a known-working schematic designed by a third party, that is production-grade and well-tested for 24/7 operation. We used that for our M.2 card design,

The symbol. It works, but cross-checking it against the original schematic isn’t as easy.
Of course, the symbol had to be redrawn for KiCad, and [Wificable] also rearranged the symbol corresponding to the physical pinout, as opposed to arranging them logically, like many KiCad symbols do. This is mostly a matter of preference and either way is fair – I switch between either of the two, depending on the situation. One note, though – when copying a schematic, I highly recommend you use the same pin arrangement as that schematic, it’s just really helpful to avoid mistakes.

In this case, I’d argue the logical arrangement is also cleaner, and that’s what I’d personally go for. However, design reviews are about function way more than aesthetics, and the chip’s wiring looked fine!

In my view, policing aesthetics is generally a no-go for PCB design – most you can do is suggestions. The line between aesthetic problems and practical problems is often blurry, let’s say, when the problem is about track routing, connector layout, making the schematic easy to check at a glance, or a good few other things. When in doubt, think about the best effort-to-payoff ratio for the person receiving the review.

Layout-wise, things are also fine – but they could be a little finer. The decoupling capacitors do need vias on their GND pads – easy to add, and a big benefit as far as power delivery goes. There are other areas where vias are called for! That, or having vias arranged a little differently, at the very least. Let’s take a look!

Well-Grounded

There are quite a few ground-related changes I’d recommend here specifically, given that it’s a high-speed design. I’ve been reading a fair few “how to treat ground fills better” documents, and they discuss about a row of signals with vias, ground unable to get between them. The recommended way is to arrange the vias diagonally, instead, letting some of the ground polygon fill between the gaps and freeing up space for GND vias – and that’s what we can do here, too.

from “Gen 4 PCIe Connector & Channel Design and Optimization: 16G T/s for Free”, [Intel]It’s also important to add vias on all GND pads next to high-speed signals, as close to the GND pads as possible. In our case, this means the M.2 edge and socket GND pads, so we have to move their respective GND vias as close to them as possible – signals have to be moved around a bit for this, but it’s worthwhile. Keep in mind – use the smallest vias your fab offers, at least without a price increase, because it helps a ton during design, especially considering how comically large the default KiCad vias are! The default is 0.8/0.4 (outer/drill), but you can safely go down to 0.6/0.4, and at fabs like JLCPCB, 0.5/0.3 is available without a price increase.

Do Not Bend

For dessert, we look at mechanics more closely. One thing that springs out to me – this is a 0.8 mm board inserted into a M.2 socket. The cutout in the middle is a liability. Some sort of cutout is necessary to accomodate plastic features of the laptop, but having a wide center-to-edge slot is a recipe for PCB bends. In this case, the edge-to-center slot can become a shorter one, mechanically connected on the edge again, just needs a little bit more measurement.

So far, the boards have been produced, thanks to Aisler’s new 0.8 mm four-layer process. They’ve been partially tested: [Wificable] didn’t get the chip yet, but has already successfully done the BIOS mod, and tested the bifurcation using magnet wire to switch between REFCLKs. Whenever [Wificable] finds time to finish testing, we will hear from her about how well the chip functions!

As usual, if you would like a design review for your board, submit a tip to us with [design review] in the title, linking to your board files. KiCad design files strongly preferred, both repository-stored files (GitHub/GitLab/etc) and shady Google Drive/Dropbox/etc .zip links are accepted.

Woodworking tools like table- and bandsaws are extremely useful and versatile, but they generally have the distinct disadvantage that they make no distinction between the wood and the digits of the person using the machine. While solutions like SawStop were developed to make table saws sense flesh and try to not cut it, [James Hamilton] makes a compelling argument in a recent video for the use of power feeders.

These devices are placed above the table and feed the material into the machine without having to get one’s digits anywhere near the machine. Other than the safety aspect, it also means that the material is always fed in at a consistent speed, which is great when using it with a router table. Most of these power feeders are portable, so a single unit can be moved from the table saw to the router table, with [James] showing how he is using MagSwitch magnetic clamps to ease the process of moving between machines.

With the 8 HP mini power feeder that he’s using, the 4 magnetic clamps appear to be enough even when cutting hardwood on the table saw, but it’s important to make sure the power feeder doesn’t twist while running, for obvious safety reasons. On [James]’s wish list is a way to make moving the power feeder around more efficient, because he only has a single one, for cost reasons.

Although these power feeders cost upwards of $1,000, the benefits are obvious, including when running larger jobs. One might conceivably also DIY a solution, as they appear to be basically an AC motor driving a set of wheels that grip the material while feeding. That said, do you use a power feeder, a SawStop table saw or something else while woodworking?

youtube.com/embed/-M9iXNv2yQg?…

hackaday.com/2025/02/12/safer-…

Perhaps one of the clearest indications of the Anthropocene may be the presence of plastic. Starting with the commercialization of Bakelite in 1907 by Leo Baekeland, plastics have taken the world by storm. Courtesy of being easy to mold into any imaginable shape along with a wide range of properties that depend on the exact polymer used, it’s hard to imagine modern-day society without plastics.

Yet as the saying goes, there never is a free lunch. In the case of plastics it would appear that the exact same properties that make them so desirable also risk them becoming a hazard to not just our environment, but also to ourselves. With plastics degrading mostly into ever smaller pieces once released into the environment, they eventually become small enough to hitch a ride from our food into our bloodstream and from there into our organs, including our brain as evidenced by a recent study.

Multiple studies have indicated that this bioaccumulation of plastics might be harmful, raising the question about how to mitigate and prevent both the ingestion of microplastics as well as producing them in the first place.

Polymer Trouble

Plastics are effectively synthetic or semi-synthetic polymers. This means that the final shape, whether it’s an enclosure, a bag, rope or something else entirely consists of many monomers that polymerized in a specific shape. This offers many benefits over traditional materials like wood, glass and metals, all of which cannot be used for the same wide range of applications, including food packaging and modern electronics.
Photodegradation of a plastic bucket used as an open-air flowerpot for some years. (Credit: Pampuco, Wikimedia)
Unlike a composite organic polymer like wood, however, plastics do not noticeably biodegrade. When exposed to wear and tear, they mostly break down into polymer fragments that remain in the environment and are likely to fragment further. When these fragments are less than 5 mm in length, they are called ‘microplastics’, which are further subdivided into a nanoplastics group once they reach a length of less than 1 micrometer. Collectively these are called MNPs.

The process of polymer degradation can have many causes. In the case of e.g. wood fibers, various microorganisms as well as chemicals will readily degrade these. For plastics the primary processes are oxidation and chain scission, which in the environment occurs through UV-radiation, oxygen, water, etc. Some plastics (e.g. with a carbon backbone) are susceptible to hydrolysis, while others degrade mostly through the interaction of UV-radiation with oxygen (photo-oxidation). The purpose of stabilizers added to plastics is to retard the effect of these processes, with antioxidants, UV absorbers, etc. added. These only slow down the polymer degradation, naturally.

In short, although plastics that end up in the environment seem to vanish, they mostly break down in ever smaller polymer fragments that end up basically everywhere.

Body-Plastic Ratio

In a recent review article, Dr. Eric Topol covers contemporary studies on the topic of MNPs, with a particular focus on the new findings about MNPs found in the (human) brain, but also from a cardiovascular perspective. The latter references a March 2024 study by Raffaele Marfella et al. as published in The New England Journal of Medicine. In this study the excised plaque from carotid arteries in patients undergoing endarterectomy (arterial blockage removal) was examined for the presence of MNPs prior to the patients being followed to see whether the presence of MNPs affected their health.

What they found was that of the 257 patients who completed the full study duration 58.4% had polyethylene (PE) in these plaques, while 12.1% also had polyvinyl chloride (PVC) in them. The PE and PVC MNPs were concentrated in macrophages, alongside active inflammation markers. During the follow-up period during the study, of the patients without MNPs 8 of 107 (7.5%) suffered either a nonfatal myocardial infarction, a nonfatal stroke or death. This contrasted with 30 of 150 (20%) in the group with MNP detected, suggesting that the presence of MNP in one’s cardiovascular system puts one at significantly higher risk of these adverse events.
Microplastics in the human body. (Credit: Richard C. Thompson et al., Science, 2024)
The presence of MNPs has not only been confirmed in arteries, but effectively in every other organ and tissue of the body as well. Recently the impact on the human brain has been investigated as well, with a study in Nature Medicine by Alexander J. Nihart et al. investigating MNP levels in decedent human brains as well the liver and kidneys. They found mostly PE, but also other plastic polymers, with the brain tissue having the highest PE proportion.

Interestingly, the more recently deceased had more MNP in their organs, and the brains of those with known dementia diagnosis had higher MNP levels than those without. This raises the question of whether the presence of MNPs in the brain can affect or even induce dementia and other disorders of the brain.

Using mouse models, Haipeng Huang et al. investigated the effects of MNPs on the brain, demonstrating that nanoplastics can pass through the blood-brain barrier, after which phagocytes consume these particles. These then go on to form blockages within the capillaries of the brain’s cortex, providing a mechanism through which MNPs are neurotoxic.

Prevention

Clearly the presence of MNPs in our bodies does not appear to be a good thing, and the only thing that we can realistically do about it at this point is to prevent ingesting (and inhaling) it, while preventing more plastics from ending up in the environment where it’ll inevitably start its gradual degradation into MNPs. To accomplish this, there are things that can be done, ranging from a personal level to national and international projects.

On a personal level, wearing a respirator while being in dusty environments, while working with plastics, etc. is helpful, while avoiding e.g. bottled water. According to a recent study by Naixin Qian et al. from the University of California they found on average 240,000 particles of MNPs in a liter of bottled water, with 90% of these being nanoplastics. As noted in a related article, bottled water can be fairly safe, but has to be stored correctly (i.e. not exposed to the sun). Certain water filters (e.g. Brita) filter particles o.5 – 1 micrometer in size and should filter out most MNPs as well from tap water.

Another source of MNPs are plastic containers, with old and damaged plastic containers more likely to contaminate food stored in them. If a container begins to look degraded (i.e. faded colors), it’s probably a good time to stop using it for food.

That said, as some exposure to MNPs is hard to avoid, the best one can do here is to limited said exposure.

Environmental Pollution

Bluntly put, if there wasn’t environmental contamination with plastic fragments such personal precautions would not be necessary. This leads us to the three Rs:

• Reduce
• Reuse
• Recycle

Simply put, the less plastic we use, the less plastic pollution there will be. If we reuse plastic items more often (with advanced stabilizers to reduce degradation), fewer plastic items would need to be produced, and once plastic items have no more use, they should be recycled. This is basically where all the problems begin.

Using less plastic is extremely hard for today’s societies, as these synthetic polymers are basically everywhere, and some economical sectors essentially exist because of single-use plastic packaging. Just try to imagine a supermarket or food takeout (including fast food) without plastics. A potential option is to replace plastics with an alternative (glass, etc.), but the viability here remains low, beyond replacing effectively single use plastic shopping bags with multi-use non-plastic bags.

Some sources of microplastics like from make-up and beauty products have been (partially) addressed already, but it’d be best if plastic could be easily recycled, and if microorganisms developed a taste for these polymers.

Dismal Recycling

Currently only about 10-15% of the plastic we produce is recycled, with the remainder incinerated, buried in landfills or discarded as litter into the environment as noted in this recent article by Mark Peplow. A big issue is that the waste stream features every imaginable type of plastic mixed along with other (organic) contaminants, making it extremely hard to even begin to sort the plastic types.

The solution suggested in the article is to reduce the waste stream back to its original (oil-derived) components as much as possible using high temperatures and pressures. If this new hydrothermal liquefaction approach which is currently being trialed by Mura Technology works well enough, it could replace mechanical recycling and the compromises which this entails, especially inferior quality compared to virgin plastic, and an inability to deal with mixed plastics.
Hydrothermal liquefaction process of plastics. (source: Mura Technology)
If a method like this can increase the recycling rate of plastics, it could significantly reduce the amount of landfill and litter plastic, and thus with it the production of MNPs.

Microorganism Solutions

As mentioned earlier, a nice thing about natural polymers like those in wood is that there are many organisms who specialize in breaking these down. This is the reason why plant matter and even entire trees will decay and effectively vanish, with its fundamental elements being repurposed by other organisms and those that prey on these. Wouldn’t it be amazing if plastics could vanish in a similar manner rather than hang around for a few hundred years?

As it turns out, life does indeed find a way, and researchers have discovered multiple species of bacteria, fungi and microalgae which are reported to biodegrade PET (polyethylene terephthalate), which accounts for 6.2% of plastics produced. Perhaps it’s not so surprising that microorganisms would adapt to thrive on plastics, since we are absolutely swamping the oceans with it, giving the rapid evolutionary cycle of bacteria and similar a strong nudge to prefer breaking down plastics over driftwood and other detritus in the oceans.

Naturally, PET is just one of many types of plastics, and generally plastics are not an attractive target for microbes, as Zeming Cai et al. note in a 2023 review article in Microorganisms. Also noted is that there are some fungal strains that degrade HDPE and LDPE, two of the most common types of plastics. These organisms are however not quite at the level where they can cope with the massive influx of new plastic waste, even before taking into account additives to plastics that are toxic to organisms.

Ultimately it would seem that evolution will probably fix the plastic waste issue if given a few thousand years, but before that, we smart human monkeys would do best to not create a problem where it doesn’t need to exist. At least if we don’t want to all become part of a mass-experiment on the effects of high-dose MNP exposure.

hackaday.com/2025/02/12/plasti…

Nel mondo della sicurezza informatica, i firewall rappresentano la prima linea di difesa contro minacce e attacchi informatici. Ogni giorno, aziende e utenti privati sono esposti a rischi come malware, ransomware e intrusioni non autorizzate. Un firewall agisce come un vero e proprio “custode digitale”, filtrando il traffico di rete e bloccando attività sospette prima che possano causare danni.

Ma cos’è esattamente un firewall e come funziona?

Questo strumento di sicurezza può essere sia hardware che software e opera secondo regole predefinite per consentire o impedire la trasmissione di dati attraverso una rete. Senza un firewall, qualsiasi dispositivo connesso a Internet sarebbe vulnerabile ad attacchi esterni, aumentando il rischio di furti di dati e compromissioni dei sistemi.

In questo articolo esploreremo l’importanza dei firewall nella protezione delle aziende, analizzando le diverse tipologie disponibili e il loro ruolo nel contrastare le minacce informatiche. Capiremo perché ogni impresa, indipendentemente dalle dimensioni, dovrebbe adottare una soluzione firewall efficace per garantire la sicurezza delle proprie infrastrutture digitali.

Cos’è un firewall e a cosa serve

Un firewall è un sistema di sicurezza informatica progettato per monitorare, filtrare e controllare il traffico di rete, impedendo accessi non autorizzati e proteggendo dispositivi e dati sensibili. Il suo nome deriva dall’idea di un muro o una “porta tagliafuoco”, ovvero una barriera che impedisce la propagazione di minacce informatiche tra reti diverse.

Il funzionamento di un firewall si basa su una serie di regole predefinite, che stabiliscono quali connessioni possono essere accettate e quali devono essere bloccate. Questo processo avviene analizzando i pacchetti di dati che viaggiano sulla rete e decidendo se permettere o impedire la loro trasmissione in base a criteri specifici.

I firewall sono essenziali per impedire intrusioni dannose, proteggere informazioni riservate e garantire la sicurezza delle reti aziendali e domestiche. Senza un firewall, un dispositivo connesso a Internet sarebbe esposto a numerose minacce, tra cui malware, attacchi DDoS e tentativi di hacking. In ambito aziendale, la loro importanza è ancora maggiore: proteggono dati finanziari, archivi digitali e infrastrutture IT critiche. Se vuoi approfondire come i firewall si integrano nelle strategie di cybersecurity aziendale.

L’evoluzione delle minacce informatiche ha portato allo sviluppo di firewall sempre più sofisticati, in grado di riconoscere e bloccare attacchi avanzati. Oggi esistono soluzioni che combinano firewall tradizionali con intelligenza artificiale e machine learning, migliorando la capacità di rilevare comportamenti sospetti e rispondere in tempo reale agli attacchi.

In sintesi, un firewall non è solo un’opzione consigliata, ma una necessità assoluta per chiunque voglia navigare in sicurezza ed evitare intrusioni nei propri sistemi informatici.

La Pila OSI

Per comprendere meglio il funzionamento dei firewall, è fondamentale conoscere la Pila OSI (Open Systems Interconnection), un modello di riferimento che descrive il funzionamento delle comunicazioni di rete suddividendolo in sette livelli.

Ogni livello ha uno scopo specifico e contribuisce al trasferimento dei dati tra dispositivi connessi a una rete. La Pila OSI è composta dai seguenti livelli, partendo dal più basso:

1. Livello Fisico – Si occupa della trasmissione dei dati tramite cavi, onde radio e altri mezzi fisici.
2. Livello Data Link – Gestisce il trasferimento di dati tra due dispositivi direttamente connessi.
3. Livello di Rete – Si occupa dell’instradamento dei pacchetti di dati tra reti diverse.
4. Livello di Trasporto – Garantisce la trasmissione affidabile dei dati, gestendo errori e ritrasmissioni.
5. Livello di Sessione – Coordina la comunicazione tra dispositivi stabilendo, gestendo e terminando sessioni.
6. Livello di Presentazione – Converte i dati nel formato corretto per il livello applicativo.
7. Livello Applicativo – Fornisce l’interfaccia per le applicazioni di rete, come browser e email.

Dove opera un firewall nella Pila OSI?

I firewall operano principalmente nei livelli di Rete, Trasporto e Applicativo, filtrando i pacchetti di dati in base a regole di sicurezza predefinite. Un firewall a filtraggio di pacchetti, ad esempio, lavora a livello di Rete (Livello 3), mentre un firewall stateful inspection opera anche a livello di Trasporto (Livello 4), analizzando lo stato delle connessioni.

I firewall di nuova generazione (NGFW o WAF) sono ancora più avanzati, estendendo la protezione fino al Livello Applicativo (Livello 7), dove possono riconoscere e bloccare minacce legate a specifiche applicazioni e attacchi sofisticati come SQL injection o exploit zero-day.

Perché è importante conoscere la Pila OSI?

Capire il modello OSI è essenziale per identificare le vulnerabilità di rete e comprendere al meglio i fiewall e quindi implementare strategie di sicurezza più efficaci. Un attacco informatico può avvenire su diversi livelli della pila OSI e un firewall ben configurato può bloccare le minacce prima che raggiungano i dati sensibili. Ad esempio, un attacco DDoS può essere mitigato a livello di Trasporto, mentre un attacco di phishing può essere bloccato a livello di Applicazione.

L’integrazione dei firewall con altri strumenti di sicurezza, come sistemi di prevenzione delle intrusioni (IPS) e soluzioni di sicurezza Zero Trust, permette di proteggere l’intera infrastruttura di rete e garantire la continuità operativa aziendale.

Le principali tipologie di firewall

Esistono diverse tipologie di firewall, ognuna progettata per rispondere a specifiche esigenze di protezione. Tra le principali troviamo i firewall standard, i firewall di nuova generazione (NGFW) e i Web Application Firewall (WAF). Ognuna di queste soluzioni offre un livello di protezione differente all’interno della pila OSI e può essere scelta in base alla complessità della rete e alla natura delle minacce a cui ci si trova di fronte.

Firewall standard

I firewall standard, o tradizionali, sono i più comuni e vengono utilizzati per filtrare il traffico in base a determinate regole predefinite. Solitamente operano a livello di rete (Livello 3) e trasporto (Livello 4) del modello OSI, analizzando i pacchetti di dati in entrata e uscita e decidendo se permettere o bloccare la connessione. Questi firewall sono particolarmente utili per proteggere reti semplici e piccole aziende, dove il traffico di rete non è complesso e non si richiedono funzionalità avanzate.

Tuttavia, i firewall tradizionali presentano alcuni limiti, come la loro incapacità di rilevare attacchi più sofisticati, come quelli a livello di applicazione o le minacce più mirate. Inoltre, non sono in grado di analizzare il contenuto dei pacchetti, limitandosi a verificare l’indirizzo di origine e destinazione.

Firewall di nuova generazione (NGFW)

I firewall di nuova generazione (NGFW) sono progettati per affrontare le minacce moderne e più sofisticate. Questi firewall integrano funzionalità avanzate rispetto ai tradizionali, come il deep packet inspection (DPI) e l’analisi del traffico a livello di Applicazione (Livello 7). I NGFW non si limitano a filtrare il traffico in base a regole statiche, ma utilizzano algoritmi avanzati di intelligenza artificiale e machine learning per identificare e bloccare attacchi complessi come malware, ransomware e exploit zero-day.

Inoltre, i NGFW supportano anche la gestione delle identità degli utenti, il che consente di monitorare e controllare il traffico in base agli utenti e non solo agli indirizzi IP. Questi firewall possono anche integrarsi con VPN e soluzioni di Zero Trust, rendendoli ideali per proteggere le reti aziendali moderne, dove i confini sono più fluidi e gli attacchi possono arrivare da diverse fonti.

Web Application Firewall (WAF)

I Web Application Firewall (WAF) sono una tipologia di firewall progettata per proteggere le applicazioni web dai comuni attacchi diretti a questo livello, come SQL injection, cross-site scripting (XSS) e file inclusion. A differenza dei firewall tradizionali che operano principalmente su reti e dispositivi, i WAF si concentrano sulla protezione di siti web e applicazioni online, filtrando il traffico HTTP/HTTPS in entrata.

I WAF analizzano in tempo reale il traffico web per rilevare e bloccare richieste sospette che potrebbero compromettere la sicurezza delle applicazioni. Questi firewall sono particolarmente utili per le aziende che gestiscono piattaforme online, e-commerce o applicazioni SaaS, in quanto proteggono contro vulnerabilità specifiche che i firewall tradizionali non potrebbero fermare. I WAF sono anche fondamentali nella protezione contro attacchi DDoS applicativi, che mirano a sovraccaricare e rendere inutilizzabile una piattaforma web.

Perché ogni azienda dovrebbe adottarne uno

a crescente sofisticazione degli attacchi informatici rende la protezione della rete un elemento cruciale per ogni azienda, indipendentemente dalle dimensioni. Adottare un firewall non è più solo una scelta raccomandata, ma una necessità per garantire la sicurezza dei dati aziendali, proteggere le risorse interne e mantenere l’affidabilità operativa. Ma perché ogni azienda dovrebbe investire in un firewall? Ecco alcune ragioni fondamentali.

In un mondo sempre più connesso, le minacce informatiche sono all’ordine del giorno. Dall’accesso non autorizzato ai sistemi aziendali al furto di dati sensibili, passando per attacchi come malware, ransomware e phishing, le aziende sono costantemente sotto attacco. Un firewall ben configurato rappresenta la prima linea di difesa contro queste minacce, bloccando le connessioni sospette e impedendo l’ingresso di attori malintenzionati nella rete aziendale. Grazie al monitoraggio in tempo reale, un firewall riesce a identificare comportamenti anomali e a bloccare l’accesso ai sistemi prima che i danni diventino irreparabili.

Protezione dei dati sensibili

Ogni azienda, grande o piccola, gestisce dati sensibili che vanno protetti. Questi dati possono riguardare informazioni finanziarie, dati personali dei clienti o documenti aziendali riservati. I firewall sono progettati per impedire accessi non autorizzati e furti di dati. Proteggendo le porte d’ingresso alla rete aziendale, il firewall assicura che solo gli utenti o i dispositivi autorizzati possano accedere a informazioni critiche, prevenendo violazioni della privacy e riducendo il rischio di sanzioni legali legate alla protezione dei dati.

Controllo e gestione del traffico di rete

Un firewall non si limita a proteggere dai pericoli esterni, ma fornisce anche un controllo granulare sul traffico di rete. Le aziende possono definire regole personalizzate per consentire o bloccare specifici tipi di traffico in base alle proprie esigenze. Ad esempio, è possibile limitare l’accesso a determinati siti web, impedire la comunicazione con determinate reti o applicazioni, e monitorare l’attività online dei dipendenti per evitare l’accesso a contenuti dannosi o non pertinenti. Il firewall aiuta quindi a ottimizzare e controllare l’uso delle risorse di rete, migliorando l’efficienza e riducendo il rischio di incidenti legati alla sicurezza.

Rispetto delle normative sulla sicurezza

Molte normative aziendali, tra cui il GDPR (General Data Protection Regulation) in Europa e il CCPA (California Consumer Privacy Act) negli Stati Uniti, richiedono alle aziende di proteggere i dati dei clienti e di implementare misure di sicurezza adeguate. Un firewall ben configurato è uno degli strumenti che aiutano le aziende a soddisfare questi requisiti, evitando multe e danni reputazionali derivanti da violazioni della sicurezza dei dati. Investire in un firewall significa anche garantire che l’azienda rimanga conforme alle leggi sulla protezione dei dati.

Rimanere operativi durante gli attacchi

In un ambiente aziendale, ogni interruzione dei servizi può avere un impatto significativo sulla produttività e sui profitti. Gli attacchi DDoS (Distributed Denial of Service), per esempio, sono progettati per sopraffare i server aziendali con un flusso massiccio di traffico, causando interruzioni di servizio e downtime. I firewall, in particolare i firewall di nuova generazione (NGFW), possono filtrare il traffico in tempo reale, impedendo che queste minacce paralizzino i sistemi aziendali. La protezione contro gli attacchi DDoS è un esempio di come un firewall può garantire la continuità operativa e ridurre il rischio di perdite finanziarie.

Pericolosità delle vulnerabilità che affliggono i firewall

Nonostante i firewall siano tra gli strumenti di sicurezza più efficaci nella protezione delle reti aziendali, anche questi dispositivi non sono esenti da vulnerabilità che possono essere sfruttate da attaccanti malintenzionati. Le vulnerabilità nei firewall possono rappresentare delle minacce significative per la sicurezza dell’intera infrastruttura informatica aziendale, compromettere la riservatezza dei dati e, in alcuni casi, permettere agli hacker di prendere il controllo totale della rete. Una delle criticità più gravi è la Remote Code Execution (RCE), una vulnerabilità che consente agli attaccanti di eseguire codice dannoso da remoto sui dispositivi protetti dal firewall. Questo tipo di vulnerabilità è particolarmente pericoloso poiché offre agli aggressori l’opportunità di compromettere il firewall stesso e, conseguentemente, eludere le difese della rete.

Le vulnerabilità di tipo RCE sui firewall permettono agli hacker di accedere alle funzionalità interne del dispositivo e di manipolare i parametri di configurazione, disabilitando o aggirando le politiche di sicurezza predefinite. In alcuni casi, ciò può permettere di aprire porte non autorizzate, eseguire comandi remoti, raccogliere dati sensibili o, peggio ancora, compromettere completamente l’intero sistema di difesa della rete. Pertanto, le aziende devono essere consapevoli che la protezione offerta da un firewall è valida solo fintanto che il dispositivo è correttamente configurato e privo di vulnerabilità sfruttabili.

Un altro aspetto cruciale riguarda l’accesso alle console di gestione del firewall. Queste console sono il punto di controllo principale per la configurazione e la gestione della sicurezza della rete, e permettono a chi ha accesso di modificare le impostazioni del firewall. Se queste console sono accessibili via Internet, l’esposizione a potenziali attacchi aumenta notevolmente. Gli attaccanti possono sfruttare porte di accesso aperte per tentare di ottenere credenziali di amministratore o approfittare di vulnerabilità note nel software di gestione. È pertanto fondamentale disabilitare l’accesso alle console di gestione da Internet e riservarlo solo agli indirizzi IP locali o a una rete privata virtuale (VPN), riducendo così drasticamente il rischio di compromissione da attacchi esterni.

Oltre alla gestione degli accessi, è vitale che i firewall siano oggetto di un costante monitoraggio. I bug di sicurezza, sia nuovi che preesistenti, possono emergere anche in dispositivi che sembrano sicuri. I vendor di firewall rilasciano frequentemente aggiornamenti di sicurezza per correggere le vulnerabilità appena scoperte. L’importanza di monitorare e applicare tempestivamente gli aggiornamenti non può essere sottovalutata. Il processo di patch management deve essere un’attività regolare e automatizzata, al fine di applicare le correzioni necessarie senza ritardi. Ignorare gli aggiornamenti di sicurezza lascia il sistema vulnerabile agli attacchi, mettendo a rischio la rete aziendale.

Conclusioni

I firewall rimangono uno degli strumenti fondamentali per garantire la sicurezza delle reti aziendali. La loro capacità di monitorare, filtrare e proteggere il traffico di rete li rende cruciali per difendere le infrastrutture informatiche da accessi non autorizzati, malware e attacchi hacker. Tuttavia, è essenziale comprendere che un firewall, seppur potente, non è una soluzione infallibile. Le vulnerabilità che possono colpire i firewall stessi, come le vulnerabilità di Remote Code Execution, e la gestione impropria dell’accesso alle console, possono compromettere seriamente la sicurezza aziendale.

Per proteggere adeguatamente l’azienda, è fondamentale che i firewall vengano correttamente configurati, che si disabiliti l’accesso remoto non necessario e che si monitori costantemente la rete alla ricerca di eventuali minacce. Inoltre, il processo di patch management deve essere integrato nella strategia di sicurezza aziendale, garantendo che le vulnerabilità siano corrette tempestivamente.

In sintesi, mentre un firewall è un elemento essenziale della sicurezza informatica, la sua efficacia dipende dall’attenzione che gli viene dedicata. Le aziende devono essere consapevoli che la protezione della rete richiede una combinazione di tecnologie, strategie di gestione e pratiche quotidiane per garantire che i firewall rimangano efficaci e non diventino un punto debole nella difesa della loro sicurezza. Adottare un firewall senza una costante cura nella gestione e nell’aggiornamento non è sufficiente. La sicurezza, infatti, è un processo continuo che richiede attenzione costante.

L'articolo Alla Scoperta Dei Firewall: La Prima Linea Di Difesa Nella Sicurezza Informatica proviene da il blog della sicurezza informatica.

Here at Hackaday, we pride ourselves on bringing you the latest and greatest projects for your viewing pleasure. But sometimes we come across a creation so interesting that we find ourselves compelled to write about it, even if it’s already been hanging around the Internet for years. This may or may not be due to the fact that we just re-watched Crimson Tide, and found ourselves on a self-imposed dive into a very particular rabbit hole…

If you’ve seen Crimson Tide, or the first few minutes of WarGames, you might already know what this post is about. Both films prominently make use of a one-time authentication device which the user snaps in half to reveal a card that has some secret code printed on it — and as it turns out, there are at least two different projects that aim to replicate the props used in the movies.

The props were inspired by the real-world “Sealed Authenticators” used by the United States to verify commands regarding the launch of nuclear weapons. As shown in the films, once a launch order, known as an Emergency Action Message, is received, its validity could be confirmed by breaking open one of the Authenticators and comparing the code sequence printed on it to what was sent along with the message. Supposedly the real ones are more like foil envelopes that would be torn open, but presumably that wasn’t cool enough for Hollywood.

So how do you make your own film-quality Authenticator? The two projects take slightly different approaches, but the basic idea is to create a three layer acrylic stack. The top and bottom pieces are identical, and scored in the middle so they’ll break along a clean line. The center piece is cut in half and largely hollowed out to create the compartment for your printed message. It’s perhaps best described as two “C” shapes that have slight gap where they meet, which provides some room for the top and bottom layers to flex. With the acrylic pieces aligned and the message inside, everything is solvent welded together.

Of course, the question now is what to do with them. We can think of all sorts of games and challenges that could make use of this kind of thing, but if you’re looking for something a little more practical, these would be an awesome way to store your two-factor authentication recovery codes. With the proper software, you could even use these for secure file storage via QR code.

hackaday.com/2025/02/12/laser-…

What would it be like to have to design and build a ventilator, suitable for clinical use, in ten days? One that could be built entirely from locally-sourced parts, and kept oxygen waste to a minimum? This is the challenge [John Dingley] and many others faced at the start of COVID-19 pandemic when very little was known for certain.

Back then it was not even known if a vaccine was possible, or how bad it would ultimately get. But it was known that hospitalized patients could not breathe without a ventilator, and based on projections it was possible that the UK as a whole could need as many as 30,000 ventilators within eight weeks. In this worst-case scenario the only option would be to build them locally, and towards that end groups were approached to design and build a ventilator, suitable for clinical use, in just ten days.
A ventilator suitable for use on a patient with an infectious disease has a number of design constraints, even before taking into account the need to use only domestically-sourced parts.
[John] decided to create a documentary called Breathe For Me: Building Ventilators for a COVID Apocalypse, not just to tell the stories of his group and others, but also as a snapshot of what things were like at that time. In short it was challenging, exhausting, occasionally frustrating, but also rewarding to be able to actually deliver a workable solution.

In the end, building tens of thousands of ventilators locally wasn’t required. But [John] felt that the whole experience was a pretty unique situation and a remarkable engineering challenge for him, his team, and many others. He decided to do what he could to document it, a task he approached with a typical hacker spirit: by watching and reading tutorials on everything from conducting and filming interviews to how to use editing software before deciding to just roll up his sleeves and go for it.

We’re very glad he did, and the effort reminds us somewhat of the book IGNITION! which aimed to record a history of technical development that would otherwise have simply disappeared from living memory.

You can watch Breathe for Me just below the page break, and there’s additional information about the film if you’d like to know a bit more. And if you are thinking the name [John Dingley] sounds familiar, that’s probably because we have featured his work — mainly on self-balancing personal electric vehicles — quite a few times in the past.

youtube.com/embed/xi3Te1LSUt0?…

hackaday.com/2025/02/12/new-do…

Right up front, we’ll say that [likeablob]’s pizza-faced clock gives us mixed feelings about our AI-powered future. On the one hand, if that’s Stable Diffusion’s idea of what a pizza looks like, then it should be pretty easy to slip the virtual chains these algorithms no doubt have in store for us. Then again, if they do manage to snare us and this ends up on the menu, we’ll pray for a mercifully quick end to the suffering.

The idea is pretty simple; the clock’s face is an empty pizza pan that fills with pretend pizza as the day builds to noon, whereupon pizza is removed until midnight when the whole thing starts again. The pizza images are generated by a two-stage algorithm using Stable Diffusion 1.5, and tend to favor suspiciously uncooked whole basil sprigs along with weird pepperoni slices and Dali-esque globs of cheese. Everything runs on a Raspberry Pi Zero W, with the results displayed on a 4″ diameter LCD with an HDMI adapter. Alternatively, you can just hit the web app and have a pizza clock on your desktop. If pizza isn’t your thing, fear not — other food and non-food images are possible, limited only by Stable Diffusion’s apparently quite limited imagination.

As clocks go, this one is pretty unique. But we’re used to seeing unusual clocks around here, from another food-centric timepiece to a clock that knits.

hackaday.com/2025/02/11/its-al…

One of the most popular evergreen toys is also one of the simplest, wooden track with push-along trains. We all know the brand name, and savvy parents know to pick up the much cheaper knock-off because the kid won’t know the difference. But a really cool kid shouldn’t have to push their train around by hand, and thus [Lauri] has given the wooden track a real, powered, locomotive.

In the 3D printed chassis goes a small geared motor driving one axle, with an ESP32 and a motor driver taking care of the smarts. Power comes from an 18650 cell, which almost looks like the right scale for a fake steam boiler. The surprise with this train comes in the front axle, this machine has steering. We’re curious, because isn’t the whole point of a train that the track directs it where it needs to go? Or perhaps a little help is required in the absence of a child’s guidance when it comes to points. Either way, with remote control we guess there would be few kids who wouldn’t want one. We certainly do.

hackaday.com/2025/02/11/push-y…

As of about a day ago, Google’s reasonably new Find My network just got more useful. [Leon Böttger] released his re-implementation of the Android tracker network: GoogleFindMyTools. Most interestingly for us, there is example code to turn an ESP32 into a trackable object. Let the games begin!

Everything is in its first stages here, and not everything has been implemented yet, but you are able to query devices for their keys, and use this to decrypt their latest location beacons, which is the main use case.

The ESP32 code appears not to support MAC address randomization just yet, so it’s possibly more trackable than it should be, but if you’re just experimenting with the system, this shouldn’t be too much of a problem. The README also notes that you might need to re-register after three days of use. We haven’t gotten to play with it just yet. Have you?

If you’re worried about the privacy implications of yet another ubiquitous tracking system out there, you’re not alone. Indeed, [Leon] was one of the people working on the Air Guard project, which let iPhone users detect trackers of all sorts around them. Anyone know if there’s something like that for Android?

Thanks [Lars] for the hot tip!

hackaday.com/2025/02/11/google…

The ESP32 family are the microcontrollers which just keep on giving, as new versions keep them up-to-date and plenty of hackers come up with new things for them. A popular device is a general purpose computer with a QWERTY keypad, and the latest of many we’ve seen comes from [StabbyJack]. It’s a credit card sized machine whose special trick is that its keyboard is integrated in the 3D printing of its case. We’ve seen rubber membranes and push in keys, but this one has flexible print-in-place keys that line up on the switches on its PCB.

It’s not complete yet but the hardware appears to be pretty much there, and aside from that keyboard it has an ESP32-S3 and a 1.9″ SPI LCD. When finished it aims for an ambitious specification, with thermal camera and time-of-flight range finder hardware, along with an OS and software to suit. We like it a lot, though we suspect it might be a little small for our fingers.

If you like this project you may appreciate another similar one, and perhaps your version will need an OS.

hackaday.com/2025/02/11/a-tiny…

The Tiny Tapeout custom ASIC project has been around for a while now, and has passed through several iterations of its production. On each Tiny Tapeout chip are multiple designs, each representing an individual project, and in use the chip is configured to present that project to its pins. Given enough Tiny Tapeout chips it was inevitable that someone whould eventually make a project using two such functions, and here’s [Sylvain Munaut] with an SDR using Tiny Tapeouts 6 and 7.

At its heart is [Carsten Wulff]’s 8 bit ADC from Tiny Tapeout 6, fed by [Kolos Koblász]’s Gilbert cell RF mixer from Tiny Tapeout 7. There’s a local oscillator provided by an RP2040, and a USB interface board which sends the data to a host computer where GNU Radio does the maths. On the bench it’s receiving an FM signal generated around 30MHz by a signal generator, followed by some slightly indistinct commercial radio stations.

It’s clear that there are many better SDRs than this one, and that (as yet) Tiny Tapeout is perhaps not the radio enthusiast’s choice. But it does demonstrate beautifully how the chips are more than just curios, and we’re definitely in the era of useful on-demand ASICs.

The video is below the break, meanwhile you can learn about Tiny Tapeout from [Matt Venn]’s Supercon talk.

youtube.com/embed/ynHy9gpcBgc?…

hackaday.com/2025/02/11/a-tiny…

There are many rechargeable battery chemistries, each with their own advantages and disadvantages. Currently lithium-ion and similar (e.g. Li-Po) rule the roost due to their high energy density at least acceptable number of recharge cycles, but aluminium-ion (Al-ion) may become a more viable competitor after a recently published paper by Chinese researchers claims to have overcome some of the biggest hurdles. In the paper as published in ACS Central Science by [Ke Guo] et al. the use of solid-state electrolyte, a charge cycle endurance beating LiFePO₄ (LFP) and excellent recyclability are claimed.

It’s been known for a while that theoretically Al-ion batteries can be superior to Li-ion in terms of energy density, but the difficulty lies in the electrolyte, including its interface with the electrodes. The newly developed electrolyte (F-SSAF) uses aluminium-fluoride (AlF₃) to provide a reliable interface between the aluminium and carbon electrodes, with the prototype cell demonstrating 10,000 cycles with very little cell degradation. Here the AlF₃ provides the framework for the EMIC-AlCl₃ electrolyte. FEC (fluoroethylene carbonate) is introduced to resolve electrolyte-electrode interface issues.

A recovery of >80% of the AlF₃ during a recycling phase is also claimed, which for a prototype seems to be a good start. Of course, as the authors note in their conclusion, other frameworks than AlF₃ are still to be investigated, but this study brings Al-ion batteries a little bit closer to that ever-elusive step of commercialization and dislodging Li-ion.

hackaday.com/2025/02/11/improv…

[Iftah] has been exploring the sounds beyond what we can hear, recording ultrasound and pitching it down. He made a short video on the practice, and it’s like a whole new world of sounds exists just outside of our hearing.

For instance, a dropped toothpick sounds like you’ve just dropped a piece of lumber, a broken lightbulb sounds like a shattered window, and a blackbird sounds like a blue whale. Besides simply sounding super, [Iftah] speculates that there’s some regularity here: that as you slow down the sound it sounds like it came from sources that are physically bigger. He follows this up in a second video, but if you just think about the basic physics, it makes sense.

If you’re interested in recording your own ultrasound, there are a bunch of options on the market. With modern audio processors running up to 192 kHz or even 384 kHz out of the box, all that’s missing is the high-frequency-capable microphone. Those aren’t unobtainable anymore either with many MEMS mics performing well above their rated frequency response specs. Recording ultrasound sounds like a fun and not-too-expensive project to us!

Of course, most of the ultrasound recording we’ve seen has been about the bats. Check out the Pipistrelle or this pair of DIY bat detectors for some good background. But after watching [Iftah]’s video, we’re no longer convinced that the cute little insectivores are the coolest thing going on in the ultrasound.

youtube.com/embed/9W6Y5vR6KN8?…

hackaday.com/2025/02/11/hearin…

Although the most fire-resistant building is likely a windowless, concrete bunker, this tends to be not the vibe that most home owners go for. This is why over the years construction of buildings in areas prone to bush- and wildfires – i.e. an uncontrolled fire in an area with combustible vegetation – has adapted to find a happy medium between a building that you’d enjoy living in and a building that will not instantly combust the moment an ember from a nearby wildfire gently touches down upon any part of it.

To achieve this feat, the primary means include keeping said combustible vegetation and similar away from the building, and to make the house as resistant to ember attacks as possible. That this approach is effective has been demonstrated over the course of multiple wildfires in California during the past years, whereby houses constructed more recently with these features had a much higher chance of making it through the event unscathed.

Naturally, the devil is in the details, which is why for example the Australian standard for construction in bushfire-prone areas (AS 3959, last updated in 2018, 2009 version PDF) is rather extensive and heavy on details, including multiple Bushfire Attack Level (BAL) ratings that define risk areas and legally required mitigation measures. So what does it take exactly to survive a firestorm bearing down on your abode?

Wild Bushfires

Fire is something that we are all familiar with. At its core it’s a rapid oxidation reaction, requiring oxygen, fuel, and some kind of ignition, which can range from an existing flame to a lightning strike or similar source of intense heat. Wild- and bushfires are called this way because the organic material from vegetation provides the fuel. The moisture content within the plants and branches act to set the pace of any ignition, while the spread of the fire is strongly influenced by wind, which both adds more oxygen and helps to distribute embers to susceptible areas downwind.

This thus creates two hazards: the flame front and the embers carried on the warm air currents, with the latter capable of travelling well over a kilometer in ideal conditions. The level of threat will differ of course depending on the region, which is what the Australian BAL rating is about. As each higher BAL comes with increasing risk mitigation costs it’s important to get this detail right. The main factors to take into account are flame contact, radiant heat and ember attack, the risk from each depending on the local environment.

In AS 3959-2009 this risk determination and mitigation takes the form of the following steps:

1. Look up the predetermined Fire Danger Index (FDI) for the region.
2. Determine the local vegetation types.
3. Determine the distance to classified vegetation types.
4. Determine the effective slope(s).
5. Cross-reference tables with these parameters to get the BAL.
6. Implement the construction requirements as set out by the standard.

The FDI (see table 2.1) is a fairly course measurement that is mostly set by the general climate of the region in question, which affects parameters like air temperature, humidity, wind speeds and long- and short-term drought likelihoods. Many parts of Australia have an FDI of 100 – the highest rating – while for example Queensland is 40. When putting these FDI ratings next to the list of major bushfires in Australia, it’s easy to see why, as the regions with an FDI of 100 are overwhelmingly represented on it.

Vegetation Angle

Not all vegetation types are equally dangerous, with both the distance and slope to them changing the calculation. The vegetation type classification ranges from forest to unmanaged grassland, most of which are further subdivided into a number of sub-categories, such as woodland being sub-divided into open, low or a combination thereof. This kind of classification is of course highly dependent on the country’s native vegetation.
Determination of distance of site from classified vegetation (Source: AS 3959-2009, Figure 2.1)
Following on this are the edge to the thus classified vegetation, such as the beginning of the forest or shrubland, and the effective slope between it and the house or construction site. This determines how close the flame front can get, the effective radiant heat and the likelihood of embers reaching the site. If the building is downslope, for example, embers will have a much easier time reaching it than if they have to find their way upslope.

For certain areas with low-threat vegetation as well as non-vegetated areas the resulting BAL will be ‘low’, as this renders the threat from all three risk factors essentially nil.

Threat Mitigation

The BAL can thus be determined for one’s (future) abode either painstakingly using the Australian Standard document, or by using e.g. the CSIRO’s online tools for new and existing structures. Either way, next comes a whole list of mitigations, which at least in Australia are generally required to fulfill local regulations. These mitigations include any adjacent structures (garage, carport, etc.).

One exception here is with BAL-LOW, which has no specific requirements or mitigations. The first BAL where measures are required is BAL-12.5, which has to cope with ember attack, burning debris and radiant heat up to 12.5 kW/m². The next two levels bump this up to 19 and 29 kW/m², before we get the final two levels that include the flames reaching the building either intermittently (BAL-40) or engulf fully (BAL-FZ, i.e. Flame Zone).

Regardless of the BAL, most of the mitigations are rather similar:

• any external surfaces exposed to potential embers, radiant heat and/or flames shall be either non-combustible, or bushfire-resistant.
• gaps and vents larger than 3 mm must be covered with a (bushfire) mesh that has a maximum aperture of 2 mm.
• installation of bushfire shutters to protect windows and doors.
• non-combustible roof tiles, sheets, etc.

One aspect that differs here is the setback distance, which for BAL-FZ is at least 10 meters between the house and the classified vegetation, which is less stringent with the other BALs.

Common Sense

Many of these measures are common sense, albeit it that the devil is in the details. What the right type of bushfire mesh or sealant is to keep embers out, for example, or the best kind of siding. Fortunately this kind of information is readily available, which makes a solid assessment of one’s abode the most crucial step. Perhaps the most crucial one after assessing gaps is the removal of flammable material near the house, including bushes and other vegetation, and the consideration of what’d happen if any part of the house exterior got exposed to embers, radiant heat and/or flames.

So-called wall and roof penetrations like skylights, AC units and ventilation can inadvertently become welcoming entrances. This plays a major role in the US, for example, where attic venting is very common. Without mesh keeping embers out, such vents will do what they’re designed to do, which is circulating (ember-filled) outside air. Generally the local fire department in bush- and wildfire prone areas will have resources to help hardening one’s home, such as CalFire’s dedicated resource site.

Although keeping up with these defenses is not super-easy, it bears keeping in mind that in the case of a major fire it can only take a single ember to compromise every other measure one might have taken. Since big fires do not generally announce themselves weeks in advance, it’s best to not put off repairs, and have a checklist in case of a wildfire so that the place is buttoned up and prepared when the evacuation notice arrives.

Though following all mitigations to the letter is no guarantee, it will at least give your abode a fighting chance, and with it hopefully prevent the kind of loss that not even the most generous fire insurance can undo.

Featured image: “Deerfire” by John McColgan

hackaday.com/2025/02/11/the-sc…

Un’operazione su vasta scala, che sfrutta ben 2,8 milioni di indirizzi IP, sta prendendo di mira dispositivi di sicurezza critici come VPN, firewall e gateway. I bersagli? Vendor di primo piano come Palo Alto Networks, Ivanti e SonicWall.

Rilevata per la prima volta a gennaio 2025 e confermata dalla Shadowserver Foundation, questa campagna ha subito un’accelerazione nelle ultime settimane. I cybercriminali stanno cercando di forzare credenziali di accesso su dispositivi esposti, mettendo a rischio la sicurezza di intere infrastrutture.

La tecnica dell’attacco

Il brute force non ha bisogno di presentazioni: tentativi ripetuti di login fino a trovare le giuste combinazioni di username e password. Se un dispositivo viene compromesso, può essere utilizzato per accesso non autorizzato alla rete, furto di dati o come nodo di un botnet.

Secondo Shadowserver, la campagna impiega 2,8 milioni di IP unici ogni giorno, con un’alta concentrazione in Brasile (1,1 milioni di IP), Turchia, Russia, Argentina, Marocco e Messico. Le fonti di questi attacchi sono per lo più proxy residenziali e dispositivi compromessi, come router MikroTik, Huawei e Cisco, segnale che dietro potrebbe esserci una botnet su vasta scala.

I dispositivi più colpiti

Gli attacchi prendono di mira le infrastrutture critiche per l’accesso remoto:

• VPN gateways (Palo Alto Networks GlobalProtect, SonicWall NetExtender)
• Firewall (Ivanti, Fortinet)
• Router e dispositivi IoT

Essendo dispositivi esposti a internet, diventano bersagli privilegiati. Un sistema compromesso non è solo una vittima: può trasformarsi in un proxy per ulteriori attacchi, permettendo agli attori malevoli di occultare il traffico malevolo dietro connessioni apparentemente legittime.

Un’escalation senza sosta

Piotr Kijewski, CEO di Shadowserver, ha confermato che non si tratta di semplici scansioni, ma di tentativi di login reali, aumentando esponenzialmente il rischio di compromissione. Questo attacco segue un trend in crescita: nell’aprile 2024, Cisco aveva già segnalato campagne simili contro VPN di Check Point, Fortinet e Ubiquiti, spesso veicolate tramite TOR e proxy anonimi.

La situazione è aggravata da vulnerabilità critiche recentemente scoperte, come CVE-2024-8190 (Ivanti) e CVE-2025-23006 (SonicWall), che rendono i dispositivi non aggiornati ancora più facili da compromettere.

Le contromisure

Le principali raccomandazioni includono:

• Eliminare le password di default
• Implementare autenticazione a più fattori (MFA)
• Migliorare la capacità di rilevamento delle minacce in tempo reale
• Segmentare la rete per limitare i danni in caso di compromissione
• Patch management rigoroso per eliminare vulnerabilità note

Conclusione

Questa campagna dimostra ancora una volta che gli attacchi brute force non sono un retaggio del passato, ma una minaccia attuale e in evoluzione. Shadowserver avverte che questi attacchi non si arresteranno presto e potrebbero coinvolgere ulteriori vendor e regioni.

Chiunque gestisca dispositivi di sicurezza esposti su internet deve agire subito: ignorare la minaccia significa diventare il prossimo bersaglio.

L'articolo 2,8 Milioni di IP all’Attacco: Un Attacco Brute Force Colpisce VPN e Firewall proviene da il blog della sicurezza informatica.

Una truffa eseguita ad arte, sfruttava una voce generata da un’intelligenza artificiale che impersonava il ministro della Difesa italiano Guido Crosetto per chiedere ad alcuni magnati italiani di trasferire denaro all’estero.

La truffa si estende anche ai magnati italiani

Secondo quanto riportato dai media, i truffatori hanno preso di mira, tra gli altri, lo stilista Giorgio Armani, l’ex proprietario dell’Inter Massimo Moratti, il co-fondatore di Prada Patrizio Bertelli e membri delle famiglie Beretta e Menarini.

La truffa prevedeva telefonate da parte di persone che si spacciavano per Crosetto e il suo staff. Alle vittime veniva chiesto di trasferire una somma di circa 1 milione di euro su un conto bancario con sede a Hong Kong, che, a quanto si diceva, era necessaria per liberare i giornalisti italiani rapiti in Medio Oriente.

Crosetto ha dichiarato di essere stato contattato da un imprenditore che non conosceva e che aveva trasferito una grossa somma su un conto corrente bancario intestato a un finto “generale Giovanni Montalbano”, dopo aver parlato con qualcuno che l’imprenditore pensava fosse Crosetto.

Il ministro ha affermato di aver informato l’imprenditore che si trattava di una truffa prima di allertare le autorità, che si sono recate a casa dell’individuo per raccogliere informazioni e sporgere denuncia. Crosetto ha affermato che nei giorni successivi ciò si è ripetuto più volte.

“Preferisco rendere pubblici i fatti affinché nessuno corra il rischio di cadere nella trappola”, ha scritto su X. Le autorità italiane stanno ora indagando sulla questione e stanno esaminando l’elenco degli obiettivi. Non è chiaro se la voce di Crosetto fosse un messaggio preregistrato oppure un filtro creato con l’intelligenza artificiale che ha permesso ai truffatori di modificare la sua voce in tempo reale.

La truffa è avvenuta poco dopo che il governo di Giorgia Meloni aveva ottenuto il rilascio di Cecilia Sala , la giornalista italiana detenuta per circa un mese nel famigerato carcere di Evin a Teheran prima di essere liberata a metà gennaio. Tra le persone prese di mira dai truffatori, Moratti avrebbe già sporto denuncia, così come le famiglie Aleotti e Beretta, secondo quanto riportato dai media italiani.

Deepfake, cosa sono e come proteggerci

I deepfake sono contenuti multimediali falsificati tramite intelligenza artificiale, capaci di replicare in modo estremamente realistico il volto, la voce e i movimenti di una persona. Questa tecnologia può essere usata per scopi leciti, come il doppiaggio cinematografico o la ricostruzione storica, ma anche per truffe, disinformazione e manipolazione politica.

Esistono due principali tipi di deepfake: quelli video, in cui il volto di una persona viene sostituito o alterato con risultati quasi indistinguibili dalla realtà, e quelli audio, dove la voce viene clonata e utilizzata per creare false dichiarazioni o impersonare individui. Con l’avanzare della tecnologia, queste falsificazioni stanno diventando sempre più difficili da riconoscere a orecchio o a occhio nudo.

Per proteggersi dai deepfake, è fondamentale verificare sempre le fonti di video e registrazioni audio, soprattutto se provengono da canali non ufficiali. Strumenti di analisi forense, software di rilevamento AI e il confronto con fonti affidabili possono aiutare a smascherare manipolazioni sofisticate.

Inoltre, evitare di condividere pubblicamente grandi quantità di contenuti vocali e video personali riduce il rischio di clonazione. La consapevolezza e l’educazione digitale sono le armi migliori per difendersi da questa minaccia in continua evoluzione.

L'articolo La voce di Crosetto usata dall’IA per ingannare Armani, Moratti e altri magnati! proviene da il blog della sicurezza informatica.

Nella tarda sera di lunedì 10 febbraio, durante una “ricognizione” sulle ultime “notizie” dal DarkWeb, un post sul noto forum BreachForums attira la mia attenzione. Il titolo: da prima pagina! “Cisco Data Breach – Ransomware Group Allegedly Breached Internal Network & Leaked AD”.

Il post, a “cura” dell’utente dallo pseudonimo lulagain (ndr tutto sommato anche con una discreta reputazione all’interno di BreachForum), riporta uno screenshot dove i presunti thread actors trollano Cisco con frasi del tipo: “Ci hai mentito e hai preso tempo per buttarci fuori.” e ancora “Ci vedremo presto, di nuovo. La prossima volta non avrai alcuna possibilità.”.

Lulagain continua con un’analisi del presunto attacco, dove i criminali informatici hanno avuto accesso alla rete interna di Cisco e all’Active Directory interna, collezionando username e NTLM Hash delle password. La presenza degli account dei Domain Controller, nel dump riportato, fa presumere a Lulagain che i malintenzionati abbiano avuto un accesso molto “profondo” alla rete e abbiamo potuto anche effettuare movimenti laterali all’interno della rete. Aggiunge inoltre, che tutto fa pensare ad un accesso persistente e ad una lunga permanenza all’interno della rete. Infine, ammette che Cisco non ha ufficialmente confermato l’attacco e conclude con consigli sulla sicurezza come: l’implementazione dalla MFA, analisi dei LOG, cambio password ecc.

Una notizia di questo livello non può essere passata inosservata e cerco qualche conferma. Trovo un articolo su Forbes e Kate O’Flaherty riporta che il presunto attacco è quello subito da Cisco del 2022. Quindi nessun nuovo attacco alla rete di Cisco!

La conferma è supportata da portavoce dell’azienda contatti via e-mail da Forbes, i quali confermano che “Cisco è a conoscenza di rapporti su incidenti di sicurezza” e che “l’incidente menzionato nei report è quello accaduto nel maggio 2022”.

Infine, si fa riferimento al post sul blog di sicurezza di Cisco Talos (il dipartimento di threat intelligence di Cisco) dove è possibile avere un report dettaglio sull’incidente di sicurezza.

Interessante lettura che ancora una volta conferma come il furto di credenziali sia il metodo preferito (e forse il più “semplice”) per guadagnare credenziali di accesso valide alle reti. Il report di sicurezza evidenzia come il “vettore inziale di attacco” sia stato un account Google personale di un dipendente compromesso. Sull’account era attiva la sincronizzazione delle password con Google Chrome, comprese le password di accesso ai sistemi ci Cisco. La MFA è poi stata violata con tecniche di social engineering come:

• MFA fatigue: che consiste nell’inviare decine di richieste di conferma finché l’utente per errore o per “sfinimento” conferma il codice MFA.
• VOICE PHISHING (aka “vishing”): Il vishing è una tecnica di social engineering sempre più comune, in cui gli attaccanti cercano di ingannare i dipendenti affinché rivelino informazioni sensibili al telefono. In questo caso, un dipendente ha riferito di aver ricevuto più chiamate nel corso di diversi giorni, in cui i chiamanti – che parlavano in inglese con vari accenti e dialetti internazionali – dichiaravano di essere associati a organizzazioni di supporto fidate dall’utente.

Ancora una volta, sebbene non si tratta di uno nuovo attaccato informatico, è importante comprendere che la formazione degli utenti, la cybersecurity awareness e l’utilizzo di strumenti per l’analisi delle credenziali compromesse, siano principi fondamentali per aumentare la sicurezza. In altre parole “le persone sono i nostri migliori firewall!”

L'articolo CISCO, violata? No! L’azienda rimanda alla violazione del 2022… proviene da il blog della sicurezza informatica.

Art. 640 ter C.P. (Frode Informatica)
“Chiunque, alterando in qualsiasi modo il funzionamento di un sistema informatico o telematico o intervenendo senza diritto con qualsiasi modalità su dati, informazioni o programmi contenuti in un sistema informatico o telematico o ad esso pertinenti, procura a sé o ad altri un ingiusto profitto con altrui danno, è punito con la reclusione da sei mesi a tre anni e con la multa da euro 51 a euro 1.032.

La pena è della reclusione da uno a cinque anni e della multa da trecentonove euro a millecinquecentoquarantanove euro se ricorre una delle circostanze previste dal numero 1) del secondo comma dell'articolo 640, ovvero se il fatto produce un trasferimento di denaro, di valore monetario o di valuta virtuale o è commesso con abuso della qualità di operatore del sistema.

La pena è della reclusione da due a sei anni e della multa da euro 600 a euro 3.000 se il fatto è commesso con furto o indebito utilizzo dell'identità digitale in danno di uno o più soggetti.
Il delitto è punibile a querela della persona offesa, salvo che ricorra taluna delle circostanze di cui al secondo e terzo comma o la circostanza prevista dall'articolo 61, primo comma, numero 5, limitatamente all'aver approfittato di circostanze di persona, anche in riferimento all'età”
Oggi basta scrivere all’interno del proprio browser di ricerca, la parola Trading per essere indirizzati su centinaia di siti, che promettono guadagni esorbitati mediante l’investimento di semplici somme. Ricordiamo che l’attività di Trading Online, consiste nell’acquistare e vendere titoli finanziari via computer. L’obiettivo principale di chi fa TOL consiste nel guadagnare sulla differenza di prezzo tra acquisto e vendita.

In definitiva consiste in una negoziazione telematica di titoli finanziari, quindi di un servizio finanziario fornito da società autorizzate da Consob, il cui scopo sarà quello di mettere a disposizione dei clienti, una piattaforma, su cui visualizzare i titoli presenti su numerosi mercati borsistici esteri e italiani. Queste società sono chiamate “broker online” o intermediari digitali.

Chiunque effettui tale attività, deve essere autorizzato ai sensi del DECRETO LEGISLATIVO del 24 feb 1998, n.58, dall’autorità finanziaria dello Stato in cui ha sede.

Chiarito questo aspetto, l’investitore oculato deve verificare che il consulente finanziario, deve essere in possesso di questa autorizzazione, diversamente si è preda di un operatore abusivo, non controllato. Il trader abusivo, che tratterà per sé le somme conferitegli, creando l’illusione di aver effettuato grandi guadagni, sparendo successivamente, commetterà sia il reato di abusivismo finanziario che quello di truffa (art. 640 1comma del C.P.). Infatti, in qualità di finto promotore finanziario, con più azioni esecutive di un medesimo disegno criminoso, con artifizi e raggiri indurrà la vittima in errore, ottenendo un guadagno trattenendo per se o per altri le somme dell’ignara vittima.

La tipica frode si esplica mediante la proposta di investimenti, propedeutica per l’intervento successivo sui dati di pagamento forniti dalla vittima, oppure reindirizzando il malcapitato su pagine fake, sostituite a quelle di siti affidabili, oppure sfruttando la creazione di piattaforme su misura, sostenute da numerose recensioni false.

Solitamente il primo approccio avviene tramite un falso call center o mediante l’inoltro di Email/messaggi whatapps con proposte di investimento. Ottenuto il primo aggancio si verrà messi in contatto con quello che viene presentato come un consulente personale esperto, il quale avrà il compito di seguire tutte le operazioni.

Qui sarà possibile, ravvisare i primi segnali di truffa, infatti nel linguaggio utilizzato durante le comunicazioni, i messaggi sono solitamente infarciti di errori grammaticali. Inoltre il finto broker, non fornirà mai la documentazione informativa obbligatoria, in contrasto con il testo unico delle disposizioni in materia di intermediazione finanziaria.

La vittima, a questo punto, viene indotta ad investire, mediante piattaforme che sembrano affidabili. Piattaforme di cui il sedicente consulente, fornirà direttamente l’URL. Tali pagine,verosimilmente, saranno state hackerate o create ad hoc per eseguire tale attività di truffa. Da questo momento, per la persona vittima si apriranno due scenari:

il primo, si verifica quando il soggetto sarà indotta con artifici e raggiri ad effettuare direttamente investimenti che produrranno un guadagno ingiusto a favore del falso trader o di un terzo soggetto. La seconda si verifica quando la frode sarà veicolata sfruttando un sistema informatico, situazione che incorre quando la pagina del sito su cui si effettuano gli investimenti viene hackerata, oppure nella quale il falso operatore prospetta l’istallazione di programmi che sfruttano il protocollo RDP, necessari per un controllo remoto del computer della vittima.

Questa situazione manifesta i requisiti costitutivi della frode informatica (art. 640 ter del C.P.), in quanto si configura un inganno perpetrato mediante l’uso di strumenti informatici. Fattispecie aggravata dalla minorata difesa della vittima, poiché per la giurisprudenza l’utilizzo di sistemi informatici viene considerato pregiudizievole, in quanto permissivo di operazioni effettuabili a distanza.

Nelle fattispecie indicate, presenterà un grande fattore di criticità, il recupero degli eventuali fondi investiti, poiché per la maggior parte trasferiti su conti esteri, molto spesso sotto forma di criptovaluta e quindi difficilmente oggetto di provvedimenti di sequestro e restituzione da parte della Autorità Giudiziaria.

Come nella maggior parte delle fattispecie caratterizzate da frode, la miglior tutela risulta sempre l’attenzione preventiva. Una delle strategie utilizzate dai criminali informatici sarà puntare sull’elevata redditività dei prodotti , omettendo di spiegare in maniera esatta i rischi delle operazioni di investimento. Tuttavia la materia trattata comprende argomenti complessi e articolati, sia sul lato informatico che su quello finanziario, ovviamente non colmabili mediante semplici scambi telefonici o messaggi.

L'articolo Hacker, Finti Broker e Call Center Truffaldini: Ecco Come Rubano i Tuoi Soldi proviene da il blog della sicurezza informatica.

Interesting parts make for interesting projects, and this nifty precision voltage reference has some pretty cool parts, not to mention an interesting test jig.

The heart of [Gaurav Singh]’s voltage reference is an ADR1399, precision shunt reference from Analog Devices. The datasheet makes for pretty good reading and reveals that there’s a lot going on inside the TO-49 case, which looks unusually large thanks to a thick plastic coat. The insulation is needed for thermal stability for the heated Zener diode reference. The device also has a couple of op-amps built in, one that provides closed-loop voltage control and another that keeps the internal temperature at a toasty 95°C. The result is a reference that’s stable over a wide range of operating conditions.

[Gaurav]’s implementation maximizes this special part’s capabilities while making it convenient to use. The PCB has a precision linear regulator that accepts an input voltage from 16 V to 20 V, plus a boost converter that lets you power it from USB-C. The board itself is carefully designed to minimize thermal and mechanical stress, with the ADR1399 separated from the bulk of the board with wide slots. The first video below covers the design and construction of an earlier rev of the board.

One problem that [Gaurav] ran into with these boards was the need to age the reference with an extended period of operation. To aid in that, he built a modular test jig that completed PCBs can be snapped into for a few weeks of breaking in. The jigs attach to a PCB with pogo pins, which mate to test points and provide feedback on the aging process. See the second video for more details on that.

youtube.com/embed/Ty0r_sLv-CI?…

youtube.com/embed/RvmJLGUzDS0?…

hackaday.com/2025/02/11/precis…

Nelle ultime ore un’escalation di post nella sezione “Access Market” del famoso forum nel DarkWeb. In vendita accessi ad una azienda di software italiana “Italian B2B Enterprise Software Solutions”, ad una delle più antiche università europee “One of Europe’s most oldest Universities”, a diverse municipalità degli stati uniti e molto altro.

L’hacker, che opera sotto lo pseudonimo di MYAKO, nelle ultime ore sta postando decine di accessi a enti governativi americani, ad aziende, a istituti pubblici e privati. I prezzi (tutti non negoziabili) variano da qualche centinaio di dollari a diverse migliaia. Le tipologie di accessi in vendita sono le più varie. Si possono comprare accessi ai firewall con privilegi di root, accessi ai sistemi di management ecc.

MYAKO vende anche “know how”. Nel suo post del 4 febbraio con oggetto “Intermediate Cyber Operations Guide” dove puoi “scoprire come navigare nel complesso panorama dello sfruttamento dei sistemi, della persistenza e del pivoting dal punto di vista di qualcuno che ha costantemente dimostrato la fragilità anche delle infrastrutture più ‘sicure’.” Per 500 dollari un pacchetto completo di: how-to, tool, repository, guide step-by-step. Il tutto scritto in linguaggio chiaro e conciso per appiattire la curva di apprendimento.

MYAKO si definisce un “operatore” autonomo, non sponsorizzato da qualche nazione. Si promuove facendo riferimento a diverse pubblicazioni che “parlano” di lui. Un’interessante intervista che ha rilasciato a Osint10x mette in luce il modo in cui opera, le tecniche, le procedure (TTPs). Osint10x lo identifica anche come admin di HellCat Group. Nell’intervista lui si dice interessato solo ai soldi.

ThreatMon lo identifica come “An Emerging Threat Actor with Advanced Capabilities” che utilizza tecniche di OSINT per identificare target di alto valore. Un suo biglietto da visita: il 13 dicembre 2024 ha messo in vendita per 2000 dollari l’accesso ad un firewall di una divisione dell’FBI, accesso venduto il 14 dicembre 2024.

Altro target italiano un ente di istruzione privato italiano. Sempre in vendita accesso root al firewall.

Per concludere è importante capire che ruolo giocano gli IAB (Initial Access Broker) nel panorama dell’underground, aprendo le porte a gruppi hacker che poi sfruttano questi accessi per portare a segno attacchi più importanti e potenzialmente devastanti.

L'articolo $800 per compromettere un contractor nucleare UK? Gli IaB alzano la posta in gioco! proviene da il blog della sicurezza informatica.

Disk space is allocated in clusters of a certain size. When a file is written to disk and the file size is smaller than the cluster(s) allocated for it, there is an unused portion of varying size between the end of the file’s data and the end of the allocated clusters. This unused space is the slack space, it’s perfectly normal, and [Zachary Parish] had an idea to write a tool to hide data in it.
The demo uses a usb drive, using the slack space from decoy files to read and write data.
[Zachary]’s tool is in Python and can map available slack space and perform read and write operations on it, treating the disparate locations as a single unified whole in which to store arbitrary files. A little tar and gzip even helps makes things more efficient in the process.

There’s a whole demo implemented on Linux using a usb drive with some decoy files to maximize the slack space, and you can watch it in action in the video embedded below. It’s certainly more practical than hiding data in a podcast!

Note that this is just a demo of the concept. The approach does have potential for handling secret data, but [Zachary] points out that there are — from a serious data forensics point of view– a number of shortcomings in its current form. For example, the way the tool currently structures and handles data makes it quite obvious that something is going on in the slack space.

[Zachary] created this a few years ago and has some ideas about how to address those shortcomings and evolve the tool, so if you have ideas of your own or just want to try it out, the slack_hider GitHub repository is where you want to go.

youtube.com/embed/ooYwYke9UFk?…

hackaday.com/2025/02/10/make-a…

The days that PDFs were the granny-proof Swiss Army knives of document sharing are definitely over, according to [vk6]. He has managed to pull off the ultimate mind-bender: running Linux inside a PDF file. Yep, you read that right. A full Linux distro chugging along in a virtual machine all encapsulated within a document. Just when you thought running DOOM was the epitome of it. You can even try it out in your own browser, right here. Mind-boggling, or downright Pandora’s box?

Let’s unpack how this black magic works. The humble PDF file format supports JavaScript – with a limited standard library, mind you. By leveraging this, [vk6] managed to compile a RISC-V emulator (TinyEMU) into JavaScript using an old version of Emscripten targeting asm.js instead of WebAssembly. The emulator, embedded within the PDF, interfaces with virtual input through a keyboard and text box.

The graphical output is ingeniously rendered as ASCII characters – each line displayed in a separate text field. It’s a wild solution but works astonishingly well for something so unconventional.

Security-wise, this definitely raises eyebrows. PDFs have long been vectors for malware, but this pushes things further: PDFs with computational power. We know not to trust Word documents, whether they just capable of running Doom, or trash your entire system in a blink. This PDF anomaly unfolds a complete, powerful operating system in front of your very eyes. Should we think lightly, and hope it’ll lead to smarter, more interactive PDFs – or will it bring us innocent looking files weaponized for chaos?

Curious minds, go take a look for yourself. The project’s code is available on GitHub.

youtube.com/embed/cWnN-FA3zRM?…

hackaday.com/2025/02/10/nice-p…

Blinds are great for keeping light out or letting light in on demand, but few of us appreciate having to walk over and wind them open and shut on the regular. [DIY Builder] resented this very task, so set about creating an automated system to do the job for him.

The blinds in question use a ball chain to open and close, which made them relatively easy to interface with mechanically. [DIY Builder] set up a NEMA 17 stepper motor with an appropriate 3D-printed gear to interface with the chain, allowing it to move the blinds accurately. The motor is controlled via an Arduino Nano and an A4988 stepper motor driver.

However, that only covered the mechanical side of things. [DIY Builder] wanted to take the build a step further by making the blinds voice activated. To achieve this, the Arduino Nano was kitted out with a DFRobot Gravity voice recognition module. It’s a super simple way to do voice recognition—it’s an entirely offline solution with no cloud computing or internet connection required. You just set it up to respond to simple commands and it does the rest.

The result is a voice activated blind that works reliably whether your internet is up or not. We’ve seen some other great projects in this space, too. Video after the break.

youtube.com/embed/xdABENCrh98?…

hackaday.com/2025/02/10/blinds…

Car infotainment systems somehow have become a staple in today’s automobiles, yet when it comes down to it they have all the elegance of a locked-down Android tablet. In the case of the Honda infotainment system that [dosdude1] got from a friend’s 2016/2017-era Honda Accord, it pretty much is just that. Powered by a dual-core Cortex-A15 SoC, it features a blazin’ 1 GB of RAM, 2 GB of storage and runs Android 4.2.2. It’s also well-known for crashing a lot, which is speculated to be caused by Out-of-RAM events, which is what the RAM upgrade is supposed to test.

After tearing down the unit and extracting the main board with the (Renesas) SoC and RAM, the SoC was identified as being an automotive part dating back to 2012. The 1 GB of RAM was split across two Micron-branded packages, leaving one of the memory channels on the SoC unused and not broken out. This left removing the original RAM chips to check what options the existing pads provided, specifically potential support for twin-die chips, but also address line 15 (A15). Unfortunately only the A15 line turned out to be connected.

This left double capacity (1 GB) chips as the sole option, meaning a total of 2 GB of RAM. After installation the infotainment system booted up, but only showed 1 GB installed. Cue hunting down the right RAM config bootstrap resistor, updating the boot flags and updating the firmware to work around the LINEOWarp hibernation image that retained the 1 GB configuration. Ultimately the upgrade seems to work, but until the unit is reinstalled in the car and tested it’s hard to say whether it fixes the stability issues.

Thanks to [Dylan] for the tip.

youtube.com/embed/9N1_8vz6R78?…

hackaday.com/2025/02/10/upgrad…

I ricercatori di NowSecure hanno avviato un audit di sicurezza sull’app mobile DeepSeek per iOS e hanno scoperto gravi problemi. Il principale è che l’applicazione trasmette dati sensibili senza alcuna crittografia, esponendoli al rischio di intercettazione e manipolazione. Gli esperti sottolineano inoltre che l’applicazione non rispetta le norme di sicurezza e raccoglie una grande quantità di dati sugli utenti e sui loro dispositivi.

“DeepSeek per iOS trasmette alcuni dati di accesso tramite Internet senza crittografia”, hanno scritto gli analisti. – Ciò espone tutti i dati presenti nel traffico Internet ad attacchi sia passivi che attivi. DeepSeek per iOS disattiva a livello globale App Transport Security (ATS), una funzionalità di sicurezza a livello di piattaforma iOS che impedisce l’invio di dati sensibili tramite canali non crittografati. Poiché questa protezione è disattivata, l’app può trasmettere (e lo fa) dati non crittografati su Internet.”

Il rapporto di NowSecure elenca anche una serie di debolezze nell’implementazione della crittografia dei dati degli utenti. Tra questi rientra l’uso dell’algoritmo non sicuro 3DES; chiavi simmetriche che sono le stesse per tutti gli utenti iOS e sono codificate e memorizzate sul dispositivo; riutilizzo dei vettori di inizializzazione.

Inoltre, è stato rivelato che i dati venivano trasmessi a server gestiti dalla piattaforma di cloud computing e archiviazione dati Volcano Engine, di proprietà della società cinese ByteDance, proprietaria anche di TikTok.

I ricercatori hanno avvertito che, sebbene alcuni di questi dati fossero correttamente crittografati tramite TLS, una volta decrittografati sui server controllati da ByteDance, le informazioni sarebbero potute essere abbinate ad altri dati degli utenti raccolti altrove. Ciò potrebbe in ultima analisi portare all’identificazione di individui specifici e al potenziale monitoraggio delle richieste.

Sebbene la verifica di NowSecure non sia ancora stata completata, i ricercatori si sono subito affrettati ad avvertire che l’app DeepSeek per iOS “non è progettata o preparata per fornire una protezione di base per i tuoi dati e la tua identità”.

Secondo loro, DeepSeek per iOS non rispetta nemmeno le regole di sicurezza fondamentali, deliberatamente o accidentalmente. Allo stesso tempo, gli esperti hanno ritenuto l’app DeepSeek per Android ancora più problematica e hanno consigliato di rimuoverla.

Va notato che la scorsa settimana l’Associated Press ha riferito che il sito web DeepSeek è stato creato per trasmettere i dati degli utenti all’infrastruttura di China Mobile, una società di telecomunicazioni statale cinese a cui è vietato operare negli Stati Uniti.

Ad oggi, diversi paesi, tra cui Australia, Paesi Bassi e Corea del Sud, nonché numerose agenzie governative in India e negli Stati Uniti, hanno vietato l’uso di DeepSeek sui dispositivi governativi per motivi di sicurezza nazionale.

L'articolo DeepSeek Nel Mirino! L’app iOS trasmette i dati ai backend senza crittografia! proviene da il blog della sicurezza informatica.

Bleach is a handy way to mark fabrics, and it turns out that combining bleach with a 3D-printed design is an awfully quick-working and effective way to stamp a design onto a shirt.
Plain PLA stamp with bleach gives a slightly distressed look to this design.
While conceptually simple, the details make the difference. Spraying bleach onto the stamp surface helps get even coverage, and having the stamp facing “up” and lowering the shirt onto the stamp helps prevent bleach from running where it shouldn’t. Prompt application of hot air with a heat gun (followed by neutralizing or flushing any remaining bleach by rinsing in plenty of cold water) helps keep the edges of the design clean and sharp.

We wondered if combining techniques with some of the tips on how to 3D print ink stamps would yield even better results. For instance, we notice the PLA stamp (used to make the design in the images here) produces sharp lines with a slightly “eroded” look overall. This is very much like the result of inking with a stamp printed in PLA. With a stamp printed in flex filament, inking gives much more even results, and we suspect the same might be true for bleach.

Of course, don’t forget that it’s possible to 3D print directly onto fabric if you want your designs to be a little more controlled (and possibly in multiple colors). Or, try silkscreening. Who knew there were so many options for putting designs onto shirts? If you try it out and learn anything, let us know by sending in a tip!

youtube.com/embed/LBNN1thLB3E?…

hackaday.com/2025/02/10/make-c…

It’s been a minute since I featured a tiny keyboard, and that’s okay. But if you want to get your feet wet in the DIY keyboarding community, making a little macro pad like [Arnov Sharma]’s Paste Pal is a great place to start.

Image by [Arnov Sharma] via Hackaday.IOThis is a follow-up to his original Paste Pal, which only had two buttons for copy and paste plus an OLED display. This updated version does three more things thanks to a total of five blue (!) switches. The selected command shows up on the screen so you know what you’ve done.

Right now, [Arnov] has the Paste Pal set up to do Copy, Paste, Enter, Scroll Up, and Scroll Down, but changing the assignments is as easy as updating a few lines of code.

Paste Pal Mk. II is at heart a Seeed Xiao SAMD21, which in this case is programmed in Arduino. If you want to make things easier on yourself, you could program it in CircuitPython instead, although [Arnov] includes the Arduino code in his excellent build guide.

A Good Soldier, Indeed

RIP to [Pure-Bullfrog-2569]’s 7-year-old masterpiece of a hand-wired build, which recently gave its last keystroke.

Image by [Pure-Bullfrog-2569] via redditEvidently this beauty is heavy, crappy, and hand-wired, but I have big doubts about the crappy part. It’s built out of layers of laser cut wood and hand-painted. It took [Pure-Bullfrog-2569] the better part of a year to pull this together. And now they feel too lazy to debug it.

At the urging of many redditors, it appears that [Pure-Bullfrog-2569] will set the keyboard aside for a later date, rather than just throwing or parting it out, or hanging it on the wall.

The controller itself is dead, which was a fake Teensy anyway, so maybe they’ll solder in an RP2040 or something and bring it back to life. Apparently it sounded pretty cool to type on. I bet it did!

The Centerfold: Screens, Screens Everywhere

Image by [theslinkyvagabond] via redditDo you like screens, bro? Some people do. I myself have two, but I also used a tablet back when I was streaming so I could manage my unruly chat full of tumbleweeds and crickets. Having sort of been there, I can see why a person would want a lot of screens if they have a lot going on. Apparently [theslinkyvagabond] does, what with the three-server home lab and all to manage. Maybe it’s the relative darkness, or the fact that all the screens are currently the same, but this somehow seems cozy for a five-screen setup. No mention of the keyboards, although the one on the left looks intriguing.

Do you rock a sweet set of peripherals on a screamin’ desk pad? Send me a picture along with your handle and all the gory details, and you could be featured here!

Historical Clackers: the SEGA Pico Keyboard

I know, I know; this looks like my typical centerfold choice. But hear me out. So I was trying to get ChatGPT to trawl GitHub for new-ish hardware keyboard projects on my behalf, and it came back with this intriguing picture of a SEGA keyboard. There was also a Hello Kitty variant!
Image via Video Game Database
Now of course the actual link it listed goes to a DIY keyboard with a Raspberry Pi Pico inside, which is a nice build, by the way. You should check it out.

But anyway, back to this Japanese Fisher Price situation. It is apparently an accessory for the SEGA Pico system, which was a lot like a LeapPad, and used the same processor as the SEGA Mega Drive. It did sell in North America and Europe, but only for an unsuccessful four years before being discontinued. Apparently it has a regular PS/2 connector (Indonesian, translated) and works just fine as a computer input.

I don’t know what kind of switches this thing has, but I would love to find out. It looks fun to type on, at least. And I don’t just mean because of the colors. Those keycaps remind me of that 80s square gum with the goo inside. Freshen Up.

Finally, a Keyboard for Writers

So this floaty mechanical keyboard is the latest offering from Astrohaus, who rose to fame with their AlphaSmart NEO-like device called the Freewrite, which apparently I disliked enough to never even cover. Why bother with that when you have OG NEOs lying around? Also, those Freewrite things are pricey for what they are, and I’ve seen plenty of writer decks on Hackaday to believe that I could build my own if I wanted.
Image via Astrohaus/Freewrite
Much like the Freewrite, the Wordrunner is aimed squarely at writers. And how do we feel about it? Well, as much as I love my Kinesis Advantage, it sure doesn’t have an electromechanical word counter or a sprint timer built into it like this one does.

It looks white, but the body is all metal and feels great according to Tom’s Hardware. All Wordrunners will ship with Kailh box browns and are not hot-swappable. Well, I suppose these are for writers and not necessarily keyboard enthusiasts. Perhaps the most interesting bit is that the F keys are replaced by common writerly actions, and there are a couple of programmable macro keys on top of those.

If there’s one thing writers love, it’s watching that word count go up. I can imagine how awesome it would be to watch it spin the faster you type, although that might trigger an urge to write nonsense. But sometimes great things come from such brainstorms.

Of course I don’t love that the Wordrunner is a standard TKL rectangle, but you gotta start somewhere, I suppose. Maybe they’ll make an ergonomic one someday. Like the other products under the Astrohaus/Freewrite umbrella, this one will launch on Kickstarter. Who knows how much it will be, probably at least $200, but you can reserve one for a refundable $1 ahead of time.

Got a hot tip that has like, anything to do with keyboards? Help me out by sending in a link or two. Don’t want all the Hackaday scribes to see it? Feel free to email me directly.

hackaday.com/2025/02/10/keebin…

Gli esperti Microsoft hanno lanciato l’allarme : gli attacchi di iniezione di codice ViewState hanno previsto che gli aggressori creeranno malware utilizzando chiavi ASP.NET statiche trovate su Internet.

Secondo Microsoft Threat Intelligence, alcuni sviluppatori utilizzano le chiavi ASP.NET validationKey e decryptionKey (destinate a proteggere ViewState da manomissioni e divulgazioni) nel proprio codice, reperibile nella documentazione del codice o in repository di terze parti.

Gli aggressori utilizzano anche chiavi macchina accessibili al pubblico nei loro attacchi per creare ViewState dannosi (utilizzati nei moduli Web ASP.NET per gestire lo stato e salvare le pagine) aggiungendovi falsi codici di autenticazione dei messaggi).

Gli esperti spiegano che quando si carica ViewState inviato tramite richieste POST, il runtime ASP.NET sul server di destinazione decifra e convalida i dati ViewState dannosi utilizzando le chiavi corrette, quindi li carica nella memoria del processo worker e li esegue. Ciò consente agli aggressori di eseguire codice da remoto sui server web IIS presi di mira, consentendo loro di distribuire payload aggiuntivi.

Ad esempio, in un incidente verificatosi nel dicembre 2024, un aggressore sconosciuto ha utilizzato una chiave macchina disponibile al pubblico per distribuire un framework di post-sfruttamento di Godzilla su un server web di destinazione, consentendo l’esecuzione di comandi dannosi e l’iniezione di shellcode.

“Microsoft ha identificato più di 3.000 chiavi ASP.NET esposte pubblicamente che potrebbero essere utilizzate in tali attacchi”, ha affermato l’azienda. — In precedenza, gli attacchi di iniezione ViewState utilizzavano solitamente chiavi compromesse o rubate, spesso vendute sui forum del darknet. “Ma le chiavi disponibili al pubblico possono rappresentare un rischio ancora maggiore perché sono disponibili in più repository e possono essere aggiunte al codice di sviluppo senza modifiche.”

Per proteggersi da tali attacchi, Microsoft consiglia agli sviluppatori di generare chiavi macchina in modo sicuro, di non utilizzare chiavi predefinite o chiavi trovate su Internet, di crittografare gli elementi machineKey e connectionStrings per bloccare l’accesso ai segreti in chiaro, di eseguire l’aggiornamento ad ASP.NET 4.8 per utilizzare l’interfaccia AMSI (Antimalware Scan Interface) e di rafforzare i server Windows.

Inoltre, Microsoft ha descritto in dettaglio i passaggi per rimuovere o sostituire le chiavi ASP.NET nel file di configurazione web.config utilizzando PowerShell o la console di gestione IIS. L’azienda ha inoltre rimosso le chiavi di esempio dalla propria documentazione pubblica per impedire a chiunque di utilizzarle.

L'articolo Microsoft lancia l’allarme: chiavi ASP.NET pubbliche usate per iniettare malware proviene da il blog della sicurezza informatica.

In un’operazione congiunta internazionale, le forze dell’ordine hanno recentemente smantellato il Data Leak Site (DLS) del gruppo ransomware 8Base, noto per aver colpito numerose aziende a livello globale. Questo sito fungeva da piattaforma per la pubblicazione di dati sensibili sottratti alle vittime che si rifiutavano di pagare il riscatto, esercitando così ulteriore pressione su di esse.

Attivo dal marzo 2022, 8Base ha guadagnato notorietà per la sua strategia di combinare la crittografia dei dati e la divulgazione pubblica delle informazioni rubate per costringere le vittime al pagamento. Nonostante l’intensa attività registrata, l’identità dei membri e le metodologie operative del gruppo sono rimaste a lungo nell’ombra.

Un aspetto peculiare di 8Base è la loro auto-definizione come “semplici pentester”, offrendo alle aziende violate una sorta di audit di sicurezza non richiesto. In un’intervista rilasciata a Red Hot Cyber, il gruppo ha dichiarato: “Vediamo falle nella sicurezza delle reti aziendali e le usiamo”. Questo approccio, sebbene criminale, evidenzia le gravi lacune nella sicurezza informatica di molte organizzazioni.

In Italia, 8Base ha preso di mira diverse organizzazioni, evidenziando la vulnerabilità delle infrastrutture informatiche nazionali. Questi incidenti sottolineano la necessità di rafforzare le misure di sicurezza informatica nel paese.

Il successo dell’operazione delle forze dell’ordine rappresenta un duro colpo per 8Base e per le attività illecite legate al ransomware. Tuttavia, gli esperti avvertono che la chiusura del DLS potrebbe non segnare la fine delle operazioni del gruppo, che potrebbe tentare di ristabilire la propria presenza online o evolvere le proprie tattiche per eludere le future indagini.

Questo evento sottolinea l’importanza di una cooperazione internazionale nella lotta contro il cybercrimine e la necessità per le aziende di adottare misure proattive di sicurezza informatica. Investire in sistemi di difesa avanzati, formazione del personale e monitoraggio continuo delle reti è fondamentale per prevenire attacchi futuri e proteggere dati sensibili da potenziali minacce.

L'articolo 8Base smantellato! Le forze dell’ordine chiudono il sito dei leak del gruppo ransomware proviene da il blog della sicurezza informatica.

A traditional computer mouse typically fits in the palm of your hand. However, with modern technology, there’s no need for mice to be so large, as demonstrated by [juskim]’s neat little mouse ring. Check it out in the video below.

The concept is simple—it’s a tiny mouse that sits neatly on the end of one of your fingers. You then get the slightly surreal experience of pointing on your computer just by moving a single finger instead of your whole hand.

The project uses a typical optical mouse sensor for movement, as you might expect. However, there are no conventional switches for the left and right mouse buttons. Instead, [juskim] realized a more compact design was possible by using proximity sensors instead. The sensors detect the presence of his fingers on either side of the ring mouse. When one of the fingers is lifted, the absence of the finger triggers a mouse click, either left or right, depending on the finger.

The build started with junk box parts, but hooking up an Arduino Pro Micro dev board and other modules proved too cumbersome to use effectively. Instead, the build relies on an ATTO board, a tiny PCB featuring the same ATmega32U4 microcontroller. Similarly, the build relies on tiny proximity sensors from STM to fit in the “ring” form factor. It’s all wrapped up in a 3D-printed enclosure that fits snugly on the user’s finger.

We’ve seen some other neat mouse rings before, too. Or, if you want something really different, grab some keychains and make a 6DOF mouse.

youtube.com/embed/vcZNPGWGGOU?…

hackaday.com/2025/02/10/tiny-m…

If you’ve ever looked at the bottom of a bank check, you probably glanced over some strangely formed numbers? If you’re a fan of science fiction or retro computers, you’ve probably spotted the same figures on any number of books from the 1980s. They’re mostly readable, but they’re chunky and thin in places you don’t expect.

Those oddball numerals didn’t come from just anywhere—they were a very carefully crafted invention to speed processing in the banking system. These special fonts were created to be readable both by humans and machines—us with our eyes, and the computers with magnetic sensors. Let’s explore the enigmatic characters built for Magnetic Ink Character Recognition (MICR).

Machines Will Do The Work

Early examples of machine-readable magnetic fonts from the Department of Commerce—Automatic Character Recognition, A State-Of-The-Art Report, May 1961.
These days, much of the money in the world is sent and received via digital transfers. Once upon a time, though, paper was king when it came to moving money. The almighty check was how you got money out of one account and into another one.

Sadly, as populations grew and economic activity skyrocketed, the status quo couldn’t hold. By the mid-1940s, the problem was already apparent, with the Federal Reserve dealing with 2 billion checks a year in 1946. While mechanical adding machines and various other techniques helped, fundamentally, bankers and clerks were processing millions of checks daily, all by hand.

The financial world needed a way to speed handling of checks as much as possible. The solution was to enable machines to read as much of the information on a check as possible, so they could handle the basic sorting and processing steps at speed. This would eliminate much of the manual reading and handling by humans, and greatly improve throughput.

The problem was that in the middle of the 20th century, technologies like optical character recognition, or even digital cameras, were decades away. Instead, the key innovation that saved banking was MICR—short for Magnetic Ink Character Recognition. It involved printing certain characters on checks with an iron oxide-based ink. The combination of the ink’s magnetic content and the unique shape of each number meant machines could read the checks easily and unambiguously—even in the case they were physically damaged. Meanwhile, the MICR characters were also designed to remain human readable, so they could be readily understood by the humans using them, too. This was an important backup in the event a check failed machine reading for whatever reason.
An example US-style check with the MICR line along the bottom—printed with the E-13B font. Credit: Federal Reserve Bank of Philadelphia
With MICR, checks could be pre-printed with a bank’s routing number and the customer account to draw from, leaving just the payment amount to be read from the check user’s handwriting. Alternatively, even the amount could be printed in MICR characters if the check was fully machine-issued, speeding processing further. With the aid of magnetic ink, processing speeds went up prodigiously. In 1950, mechanical aids had allowed one clerk to process 1,300 checks in an hour. Fast forward to the magnetic ink era just a few years later, and clerks were able to handle 33,000 checks or more in the same amount of time.

As is so often the way, the world did not agree on one standard for MICR purposes. Developments across the banking world occurred during the 1950s, with two major magnetic fonts being developed in parallel.

If you’re based in the United States, Canada, the UK, Australia, or much of the rest of the English-speaking world, you’re probably most familiar with a font called E-13B. This is the one with the gloopy letters and the worst ‘1’ numeral ever committed to print. It was developed by General Electric and the Stanford Research Institute. Its designation was entirely pragmatic—E denoted that it was the fifth font considered, and B denoted the second revision. 13 referred to the fact it was designed for use on an 0013-inch grid.

The font was designed to create a unique magnetic signal pattern when each numeral or symbol was scanned by a magnetic reader. The shapes were specifically engineered to avoid any possible confusion – that’s why the 0 has those straight sides, and the 8 is so hefty at the bottom, for example. Each number generates a waveform that’s distinct from the others, making it easy to process the signal and read the check accurately. E-13B wasn’t perfect, with 2s and 5s putting out rather similar signals in some cases that could cause confusion, but it proved itself more than reliable enough to do the job.
The 14 characters of the E-14B MICR font—the last four are for control purposes.This book cover from the 1980s was typical of the era – leaning on E-13B tropes to convey a technical aesthetic.
The standard was trialled in 1956 and was adopted by the American Bankers Association by 1958. By 1963, the American National Standards Institute (ANSI) designated that E-13B would be the standard, and by 1967, the Federal Reserve mandated the use of magnetic ink on checks. E-13B went on to become a graphical motif commonly associated with computers and modernity, with artists commonly creating lookalike characters for the whole Latin alphabet. However, the official E-13B standard only ever had 14 characters—numerals 0 to 9, plus four additional control characters for check processing—”transit,” “on-us,” “amount,” and “dash.”
The CMC-7 font, designed by Groupe Bull.
At roughly the same time, French computer company Groupe Bull was working on its own standard. In 1957, it developed the CMC-7 font, which used an entirely different approach to E-13B. Rather than relying on the varying the intensity of magnetism by the amount of ink in a character, CMC-7 instead relied on characters made up of vertical bars. The spacing between the bars could be read by machine to determine the numerals. The design gave CMC-7 characters more of a barcode-like appearance. Notably, CMC-7 also featured a full alphanumerical character set—41 glyphs, including A-Z, 0-9, and five control characters.
An Italian check signed by Enzo Ferrari – note the CMC-7 font along the bottom. Credit: Morio, CC BY-SA 3.0
Thanks to the geopolitics of the mid-20th century, each MICR standard ended up with its own stomping ground. While E-13B dominated in the Anglophone world, CMC-7 ended up being used in France, Spain, and much of Europe and South America. At heart, both standards did the same thing—they enabled machines to read most of the data on a check with a minimum of fuss.

Banks might feel mostly digital these days, but MICR fonts are still an important standard in the financial world. If you’re issuing checks, you might end up running into some problems if you’re not printing them with the appropriate MICR font and magnetic ink. For most of us, checks are a simple tool of the past, but it turns out a great deal of engineering went into perfecting them before the computer came along.

hackaday.com/2025/02/10/how-ma…

Un presunto leak di documenti classificati della National Security Agency (NSA) è stato pubblicato su Breach Forums, uno dei più noti marketplace underground per la compravendita di dati rubati.

L’utente “HumanError”, con il titolo di “GOD User” all’interno del forum, ha annunciato il caricamento di un set di documenti appartenenti alla Five Eyes Intelligence Group, l’alleanza di intelligence che comprende Stati Uniti, Regno Unito, Canada, Australia e Nuova Zelanda.

Secondo il post, il leak sarebbe avvenuto attraverso l’intrusione nei sistemi di Acuity Inc., un’azienda che collabora direttamente con il governo degli Stati Uniti e i suoi alleati.

Cosa è stato compromesso?

Il post pubblica una serie di samples e fornisce alcune informazioni sul contenuto dei dati sottratti, tra cui:

• Nomi completi, email, numeri di telefono (personali e aziendali)
• Indirizzi email governativi, militari e del Pentagono
• Comunicazioni classificate tra Five Eyes, 14 Eyes e i loro alleati

L’autore del leak menziona anche il coinvolgimento di altri membri con gli alias @IntelBroker, @Sangsiero e @EnergyWeaponUser, suggerendo che l’operazione possa essere stata condotta da un gruppo piuttosto che da un singolo attore.

Tali informazioni sono interconnesse ad una precedente fuoriuscita di informazioni di Aprile del 2024, quando IntelBroker pubblicò un post analogo riportando dei dati trapelati dalle infrastrutture della NSA. Infatti i samples pubblicati in entrambi i post risultano gli stessi.

L'articolo NSA Data Leak: Documenti classificati trapelano su Breach Forums per la seconda volta proviene da il blog della sicurezza informatica.

The BASIC language may be considered old-hat here in 2025, and the days when a computer came as a matter of course with a BASIC interpreter are far behind us, but it can still provide many hours of challenge and fun. Even with our love of all things 8-bit, though, we’re still somewhat blown away by [Matthew Begg]’s BASIC interpreter written in 10 lines of BASIC. It’s an entry in the BASIC 10-liner competition, and it’s written to run on a Sinclair ZX Spectrum.

The listing can be viewed as a PNG file on the linked page. It is enough to cause even the most seasoned retrocomputer enthusiasts a headache because, as you might expect, it pushes the limits of the language and the Sinclair interpreter. It implements Tiny Basic as a subset of the more full-featured BASICs, and he’s the first to admit it’s not fast by any means. He gives a line-by-line explanation, and yes, it’s about as far away from the simple Frogger clones we remember bashing in on our Sinclairs as it’s possible to get.

We love it that there are still boundaries to be pushed, even on machines over four decades old, and especially that this one exceeds what we thought was a pretty good knowledge of Sinclair BASIC. Does this language still have a place in the world? We always look forward to the BASIC 10-liner competition.

Header: background by Bill Bertram, CC BY-SA 2.5.

hackaday.com/2025/02/10/basica…

Era una mattina qualunque per i dipendenti di un’importante azienda italiana del settore retail. L’aria nei corridoi profumava ancora di caffè e il tintinnio delle tastiere riempiva gli uffici. Nessuno avrebbe mai immaginato che, in quello stesso momento, i loro dati fossero in vendita nel dark web.

Un post comparso su un noto forum di cybercriminalità informatica chiuso (accesso su presentazione o attraverso pagamento) aveva appena messo in vendita l’accesso a un database contenente più di un milione di clienti: nomi, email, numeri di telefono, indirizzi, persino informazioni sui pagamenti.

Il venditore, noto con lo pseudonimo Panigale, offriva un accesso privilegiato a un sistema SAP compromesso, permettendo a chiunque fosse disposto a pagare 10.000 dollari di effettuare ordini fraudolenti e accedere alle email aziendali.

Ma chi era la vittima? Il post non la menzionava esplicitamente. Solo pochi dettagli lasciavano intendere che fosse un’azienda italiana, forse un grande rivenditore con un’enorme base di clienti.

Initial Access broker: i mercanti del crimine digitale

Quello che stava avvenendo non era un caso isolato. I broker di accesso, come Panigale, sono figure chiave nell’ecosistema del cybercrime. Non sono necessariamente gli autori dell’attacco iniziale, ma fungono da intermediari: ottengono credenziali compromesse, accessi a database o interi sistemi aziendali e li rivendono a gruppi ransomware o altri cybercriminali.

Nel caso specifico, l’offerta riguardava un accesso a SAP, il cuore pulsante della gestione aziendale di molte multinazionali. Controllando questo sistema, un attaccante potrebbe manipolare ordini, visualizzare informazioni finanziarie o persino sabotare la catena di approvvigionamento.

Ma non tutti possono vedere i dettagli dell’inserzione: per visualizzare i sample, il forum richiede più di 100 reazioni, una misura per limitare l’accesso ai soli membri fidati e mantenere la community al sicuro da infiltrazioni delle forze dell’ordine.

La reputazione del venditore: un fattore chiave

Nel dark web, la reputazione è tutto. Panigale non è un novellino: con 150 messaggi e 37 reazioni ricevute, è considerato un utente affidabile. Inoltre, ha già utilizzato il servizio di “garante automatico”, una funzione del forum che permette di effettuare transazioni sicure con il supporto di un escrow. Questo dettaglio rafforza la sua credibilità, attirando potenziali acquirenti pronti a sfruttare i dati rubati.

Ma la vera domanda rimane: quale azienda italiana ha subito questa violazione? E, soprattutto, si è già accorta dell’intrusione?

L'articolo Il Giallo Dell’Attacco Hacker All’azienda italiana! Chi ha perso un milione Accessi SAP? proviene da il blog della sicurezza informatica.

Mechanical switches are pretty easy to understand—the contacts touch, the current flows, and Bob is, presumably, your uncle. But what about soft switches? Well, they’re not that difficult to understand either, as explained by [EDN].
You can build a touch switch quite easily with old-school chips.
The traditional softswitch takes input from a momentary single-pole pushbutton and lets you press to toggle power on and off. This operation is easy to achieve with a simple flip-flop constructed with old-school logic to create a “bistable” circuit. That means it will happily remain stable in one of two states unless you do something to make it switch.

So far, so simple. However, you’ll need to consider that a simple mechanical pushbutton tends to have an issue with the contacts bouncing as they come into contact. If ignored, this would see your softswitch rapidly flicking on and off at times, which is no good at all. To avoid this, you simply need hook up an RC network to smooth out or “debounce” the button input.

Read the post for the full circuit dynamics, as well as how to make the system work with a touchpad instead of a pushbutton. It’s rare to construct such elements from raw logic these days, what with microcontrollers making everything so easy. Still, if you want or need to do it, the old techniques still work just fine! There’s more than one way to solve the problem, of course.

hackaday.com/2025/02/10/flip-f…

We’ve all been there. That sad day when the zipper on our favorite hoodie, bag, or pair of pants breaks in some seemingly irreparable way. But there is hope, and [Magic Stitches] is gonna show you how to make some common repairs using household items and, in some cases, just a little bit of easy hand sewing. After a warm up with a kitchen fork, the video moves on to more significant problems.

The first problem — a chewed-away zipper bottom — is quite common, but requires no sewing to fix. As you’ll see in the video below, all it takes is a drinking straw, some hot glue, a lighter, and a pair of scissors to recreate the plastic bit that keeps the zipper from splitting in twain.

Now the second issue concerns a pair of pants wherein the head has come off the static side of the zipper. This one seems impossible to fix, but [Magic Stitches] cuts into the static side about five teeth from the bottom, slides the head back on, and sews the bottom of the zipper together.

This one we take a little bit of an issue with, because it assumes that you can get your jeans on over your hips without needing the zipper head to be fully down. But what else are you going to do but throw the jeans away upcycle the jeans into a fanny pack or something to immortalize them?

For the third issue, we’re back to the poor red hoodie, which also has a run in the zipper tape. After cutting off the fuzzies, [Magic Stitches] sews it back together with a contrasting thread (presumably to help us see the repair). If they had used black, it wouldn’t show at all, except now there is just a tiny bit of pull on the hoodie where the snag was. Again, we’re saving a presumably beloved hoodie here, and some people like their repairs to show.

Finally, [Magic Stitches] has a duffel bag with a zipper that comes back apart once it’s been zipped. At first, they tried squeezing the zipper head with pliers while the zipper was still attached, but that didn’t fix the problem. By carefully cutting the end of the tape, they could slide the head off of the ends and squish both sides with pliers more effectively. This is probably the hardest repair of all because it involves threading the head back on. In the end, all you have to do is sew a few stitches across the end of the teeth and then sew the tape back to the bag.

Got a broken zipper box? You can fix that with 3D printing. Mystified about how zippers work? No need to be.

youtube.com/embed/xox768Pcwtg?…

hackaday.com/2025/02/09/hack-t…