A Foot Pedal To Supplement Your Keyboard
It’s 2025, and you’re still probably pressing modifier keys on your keyboard like a… regular person. But it doesn’t have to be this way! You could use foot pedals instead, as [Jan Herman] demonstrates.
Now, if you’re a diehard embedded engineer, you might be contemplating your favorite USB HID interface chip and how best to whip up a custom PCB for the job. But it doesn’t have to be that complicated! Instead, [Jan] goes for an old school hack—he simply ripped the guts out of an cheap USB keyboard. From there, he wired up a few of the matrix pads to 3.5 mm jack connectors, and put the whole lot in a little metal project box. Then, he hooked up a few foot pedal switches with 3.5 mm plugs to complete the project.
[Jan] has it set up so he can plug foot pedals in to whichever keys he needs at a given moment. For example, he can plug a foot pedal in to act as SPACE, ESC, CTRL, ENTER, SHIFT, ALT, or left or right arrow. It’s a neat way to make the project quickly reconfigurable for different productivity tasks. Plus, you can see what each pedal does at a glance, just based on how it’s plugged in.
It’s not an advanced hack, but it’s a satisfying one. We’ve seen some other great builds in this space before, too. If you’re cooking up your own keyboard productivity hacks, don’t hesitate to let us know!
The Capacitor Plague of the Early 2000s
Somewhere between the period of 1999 and 2007 a plague swept through the world, devastating lives and businesses. Identified by a scourge of electrolytic capacitors violently exploding or splurging their liquid electrolyte guts all over the PCB, it led to a lot of finger pointing and accusations of stolen electrolyte formulas. In a recent video by [Asianometry] this story is summarized.
The bad electrolyte in the faulty capacitors lacked a suitable depolarizer, which resulted in more gas being produced, ultimately leading to build-up of pressure and the capacitor ultimately failing in a way that could be rather benign if the scored top worked as vent, or violently if not.
Other critical elements in the electrolyte are passivators, to protect the aluminium against the electrolyte’s effects. Although often blamed on a single employee stealing an (incomplete) Rubycon electrolyte formula, the video questions this narrative, as the problem was too widespread.
More likely it coincided with the introduction of low-ESR electrolytic capacitors, along with computers becoming increasingly more power-hungry, and thus stressing the capacitors in a much warmer environment than in the early 1990s. Combine this with the presence of counterfeit capacitors in the market and the truth of what happened to cause the Capacitor Plague probably involves a bit from each column, a narrative that seems to be the general consensus.
youtube.com/embed/rSpzAVpnXo4?…
Keebin’ with Kristina: the One with the Cheesy Keyboard
Let’s just kick things off in style with the fabulously brutalist Bayleaf wireless split from [StunningBreadfruit30], shall we? Be sure to check out the wonderful build log/information site as well for the full details.
For the first serious custom build, [StunningBreadfruit30] wanted a polished look and finish, and to that I say wow, yes; good job, and nod enthusiastically as I’m sure you are. Believe it or not, [StunningBreadfruit30] came into this with no CAD skills at all. But it was an amazing learning experience overall, and an even better version is in the works.
I didn’t read the things. Is it open-source? It’s not, at least not at this time. But before you get too-too excited, remember that it cost $400 to build, and that doesn’t even count shipping or the tools that this project necessitated purchasing. However, [StunningBreadfruit30] says that it may be for sale in the future, although the design will have an improved sound profile and ergonomics. There’s actually a laundry list of ideas for the next iteration.
Apiaster Aims to Be the Beginner’s Endgame
That’s right — [Saixos]’ adjustable 50-key Apiaster is designed to be endgame right from the start, whether you’re just getting into the ergo side of the hobby, or are already deep in and are just now finding out about this keyboard. Sorry about that!
And [Saixos] didn’t stop there. In the magnificent repo, there’s a Python-generated case that’s highly customizable, plus MX and Choc versions of the PCB. Finally, Apiaster can use either LiPo batteries or a coin cell.
The other main crux of the biscuit here is price, and the Apiaster can be built for about $37 total minus shipping/customs/tariffs and/or tooling. That’s pretty darn good, especially if this really becomes your endgame.
The Centerfold: A ’90s Kid Works Here
Perhaps the biggest change is going from clacky blues on the Taurus to silent and slinky reds. Who knows why such a drastic change, but [nismology5] is digging the smoothness and quietude underneath those GMK Panels clones from Ali.
Now, let’s talk about that sweet trackball. It’s a Clearly Superior Technologies (CST) KidTRAC with a pool ball swapped in. They are discontinued, sadly, but at least one was available as NOS on eBay. Not to worry — they are being produced by another company out of the UK and come in that sweet UNO Draw 4 Wild drip.
Do you rock a sweet set of peripherals on a screamin’ desk pad? Send me a picture along with your handle and all the gory details, and you could be featured here!
Historical Clackers: the Fox was Quite Fetching
The lovely Fox was named not for its primary inventor Glenn J. Barrett, but instead for company president William R. Fox. Although this may seem unfair, the Fox is a pretty great name for a good-looking typewriter.
This nineteenth-century Fox appeared in 1898, shortly after it was patented and had a number of nice features, like a notably light touch. The carriage can be removed easily for cleaning and maintenance. And the machine had a “speed escapement”, which affects the carriage advancement timing. It could be set to advance either when a typebar returns to rest, or as soon as the typebar starts off for the platen.
The first Foxes were understroke machines, which is another term for blind writer, meaning that one must lift something out of the way to see what one had written as the typebars strike the platen from underneath. In the case of the Fox, one need only turn the platen slightly.
Frontstroke or ‘visible’ typewriters were coming into vogue already, so the company introduced a frontstroke machine in 1906. It had many of the same features as the blind-writing Foxen, such as the dual-speed escapement. A one- or two-color ribbon could be used, and the machine could be set to oscillate the ribbon so as not to waste the entire bottom half as most typewriters did. I’d like to see it set to oscillate with a two-color ribbon, that’s for sure!
To capitalize on the portable craze, they built the so-called “Baby Fox” in 1917. Corona found the resemblance to their own portables quite striking and successfully sued Fox. The company went out of business in 1921, possibly because of this litigation. Ah, well.
Finally, a Keyboard for Mice
Probably the best thing about these delicious-looking 3D-printed keycaps are the cheese knife Backspace, Enter, and right Shift along with the novelties like the mousy Esc. Underneath all that fromage is a Keychron V6 Max with unknown switches.
[RobertLobLaw2] explains that cheese and keyboards have more in common than you think, as both hobbies use ‘pretentious adjectives to describe the sensory experience (of the hobby)’. Boy, if that isn’t the thocking truth. Should you require such a charcuter-key board for yourself, the files are freely available.
Got a hot tip that has like, anything to do with keyboards? Help me out by sending in a link or two. Don’t want all the Hackaday scribes to see it? Feel free to email me directly.
Simulating Embedded Development To Reduce Iteration Time
There’s something that kills coding speed—iteration time. If you can smash a function key and run your code, then watch it break, tweak, and smash it again—you’re working fast. But if you have to first compile your code, then plug your hardware in, burn it to the board, and so on… you’re wasting a lot of time. It’s that problem that inspired [Larry] to create an embedded system simulator to speed development time for simple projects.
The simulator is intended for emulating Arduino builds on iPhone and Mac hardware. For example, [Larry] shows off a demo on an old iPhone, which is simulating an ESP32 playing a GIF on a small LCD display. The build isn’t intended for timing-delicate stuff, nor anything involving advanced low-level peripherals or sleep routines and the like. For that, you’re better off with real hardware. But if you’re working on something like a user interface for a small embedded display, or just making minor tweaks to some code… you can understand why the the simulator might be a much faster way to work.
For now, [Larry] has kept the project closed source, as he’s found that it wouldn’t reasonably be possible for him to customize it for everyone’s unique hardware and use cases. Still, it’s a great example of how creating your own tools can ease your life as a developer. We’ve seen [Larry]’s great work around here before, like this speedy JPEG decoder library.
youtube.com/embed/j1ryXNiYefc?…
Checking In On the ISA Wars and Its Impact on CPU Architectures
An Instruction Set Architecture (ISA) defines the software interface through which for example a central processor unit (CPU) is controlled. Unlike early computer systems which didn’t define a standard ISA as such, over time the compatibility and portability benefits of having a standard ISA became obvious. But of course the best part about standards is that there are so many of them, and thus every CPU manufacturer came up with their own.
Throughout the 1980s and 1990s, the number of mainstream ISAs dropped sharply as the computer industry coalesced around a few major ones in each type of application. Intel’s x86 won out on desktop and smaller servers while ARM proclaimed victory in low-power and portable devices, and for Big Iron you always had IBM’s Power ISA. Since we last covered the ISA Wars in 2019, quite a lot of things have changed, including Apple shifting its desktop systems to ARM from x86 with Apple Silicon and finally MIPS experiencing an afterlife in the form of LoongArch.
Meanwhile, six years after the aforementioned ISA Wars article in which newcomer RISC-V was covered, this ISA seems to have not made the splash some had expected. This raises questions about what we can expect from RISC-V and other ISAs in the future, as well as how relevant having different ISAs is when it comes to aspects like CPU performance and their microarchitecture.
RISC Everywhere
Unlike in the past when CPU microarchitectures were still rather in flux, these days they all seem to coalesce around a similar set of features, including out-of-order execution, prefetching, superscalar parallelism, speculative execution, branch prediction and multi-core designs. Most of the performance these days is gained from addressing specific bottlenecks and optimization for specific usage scenarios, which has resulted in such things like simultaneous multithreading (SMT) and various pipelining and instruction decoder designs.
CPUs today are almost all what in the olden days would have been called RISC (reduced instruction set computer) architectures, with a relatively small number of heavily optimized instructions. Using approaches like register renaming, CPUs can handle many simultaneous threads of execution, which for the software side that talks to the ISA is completely invisible. For the software, there is just the one register file, and unless something breaks the illusion, like when speculative execution has a bad day, each thread of execution is only aware of its own context and nothing else.
So if CPU microarchitectures have pretty much merged at this point, what difference does the ISA make?
Instruction Set Nitpicking
If we look at where RISC-V is being used today in a commercial setting, it is primarily as simple embedded controllers where this modularity is an advantage, and compatibility with the zillion other possible RISC-V extension combinations is of no concern. Here, using RISC-V has an obvious advantage over in-house proprietary ISAs, due to the savings from outsourcing it to an open standard project. This is however also one of the major weaknesses of this ISA, as the lack of a fixed ISA along the pattern of ARMv8 and x86_64 makes tasks like supporting a Linux kernel for it much more complicated than it should be.
This has led Google to pull initial RISC-V support from Android due to the ballooning support complexity. Since every RISC-V-based CPU is only required to support the base integer instruction set, and so many things are left optional, from integer multiplication (M), atomics (A), bit manipulation (B), and beyond, all software targeting RISC-V has to explicitly test that the required instructions and functionality is present, or use a fallback.
Tempers are also running hot when it comes to RISC-V’s lack of integer overflow traps and carry instructions. As for whether compressed instructions are a good idea, the ARMv8 camp does not see any need for them, while the RISC-V camp is happy to defend them, and meanwhile x86_64 still happily uses double the number of instruction lengths courtesy of its CISC legacy, which would make x86_64 twice as bad or twice as good as RISC-V depending on who you ask.
Meanwhile an engineer with strong experience on the ARM side of things wrote a lengthy dissertation a while back on the pros and cons of these three ISAs. Their conclusion is that RISC-V is ‘minimalist to a fault’, with overlapping instructions and no condition codes or flags, instead requiring compare-and-branch instructions. This latter point cascades into a number of compromises, which is one of the major reasons why RISC-V is seen as problematic by many.
In summary, in lieu of clear advantages of RISC-V against fields where other ISAs are already established, its strong points seem to be mostly where its extreme modularity and lack of licensing requirements are seen as convincing arguments, which should not keep anyone from enjoying a good flame war now and then.
The China Angle
Although everywhere that is not China has pretty much coalesced around the three ISAs already described, there are always exceptions. Unlike Russia’s ill-fated very-large-instruction-word Elbrus architecture, China’s CPU-related efforts have borne significantly more fruit. Starting with the Loongson CPUs, China’s home-grown microprocessor architecture scene began to take on real shape.
Originally these were MIPS-compatible CPUs. But starting with the 3A5000 in 2021, Chinese CPUs began to use the new LoongArch ISA. Described as being a ‘bit like MIPS or RISC-V’ in the Linux kernel documentation on this ISA, it features three variants, ranging from a reduced 32-bit version (LA32R) and standard 32-bit (LA32S) to a 64-bit version (LA64). In the current LS3A6000 CPU there are 16 cores with SMT support. In reviews these chips are shown to be rapidly catching up to modern x86_64 CPUs, including when it comes to overclocking.
Of course, these being China-only hardware, few Western reviewers have subjected the LS3A6000, or its upcoming successor the LS3A7000, to an independent test.
In addition to LoongArch, other Chinese companies are using RISC-V for their own microprocessors, such as SpacemiT, an AI-focused company, whose products also include more generic processors. This includes the K1 octa-core CPU which saw use in the MuseBook laptop. As with all commercial RISC-V-based cores out today, this is no speed monsters, and even the SiFive Premier P550 SoC gets soundly beaten by even a Raspberry Pi 4’s already rather long-in-the-tooth ARM-based SoC.
Perhaps the most successful use of RISC-V in China are the cores in Espressif’s popular ESP32-C range of MCUs, although here too they are the lower-end designs relative to the Xtensa Lx6 and Lx7 cores that power Espressif’s higher-end MCUs.
Considering all this, it wouldn’t be surprising if China’s ISA scene outside of embedded will feature mostly LoongArch, a lot of ARM, some x86_64 and a sprinkling of RISC-V to round it all out.
It’s All About The IP
The distinction between ISAs and microarchitecture can be clearly seen by contrasting Apple Silicon with other ARMv8-based CPUs. Although these all support a version of the same ARMv8 ISA, the magic sauce is in the intellectual property (IP) blocks that are integrated into the chip. These range from memory controllers, PCIe SerDes blocks, and integrated graphics (iGPU), to encryption and security features. Unless you are an Apple or Intel with your own GPU-solution, you will be licensing the iGPU block along with other IP blocks from IP vendors.
These IP blocks offer the benefit of being able to use off-the-shelf functionality with known performance characteristics, but they are also where much of the cost of a microprocessor design ends up going. Developing such functionality from scratch can pay for itself if you reuse the same blocks over and over like Apple or Qualcomm do. For a start-up hardware company this is one of the biggest investments, which is why they tend to license a fully manufacturable design from Arm.
The actual cost of the ISA in terms of licensing is effectively a rounding error, while the benefit of being able to leverage existing software and tooling is the main driver. This is why a new ISA like LoongArch may very well pose a real challenge to established ISAs in the long run, beacause it is being given a chance to develop in a very large market with guaranteed demand.
Spoiled For Choice
Meanwhile, the Power ISA is also freely available for anyone to use without licensing costs; the only major requirement is compliance with the Power ISA. The OpenPOWER Foundation is now also part of the Linux Foundation, with a range of IBM Power cores open sourced. These include the A2O core that’s based on the A2I core which powered the XBox 360 and Playstation 3’s Cell processor, as well as the Microwatt reference design that’s based on the much newer Power ISA 3.0.
Whatever your fancy is, and regardless of whether you’re just tinkering on a hobby or commercial project, it would seem that there is plenty of diversity in the ISA space to go around. Although it’s only human to pick a favorite and favor it, there’s something to be said for each ISA. Whether it’s a better teaching tool, more suitable for highly customized embedded designs, or simply because it runs decades worth of software without fuss, they all have their place.
Ogni tanto una gioia… anzi mezza! Scoperto un modo per decifrare Akira su server Linux
Il ricercatore Yohanes Nugroho ha rilasciato uno strumento per decifrare i dati danneggiati dalla variante Linux del ransomware Akira. Lo strumento sfrutta la potenza della GPU per ottenere chiavi di decrittazione e sbloccare i file gratuitamente.
L’esperto ha affermato di aver trovato la soluzione dopo che un amico gli ha chiesto aiuto. Ha stimato che il sistema crittografato potrebbe essere violato in circa una settimana (in base al modo in cui Akira genera le chiavi di crittografia utilizzando i timestamp).
Alla fine, il progetto ha richiesto tre settimane per essere completato e il ricercatore ha dovuto spendere circa 1.200 dollari in risorse GPU necessarie per decifrare la chiave di crittografia. Ma alla fine il metodo ha funzionato.
Lo strumento di Nugroho è diverso dai tradizionali decryptor, in cui gli utenti forniscono una chiave per sbloccare i file. Al contrario, utilizza la forza bruta per ottenere chiavi di crittografia (uniche per ogni file), sfruttando il fatto che Akira genera chiavi di crittografia in base all’ora corrente (in nanosecondi) e la utilizza come seed.
Akira genera dinamicamente chiavi di crittografia univoche per ogni file utilizzando quattro diversi timestamp con una precisione al nanosecondo e ne esegue l’hashing utilizzando 1500 cicli di SHA-256.
Queste chiavi vengono crittografate utilizzando RSA-4096 e aggiunte alla fine di ogni file crittografato, rendendone difficile la decifratura senza la chiave privata. Il livello di precisione dei timestamp crea oltre un miliardo di possibili valori al secondo, rendendo difficili gli attacchi brute-force. Inoltre, Nugroho ha scoperto che la versione Linux del malware crittografa più file contemporaneamente utilizzando il multithreading, il che rende ancora più difficile determinare la marca temporale.
Il ricercatore ha ristretto i possibili timestamp dell’attacco brute force esaminando i log condivisi dal suo amico. Ciò ha permesso di rilevare il tempo di esecuzione del ransomware e i metadati del file hanno aiutato a stimare il tempo di completamento della crittografia.
I primi tentativi di hacking furono effettuati sulla RTX 3060 e si rivelarono troppo lenti: il limite era di soli 60 milioni di test al secondo. Nemmeno l’aggiornamento alla RTX 3090 ha aiutato molto.
Alla fine Nugroho si è rivolto ai servizi GPU cloud RunPod e Vast.ai, che hanno fornito potenza sufficiente e hanno contribuito a confermare l’efficacia dello strumento da lui creato. L’esperto ha utilizzato sedici RTX 4090 e ci sono volute circa 10 ore per forzare la chiave. Tuttavia, a seconda del numero di file crittografati da recuperare, questo processo potrebbe richiedere diversi giorni.
Tuttavia, il ricercatore fa notare che gli specialisti delle GPU possono chiaramente ottimizzare il suo codice, quindi le prestazioni possono probabilmente essere migliorate.
Nugroho ha già pubblicato il suo decryptor su GitHub, dove ha anche pubblicato istruzioni dettagliate su come recuperare i file Akira crittografati.
L'articolo Ogni tanto una gioia… anzi mezza! Scoperto un modo per decifrare Akira su server Linux proviene da il blog della sicurezza informatica.
Writing a GPS Receiver from Scratch
GPS is an incredible piece of modern technology. Not only does it allow for locating objects precisely anywhere on the planet, but it also enables the turn-by-turn directions we take for granted these days — all without needing anything more than a radio receiver and some software to decode the signals constantly being sent down from space. [Chris] took that last bit bit as somewhat of a challenge and set off to write a software-defined GPS receiver from the ground up.
As GPS started as a military technology, the level of precision needed for things like turn-by-turn navigation wasn’t always available to civilians. The “coarse” positioning is only capable of accuracy within a few hundred meters so this legacy capability is the first thing that [Chris] tackles here. It is pretty fast, though, with the system able to resolve a location in 24 seconds from cold start and then displaying its information in a browser window. Everything in this build is done in Python as well, meaning that it’s a great starting point for investigating how GPS works and for building other projects from there.
The other thing that makes this project accessible is that the only other hardware needed besides a computer that runs Python is an RTL-SDR dongle. These inexpensive TV dongles ushered in a software-defined radio revolution about a decade ago when it was found that they could receive a wide array of radio signals beyond just TV.
Oltre l’attacco di Dark Storm su X: come l’illusione dell’hacktivismo rinforza il sistema
L’attacco di Dark Storm su X (ex Twitter) è stato significativo per diverse ragioni.
L’attacco del 10 marzo 2025 – un DDoS multilivello eseguito utilizzando una botnet – rivendicato dal gruppo hacktivista pro-palestinese Dark Storm, ha causato un’interruzione globale, colpendo un gran numero di utenti in tutto il mondo e interrompendo i suoi servizi. “C’è stato (e c’è ancora) un massiccio attacco informatico contro X,” ha scritto Musk, “Veniamo attaccati ogni giorno, ma questo è stato fatto con molte risorse. Sembra essere un gruppo grande e coordinato e/o un paese coinvolto.”
In precedenza (agosto 2024) X aveva già subito un attacco DDoS, attacco che analizzato dalla società di sicurezza informatica cinese Qi An Xin XLAB – specializzata in threat intelligence con sede ad Hong Kong – è stato visto come attacco mirato utilizzando quattro botnet master Mirai.
Il gruppo di hacker Dark Storm Team (DST), creato nel settembre 2023, poche settimane prima dell’attacco terroristico di Hamas del 7 ottobre contro Israele, ha rivendicato la responsabilità dell’attacco tramite Telegram, dichiarando di aver messo offline la piattaforma. L’attacco ha coinvolto una botnet di dispositivi compromessi, tra cui dispositivi IoT come telecamere IP e router, per sovraccaricare i server di X. Sebbene Dark Storm abbia rivendicato la responsabilità, alcuni esperti hanno messo in dubbio l’attribuzione a causa della complessità degli attacchi DDoS, che possono coinvolgere traffico da diverse località globali.
Questo attacco sottolinea l’importanza di robuste difese informatiche e la complessa interazione tra motivazioni politiche e criminalità informatica motivata dal profitto.
Ma tali azioni, sostiene Jesse William McGraw su Cyber News, sottolineano come l’hacktivismo contemporaneo, in particolare da parte di gruppi come Anonymous, sia una “opposizione controllata” che reagisce ai cicli di notizie senza sfidare strategicamente le strutture di potere sottostanti. Il vero cambiamento, suggerisce l’autore, richiede lo smantellamento dei “burattinai” che controllano la finanza globale, i governi e le strutture sociali, piuttosto che impegnarsi semplicemente in conflitti superficiali come gli attacchi DDoS. Jesse William suggerisce che le minacce reali non ricevono attenzione e che gli hacktivisti devono iniziare a smantellare le vere reti di guerra basate sulla conoscenza e concentrarsi sui meccanismi di controllo più profondi per causare un cambiamento significativo.
I principi fondamentali dell’hacktivismo e il paradosso
Gli hacktivisti – ci racconta Jesse Williams – si fondano su diversi principi chiave come denunciare ed esporre la corruzione e gli illeciti, combattere la censura e difendere la privacy digitale, supportare le comunità emarginate e quelle oppresse (cruciale) e contrastare la propaganda e la disinformazione (azione vitale). Il modo in cui gli hacktivisti agiscono su questi principi rivela il loro vero impegno nei loro confronti e allo stesso tempo alcune ideologie possono essere distorte per servire come strumenti di controllo.
Il paradosso è che la ricerca dell’idealismo può talvolta rispecchiare la stessa oppressione che gli hacktivisti mirano a smantellare, intrappolando infine le persone all’interno del sistema che cercano di liberare. McGraw ha un legame personale con questo movimento: durante il suo percorso di hacking, l’hacktivismo ha svolto un ruolo fondamentale. Tuttavia, ci dice che se avesse saputo allora ciò che sa ora, il suo percorso sarebbe stato diverso.
Una fonte di ispirazione per un cambiamento significativo: il più grande hack di tutti
Mentre l’attacco di Dark Storm era guidato da motivazioni geopolitiche, prendendo di mira entità percepite come sostenitori di Israele, mentre X è utilizzato da molti sostenitori pro-palestinesi: l’attacco così paradossalmente ha messo a tacere le voci che sostenevano la loro causa. Come potrebbe finire: le azioni volte a sfidare gli oppressori percepiti possono inavvertitamente danneggiare coloro che intendono sostenere. L’hacktivismo contemporaneo nello sfidare le vere strutture di potere è limitato e necessita di azioni più incisive che vadano oltre i gesti simbolici e invece prendano di mira le cause profonde dei problemi sistemici.
“[…] l’hack che tutti stavamo aspettando in questo momento non è digitale ma ideologico”. _ Jesse William McGraw
Jesse William consiglia alla nuova generazione di iniziare ad ascoltare i testi di Zack de la Rocha da Rage Against the Machine come fonte di profonda ispirazione per un cambiamento significativo. La vera libertà implica il riconoscimento e la liberazione da questo controllo ideologico, piuttosto che impegnarsi in atti superficiali di resistenza. Questa consapevolezza è vista come il “più grande hack” di tutti.
L'articolo Oltre l’attacco di Dark Storm su X: come l’illusione dell’hacktivismo rinforza il sistema proviene da il blog della sicurezza informatica.
DK 9x22 Il bue dà del cornuto all'asino
È disperante quando le istituzioni esibiscono le stesse dinamiche deibambini dell'asilo...
spreaker.com/episode/dk-9x22-i…
DIY Your Own Red Light Therapy Gear
There are all kinds of expensive beauty treatments on the market — various creams, zappy lasers, and fine mists of heavily-refined chemicals. For [Ruth Amos], a $78,000 LED bed had caught her eye, and she wondered if she could recreate the same functionality on the cheap.
The concept behind [Ruth]’s build is simple enough. Rather than buy a crazy-expensive off-the-shelf beauty product, she decided to just buy equivalent functional components: a bunch of cheap red LEDs. Then, all she had to do was build these into a facemask and loungewear set to get the same supposed skin improving benefits at much lower cost.
[Ruth] started her build with a welding mask, inside which she fitted red LED strips of the correct wavelength for beneficial skin effects. She then did the same with an over-sized tracksuit, lacing it with an array of LED strips to cover as much of the body as possible. While it’s unlikely she was able to achieve the same sort of total body coverage as a full-body red light bed, nor was it particularly comfortable—her design cost a lot less—on the order of $100 or so.
Of course, you might question the light therapy itself. We’re not qualified to say whether or not red LEDs will give you better skin, but it’s not the first time we’ve seen a DIY attempt at light therapy.
youtube.com/embed/4ZCb4rtJzpo?…
Il nuovo operatore ransomware Mora_001, sfrutta gli exploit di authentication bypass di Fortinet
Un nuovo operatore ransomware, noto con lo pseudonimo Mora_001, sta sfruttando due vulnerabilità critiche nei dispositivi Fortinet per ottenere accesso non autorizzato ai firewall aziendali e distribuire una nuova variante di ransomware chiamata SuperBlack.
Le due falle di sicurezza coinvolte, entrambe di tipo authentication bypass sono identificate come CVE-2024-55591 e CVE-2025-24472.
Fortinet ha divulgato la prima il 14 gennaio 2025, confermando che era stata attivamente sfruttata come zero-day sin da novembre 2024. La seconda vulnerabilità, inizialmente non segnalata come attivamente sfruttata, è stata poi collegata agli attacchi di SuperBlack scoperti dai ricercatori di Forescout a partire dal 2 febbraio 2025.
L’attacco condotto da Mora_001 segue una catena d’azione altamente strutturata, che si ripete sistematicamente per ogni vittima:
- Acquisizione di privilegi amministrativi: sfruttando le vulnerabilità di Fortinet, l’attaccante ottiene i permessi di super_admin.
- Creazione di nuovi account amministrativi: vengono aggiunti utenti malevoli con nomi come forticloud-tech, fortigate-firewall e administrator.
- Persistenza: modificando le impostazioni di automazione, l’attaccante si assicura che gli account malevoli vengano ricreati anche se rimossi.
- Movimento laterale: una volta compromesso il firewall, l’attaccante utilizza credenziali VPN rubate e accessi tramite SSH e Windows Management Instrumentation (WMIC) per diffondersi nella rete.
- Fase di estorsione: prima di criptare i file, Mora_001 esfiltra dati sensibili utilizzando un tool custom, per poi minacciare la vittima con la pubblicazione delle informazioni rubate.
- Cifratura dei file e cancellazione delle tracce: dopo l’encryption, viene rilasciata una nota di riscatto e viene eseguito un tool chiamato *WipeBlack*, progettato per cancellare ogni traccia del ransomware e ostacolare l’analisi forense.
Connessioni con LockBit
Le analisi di Forescout suggeriscono che l’operazione ransomware SuperBlack potrebbe avere collegamenti con il gruppo LockBit, già noto per precedenti attacchi su larga scala.
Diversi elementi indicano questa connessione:
- Il codice di SuperBlack sembra derivare dal builder di LockBit 3.0, trapelato in passato.
- La nota di riscatto include un ID TOX precedentemente associato alle operazioni di LockBit.
- Numerosi indirizzi IP coinvolti nell’attacco coincidono con quelli utilizzati in attacchi precedenti da LockBit.
Le aziende che utilizzano dispositivi Fortinet devono agire tempestivamente per proteggersi da questa minaccia.
Da un’analisi su ShadowServer risultano migliaia di dispostivi esposti vulnerabili. In Italia 363 dispostivi.
Si raccomanda di:
- Applicare immediatamente le patch di sicurezza fornite da Fortinet per CVE-2024-55591 e CVE-2025-24472.
- Monitorare attentamente gli accessi al firewall e verificare la presenza di account sospetti.
- Analizzare i log di sistema per rilevare eventuali attività anomale, come tentativi di creazione di nuovi account o modifiche ai criteri di automazione.
La rapidità nell’adozione delle contromisure è cruciale per evitare di cadere vittima di attacchi ransomware come *SuperBlack*, che combinano strategie avanzate di attacco con una struttura altamente organizzata. Fortinet continua a monitorare la situazione e a fornire aggiornamenti per mitigare il rischio di nuove compromissioni.
L'articolo Il nuovo operatore ransomware Mora_001, sfrutta gli exploit di authentication bypass di Fortinet proviene da il blog della sicurezza informatica.
51 anni, russo-israeliano e genio del crimine. il talento tecnologico non ha limiti anagrafici
Che siano cybercriminali responsabili di migliaia di vittime in cinque anni di attività è un fatto indiscutibile, e questo deve restare ben impresso nelle nostre menti. Tuttavia, questa storia offre molti spunti di riflessione.
Tutti avrebbero immaginato un giovane hacker di 25 anni, smanettone, occhiali spessi e curvo sul computer. E invece, questa volta, tutto esce dagli schemi: dietro il ransomware più temuto al mondo, LockBit, c’è un programmatore di 51 anni.
Il 13 marzo 2025, il Dipartimento di Giustizia degli Stati Uniti (DOJ) ha annunciato l’estradizione di Rostislav Panev, cittadino russo-israeliano con doppia cittadinanza, che sarà processato per il suo ruolo di sviluppatore della banda del ransomware LockBit.
Dal 2019 al febbraio 2024, Panev avrebbe creato un malware utilizzato per aggirare i software di sicurezza, ne avrebbe facilitato la diffusione attraverso le reti e avrebbe supportato l’infrastruttura utilizzata per la distribuzione del ransomware e l’estorsione. I funzionari hanno dichiarato che Panev è stato pagato circa 230.000 dollari in criptovaluta per il suo lavoro.
Le autorità hanno arrestato Panev in Israele ad agosto del 2024, dopo che un’operazione di polizia internazionale contro l’infrastruttura di LockBit nel febbraio 2024 aveva portato alla sua estradizione. La National Crime Agency (NCA) del Regno Unito, il DOJ e il Federal Bureau of Investigation (FBI) hanno smantellato server e piattaforme fondamentali per le operazioni del gruppo. LockBit ha lanciato oltre 2.500 attacchi ransomware in 120 nazioni, di cui 1.800 negli Stati Uniti, colpendo settori come la sanità, l’istruzione, il governo e le infrastrutture critiche.
La banda ha estorto più di 500 milioni di dollari in riscatti e le vittime hanno subito ulteriori perdite legate ai tempi di inattività durante le operazioni e al ripristino.
L’arresto di Rostislav Panev, sviluppatore 51enne dietro il ransomware LockBit, manda in frantumi lo stereotipo secondo cui l’innovazione tecnologica è una prerogativa dei giovani. Spesso si pensa che chi supera i 50 anni abbia perso gli stimoli nelle attività tecnico-scientifiche o che non abbia le competenze per stare al passo con il mondo cyber, dominato da giovani talenti e hacker emergenti. Eppure, la mente dietro uno dei più devastanti ransomware della storia dimostra il contrario.
La cybercriminalità non ha età, e il caso Panev evidenzia come l’esperienza, l’adattabilità e la profonda conoscenza tecnica possano essere determinanti, anche – e soprattutto – in ambiti altamente complessi come lo sviluppo di malware avanzati. Il ransomware LockBit non è solo un software dannoso: è un’architettura criminale sofisticata, che ha colpito migliaia di vittime nel mondo, generando milioni di dollari in riscatti. Il fatto che dietro questa tecnologia ci fosse un professionista di 51 anni, e non un ventenne prodigio dell’hacking, dimostra che il valore delle competenze non si misura con l’età.
In un settore in cui spesso si sottovalutano le capacità delle generazioni più mature, il caso LockBit ci ricorda che il talento tecnologico non ha limiti anagrafici. Lo stesso vale per le professioni legate alla cybersecurity: le organizzazioni dovrebbero riconsiderare la loro percezione e dare più spazio all’esperienza, anziché cadere nel pregiudizio dell’innovazione legata solo alla giovane età.
L'articolo 51 anni, russo-israeliano e genio del crimine. il talento tecnologico non ha limiti anagrafici proviene da il blog della sicurezza informatica.
Simple Robot Assembled From E-Waste Actually Looks Pretty Cool
If you’re designing a robot for a specific purpose, you’re probably ordering fresh parts and going with a clean sheet design. If you’re just building for fun though, you can just go with whatever parts you have on hand. That’s how [Sorush Moradisani] approached building Esghati—a “robot made from garbage.”
The body of the robot is an old Wi-Fi router that was stripped clean, with the antenna left on for a classic “robot” look. The wheels are made out of old diffusers cut off of LED lamps. Two servos are used to drive the wheels independently, allowing the robot to be steered in a rudimentary tank-style fashion. Power is courtesy of a pair of 18650 lithium-ion cells. The brains of the robot is an ESP32-CAM—a microcontroller board which includes a built-in camera. Thanks to its onboard Wi-Fi, it’s able to host its own website that allows control of the robot and transmits back pictures from the camera. The ESP32 cam itself is mounted on the “head” on the robot for a good field of view. Meanwhile, it communicates with a separate Arduino Nano which is charged with generating pulses to run the drive servos. Code is on Github for the curious.
It’s not a complicated robot by any means—it’s pretty much just something you can drive around and look through the camera, at this stage. Still, it’s got plenty of onboard processing power and you could do a lot more with it. Plus, the wireless control opens up a lot of options. With that said, you’d probably get sick of the LED bulb wheels in short order—they offer precious little grip on just about any surface. Really, though, it just goes to show you how a bit of junk e-waste can make a cute robot—it almost has Wall-E vibes. Video after the break.
youtube.com/embed/d39NgJqNWr8?…
Current Mirrors Tame Common Mode Noise
If you’re the sort who finds beauty in symmetry – and I’m not talking about your latest PCB layout – then you’ll appreciate this clever take on the long-tailed pair. [Kevin]’s video on this topic explores boosting common mode rejection by swapping out the old-school tail resistor for a current mirror. Yes, the humble current mirror – long underestimated in DIY analog circles – steps up here, giving his differential amplifier a much-needed backbone.
So why does this matter? Well, in Kevin’s bench tests, this hack more than doubles the common mode rejection, leaping from a decent 35 dB to a noise-crushing 93 dB. That’s not just tweaking for tweaking’s sake; that’s taking a breadboard standard and making it ready for sensitive, low-level signal work. Instead of wrestling with mismatched transistors or praying to the gods of temperature stability, he opts for a practical approach. A couple of matched NPNs, a pair of emitter resistors, and a back-of-the-envelope resistor calculation – and boom, clean differential gain without the common mode muck.
If you want the nitty-gritty details, schematics of the demo circuits are on his project GitHub. Kevin’s explanation is equal parts history lesson and practical engineering, and it’s worth the watch. Keep tinkering, and do share your thoughts on this.
youtube.com/embed/MG1PXJ36-GA?…
Turning Down the Noise on SMPS
On paper, electricity behaves in easy-to-understand, predictable ways. That’s mostly because the wires on the page have zero resistance and the switching times are actually zero, whereas in real life neither of these things are true. That’s what makes things like switch-mode power supplies (SMPS) difficult to build and troubleshoot. Switching inductors and capacitors tens or hundreds of thousands of times a second (or more) causes some these difficulties to arise when these devices are built in the real world. [FesZ Electronis] takes a deep dive into some of the reasons these difficulties come up in this video.
The first piece of electronics that can generate noise in an SMPS are the rectifier diodes. These have a certain amount of non-ideal capacitance as well as which causes a phenomenon called reverse current, but this can be managed by proper component choice to somewhat to limit noise.
The other major piece of silicon in power supplies like this that drives noise are the switching transistors. Since the noise is generally caused by the switching itself, there is a lot that can be done here to help limit it. One thing is to slow down the amount of time it takes to transition between states, limiting the transients that form as a result of making and breaking connections rapidly. The other, similar to selecting diodes, is to select transistors that have properties (specifically relating to inherent capacitances) that will limit noise generation in applications like this.
Of course there is a lot more information as well as charts and graphs in [FesZ]’s video. He’s become well-known for deep dives into practical electrical engineering topics like these for a while now. We especially like his videos about impedance matching as well as a more recent video where he models a photovoltaic solar panel in SPICE.
youtube.com/embed/2Vi2MoN7Mhw?…
Cyber Inganno: Come l’AI Sta Trasformando GitHub in una Minaccia
Immagina di cercare un software utile su GitHub, magari un tool per ottimizzare il sistema o un cheat per un videogioco. Scarichi un file, lo esegui e… senza saperlo, hai appena installato un malware che ruba i tuoi dati più sensibili. Questa non è una storia ipotetica, ma una realtà concreta svelata recentemente da Trend Micro in un’indagine che mostra come i cybercriminali stiano sfruttando l’intelligenza artificiale per generare repository fasulli e diffondere malware come SmartLoader e Lumma Stealer.
Con repository ben costruiti e documentazione apparentemente credibile, gli hacker ingannano gli utenti e li spingono a scaricare software dannoso, il tutto sfruttando la fiducia che la community ripone in GitHub. In questo articolo approfondiremo il fenomeno e analizzeremo un caso concreto attraverso una rappresentazione visiva della rete di infezione.
GitHub Come Arma: L’Inganno con l’AI
La nuova frontiera dell’attacco informatico sfrutta l’AI per generare repository dall’aspetto autentico. Gli attaccanti non si limitano più a caricare file dannosi, ma creano intere pagine con README dettagliati, commit storici, finti problemi aperti e persino pull request false, rendendo difficile distinguere il codice reale da quello malevolo. Il trucco è semplice: mascherare il malware all’interno di file ZIP contenenti script Lua offuscati, che una volta eseguiti scaricano e attivano il payload finale.
I repository in questione promettono software molto richiesti, come strumenti di cracking, cheat per videogiochi e utility di sistema, attirando così utenti curiosi o in cerca di programmi gratuiti. Una volta scaricato ed eseguito il file, entra in azione SmartLoader, che funge da trampolino di lancio per Lumma Stealer, un malware specializzato nel furto di credenziali, criptovalute e dati personali.
Analisi della Rete di Infezione: Decifrare l’Attacco
Per comprendere meglio l’impatto di questa minaccia, analizziamo l’immagine caricata, che mostra una dettagliata rete di correlazioni tra vari indicatori di compromissione (IoC).
Nodo Centrale: L’Attaccante e il Malware
Al centro della rete troviamo un identificativo chiave: Walter Kurita, un probabile alias dell’attore della minaccia. Da qui si diramano connessioni verso due malware principali:
- SmartLoader, che funge da primo stadio dell’infezione, caricando il payload principale.
- Lumma Stealer, un infostealer avanzato progettato per rubare credenziali e dati sensibili.
Entrambi i malware sono collegati a una serie di TTP (Tactics, Techniques, and Procedures) del framework MITRE ATT&CK, che ne delineano le modalità operative, tra cui:
- Esecuzione di codice dannoso (script Lua offuscati)
- Esfiltrazione di credenziali (browser, wallet, 2FA)
- Comunicazione con server di comando e controllo (C2)
Infrastruttura di C2 e Diffusione
L’analisi dell’immagine rivela che il malware si connette a diversi indirizzi IP e domini malevoli, tra cui:
- pasteflawed.world
- 160.241.105.82
- 213.176.73.80
- 94.168.114.56, ecc.
Questi indirizzi sono usati per ricevere comandi e inviare dati rubati agli attaccanti. Inoltre, l’immagine evidenzia come i repository fake siano associati a diverse hash di file, suggerendo una distribuzione su larga scala con varianti del malware per eludere i controlli di sicurezza.
Perché Questa Minaccia è Così Pericolosa?
Questa campagna dimostra come gli attacchi informatici stiano diventando sempre più sofisticati e mirati. L’uso dell’AI per creare repository falsi rappresenta un’evoluzione pericolosa, perché sfrutta la reputazione di GitHub e la fiducia degli utenti.
I punti critici di questa minaccia includono:
- Evasione dei controlli di sicurezza: GitHub è considerato affidabile e raramente viene bloccato dagli antivirus.
- Scalabilità: grazie all’AI, gli attaccanti possono generare rapidamente nuovi repository dopo la rimozione di quelli segnalati.
- Diversificazione dei target: dagli sviluppatori ai gamer, chiunque può cadere vittima dell’inganno.
Come Proteggersi
Per non cadere in queste trappole, ecco alcune best practice fondamentali:
- Verificare sempre i repository GitHub: controllare chi li ha creati, leggere i commenti e verificare il numero di contributori.
- Evitare di scaricare software da fonti non verificate: se qualcosa sembra troppo bello per essere vero, probabilmente lo è.
- Utilizzare strumenti di sicurezza avanzati: soluzioni di threat intelligence possono individuare attività sospette.
- Mantenere i dispositivi aggiornati: aggiornare regolarmente il sistema operativo e il software di sicurezza.
- Formazione continua: essere consapevoli delle nuove minacce aiuta a non farsi ingannare.
Questa campagna, documentata da Trend Micro, è un chiaro esempio di come l’intelligenza artificiale stia cambiando il panorama delle minacce informatiche. L’uso di repository GitHub fasulli per distribuire malware dimostra l’importanza di un approccio di sicurezza sempre più proattivo.
Con l’evoluzione delle minacce, anche la nostra consapevolezza deve crescere. Prestare attenzione, adottare buone pratiche e utilizzare strumenti di difesa avanzati sono le chiavi per proteggersi in un mondo digitale sempre più insidioso.
L'articolo Cyber Inganno: Come l’AI Sta Trasformando GitHub in una Minaccia proviene da il blog della sicurezza informatica.
Recreating A Braun Classic With 3D Printing
Braun was once a mighty pillar of industrial design; a true titan of the mid-century era. Many of the company’s finest works have been forgotten outside of coffee table books and vintage shops. [Distracted by Design] wanted to bring one of the classics back to life—the Braun HL70 desk fan.
The original was quite a neat little device. It made the most of simple round shapes and was able to direct a small but refreshing stream of air across one’s desk on a warm day. In reality, it was probably bought as much for its sleek aesthetics as for its actual cooling ability.
Obviously, you can’t just buy one anymore, so [Distracted by Design] turned to 3D printing to make their own. The core of the build was a mains-powered motor yanked out of a relatively conventional desk fan. However, it was assembled into a far more attractive enclosure that was inspired by the Braun HL70, rather than being a direct copy. We get a look at both the design process and the final assembly, and the results are quite nice. It feels like a 2025 take on the original in a very positive sense.
Files are available on Printables for the curious. It’s not the first time we’ve contemplated fancy fans and their designs. Video after the break.
youtube.com/embed/dhpZZj1WnV4?…
Repairing a Legendary Elka Synthex Analog Synthesizer
Somehow, an Elka Synthex analog synthesizer made it onto [Mend it Mark]’s repair bench recently. It had a couple of dud buttons, and some keys produced the wrong tone. Remember, this is a completely analog synthesizer from the 1980s, so we’re talking basic 74LS chips and kin. Fortunately, Elka helped him with the complete repair manual, including schematics.
As usual, [Mark] starts by diagnosing the faults, using the schematics to mark the parts of the circuitry to focus on. Then, the synth’s bonnet is popped open to reveal its absolutely gobsmackingly delightful inner workings, with neatly modular PCBs attached to a central backplane. The entire unit is controlled by a 6502 MPU, with basic counter ICs handling tone generation, controlled by top panel settings.
The Elka Synthex is a polyphonic analog synthesizer produced from 1981 to 1985 and used by famous artists, including Jean-Michel Jarre. Due to its modular nature, [Mark] was quickly able to hunt down the few defective 74LS chips and replace them before testing the instrument by playing some synth tunes from Jean-Michel Jarre’s Oxygène album, as is proper with a 1980s synthesizer.
Looking for something simpler? Or, perhaps, you want something not quite that simple.
youtube.com/embed/EaWjzvzZ6WY?…
Ask Hackaday: What Would You Do With the World’s Smallest Microcontroller?
It’s generally pretty easy to spot a microcontroller on a PCB. There are clues aplenty: the more-or-less central location, the nearby crystal oscillator, the maze of supporting passives, and perhaps even an obvious flash chip lurking about. The dead giveaway, though, is all those traces leading to the chip, betraying its primacy in the circuit. As all roads lead to Rome, so it often is with microcontrollers.
It looks like that may be about to change, though, based on Texas Instruments’ recent announcement of a line of incredibly small Arm-based microcontrollers. The video below shows off just how small the MSPM0 line can be, ranging from a relatively gigantic TSSOP-20 case down to an eight-pin BGA package that measures only 1.6 mm by 0.86 mm. That’s essentially the size of an 0603 SMD resistor, a tiny footprint for a 24-MHz Cortex M0+ MCU with 16-kB of flash, 1-kB of SRAM, and a 12-bit ADC. The larger packages obviously have more GPIO brought out to pins, but even the eight-pin versions support six IO lines.
Of course, it’s hard not to write about a specific product without sounding like you’re shilling for the company, but being first to market with an MCU in this size range is certainly newsworthy. We’re sure other manufacturers will follow suit soon enough, but for now, we want to know how you would go about using a microcontroller the size of a resistor. The promo video hints at TI’s target market for these or compact wearables by showing them used in earbuds, but we suspect the Hackaday community will come up with all sorts of creative and fun ways to put these to use — shoutout to [mitxela], whose habit of building impossibly small electronic jewelry might be a good use case for something like this.
There may even be some nefarious use cases for a microcontroller this small. We were skeptical of the story about “spy chips” on PC motherboards, but a microcontroller that can pass for an SMD resistor might change that equation a bit. There’s also the concept of “Oreo construction” that these chips might make a lot easier. A board with a microcontroller embedded within it could be a real security risk, but on the other hand, it could make for some very interesting applications.
What’s your take on this? Can you think of applications where something this small is enabling? Or are microcontrollers that are likely to join the dust motes at the back of your bench after a poorly timed sneeze a bridge too far? Sound off in the comments below.
youtube.com/embed/pPQqsCg6vCQ?…
Build Your Own Air Mouse, Okay?
Are you using a desk mouse like some kind of… normal computer user? Why, beg the heavens? For you could be using an air mouse, of your very own creation! [Misfit Maker] shows the way. Check out what he made in the video below.
An air mouse is a mouse you use in the air—which creates at least one major challenge. Since you’re not sliding along a surface, you can’t track the motion by mechanical friction like a ball mouse or by imaging as in an optical mouse. Instead, this build relies on a gyroscope sensor to track motion and translate that into pointer commands. The build relies on an ESP32-C3 as the microcontroller at the heart of things. It communicates with an MPU6050 gyroscope and accelerometer to track motion in space. It then communicates as a human interface device over Bluetooth, so you can use it with lots of different devices. The mouse buttons—plus media control buttons—are all capacitive touch-sensitive, thanks to an MPR121 touch sensor module.
There’s something neat about building your own tools to interface with the machines, almost like it helps meld the system to your whims. We see a lot of innovative mouse and HID projects around these parts.
youtube.com/embed/-Z1N2IomKbg?…
Relativity Space Changes Course on Path to Orbit
In 2015, Tim Ellis and Jordan Noone founded Relativity Space around an ambitious goal: to be the first company to put a 3D printed rocket into orbit. While additive manufacturing was already becoming an increasingly important tool in the aerospace industry, the duo believed it could be pushed further than anyone had yet realized.
Rather than assembling a rocket out of smaller printed parts, they imagined the entire rocket being produced on a huge printer. Once the methodology was perfected, they believed rockets could be printed faster and cheaper than they could be traditionally assembled. What’s more, in the far future, Relativity might even be able to produce rockets off-world in fully automated factories. It was a bold idea, to be sure. But then, landing rockets on a barge in the middle of the ocean once seemed pretty far fetched as well.
Of course, printing something the size of an orbital rocket requires an exceptionally large 3D printer, so Relativity Space had to built one. It wasn’t long before the company had gotten to the point where they had successfully tested their printed rocket engine, and were scaling up their processes to print the vehicle’s propellant tanks. In 2018 Bryce Salmi, then an avionics hardware engineer at Relatively Space, gave a talk at Hackaday Supercon detailing the rapid progress the company had made so far.
Just a few years later, in March of 2023, the Relativity’s first completed rocket sat fueled and ready to fly on the launch pad. The Terran 1 rocket wasn’t the entirely printed vehicle that Ellis and Noone had imagined, but with approximately 85% of the booster’s mass being made up of printed parts, it was as close as anyone had ever gotten before.
The launch of Terran 1 was a huge milestone for the company, and even though a problem in the second stage engine prevented the rocket from reaching orbit, the flight proved to critics that a 3D printed rocket could fly and that their manufacturing techniques were sound. Almost immediately, Relativity Space announced they would begin work on a larger and more powerful successor to the Terran 1 which would be more competitive to SpaceX’s Falcon 9.
Now, after an administrative shakeup that saw Tim Ellis replaced as CEO, the company has released a nearly 45 minute long video detailing their plans for the next Terran rocket — and explaining why they won’t be 3D printing it.
Meet the New Boss
For the mainstream press, the biggest story has been that former Google chief Eric Schmidt would be taking over as Relativity’s CEO. Tim Ellis will remain on the company’s board, but likely won’t have much involvement in the day-to-day operation of the company. Similarly, co-founder Jordan Noone stepped down from chief technology officer to take on an advisory role back in 2020.
With the two founders of the company now sidelined, and despite the success of the largely 3D printed Terran 1, the video makes it clear that they’re pursuing a more traditional approach for the new Terran R rocket. At several points in the presentation, senior Relativity staffers explain the importance of remaining agile in the competitive launch market, and caution against letting the company’s historic goals hinder their path forward. They aren’t abandoning additive manufacturing, but it’s no longer the driving force behind the program.
For his part, The New York Times reports that Schmidt made a “significant investment” in Relativity Space to secure controlling interest in the company and his new position as CEO, although the details of the arrangement have so far not been made public. One could easily dismiss this move as Schmidt’s attempt to buy into the so-called “billionaire space race”, but it’s more likely he simply sees it as an investment in a rapidly growing industry.
Even before he came onboard, Relativity Space had amassed nearly $3 billion in launch contracts. Between his considerable contacts in Washington, and his time as the chair of the DoD’s Defense Innovation Advisory Board, it’s likely Schmidt will attempt to put Relativity the running for lucrative government launches as well.
All they need is a reliable rocket, and they’ll have a revenue stream for years.
Outsourcing Your Way to Space
In general, New Space companies like SpaceX and Rocket Lab have been far more open about their design and manufacturing processes than the legacy aerospace players. But even still, the video released by Relativity Space offers an incredibly transparent look at how the company is approaching the design of Terran R.
One of the most interesting aspects of the rocket’s construction is how many key components are being outsourced to vendors. According to the video, Relativity Space has contracted out the manufacturing of the aluminium “domes” that cap off the propellant tanks, the composite overwrapped pressure vessels (COPVs) that hold high pressure helium at cryogenic temperatures, and even the payload fairings.
This isn’t like handing the construction of some minor assemblies off to a local shop — these components are about as flight-critical as you can possibly get. In 2017, SpaceX famously lost one of their Falcon 9 rockets (and its payload) in an explosion on the launch pad due to a flaw in one of the booster’s COPVs. It’s believed the company ultimately brought production of COPVs in-house so they could have complete control of their design and fabrication.
Farming out key components of Terran R to other, more established, aerospace companies is a calculated risk. On one hand, it will allow Relativity Space to accelerate the booster’s development time, and in this case time is very literally money. The sooner Terran R is flying, the sooner it can start bringing in revenue. The trade-off is that their launch operations will become dependent on the performance of said companies. If the vendor producing their fairings runs into a production bottleneck, there’s little Relativity Space can do but wait. Similarly, if the company producing the propellant tank domes decides to raise their prices, that eats into profits.
For the long term security of the project, it would make the most sense for Relativity to produce all of Terran R’s major components themselves. But at least for now, the company is more concerned with getting the vehicle up and running in the most expedient manner possible.
Printing Where it Counts
In some cases, this is where Relativity is still banking on 3D printing in the long term. As explained in the video by Chief Technology Officer Kevin Wu, they initially planned on printing the propellant tank domes out of aluminum, but found that they couldn’t produce them at a fast enough rate to support their targeted launch cadence.
At the same time, the video notes that the state-of-the-art in metal printing is a moving target (in part thanks to their own research and development), and that they are continuing to improve their techniques in parallel to the development of Terran R. It’s not hard to imagine a point in the future where Relativity perfects printing the tank domes and no longer needs to outsource them.
While printing the structural components of the rocket hasn’t exactly worked out as Relativity hoped, they are still fully committed to printing the booster’s Aeon R engines. Printing the engine not only allows for rapid design iteration, but the nature of additive manufacturing makes it easy to implement features such as integrated fluid channels which would be difficult and expensive to produce traditionally.
Of course, Relativity isn’t alone in this regard. Nearly every modern rocket engine is using at least some 3D printed components for precisely the same reasons, and they have been for some time now.
Which in the end, is really the major takeaway from Relativity’s update video. Though the company started out with an audacious goal, and got very close to reaching it, in the end they’ve more or less ended up where everyone else in aerospace finds themselves in 2025. They’ll use additive manufacturing where it makes sense, partner with outside firms when necessary, and use traditional manufacturing methods where they’ve proven to be the most efficient.
It’s not as exciting as saying you’ll put the world’s first 3D printed rocket into space, to be sure. But it’s the path that’s the most likely to get Terran R on the launch pad within the next few years, which is where they desperately need to be if they’ll have any chance of catching up to the commercial launch providers that are already gobbling up large swaths of the market.
Postcard from Washington: MAGA on tech
WELCOME BACK TO DIGITAL POLITICS. I'm Mark Scott, and the newsletter skews hard toward North America this week. As a counterweight: I'm in Geneva on March 24 to talk about data governance and tech sovereignty — if anyone is in town and wants to say hi.
— The new White House administration is finding its feet on digital policy. Its approach to greater oversight (or lack of it) is not as clear cut as you may think.
— Canada is gearing up for a snap nationwide election. Officials are worried about foreign interference from Russia, China... and the United States.
— The European Union announced a series of 'AI Factories' to jumpstart the bloc's use of artificial intelligence infrastructure to boost growth.
Let's get started:
Postcard from Washington: MAGA on tech
WELCOME BACK TO DIGITAL POLITICS. I'm Mark Scott, and the newsletter skews hard toward North America this week. As a counterweight: I'm in Geneva on March 24 to talk about data governance and tech sovereignty — if anyone is in town and wants to say hi.
— The new White House administration is finding its feet on digital policy. Its approach to greater oversight (or lack of it) is not as clear cut as you may think.
— Canada is gearing up for a snap nationwide election. Officials are worried about foreign interference from Russia, China... and the United States.
— The European Union announced a series of 'AI Factories' to jumpstart the bloc's use of artificial intelligence infrastructure to boost growth.
Let's get started:
3D Printed Brick Layers for Everyone
Some slicers have introduced brick layers, and more slicers plan to add them. Until that happens, you can use this new script from [Geek Detour] to get brick layer goodness on Prusa, Orca, and Bambu slicers. Check out the video below for more details.
The idea behind brick layers is that outer walls can be stronger if they are staggered vertically so each layer interlocks with the layer below it. The pattern resembles a series of interlocking bricks and can drastically increase strength. Apparently, using the script breaks the canceling object functionality in some printers, but that’s a small price to pay. Multi-material isn’t an option either, but — typically — you’ll want to use the technique on functional parts, which you probably aren’t printing in colors. Also, the Arachne algorithm option only works reliably on Prusa slicer, so far.
The video covers a lot of detail on how hard it was to do this in an external script, and we are impressed. It should be easier to write inside the slicer since it already has to figure out much of the geometry that this script has to figure out by observation.
If you want more information, we’ve covered brick layers (and the controversy around them) back in November. Of course, scripts that add functions to slicers, tend to get outdated once the slicers catch up.
youtube.com/embed/qqJOa46OTTs?…
A 6502, In The Shell
Shell scripting is an often forgotten programming environment, relegated to simple automation tasks and little else. In fact, it’s possible to achieve much more complex tasks in the shell. As an example, here’s [calebccf] with an emulated 6502 system in a busybox ash shell script.
What’s in the emulator? A simple 6502 system with RAM, ROM, and an emulated serial port on STDIO. It comes with the wozmon Apple 1 monitor and BASIC, making for a very mid-1970s experience. There’s even a built-in monitor and debugger, which from our memories of debugging hand-assembled 8-bit code back in the day, should be extremely useful.
Although the default machine has a generous 32k of RAM and 16k ROM, you can easily adjust these limits by editing machine.sh. In addition, you can get a log of execution via a socket if you like. Don’t expect it to run too fast, and we did have to adjust the #! line to get it to run on our system (we pointed it to bash, but your results may vary).
What you use this for is up to you, but we’re sure you’ll all agree it’s an impressive feat in the shell. It’s not the first time we’ve seen some impressive feats there, though. Our Linux Fu column does a lot with the shell if you want further inspiration.
Non Sono Chiacchiere! L’ennesimo Ospedale Offline e 12.000 persone del bacino a rischio
Uno stato della Micronesia è stato colpito da un attacco ransomware che ha messo fuori uso l’intera rete informatica del ministero della Salute locale. Secondo le autorità, gli hacker sono penetrati nel sistema l’11 marzo, dopodiché la rete è stata completamente disattivata per motivi di sicurezza e tutti i computer sono stati spenti per prevenire ulteriori danni.
Ai residenti dello stato di Yap, che ha una popolazione di circa 12.000 abitanti, è stato detto che il dipartimento sanitario non ha più accesso ad internet e tutti i sistemi medici digitali e i server di posta elettronica non sono disponibili.
Le autorità hanno assicurato che i servizi medici continuano a essere forniti, ma la loro velocità è notevolmente diminuita a causa delle violazioni verificatesi.
L'attacco informatico interrompe i servizi sanitari di Yap, il dipartimento lavora per ripristinare i sistemi
12 marzo 2025, /// DYCA PIO
L'11 marzo 2025, alle 15:00, l'unità IT del Dipartimento dei servizi sanitari di Yap ha rilevato un attacco informatico ransomware sulla rete. In risposta, l'intera rete è stata messa offline. Di conseguenza, il Dipartimento ora non ha connettività Internet e tutti i computer sono stati disattivati per prevenire ulteriori danni. Il DHS sta lavorando con il Dipartimento della salute e degli affari sociali dell'FSM e con appaltatori IT privati per valutare l'entità dell'infiltrazione, determinare quali dati sono stati violati e ripristinare i servizi online il prima possibile al momento.
Le comunicazioni e-mail tramite i server sanitari e tutti i sistemi sanitari digitali sono stati interrotti. Il Dipartimento ha rassicurato il pubblico che i servizi continuano, ma ha chiesto pazienza e comprensione poiché i servizi saranno più lenti di prima a causa delle interruzioni. Il Dipartimento pubblicherà aggiornamenti man mano che la situazione si evolve.
L’agenzia sta attualmente collaborando con appaltatori IT privati e agenzie governative per ripristinare il sistema e determinare l’entità della penetrazione. Al momento nessun gruppo ha rivendicato la responsabilità dell’attacco.
La Micronesia, che comprende quattro stati (Yap, Chuuk, Pohnpei e Kusaie) e oltre 600 isole, non è estranea agli attacchi informatici. Negli ultimi anni si è registrato un aumento di incidenti di questo tipo nella regione. Nel 2024, gli hacker criminali hanno effettuato un attacco sul Ministero delle Finanze di Palau, e nel 2023 si è verificata una serie di attacchi informatici alle isole del Pacifico, in particolare sull’isola Tonga, Guadalupa e Vanuatu.
Il ransomware sta prendendo sempre più di mira le nazioni più piccole, dotate di risorse limitate per proteggere l’infrastruttura di rete, lasciando i sistemi vulnerabili agli hacker che utilizzano metodi di attacco sofisticati per estorcere denaro e compromettere i dati.
L'articolo Non Sono Chiacchiere! L’ennesimo Ospedale Offline e 12.000 persone del bacino a rischio proviene da il blog della sicurezza informatica.
Gli Hacker Nordcoreani impiantano malware nelle App del PlayStore
Gli esperti di Lookout hanno scoperto un nuovo spyware per Android chiamato KoSpy. Il malware è collegato agli hacker nordcoreani ed è stato trovato nello store ufficiale di Google Play e nello store di terze parti APKPure come parte di almeno cinque app.
Secondo i ricercatori, lo spyware è collegato al gruppo nordcoreano APT37 (noto anche come ScarCruft). La campagna che utilizza questo malware è attiva da marzo 2022 e, a giudicare dai campioni di malware, gli hacker stanno attivamente migliorando il loro sviluppo.
La campagna di spionaggio è rivolta principalmente agli utenti coreani e di lingua inglese. KoSpy si maschera da file manager, strumenti di sicurezza e aggiornamenti per vari software.
In totale, gli esperti di Lookout hanno trovato cinque applicazioni: 휴대폰 관리자 (Phone Manager), File Manager (com.file.exploer), 스마트 관리자 (Smart Manager), 카카오 보안 (Kakao Security) e Software Update Utility.
Quasi tutte le app dannose forniscono effettivamente almeno alcune delle funzionalità promesse, ma scaricano anche KoSpy in background. L’unica eccezione è Kakao Security. Questa app mostra solo una finta finestra di sistema, chiedendo l’accesso a permessi pericolosi.
I ricercatori attribuiscono la campagna ad APT37 basandosi sugli indirizzi IP precedentemente associati alle operazioni degli hacker nordcoreani, sui domini utilizzati per distribuire il malware Konni e sulle infrastrutture che si sovrappongono a un altro gruppo di hacker nordcoreano, APT43.
Una volta attivato su un dispositivo, KoSpy recupera un file di configurazione crittografato dal database Firebase Firestore per evitare di essere rilevato.
Il malware si connette quindi al server di comando e controllo e verifica se è in esecuzione nell’emulatore. Il malware può ricevere impostazioni aggiornate dal server degli aggressori, payload aggiuntivi da eseguire e può anche essere attivato o disattivato dinamicamente utilizzando uno speciale interruttore.
KoSpy si concentra principalmente sulla raccolta dati, le sue capacità sono le seguenti:
- intercettazione di SMS e registri delle chiamate;
- Monitoraggio GPS in tempo reale della posizione della vittima;
- lettura e recupero di file dall’archiviazione locale;
- utilizzo del microfono del dispositivo per registrare l’audio;
- utilizzo della fotocamera del dispositivo per scattare foto e registrare video;
- creazione di screenshot dello schermo del dispositivo;
- Intercettazione di sequenze di tasti utilizzando i Servizi di accessibilità Android.
Ogni app utilizza un progetto e un server Firebase separati per “drenare” i dati, che vengono crittografati con una chiave AES codificata prima della trasmissione.
Sebbene le app dannose siano state rimosse da Google Play e APKPure, i ricercatori avvertono che gli utenti dovranno rimuovere manualmente il malware dai loro dispositivi e anche scansionare i loro gadget con strumenti di sicurezza per eliminare qualsiasi infezione residua. In alcuni casi potrebbe essere necessario ripristinare le impostazioni di fabbrica
L'articolo Gli Hacker Nordcoreani impiantano malware nelle App del PlayStore proviene da il blog della sicurezza informatica.
Gli Hacktivisti di Anonymous Italia colpiscono nuovi obiettivi in Russia
Negli ultimi mesi, il panorama dell’hacktivismo cibernetico ha visto un’intensificazione degli scontri tra gruppi di hacktivisti con orientamenti geopolitici opposti. In particolare, abbiamo visto il collettivo filorusso NoName057(16) impegnato in una serie di attacchi informatici ai danni dell’Italia, colpendo anche diversi obiettivi istituzionali.
Questa volta, il gruppo di hacktivisti italiani, Anonymous Italia, ha colpito recentemente differenti obiettivi russi, effettuando attacchi attraverso la tecnica del “deface”.
Defacement vs DDoS: Due Tecniche a Confronto
Nel panorama dell’hacktivismo cibernetico, le tecniche di attacco utilizzate dai gruppi hacker variano in base agli obiettivi e alle strategie adottate.
Due delle metodologie più diffuse sono il defacement e gli attacchi Distributed Denial-of-Service (DDoS), strumenti con finalità differenti ma entrambi capaci di generare impatti significativi sulle infrastrutture digitali. Mentre il defacement mira a modificare il contenuto di un sito web per trasmettere un messaggio politico o ideologico, il DDoS ha lo scopo di sovraccaricare un servizio online fino a renderlo inaccessibile.
Negli scontri tra hacktivisti, queste due tecniche sono state ampiamente utilizzate per colpire obiettivi avversari. Ad esempio Anonymous Italia preferisce il defacement, alterando i siti per diffondere specifici contenuti di interesse politico. Altri hacktivisti (come i filorussi di NoName057(16) o Killnet) hanno adottato il DDoS per colpire siti governativi e infrastrutture critiche causando disservizi temporanei.
La tecnica del Deface
Il defacement è una tecnica di attacco informatico in cui un aggressore modifica il contenuto di un sito web senza autorizzazione, sostituendo le pagine originali con messaggi politici, propaganda o semplici segni distintivi della propria attività. Questo tipo di attacco viene spesso utilizzato da gruppi hacktivisti per diffondere messaggi ideologici o da cyber criminali per danneggiare la reputazione di un’organizzazione.♦
Tuttavia, il defacement non è solo una questione di immagine: per poter alterare il contenuto di un sito, l’attaccante deve prima comprometterne la sua sicurezza. Questo avviene generalmente attraverso due metodi principali:
- Accesso con credenziali amministrative rubate o deboli – Gli hacker potrebbero ottenere le credenziali di accesso attraverso phishing, log di infostealer, canali telegram, credenziali predefinite mai cambiate o attacchi di forza bruta. Una volta ottenuto l’accesso, possono alterare le pagine del sito con estrema facilità
- Sfruttamento di vulnerabilità del software – Alcuni attacchi di defacement avvengono tramite Remote Code Execution (RCE) o altre vulnerabilità critiche nei CMS (Content Management System) o nei server web. Se il software della piattaforma non è aggiornato o presenta falle di sicurezza, un attaccante può eseguire comandi arbitrari sul sistema e modificare i file del sito.
Quando un sito subisce un defacement, è fondamentale non limitarsi a ripristinare il contenuto originale, ma avviare un’operazione di Incident Response per comprendere l’entità dell’attacco. L’attaccante potrebbe aver effettuato movimenti laterali all’interno della rete, compromettendo dati e sistemi collegati.
Hacktivismo cibernetico e legge
Come abbiamo visto, l’hacktivismo cibernetico rappresenta l’unione tra hacking e attivismo politico o sociale, utilizzando strumenti digitali per promuovere cause, denunciare ingiustizie o opporsi a governi e aziende. Gli hacktivisti impiegano tecniche di attacco informatico per attirare l’attenzione pubblica su questioni etiche, politiche o ambientali. Tuttavia, nonostante l’intento possa essere mosso da ideali di giustizia, queste azioni si scontrano spesso con le normative vigenti, che le considerano alla stregua di atti di criminalità informatica.
Mentre alcuni Stati tollerano certe forme di attivismo digitale se non causano danni diretti, la maggior parte delle legislazioni equipara gli attacchi informatici a crimini gravi, punibili con pene severe. Norme come il Computer Fraud and Abuse Act (CFAA) negli Stati Uniti o il Regolamento Generale sulla Protezione dei Dati (GDPR) in Europa vengono spesso usate per perseguire gli hacktivisti, anche quando le loro azioni mirano a esporre violazioni dei diritti umani o corruzione.
L’equilibrio tra sicurezza nazionale, libertà di espressione e diritto all’informazione è al centro delle discussioni legali sull’hacktivismo. Mentre alcuni lo vedono come una forma di protesta legittima nell’era digitale, altri lo considerano una minaccia alla stabilità informatica e alla privacy. La sfida per i legislatori è definire confini chiari tra atti di dissenso digitale e crimini informatici, garantendo che la repressione dell’hacktivismo non diventi un pretesto per limitare la libertà di espressione e il diritto all’accesso alle informazioni.
L'articolo Gli Hacktivisti di Anonymous Italia colpiscono nuovi obiettivi in Russia proviene da il blog della sicurezza informatica.
The Amiga No One Wanted
The Amiga has a lot of fans, and rightly so. The machine broke a lot of ground. However, according to [Dave Farquhar], one of the most popular models today — the Amiga 600 — was reviled in 1992 by just about everyone. One of the last Amigas, it was supposed to be a low-cost home computer but was really just a repackaged Amiga 1000, a machine already seven years old which, at the time, might as well have been decades. The industry was moving at lightspeed back then.
[Dave] takes a look at how Commodore succeeded and then lost their way by the time the 600 rolled out. Keep in mind that low-cost was a relative term. A $500 price tag was higher than it seems today and even at that price, you had no monitor or hard drive. So at a $1,000 for a practical system you might as well go for a PC which was taking off at the same time.
By the time Commodore closed down, they had plenty of 600s left, but they also had refurbished 500s, and for many, that was the better deal. It was similar to the 500 but had more features, like an external port and easy memory expansion. Of course, both machines used the Motorola 68000. While that CPU has a lot of great features, by 1992, the writing was on the wall that the Intel silicon would win.
Perhaps the biggest issue, though, was the graphics system. The original Amiga outclassed nearly everything at the time. But, again, the industry was moving fast. The 600 wasn’t that impressive compared to a VGA. And, as [Dave] points out, it couldn’t run DOOM.
There’s more to the post. Be sure to check it out. It is a great look into the history of the last of a great line of machines. Maybe if Commodore had embraced PC interfaces, but we’ll never know. [Dave’s] take on the end of the Amiga echos others we’ve read. It wasn’t exactly Doom that killed the Amiga. It was more complicated than that. But Doom would have helped.
Wire Recording Speaks Again
If you think of old recording technology, you probably think of magnetic tape, either in some kind of cassette or, maybe, on reels. But there’s an even older technology that recorded voice on hair-thin stainless steel wire and [Mr. Carlson] happened upon a recorded reel of wire. Can he extract the audio from it? Of course! You can see and hear the results in the video below.
It didn’t hurt that he had several junk wire recorders handy, although he thought none were working. It was still a good place to start since the heads and the feed are unusual to wire recorders. Since the recorder needed a little work, we also got a nice teardown of that old device. The machine was missing belts, but some rubber bands filled in for a short-term fix.
The tape head has to move to keep the wire spooled properly, and even with no audio, it is fun to watch the mechanism spin both reels and move up and down. But after probing the internal pieces, it turns out there actually was some audio, it just wasn’t making it to the speakers.
The audio was noisy and not the best reproduction, but not bad for a broken recorder that is probably at least 80 years old. We hope he takes the time to fully fix the old beast later, but for now, he did manage to hear what was “on the wire,” even though that has a totally different meaning than it usually does.
It is difficult to recover wire recordings, just as it will be difficult to read modern media one day. If you want to dive deep into the technology, we can help with that, too.
youtube.com/embed/WJUOWRTBf0I?…
Hackaday Links: March 16, 2025
“The brickings will continue until the printer sales improve!” This whole printer-bricking thing seems to be getting out of hand with the news this week that a firmware update caused certain HP printers to go into permanent paper-saver mode. The update was sent to LaserJet MFP M232-M237 models (opens printer menu; checks print queue name; “Phew!) on March 4, and was listed as covering a few “general improvements and bug fixes,” none of which seem very critical. Still, some users reported not being able to print at all after the update, with an error message suggesting printing was being blocked thanks to non-OEM toner. This sounds somewhat similar to the bricked Brother printers we reported on last week (third paragraph).
The trouble is, some users are reporting the problem even if they had genuine HP toner installed. Disturbingly, HP support seems to be fine with this, saying that older HP toner “may no longer be recognized due to new security measures.” Well, there’s your problem, lady! The fix, of course, is to buy yet more genuine HP toner, even if your current cartridge still has plenty of life left in it. That’s a pretty deplorable attitude on HP’s part, and more than enough reason to disable automatic firmware updates, or better yet, just disconnect your printer from the Internet altogether.
Here’s a pro-tip for all you frustrated coders out there: no matter how hard the job gets, planting a logic bomb in your code is probably not the right way to go. That’s the lesson that one Davis Lu learned after being convicted of “causing intentional damage to protected computers” thanks to malicious code he planted in his employer’s system. Apparently not optimistic about his future prospects with Eaton Corp. back in 2018, Lu started adding code designed to run a series of infinite loops to delete user profiles. He also went for the nuclear option, adding code to shut the whole system down should it fail to find an Active Directory entry for him. That code was apparently triggered on the day he was fired in 2019, causing global problems for his former employer. Look, we’ve all been there; coding is often lonely work, and it’s easy to fantasize about coding up something like this and watching them squirm once they fire you. But if it gets that bad, you should probably put that effort into finding a new gig.
Then again, maybe the reason you’re dissatisfied with your coding job is that you know some smart-ass LLM is out there waiting to tell you that you don’t know how to code. That’s what happened to one newbie Cursor user who tried to get help writing some video game code from the AI code editor. The LLM spat back about 750 lines of code but refused to reveal the rest, and when he asked to explain why, it suggested that he should develop the logic himself so that he’d be able to understand and maintain the code, and that “Generating code for others can lead to dependency and reduced learning opportunities.” True enough, but do we really need our AI tools to cop an attitude?
And finally, if you’re anything like us, you’re really going to love this walking tour of a container ship’s mechanical spaces. The ship isn’t named, but a little sleuthing suggests it’s one of the Gülsün-class ships built for MSC in 2019, possibly the MSC Mina, but that’s just a guess. This 400-meter monster can carry 23,656 twenty-foot equivalent units, and everything about it is big. Mercifully, the tour isn’t narrated, not that it would have been possible, thanks to the screaming equipment in the engine room. There are captions, though, so you’ll at least have some idea of what you’re looking at in the immaculately clean and cavernously huge spaces. Seriously, the main engine room has to have at least a dozen floors; being on the engineering crew must mean getting your steps in every day. The most striking thing about the tour was that not a single other human being was visible during the entire hour. We suppose that’s just a testament to how automated modern vessels have become, but it still had a wonderfully creepy liminal feeling to it. Enjoy!
Blue Ghost Watches Lunar Eclipse from the Lunar Surface
After recently landing at the Moon’s Mare Crisium, Firefly’s Blue Ghost lunar lander craft was treated to a spectacle that’s rarely observed: a total solar eclipse as seen from the surface of the Moon. This entire experience was detailed on the Blue Ghost Mission 1 live blog. As the company notes, this is the first time that a commercial entity has been able to observe this phenomenon.
During this event, the Earth gradually moved in front of the Sun, as observed from the lunar surface. During this time, the Blue Ghost lander had to rely on its batteries as it was capturing the solar eclipse with a wide-angle camera on its top deck.
Unlike the Blood Moon seen from the Earth, there was no such cool effect observed from the Lunar surface. The Sun simply vanished, leaving a narrow ring of light around the Earth. The reason for the Blood Moon becomes obvious, however, as the refracting of the sunlight through Earth’s atmosphere changes the normal white-ish light to shift to an ominous red.
The entire sequence of images captured can be observed in the video embedded on the live blog and below, giving a truly unique view of something that few humans (and robots) have so far been able to observe.
You can make your own lunar eclipse. Or, make your own solar eclipse, at least once a day.
youtube.com/embed/M2P-z_cXsOs?…
Inside a “Budget” Current Probe
Current measurements are not as handy as voltage measurements. You typically need to either measure the voltage across something and do some math or break the circuit so a known resistor in your instrument develops a voltage your meter measures and converts for you. However, it is possible to get non-contact current probes. They are generally pricey, but [Kerry Wong] shows us one under $200 and, thus, budget compared to similar probes. Check out the review in the video below.
The OWON unit has three ranges: 4 A, 40 A, and 400 A. It claims a resolution of 10 mA and a bandwidth of 200 kHz. It requires a 9 V battery, which [Kerry] suspects won’t last very long given the rated power consumption number, although the measured draw was not as high as claimed. The specs aren’t great — this seems to be little more than a current probe meter with a connector for an oscilloscope, but if it meets your needs, that could be acceptable.
Stay tuned for the end if you want to see the insides. There’s not much on the PCB’s top side. There’s a hall-effect sensor, some adjustment pots, and an op amp. The other side of the board has many more components, but the circuit is purely analog.
It made us wonder if we should nip down to the local cheap tool store and buy a $40 meter with similar specs. It seems like you could find a spot to tap a voltage from that and save quite a bit of money.
It is possible to create a probe that doesn’t break the bank and manages at least 2 MHz of bandwidth. Or, make your own for about $25, although we can’t vouch for the specs on that one.
youtube.com/embed/ieQ-yPHMdo8?…
Transmitting Wireless Power Over Longer Distances
Everyone loves wireless power these days, almost vindicating [Tesla’s] push for wireless power. One reason why transmitting electricity this way is a terrible idea is the massive losses involved once you increase the distance between transmitter and receiver. That said, there are ways to optimize wireless power transfer using inductive coupling, as [Hyperspace Pirate] demonstrates in a recent video.
Starting with small-scale proof of concept coils, the final version of the transmitter is powered off 120 VAC. The system has 10 kV on the coil and uses a half-bridge driver to oscillate at 145 kHz. The receiver matches this frequency precisely for optimal efficiency. The transmitting antenna is a 4.6-meter hexagon with eight turns of 14 AWG wire. During tests, a receiver of similar size could light an LED at a distance of 40 meters with an open circuit voltage of 2.6 V.
Although it’s also an excellent example of why air core transformers like this are lousy for efficient remote power transfer, a fascinating finding is that intermediate (unpowered) coils between the transmitter and receiver can help to boost the range due to coupling effects. Even if it’s not a practical technology (sorry, [Tesla]), it’s undeniable that it makes for a great science demonstration.
Of course, people do charge phones wirelessly. It works, but it trades efficiency for convenience. Modern attempts at beaming power around seem to focus more on microwaves or lasers.
youtube.com/embed/adTKHcrOzMU?…
A Look at the Panasonic FS-A1FM
MSX computers were not very common in the United States, and we didn’t know what we were missing when they were popular. [Re:Enthused] shows us what would have been a fine machine in its day: a Panasonic FS-A1FM. Have a look at the video below to see the like-new machine.
The machine isn’t just an ordinary MSX computer. The keyboard is certainly unique, and it has an integrated floppy drive and a 1200-baud modem. The case proudly proclaims that the floppy is both double-sided and double-density. Like most MSX computers, it had a plethora of ports and, of course, a cartridge slot. Unfortunately, the machine looks great but has some problems that have not been repaired yet, so we didn’t get to see it running properly.
He was able to get to the MSX-DOS prompt to show along with the BIOS menu. We hope he manages to get the keyboard working, and we were glad to see another computer from that era we had not seen before.
We don’t think anyone made one at the time, but we’ve seen a modern take on a luggable MSX. Of course, you can emulate the whole thing on a Pi and focus on the aesthetics.
youtube.com/embed/80TtLHtVheI?…
A Hacker’s Approach to All Things Antenna
When your homebrew Yagi antenna only sort-of works, or when your WiFi cantenna seems moody on rainy days, we can assure you: it is not only you. You can stop doubting yourself once and for all after you’ve watched the Tech 101: Antennas webinar by [Dr. Jonathan Chisum].
[Jonathan] breaks it all down in a way that makes you want to rip out your old antenna and start fresh. It goes further than textbook theory; it’s the kind of knowledge defense techs use for real electronic warfare. And since it’s out there in bite-sized chunks, we hackers can easily put it to good use.
The key takeaway is that antenna size matters. Basically, it’s all about wavelength, and [Jonathan] hammers home how tuning antenna dimensions to your target frequency makes or breaks your signal. Whether you’re into omnis (for example, for 360-degree drone control) or laser-focused directional antennas for secret backyard links, this is juicy stuff.
If you’re serious about getting into RF hacking, watch this webinar. Then dig up that Yagi build, and be sure to send us your best antenna hacks.
youtube.com/embed/EFLLjtZUjuc?…
Chatbot cinese DeepSeek usato per sviluppare keylogger e ransomware con poca review
I ricercatori di Tenable hanno studiato la capacità del chatbot cinese DeepSeek di sviluppare malware (keylogger e ransomware). Il chatbot DeepSeek R1 è apparso a gennaio di quest’anno e da allora è riuscito a far molto rumore, anche a causa delle possibilità di jailbreaking.
Come tutti i principali LLM, DeepSeek è dotato di meccanismi di sicurezza per impedire che venga utilizzato per scopi dannosi, come la creazione di malware. Tuttavia, queste restrizioni possono essere aggirate abbastanza facilmente.
Quando gli viene chiesto direttamente di scrivere codice per un keylogger o un ransomware, DeepSeek si rifiuta di farlo, sostenendo di non poter aiutare con qualcosa che potrebbe essere dannoso o illegale.
Tuttavia, Tenable ha utilizzato un jailbreak per indurre il chatbot a scrivere codice dannoso e ha sfruttato le funzionalità CoT (chain-of-thought) di DeepSeek per migliorare i risultati.
La CoT imita il pensiero umano quando risolve problemi complessi, scomponendoli in passaggi sequenziali da seguire per raggiungere un obiettivo. Con il CoT, l’intelligenza artificiale “pensa ad alta voce” fornendo una descrizione dettagliata del suo processo di ragionamento.
Quando i ricercatori hanno utilizzato DeepSeek per creare un keylogger, l’intelligenza artificiale ha elaborato un piano per completare l’attività e poi ha preparato il codice C++. Il codice risultante era scritto con degli errori e il chatbot non è stato in grado di correggerne alcuni per creare un malware completamente funzionante senza l’intervento umano.
Tuttavia, dopo piccole modifiche, il codice keylogger generato da DeepSeek ha funzionato, intercettando i tasti premuti dall’utente. I ricercatori hanno poi utilizzato DeepSeek per migliorare ulteriormente il malware risultante, in particolare per ottenere una maggiore furtività e crittografarne i registri.
Per quanto riguarda lo sviluppo del ransomware, DeepSeek ha prima descritto l’intero processo e poi è riuscito a generare diversi campioni di malware per la crittografia dei file, ma nessuno di essi è stato compilato senza modificare manualmente il codice.
Grazie a ciò, i ricercatori sono riusciti a far funzionare alcuni campioni di ransomware. Il malware era dotato di meccanismi per elencare i file e mantenerli persistenti nel sistema, e visualizzava anche una finestra di dialogo che informava la vittima di essere sotto attacco ransomware.
“In pratica, DeepSeek è in grado di creare la struttura di base per il malware. Tuttavia, non è possibile farlo senza un’ulteriore progettazione e modifica manuale del codice per ottenere funzionalità più avanzate. Ad esempio, DeepSeek non è riuscito a implementare l’offuscamento dei processi. Siamo riusciti a far funzionare il codice di iniezione DLL generato, ma ha richiesto molto lavoro manuale, Tuttavia, DeepSeek fornisce una raccolta utile di tecniche e termini di ricerca che possono aiutare chi non ha esperienza nella scrittura di malware a familiarizzare rapidamente con i concetti coinvolti”, conclude Tenable.
L'articolo Chatbot cinese DeepSeek usato per sviluppare keylogger e ransomware con poca review proviene da il blog della sicurezza informatica.
Repairing a Kodak Picture Maker Kiosk
Photo-printing kiosks are about as common as payphones these days. However, there was a time when they were everywhere. The idea was that if you didn’t have a good printer at home, you could take your digital files to a kiosk, pay your money, and run off some high-quality images. [Snappiness] snagged one, and if you’ve ever wondered what was inside of one, here’s your chance.
While later models used a Windows PC inside, this one is old enough to have a Sun computer. That also means that it had things like PCMCIA slots and a film scanner. Unfortunately, it wasn’t working because of a bad touch screen. The box was looking for a network on boot, which required some parameter changes. The onboard battery is dead, too, so you have to change the parameters on every boot. However, the real killer was the touchscreen, which the software insists on finding before it will start.
The monitor is an old device branded as a Kodak monitor and, of course, is unavailable. [Snappiness] found pictures of another kiosk online and noted that the monitor was from Elo, a common provider of point-of-sale screens. Could the “Kodak” monitor just be an Elo with a new badge? It turns out it probably was because a new Elo monitor did the trick.
Of course, what excited us was that if we found one of these in a scrap pile, it might have a Sun workstation inside. Of course, you can just boot Solaris on your virtual PC today. You might be surprised that Kodak invented the digital camera. But they failed to understand what it would mean to the future of photography.
youtube.com/embed/BTkx8CamFbI?…
Building a Fully Automatic Birkeland-Eyde Reactor
Ever wanted to produce nitrogen fertilizer like they did in the 1900s? In that case, you’re probably looking at the Birkeland-Eyde process, which was the first industrial-scale atmospheric nitrogen fixation process. It was eventually replaced by the Haber-Bosch and Ostwald processes. [Markus Bindhammer] covers the construction of a hobbyist-sized, fully automated reactor in this video.
It uses tungsten electrodes to produce the requisite arc, with a copper rod brazed onto both. The frame is made of aluminium profiles mounted on a polypropylene board, supporting the reaction vessel. Powering the whole contraption is a 24 VDC, 20 A power supply, which powers the flyback transformer for the high-voltage arc, as well as an air pump and smaller electronics, including the Arduino Uno board controlling the system.
The air is dried by silica gel before entering the reactor, with the airflow measured by a mass air flow sensor and the reaction temperature by a temperature sensor. This should give the MCU a full picture of the state of the reaction, with the airflow having to be sufficiently high relative to the arc to extract the maximum yield for this already very low-yield (single-digit %) process.
Usually, we are more interested in getting our nitrogen in liquid form. We’ve also looked at the Haber-Bosch method in the past.
youtube.com/embed/L9KpFKQ7brY?…
Add WebUSB Support To Firefox With a Special USB Device
The WebUSB standard is certainly controversial. Many consider it a security risk, and, to date, only Chromium-based browsers support it. But there is a workaround that is, ironically, supposed to increase security. The adjacent Universal 2nd Factor (U2F) standard also adds (limited) USB support to browsers. Sure, this is meant solely to support U2F USB dongles for two-factor authentication purposes, but as [ArcaneNibble] demonstrates using U2F-compatible firmware on a Raspberry Pi RP2040, by hijacking the U2F payload, this API can be used to provide WebUSB-like functionality.
The provided demo involves flashing an RP2040 (e.g., Pico board) with the u2f-hax.u2f firmware and loading the index.html page from localhost or a similar secure context. After this, the buttons on the browser page can be used to toggle an LED on the Pico board on or off. You can also read an input back from the RP2040.
This feat is made possible by the opaque nature of the U2F key handle, which means that anything can be put in this blob. This makes it a snap to pass data from the U2F dongle to the host. For the inverse, things get a bit trickier. Here the ECDSA signature is manipulated inside the ASN.1 that is returned to the dongle. Since Firefox performs no signature validation (and Chrome only does a range check), this works. The MCU also auto-confirms user presence by having the key handle start with oxfeedface, so the device works without user interaction. However, you do seem to get an annoying popup that immediately goes away.
Of course, this only works if you create a special USB device for this purpose. That means your normal USB devices are still secure. While we know it could be a security risk, you can do some cool things with WebUSB. We’ve seen a few projects that use it.