What do you do when a crowdfunded product you really liked gets cancelled? Naturally, you take the idea and build your own version of it. That’s what [Salim Benbouziyane] did when the Focus Dial project on Kickstarter saw its launch cut short. This device allows you to set a ‘no distractions’ timer, during which notifications on one’s phone and elsewhere are disabled, making it something similar to those Pomodoro timers. What this dial also is supposed to do is integrate with home automation to set up clear ‘focus’ periods while the timer runs.
A quick prototype was set up using an ESP32 and other off-the-shelf components. The firmware has to run the timer, toggle off notifications on iOS and trigger firewall traffic rules to block a batch of social media addresses. Automating this with iOS was the hardest part, as Apple doesn’t make such automation features easy at all, ultimately requiring a Bluetooth audio board just to make iOS happy.
After this prototyping phase, the enclosure and assembly with the modules were drawn up in Autodesk Fusion 360 before the plastic parts were printed with a resin printer. The end result looks about as good as the Kickstarter one did, but with a few changes, because as [Salim] notes, if you are going to DIY such a failed crowdfunding project, why not make it work better for you?
When ships moved from muscle- and wind power to burning coal and other fossil fuels for their propulsion, they also became significantly faster and larger. Today’s cargo ships and ferries have become the backbone of modern civilization, along with a range of boat types. Even though tugs and smaller pleasure vessels are a far cry from a multi-thousand ton cargo or cruise ship, one would be hard-pressed to convert these boats back to a pure muscle or wind-based version. In short, we won’t be going back to the Age of Sail, but at the same time the fossil fuel-burning engines in these boats and ship come with their own range of issues.
Even if factors like pollution and carbon emissions are not something which keep you up at night, fuel costs just might, with these and efficiency regulations increasing year over year. Taking a page from alternative propulsions with cars and trucks, the maritime industry has been considering a range of replacements for diesel and steam engines. Here battery-electric propulsion is somewhat of an odd duck, as it does not carry its own fuel and instead requires on-shore recharging stations. Yet if battery-electric vehicles (BEVs) can be made to work on land with accompanying low ‘refueling’ costs, why not ships and boats?
A recent study by Lawrence Berkeley National Laboratory (LBNL) researchers Hee Seung Moon et al. as published in Nature Energy claims that a significant part of US maritime traffic can be electrified this way. Yet as a theoretical model, how close does it hit to the harsh realities imposed by this physical world which we live in?
Different Scales
Justine McAllister (IMO 8107878), a tug boat in New York Harbor. (Credit: Eric Baetscher, Wikimedia) An important aspect with any battery-powered craft is matching the battery capacity with the expected range. For BEVs like cars, the goal is to put as much battery capacity into the vehicle as possible, constrained mostly by factors such as the cost per kWh and how much physical volume is available in the vehicle for batteries without intruding on the driver and passengers. This is how we ended up with a range of BEVs that can cover a sizeable chunk of daily usage cases, as well as specific cases like buses where the daily range requirement is planned in advance and thus very easy to optimize for. Even so, a number of road-bound vehicles are hard to electrify with just batteries, such as cross-country trucks due to the sheer weight of the batteries required in most scenarios. Unlike a fuel tank, these batteries also do not lose weight as they become more empty.
In the case of boats, these smaller vessels tend to have pretty limited range. For example: tugs put in a lot of work, but either remain bound to a specific harbor or slowly follow a set watercourse like a river with a gaggle of barges in tow. Here you can have recharging infrastructure set up and charging points ready to go with relatively little difficulty in the harbor or at mooring spots along the route. More challenging are vessels with more erratic routes, not to mention ships with routes that are so long that no reasonable amount of batteries could power it without recharging or swapping batteries. The main case in point here is container ships.
In a 2022 study by Jessica Kersey et al. in Nature Energy it was found that for routes of less than 1,500 km electrification would be economical, assuming a battery price of $100 per kWh. At that point the main question remains how many batteries you can fit into the ship without negatively impacting the cargo load that it can carry. A container ship can travel around 540 km per day at its average cruising speed, with a shipping route like Los Angeles to Yokohama of 7,792 km (4,207.6 nautical miles) taking over two weeks:Putting enough batteries on cargo ships to allow them to travel these routes without recharging in between is too much to ask. This is why the focus with battery-electric propulsion for ships and boats is on these shorter routes, where the total volume of batteries combined with electric motor(s) does not significantly exceed the volume (and weight) previously taken up by the diesel engine(s) and fuel tanks. As modelled by Kersey et al., for a small neo-Panamax container ship this would be the case if the route is kept below 3,000 km. Yet if the route is extended to something like 20,000 km the batteries would take up 32% of the containership’s carrying capacity.
Using batteries with higher energy density could help here, but as seen with today’s favorite battery chemistries using the higher density Li-ion comes with fewer charge cycles and worse stability, while LiFePO4 with its common use in especially BEVs and grid-storage and solar-storage batteries has much better longevity and safety record, at the cost of more weight per kWh.
Removable Batteries
Currently a number of battery-electric boats and ships are in service, with ferries being one of the first to be outfitted with such propulsion, case in point being the Norwegian Bastø Electric ferry. This 600 passenger and 200 car ferry uses its 4.3 MWh battery as well as a diesel generator to travel the 10 kilometer route between Moss and Horten. While docked the batteries are charged up when a charging point is available. This makes it not a pure battery-electric boat, but rather a hybrid. The Zhongyuan Haiyun Lu Shui 01 battery-electric 700 TEU containership. (Credit: COSCO Shipping) More interesting are the two battery-electric containerships owned by China’s COSCO Shipping which recently began carrying shipping containers along the approximately 500 km route between Nanjing and Shanghai’s Yangshan Port. The Lu Shui (Green Water) 1 and 2 vessels are 700 TEU container ships that can travel at 10.4 knots over the Yangtze river. Perhaps most interesting about them is that they don’t have a battery bank integrated into their hulls, but rather take swappable batteries, with a standard capacity of 57.6 MWh, but with optional connection points for additional battery packs.
In the aforementioned LBNL study by Hee Seung Moon et al. the assumption was made that existing vessels would be retrofitted with batteries and electric motors, which would place a range of restrictions relative to newly designed and built vessels like COSCO’s newly commissioned ones. Being able to swap out battery packs along with shipping containers allows freshly charged packs to be ready when the containership docks and avoids the hassles of quick charging after each trip and replacing batteries after their approximately decade-long useful lifespan, for LiFePO4.
Practical Within Limits
It’s clear that for shorter routes the use of battery-electric propulsion can make sense. Depending on the local grid this can also be less polluting than burning low-sulfur diesel fuel, and conceivably be cheaper, though it all has to be worked out on a case-by-case basis. In the case of COSCO the reasoning appears to have been that these custom container ships are perfect for such a shorter route, with cost savings to be expected over the use of direct-driven diesel or diesel-electric propulsion. Ultimately the success of battery-electric propulsion will come down to simple economics, especially in the cut-throat shipping business.
Featured image & thumbnail: Containership MSC Texas. (Source: Wikimedia Commons)
Having a good set of (working) headlights is a crucial feature of any motor vehicle, assuming you want to be able to see the road ahead of you when there’s a lack of sunshine. Headlights are also essential to be noticed by other cars and traffic participants, but if installed improperly they can end up blinding an opposing driver with potentially fatal results. This is a major worry with LED lamps that are increasingly being installed in cars, often replacing the old-style halogen bulbs that have a very different color spectrum and beam patterns, to the dismay of fellow road participants.
This headlight glare can also be simulated in driving simulators, as in a 2019 article by [B.C. Haycock] et al. where the effect is of course diminished because displays can only get so bright. Of note is that it’s not just LED lights themselves, but also taller vehicles and misaligned headlights, all of which makes it important that the angle of your car’s headlights is proper. You want to see the road in front of you, after all, not illuminate every house in the nearest settlement two klicks away.
Compounding the problem is that the shorter wavelength, blue-ish light of LED headlights is more energetic than the more reddish, longer wavelength of halogens and are generally perceived as more intense by our eyes. Ultimately the solution appears to be adaptive driving beam headlights (ADB), a technology that constantly adjusts the headlights to the circumstances. ADB has been common in e.g. Europe already for the past 15 years, and is allowed in Canada since 2018 and in the US since 2022 after a rule change by the NHTSA.
With plenty of improper headlights on vehicles in North America still, it’s best to practice defensive driving, with a brighter dashboard illumination, anti-glare coatings and safety squinting when a miniature solar system passes by during an night-time drive.
While they are dying out, you can still find incandescent bulbs. While these were once totally common, they’ve been largely replaced by LEDs and other lighting technology. However, you still see a number of them in special applications or older gear. If you are above a certain age, you might be surprised that youngsters may have never seen a standard incandescent lightbulb. Even so, the new bulbs are compatible with the old ones, so — mechanically, at least — the bulbs don’t look different on the outside. You might have learned in school that Thomas Edison invented the light bulb, but the truth is much stranger (public domain) It has been known for a long time that passing a current through a wire creates a glow. The problem is, the wire — the filament — would burn up quickly. The answer would be a combination of the right filament material and using an evacuated bulb to prevent the filament degrading. But it took over a century to get a commercially successful lightbulb.
We were all taught in school that Thomas Edison invented the light bulb, but the truth is much more complicated. You can go back to 1761 when Ebenezer Kinnersley first caused a wire to glow. Of course, wires would quickly burn up in the air. By the early 19th century, limelight was fairly common in theaters. Limelight — also known as the Drummond light — heated a piece of calcium oxide using a gas torch — not electric, but technically incandescence. Ships at sea and forts in the U.S. Civil War used limelights to illuminate targets and, supposedly, to blind enemy troops at night. Check out the video below to see what a limelight looks like.
Sir Humphry Davy demonstrated a dim, impractical light that used a huge battery and a thin strip of platinum. More practical was Davy’s electric arc lamp, which, after being refined by others, became common in some applications.
Arc lights had issues, though. They hissed and flickered. The carbon rods emitted carbon monoxide and ultraviolet light. They were extremely harsh and bright, and the rods burned up quickly. Everyone knew a better light bulb would be a winner, but no one knew how to create it.
Getting Closer
Starting around 1835, there were many experiments and demonstrations, but none of them really caught on. A Belgian, Marcellin Jobard, was on the right track in 1838 with a lightbulb in a vacuum with a carbon filament, but nothing really came of it. He also came up with what amounts to early emojis, but that took a long time to catch on, too.
Since platinum has a high melting point, it was a popular filament candidate. In the 1840s and 1870s, many inventors used platinum or carbon with varying degrees of success. During that same time period, there were many patents and demonstrations, but none were successfully commercialized. However, a Russian named Alexander Lodygin did patent a working bulb with carbon rods in nitrogen gas.
It isn’t clear if Henry Woodward and Mathew Evans knew of the Russian patent. In 1874, they filed a Canadian patent for a similar bulb. Ultimately, they failed to commercialize it, but they sold their patent to Thomas Edison.
Edison
Edison got serious about electric lighting in 1878. He experimented with different carbonized materials and platinum but finally settled on carbon fed by platinum wires. Using carbonized threads resulted in a bulb that lasted just over 13 hours. However, he would discover that carbonized bamboo could last 1200 hours. You can see one of the oldest surviving Edison bulbs at the Port Huron Museum and in the video below.
Many people worked on the problem throughout the 1800s. Edison arrived at a practical solution and had the mechanism in place to exploit it. However, others had light bulb patents. Albon Man and William Sawyer had bulbs that didn’t last as long as Edison’s but formed the basis for the United States Electric Lighting Company. That company’s chief engineer was Hiram Maxim, a name familiar to most ham radio operators, but this particular Hiram Maxim was the famous ham radio operator’s father.
The elder Maxim is one of several people who claimed they had actually invented the incandescent light before Edison. The courts eventually decided that some of Edison’s claims were preempted by William Sawyer’s patents, but that Edison still had other valid patent claims.
Modern Types
These early bulbs had little in common with modern bulbs. The inside of the bulb had to have very little oxygen and moisture, or the filament would oxidize or burn out. Initially, mercury vapor pumps and phosphoric anhydride were used, but this added expense to bulbs. Arturo Malignani found that red phosphorus would allow for a drier vacuum with cheaper pumps. Edison was quick to buy the patent.
However, Lodygin and others were on the right track, and using a metal filament and an inert gas to replace the oxygen would be more effective. This prevents the filament from burning and also reduces the evaporation of the filament. (See the video below if you want to see the effect of air on a tungsten filament.) He invented a process for forming thin metal filaments and sold the patent to General Electric in 1902.
The truly modern bulb is the result of a 1904 invention by Sándor Just and Franjo Hanaman. They created a tungsten filament that worked better in an argon or nitrogen atmosphere. The Hungarian company Tungsram sold these, and they could practically pass for a modern clear-glass bulb.
A modern bulb has a glass envelope and a tungsten filament, although they add a few impurities to increase the filament life. The bulb contains a low pressure of a gas like argon, nitrogen, krypton, or xenon. Modern glass bulbs are either clear or coated with kaolin clay from the inside. Some bulbs have pigments to change color or different glass to produce different colors. Bulbs used for heating sometimes have special glass or even fused quartz.
Real World Considerations
Light bulbs are one of those circuit elements we pretend are perfect, but they aren’t. Tungsten filaments have a low resistance when cold, which causes a bulb to draw a lot of current when it first turns on. As the filament gets hot, the resistance goes up, and the current goes down. Oddly enough, carbon filaments have the opposite problem. They draw more power as they get hot, which also makes them sensitive to power surges, since if they get hot, they draw more current, which causes them to draw even more current, which makes them even hotter, and the cycle repeats.
In high-reliability circuits, designers often highly derate a bulb’s specifications to get a dimmer light that lasts longer. A 5% reduction in voltage will roughly double a bulb’s lifetime but also make it about 16% dimmer. Some will also pass a small current through the bulb even when it is off to keep the filament warm. This reduces the current draw and heating associated with turning on a cold filament.
The other big problem with incandescent lights is that they are relatively inefficient since most of the energy produces heat and infrared light. A typical bulb is around 5% efficient in terms of visible light, and the best halogens come in around 10%.
Of course, this inefficiency is why there’s been a move to ban incandescent bulbs in favor of LEDs, fluorescents, and other technologies. LED lights, in contrast, can reach 30-40% efficiency. Still more light than heat, but almost an order of magnitude more efficient than plain-old incandescents.
So Much More
There’s a lot more to learn about light bulbs. In 1885, the U.S. had an estimated 300,000 carbon filament bulbs. By 1914, there were 88.5 million. In 1945, the market was around 795 million. When you deal with that kind of scale there are many innovations both in the technology and the machinery used to build them. Want to see how lightbulbs were made? Check out the video below.
We’ve talked about the early lighting market and one of its pioneers, Lewis Latimer, a few years ago. We’ve looked at the checkered history many times.
Everyone likes something cheap, and when that cheap thing is a router that’s supported by OpenWRT, it sounds like a win. [Hennung Paul] ordered a Wavlink WL-WN586X3 for the princely sum of 39 Euros, but was disappointed to find his device a rev. 2 board rather than the rev.1 board supported by the Linux distribution. Toss it on the failed projects pile and move on? Not at all, he hacked together a working OpenWRT for the device.
It’s fair to say that a majority of Hackaday readers will have familiarity with Linux, but that’s something which runs on a sliding scale from “Uses Ubuntu a bit” all the way to “Is at one with the kernel”. We’d rate ourselves somewhere around halfway along that scale in terms of having an in-depth knowledge of userland and a working knowledge of some of the internals which make the operating system tick even if we’re apprehensive about tinkering at that level. [Henning] has no such limitations, and proceeds to take the manufacturer’s distribution, itself a heavily modified OpenWRT, and make it his own. Booting over tFTP we’re used to, and we’re particularly impressed to see him using a Raspberry Pi as a surrogate host for the desoldered Flash chip over SPI.
It’s a long path he takes to get the thing working and we’re not sure we could follow it all, but we hope that the result will be a new device added to OpenWRT’s already extensive support list. It’s sometimes a shock to find this distro is now over two decades old.
In this era of cheap turn-key machines, the idea of actually building your own desktop 3D printer might seem odd to some. But if you’re looking for a challenge, and want to end up with a printer that legitimately sets itself apart from what they’re stocking on Amazon these days, then take a look at the Lemontron.
We’ve been keeping tabs on the development of this open source 3D printer for some time now, and just before Christmas, the files finally were released for anyone who wants to try putting one together themselves. There’s currently no formal kit available, but once you’ve printed out all the parts, there’s a very nice Bill of Materials you can find on the website which will tell you everything you need to complete the assembly — and critically — where you can get it.
The hotend and heated bed come from KB-3D, while the bulk of the rest of the components are sourced from AliExpress with a bit of DigiKey sprinkled in. There’s also a custom PCB you’ll want to pick up from your favorite board house. All told, building the Lemontron should cost you somewhat north of $400 USD. Of course, that assumes your time is free. But since you’re reading this on Hackaday, that probably a safe bet.
You can check out the video below for an expedited look at assembling the printer. It’s not a step-by-step guide exactly, but it should give you a good idea of what to expect before you commit to building the thing. It also provides a look at the design philosiphy behind the Lemontron, which largely eschews custom components and relies on off-the-shelf bits to tie all the printed parts together.
Il negozio online ufficiale dell’Agenzia spaziale europea (ESA) è stato violato. Nel sito è stato inserito del codice JavaScript, creando una falsa pagina di pagamento dell’ordine tramite Stripe.
Secondo i ricercatori di Sansec, lo script dannoso è apparso sul sito all’inizio di questa settimana. Raccoglieva le informazioni sui clienti, compresi i dettagli della carta di pagamento, forniti dagli utenti nella fase finale dell’acquisto.
Sansec ha informato i funzionari dell’ESA che il negozio era compromesso e poteva rappresentare una minaccia per i dipendenti dell’agenzia perché era integrato con i sistemi ESA. Il negozio attraverso il quale viene venduta la merce dell’ESA non è attualmente disponibile e si dice che sia “temporaneamente uscito dall’orbita” per aggiornamenti. I ricercatori hanno notato che il dominio attraverso il quale sono trapelate le informazioni aveva lo stesso nome del negozio legittimo, ma si trovava in una zona di dominio diversa.
Pertanto, il negozio ufficiale dell’ESA si trova su esaspaceshop.com e gli hacker hanno utilizzato lo stesso nome nella zona .pics (esaspaceshop[.]pics). Lo script degli aggressori conteneva codice HTML offuscato proveniente dall’SDK di Stripe, che caricava una pagina di pagamento falsa quando i clienti tentavano di completare un acquisto. Allo stesso tempo, la pagina falsa non sembrava affatto sospetta.
Come notato da Bleeping Computer, i rappresentanti dell’ESA hanno affermato che il negozio non è ospitato sull’infrastruttura dell’organizzazione, l’ESA non gestisce i dati in esso contenuti e non possiede la risorsa.
This one isn’t clickbait, but it is cheating. [Brian Haidet], the guy behind Alpha Phoenix, has managed to assemble movie footage of a laser beam crossing his garage, using a rig he put together for just a few hundred dollars. How, you ask? Well, for the long version, you’re going to want to watch the video, also embedded below. But we’ll give you the short version here.
Light travels about a foot in a nanosecond. What have you got that measures signals on a nanosecond scale pretty reliably? Of course, it’s your oscilloscope. The rest of [Brian]’s setup includes a laser that can pull off nanosecond pulses, a sensor with a nanosecond-ish rise time, and optics that collect the light over a very small field of view.
He then scans the effective “pinhole” across his garage, emitting a laser pulse and recording the brightness over time on the oscilloscope for each position. Repeating this many thousands of times and putting them all together relative to the beginning of each laser pulse results in a composite movie with the brightness at each location resolved accurately enough to watch the light beam fly. Or to watch different time-slices of thousands of beams fly, but as long as they’re all the same, there’s no real difference.
Of course, this isn’t simple. The laser driver needs to push many amps to get a fast enough rise time, and the only sensor that’s fast enough to not smear the signal is a photomultiplier tube. But persistence pays off, and the results are pretty incredible for something that you could actually do in your garage.
Photomultiplier tubes are pretty damn cool, and can not only detect very short light events, but also very weak ones, down to a single photon. Indeed, they’re cool enough that if you get yourself a few hundred thousand of them and put them in a dark place, you’re on your way to a neutrino detector.
It’s really never too early (or too late) to learn time management. All joking aside, carefully managing one’s time can result in some really wondrous achievements. So it’s best to learn early, when most of your time is spent generally having fun.
Let’s say you’ve just heard you have five minutes left to play, but what does that mean if you’re three years old? Not much, unless you have some visual cues to go by. That’s the idea behind [Julius Curt]’s visual timer for toddlers.
This lovely reverse progress bar uses a Wemos D1 mini to control a strip of six WS2812B LEDs at 30 LEDs/meter density. There’s a small OLED display for literate users, and the whole thing is childproof. [Julius] challenged himself to do this entire project in one day, and ended up finishing it in a little over eight hours total, including time to design the way cool knob. Be sure to check out the build video below.
Over the last few decades, electronic devices have drastically changed. Radios that once had point-to-point wiring gave way to printed circuit boards with through-hole parts, and now microscopic surface mount devices are the norm. But most of us still use probes that would have been just fine for a 1940s receiver. There are other options, of course. Among other things, you can now buy meters that have built-in tweezer probes. While not the first, the FNIRSI LCR-ST1 are affordable, and [TheHWcave] puts them to the test in the video below.
The tweezers come with two different pointy ends. It is more or less one of those testers that can identify and measure various components. Instead of the customary socket, this one has tweezer ends and, perhaps, a few extra functions.
The device can use several different voltages and frequencies while actively probing. Comparing some readings to a few other meters showed a bit of error, although nothing too drastic. The inductance reading of a very small inductor at 1 kHz was, however, too unstable to be useful.
The only downsides noted were that the probes could be a bit sharper for fine PCB work, and the display doesn’t rotate for left-handed operation. Both of those are probably fixable with a file and a firmware update. Overall, it looks like a reasonable low-cost tool.
Tools like this have been around for a while, but often at a higher cost. There are plenty of sophisticated test probes if you ever decide to look for them.
Despite the latest and greatest Intel-derived computers having multi-core 64-bit processors and unimaginably fast peripherals, at heart they all still retain a compatibility that goes back to the original 8086. This means that they can, in theory at least, still run MS-DOS. The venerable Microsoft 16-bit OS may now be long discontinued, but there is still enough need for DOS that the open-source FreeDOS remains in active development. The Register are here to remind us that there’s another open-source DOS on the block, and that it has a surprising history.
SvarDOS is an open source DOS distribution, and it’s interesting because it uses a derivative of the DR-DOS kernel, an OS which traces its roots back to Digital Research’s CP/M operating system of the 1970s. This found its way briefly into the open source domain courtesy of the notorious Caldera Inc back in the 1990s, and has continued to receive some development effort ever since. As the Reg notes, it has something FreeDOS lacks, the ability to run Windows 3.1 should you ever feel the need. They take it for a spin in the linked article, should you be curious.
It’s something which has surprised us over the years, that aside from the world of retrocomputing we still occasionally find FreeDOS being distributed, usually alongside some kind of hardware maintenance software. Even four decades or more later, it’s still of value to have the simplest of PC operating systems to hand.
It’s worth pointing out that there’s a third open-source DOS in the wild, as back in April Microsoft released MS-DOS version 4 source code. But as anyone who used it will tell you, that version was hardly the pick of the bunch.
Christmas: a good time to broach a topic of hope. We’re talking Esperanto. This language that spurred the hope it one day could hack the barriers between people, eliminating war and miscommunication. The video below unpacks the history of this linguistic marvel. Esperanto was a constructed language dreamed up in 1887 by Ludwik Zamenhof, a Polish-Russian eye doctor with a knack for linguistics and great ideals. If you’re a little into linguistics yourself, you’ll sure know the name stems from the Latin esperi: to hope.
Inspired by the chaos of multilingual strife in his hometown, Zamenhof created Esperanto to unite humanity under a single, simple, easy-to-learn tongue. With just 16 grammar rules, modular word-building, and no pesky exceptions — looking at you, English — Esperanto was a linguistic hack ahead of its time.
But Esperanto wasn’t just a novelty—it almost became the lingua franca of diplomacy. In 1920, Iran proposed Esperanto as the official language of the League of Nations, but the French vetoed it, fearing their language’s global dominance was at risk. From there, Esperanto’s journey took a darker turn as both Nazi Germany and Stalinist Russia persecuted its speakers. Despite this, Esperanto persisted, surfacing in quirky corners of culture, from William Shatner’s Esperanto-only horror film Incubus to its inclusion on NASA’s Voyager Golden Record.
Fast-forward to the digital age: Esperanto is thriving on online learning platforms, where over a million learners explore its minimalist elegance. It appears at places in various editions of Grand Theft Auto. It has even inspired modern makers to create new constructed languages, like Loglan, Toki Pona, and even Klingon. Could Esperanto—or any reimagined language—rise again to unite us? For curious minds, watch the video here.
Whether you only dabble in electronics as a hobby or it’s your full-time job, there are few tools as indispensable as the multimeter. In fact, we’d be willing to bet nearly everyone reading this site owns at least one of them. But as common and mindbogglingly useful as they may be, they aren’t perfect. Even the high-end models will invariably have some annoyance that only reveals itself once you become intimately acquainted with it.
Most people would just live with those quirks, especially when dealing with a cheaper model. But not [John Duffy]. Deciding nothing but perfection would do, he took every favorite feature he’d ever run into while using other multimeters and combined them into his scratch-built HydraMeter. In the process, he managed to come up with a few new ideas that push this device into a league of its own.
Some of the features of the HydraMeter will look familiar. You might even have them on your own personal meter, such as the wireless removable display module. Other features you’ll wish your meter had, such as the removable cartridge on the front of the device that lets you rapidly swap out a burned fuse. On the other side of the spectrum, there are some esoteric features that might leave you scratching your head. The ability to tell exactly how the meter is configured at a glance thanks to its exclusive use of toggle switches has a certain hacker appeal, but it’s a tricky user interface for most folks.
While the overall design of the HydraMeter may be divisive, one thing we can all agree on is that getting the project to this state took incredible determination. Over the years we’ve only seen a handful of individuals attempt to develop their own multimeters, and even then, none of them approached this level of fit and finish. The fact that [John] has turned all that effort over to the community by releasing his design under the CERN license is truly admirable.
[John] brought the HydraMeter out to Pasadena back in November for Supercon, and it got quite a reaction. And if you don’t like the user interface, it’s not hard to imagine how you could change it. This project has unquestionably pushed the state of the art for open source multimeters forward, and we’re eager to see where it goes from here.
I ricercatori hanno studiato gli attacchi del gruppo di hacker di lingua russa Masque, motivato finanziariamente, che prende di mira le imprese russe e utilizza i ransomware LockBit 3 (Black) e Babuk (ESXi).
Gli esperti scrivono che la tesa situazione geopolitica e la disponibilità di codici sorgente e builder per ransomware popolari come Babuk, Conti e LockBit 3 (Black) hanno dato origine a un gran numero di hacker criminali che utilizzano questo malware per attaccare aziende. Uno di questi è il gruppo Masque, attivo da gennaio 2024 (anche se gli esperti hanno osservato un notevole calo dell’attività da maggio a ottobre 2024).
Secondo gli esperti, in precedenza non c’era motivo di parlare in dettaglio di questo “gruppo ordinario rispetto ad altri”, ma nel novembre-dicembre 2024 Masque ha effettuato diversi attacchi contro aziende russe più grandi e nuovi strumenti sono apparsi nell’arsenale del gruppo.
In totale, dal gennaio 2024, il gruppo ha effettuato almeno dieci attacchi. Di solito i suoi obiettivi erano le aziende russe del segmento delle piccole e medie imprese. L’importo del riscatto iniziale è di 5-10 milioni di rubli (in BTC o XMR).
Nella maggior parte dei casi, il vettore iniziale degli attacchi Masque è lo sfruttamento della vulnerabilità CVE-2021-44228 (log4shell) nella libreria log4j in servizi disponibili pubblicamente come VMware Horizon. Dopo aver sfruttato con successo la vulnerabilità, gli aggressori utilizzano il server compromesso come trampolino di lancio per l’ulteriore sviluppo dell’attacco. Nota di riscatto di Masque In generale, il gruppo non utilizza metodi sofisticati e innovativi nei suoi attacchi e gli strumenti utilizzati dagli hacker non sono molto diversi. Un ruolo chiave in questo è svolto dallo strumento di accesso remoto AnyDesk, nonché da utilità disponibili al pubblico come chisel, LocaltoNet e mimikatz.
Il movimento principale all’interno della rete viene effettuato utilizzando i protocolli RDP e SSH. In alcuni casi, gli aggressori utilizzano WinRM (Windows Remote Management) così come SMBExec del framework Impacket per raggiungere i loro obiettivi.
“Gli aggressori, di norma, non trascorrono intenzionalmente il loro tempo eludendo le misure di sicurezza delle informazioni e le soluzioni antivirus. Le protezioni vengono disabilitate solo quando impediscono il caricamento o l’esecuzione degli strumenti oppure quando vengono rilevati e bloccati. Pertanto, in uno degli attacchi, l’utilità TDSSKiller, progettata per rilevare e rimuovere i rootkit, è stata utilizzata per disabilitare i meccanismi di protezione, e nell’ultimo attacco gli aggressori hanno utilizzato un sofisticato bootloader, che sembra atipico per le consuete tattiche del gruppo”, gli esperti scrivere.
Masque utilizza LockBit 3 (Black) e Babuk (ESXi) per crittografare i dati delle vittime. Per comunicare con le loro vittime, gli aggressori utilizzano Tox e ciascuna vittima utilizza un identificatore univoco. I ricercatori affermano che l’arsenale piuttosto scarso di Masque è stato diversificato dal programma dwm.exe, che gli aggressori hanno scaricato sull’host della vittima utilizzando un comando PowerShell a una riga nel contesto dell’account di sistema.
Gli analisti hanno dato a questo programma il nome MystiqueLoader e riferiscono che, nonostante le sue dimensioni ridotte (circa 47 kilobyte), si è rivelato uno strumento piuttosto interessante. Dall’analisi è emerso che il programma dwm.exe è un agent downloader: su comando del server di controllo, l’agent può scaricare il modulo del programma PE da Internet e avviarlo direttamente nella memoria del processo corrente . È interessante notare che l’interazione dell’agent viene effettuata utilizzando il protocollo DNS. Tuttavia, gli esperti non sono stati in grado di ottenere il payload del malware.
Si nota che il gruppo Masque non presta sufficiente attenzione allo studio approfondito dell’infrastruttura della vittima e all’esfiltrazione preliminare dei dati. Il tempo trascorso degli aggressori all’interno dell’infrastruttura varia da diversi giorni a due settimane, dal momento in cui ottengono l’accesso alla fase finale dell’attacco. Di conseguenza, i backup spesso rimangono intatti e i dati su alcuni host non vengono affatto crittografati.
We know, you’ve already got a USB to serial adapter. Probably several of them, in fact. But that doesn’t mean you couldn’t use one more — especially when it’s as as cleverly designed as this one from [Anders Nielsen].
The first thing you notice about this adapter, and the big departure from the ones that are likely littering your parts bin, is that it terminates in a full-size male DSUB9 connector. With the ability to be directly plugged into a RS-232 port, this adapter will certainly catch the eye of retrocomputer enthusiasts. With a clever arrangement of jumpers, you can even reconfigure the RX and TX lines to be straight-through or cross over as needed.
But if you’re working with something that doesn’t have a literal serial port, no worries. All of the lines coming from the CH340G chip are broken out to a header so you can connect it up to whatever device you’re working with via jumpers.
In fact, if you’re really sure you’ll never need that RS232 feature, the PCB is even designed in such a way that you can simply snap it off. Admittedly it might seem a little odd to get a device like this if you didn’t want that capability. But once broken off, it’s not like the components go to waste. [Anders] has designed the board in such a way that if you flip it over and install a right-angle header, you can use the RS232 segment on a breadboard.
But the list of features doesn’t stop there. There’s also a 3.3 V regulator on board that you can use to power external circuits, as well as breakouts for the data lines in the USB-C connector. In keeping with the theme of the device, that part of the PCB can also be snapped off if you want to use it elsewhere.
Most folks probably’ won’t need all the capabilities offered by this particular serial adapter, and that’s fine. We’re still happy that it’s out in the wild and available for the community to use and adapt as an open source project.
Gli esperti di Palo Alto Networks hanno condotto un esperimento e hanno riferito che i modelli linguistici di grandi dimensioni (LLM) possono essere utilizzati per generare in modo massiccio nuove varianti di codice JavaScript dannoso, che alla fine consente al malware di eludere meglio il rilevamento.
“Mentre gli LLM sono difficili da creare malware da zero, i criminali possono facilmente utilizzarli per riscrivere o offuscare il codice dannoso esistente, rendendolo in definitiva più difficile da rilevare”, hanno scritto i ricercatori.
Affermano che gli hacker potrebbero chiedere a LLM di eseguire trasformazioni che, se eseguite in numero sufficiente, potrebbero ridurre le prestazioni dei sistemi di classificazione del malware perché crederebbero che il codice dannoso sia effettivamente benigno.
I ricercatori hanno dimostrato che le capacità di LLM possono essere utilizzate per riscrivere in modo iterativo campioni di malware esistenti per eludere il rilevamento da parte di modelli di apprendimento automatico (come Innocent Until Proven Guilty e PhishingJS ). Ciò apre effettivamente la porta a decine di migliaia di nuove varianti di JavaScript senza modificarne la funzionalità, dicono gli esperti. La riqualificazione dei modelli su campioni già riscritti utilizzando LLM migliora i risultati di rilevamento La tecnologia dei ricercatori è progettata per trasformare il codice dannoso utilizzando vari metodi: rinominare variabili, dividere righe, inserire codice spazzatura, rimuovere caratteri di spazi bianchi aggiuntivi e così via.
“L’output è una nuova variante di JavaScript dannoso che mantiene lo stesso comportamento dello script originale, ma riceve quasi sempre un punteggio di gravità molto più basso”, afferma l’azienda.
Nell’88% dei casi, questo approccio ha cambiato il verdetto del classificatore di malware di Palo Alto Networks e lo script dannoso ha iniziato a sembrare innocuo. Ancora peggio, il JavaScript riscritto è riuscito a ingannare altri analizzatori di malware, come hanno scoperto gli esperti quando hanno caricato il malware risultante su VirusTotal.
Un altro importante vantaggio dell’offuscamento utilizzando LLM, dicono i ricercatori, è che molti frammenti riscritti sembrano molto più naturali rispetto al risultato di librerie come obfuscator.io. Questi ultimi sono più facili da rilevare e tracciare perché introducono cambiamenti strutturali irreversibili nel codice sorgente. Frammenti di codice riscritti da obfuscator.io (a sinistra) e LLM (a destra) Gli esperti concludono che mentre l’intelligenza artificiale generativa può aumentare il numero di nuove varianti di codice dannoso, è anche possibile utilizzare questa tattica di riscrittura del codice dannoso per generare dati di addestramento che possono in definitiva migliorare l’affidabilità dei modelli di apprendimento automatico.
You wouldn’t typically associate graphing calculators with artificial intelligence, but hacker [KermMartian] recently made it happen. The innovative project involved running a neural network directly on a TI-84 Plus CE to recognize handwritten digits. By using the MNIST dataset, a well-known collection of handwritten numbers, the calculator could identify digits in just 18 seconds. If you want to learn how, check out his full video on it here.
The project began with a proof of concept: running a convolutional neural network (CNN) on the calculator’s limited hardware, a TI-84 Plus CE with only 256 KB of memory and a 48 MHz processor. Despite these constraints, the neural network could train and make predictions. The key to success: optimizing the code, leveraging the calculator’s C programming tools, and offloading the heavy lifting to a computer for training. Once trained, the network could be transferred to the calculator for real-time inference. Not only did it run the digits from MNIST, but it also accepted input from a USB mouse, letting [KermMartian] draw digits directly on the screen.
While the calculator’s limited resources mean it can’t train the network in real-time, this project is a proof that, with enough ingenuity, even a small device can be used for something as complex as AI. It’s not just about power; it’s about resourcefulness. If you’re into unconventional projects, this is one for the books.
Most people know about the numerical constant pi (or π, if you prefer). But did you know that pi has an evil twin represented by the symbol ϖ? As [John Carlos Baez] explains, it and its related functions are related to the lemniscate as pi relates to circles. What’s a lemniscate? That’s the proper name for the infinity sign (∞).
[John] shows how many of the same formulas for pi also work for the lemniscate constant (the name for ϖ). Some (as John calls them) “mutant” trig functions use the pi-like constant.
Mathematically, a circle is a point (the center) with a curve that describes x2+y2=r2. The lemniscate is a particular instance of a Cassini oval where r2=cos2θ. We all know the circumference of a circle—basically, the perimeter—is 2π; the perimeter of the lemniscate is 2ϖ.
Why does any of this matter? Well, [John] shows how it connects to elliptic curves and the Gauss constant.
Like pi, the lemniscate constant probably never ends, but it is roughly 2.622057. Will this be useful in your next project? Probably not. Will it help you win some bar bets? Maybe.
The number pi has an evil twin! It's a number called ϖ with many properties similar to π. There are even mutant trig functions connected to this number, called sl and cl.
So maybe while you were studying trig in high school, some kid in another galaxy was having to memorize all the identities for these other functions.
I doubt it. Just as pi and trig functions are connected to the circle, this number ϖ and its mutant trig functions are connected to a curve shaped like the symbol for infinity, ∞. But this curve is just less important than the circle. I'm not enough of a cultural relativist to believe there's a civilization that cares more about the shape ∞ than the shape ◯.
This ∞-shaped curve is called a 'lemniscate', and ϖ is called the 'lemniscate constant'. I'll show you the lemniscate in my next post.
A civilization will probably only get interested in ϖ when it gets interested in the lemniscate.... or the deeper math it's connected to. On our planet, it was Bernoulli, Euler and Gauss who discovered this math.
(Why does unicode even have the symbol ϖ? Here's why: it's a script version of the Greek letter pi, sometimes called 'varpi' or 'pomega'.)
If we’ve learned anything over the years, it’s that the only thing hardware hackers love more than a device festooned with buttons is one that’s covered in LEDs — so it’s no surprise that this “Mr Christmas” jukebox caught the eye of [Roberts Retro]. But while the holiday gadget might have been mildly entertaining in its stock configuration, he quickly realized that what it really needed was an ESP32 retrofit. After all, what good are all those buttons and LEDs if you can’t bend them to your will?
For the first half of the video, [Robert] treats us to a detailed teardown of the device, which as you might imagine, is largely hollow inside. This gave him plenty of room to graft in new hardware, which is really the best gift any of us could hope to find under the tree. In addition to the ESP32 development board, the jukebox also received a number of WS2812B addressable RGB LEDs, and a DFPlayer module to handle music playback.
With all the buttons wired up to inputs on the ESP32, [Robert] can reconfigure the jukebox to do pretty much whatever he wants with just changes to the software. In the video, he demonstrates how the buttons can be used to trigger the playback of individual songs stored on the DFPlayer’s SD card, which essentially replicates it’s stock functionality. A few lines of changed code later, those same buttons can be used to control devices via Home Assistant.
Il panorama delle minacce ransomware è in continua evoluzione, con attori sempre più sofisticati che si adattano alle nuove misure di sicurezza. Tra questi, NotLockBit emerge come una variante particolarmente insidiosa, ispirata al celebre ransomware LockBit.
Nonostante il nome possa suggerire una semplice imitazione, NotLockBit dimostra capacità avanzate e un livello di sofisticazione che lo rende una minaccia concreta sia per sistemi Windows che macOS. Scritto in Golang e distribuito come binario x86_64, NotLockBit è progettato per garantire compatibilità multipiattaforma e offrire resistenza all’analisi. La sua capacità di crittografare file mirati, esfiltrare dati e auto-eliminarsi lo distingue nel panorama attuale delle cyber minacce.
L’analisi di questo ransomware, unita all’immagine grafica dei collegamenti tra indicatori di compromissione (IoC) e campioni rilevati, fornisce una chiara visione delle sue varianti e della sua continua evoluzione.
Architettura Tecnica di NotLockBit
NotLockBit è un ransomware complesso e ben progettato, distribuito come eseguibile binario per architettura x86_64 scritto in Golang. La scelta di Go è strategica per gli attaccanti grazie alla sua capacità di creare codice compatibile con più piattaforme senza modifiche significative. Inoltre, il linguaggio offre una naturale resistenza all’analisi statica, poiché i binari risultano di grandi dimensioni e complicati da decifrare.
Catena di Infezione
La catena di infezione di NotLockBit si compone di cinque fasi principali: Initialization, Data Exfiltration, Data Encryption, Defacement, e Self-Deletion. Queste fasi delineano in dettaglio il processo con cui il ransomware compromette il sistema e raggiunge i suoi obiettivi malevoli.
Initialization
Dopo essere stato eseguito sul sistema della vittima, NotLockBit inizia la fase di inizializzazione con le seguenti azioni:
Raccolta delle Informazioni di Sistema: Il malware raccoglie dettagli sul sistema operativo, hostname, informazioni hardware, elenco dei processi attivi e directory rilevanti. Questi dati vengono salvati temporaneamente in file di testo e successivamente utilizzati per personalizzare l’attacco e facilitare l’esfiltrazione.
Generazione della Chiave di Crittografia: Viene generata una chiave AES casuale per cifrare i file. Questa chiave viene poi protetta con una chiave RSA pubblica integrata nel codice del malware.
Preparazione per l’Esfiltrazione: NotLockBit configura le connessioni verso l’infrastruttura degli attaccanti, utilizzando credenziali AWS predefinite per il caricamento dei dati.
Data Exfiltration
Una volta completata l’inizializzazione, il ransomware procede alla fase di esfiltrazione dei dati. Utilizza le informazioni raccolte durante l’inizializzazione e le invia a un bucket Amazon S3 controllato dagli attaccanti. La connessione viene stabilita in modo da sembrare legittima, spesso tramite protocolli HTTPS, per evitare rilevazioni da parte dei sistemi di sicurezza. I dati esfiltrati possono includere:
Informazioni di sistema dettagliate
Elenchi di file
Dati sensibili trovati sul dispositivo (documenti, database, file di configurazione)
L’uso di bucket S3 garantisce una rapida esfiltrazione e una gestione scalabile dei dati sottratti.
Data Encryption
Dopo l’esfiltrazione dei dati, NotLockBit avvia la fase di crittografia. Utilizzando l’algoritmo AES-256, il ransomware cifra specifici tipi di file, come documenti, immagini, archivi e database. Durante questa fase, il ransomware esegue diverse azioni mirate:
Esclusione di Directory Sensibili: Evita di cifrare directory critiche del sistema operativo per garantire la continuità del funzionamento del sistema.
File Targeting: Identifica file di valore sulla base di estensioni come .docx, .xlsx, .pdf, .zip, .db e altre comunemente utilizzate.
Salvataggio delle Chiavi Crittografiche: La chiave AES utilizzata viene cifrata con una chiave RSA pubblica e aggiunta ai file criptati per garantire che solo gli attaccanti possano decrittare i dati.
I file crittografati vengono rinominati con un’estensione specifica legata a NotLockBit, e un file di riscatto viene inserito in ciascuna directory compromessa.
Defacement
Una volta completata la crittografia, NotLockBit modifica lo sfondo del desktop per visualizzare un messaggio di riscatto. Questo messaggio informa la vittima dell’avvenuta cifratura dei file e fornisce istruzioni dettagliate su come contattare gli attaccanti e pagare il riscatto. Il defacement serve non solo a comunicare con la vittima ma anche a esercitare pressione psicologica per spingerla a pagare rapidamente.
Il messaggio di defacement può includere:
Informazioni di contatto (email, siti Onion sul dark web)
L’importo richiesto per il riscatto
Minacce di pubblicazione dei dati esfiltrati se il pagamento non viene effettuato
Self-Deletion
Per cancellare le proprie tracce e rendere più difficile l’analisi forense, NotLockBit esegue l’auto-eliminazione al termine delle sue operazioni. Questa fase viene realizzata tramite l’uso di script o comandi che eliminano il binario eseguibile e i file temporanei creati durante l’infezione. L’auto-eliminazione impedisce alle vittime o ai ricercatori di eseguire un’analisi approfondita del ransomware, rendendo più complessa la rilevazione degli IoC (Indicatori di Compromissione).
Analisi dei Campioni e Indicatori di Compromissione
L’immagine fornita, rappresentata di seguito, illustra visivamente la rete di relazioni tra il ransomware NotLockBit e i vari indicatori di compromissione (IoC) associati. In questa rappresentazione grafica:
Il Nodo Centrale rappresenta NotLockBit, da cui si diramano le diverse varianti del ransomware.
Ogni nodo giallo indica un campione di NotLockBit individuato durante l’analisi. Questi campioni si differenziano per piccoli dettagli nel codice e nelle tecniche di offuscamento utilizzate.
I nodi verdi rappresentano gli hash dei file correlati ai campioni di ransomware. Alcuni degli hash più rilevanti identificati sono:
Le frecce indicano come ciascun campione sia collegato alla variante principale di NotLockBit e come ogni hash derivi da un’evoluzione del codice sorgente originario. Questa struttura evidenzia una continua attività di sviluppo da parte degli attaccanti, finalizzata a eludere i sistemi di difesa tramite aggiornamenti e modifiche frequenti al codice.
Tecniche di Offuscamento e Anti-Analisi
NotLockBit implementa diverse tecniche per complicare l’analisi e l’individuazione:
Obfuscazione delle Stringhe: Le stringhe utilizzate dal ransomware sono cifrate e vengono deoffuscate solo durante l’esecuzione, rendendo difficile l’analisi statica del codice.
Packing del Binario: Il payload può essere impacchettato con strumenti come UPX, nascondendo il codice originale all’interno di un formato compresso.
Anti-Debugging: Il malware rileva se è in esecuzione in un ambiente di analisi (come sandbox o debugger) e interrompe l’esecuzione per evitare di rivelare il suo funzionamento completo.
NotLockBit rappresenta una minaccia ransomware avanzata, progettata per eludere le misure di sicurezza più comuni e adattarsi a diversi ambienti operativi. La capacità di colpire sia sistemi Windows che macOS, combinata con tecniche sofisticate di crittografia, esfiltrazione e offuscamento, lo rende particolarmente pericoloso. L’immagine dei collegamenti tra gli IoC evidenzia la natura dinamica di questa minaccia, mostrando come ogni campione rifletta un costante aggiornamento e miglioramento del codice malevolo.
Per proteggersi da ransomware come NotLockBit, è fondamentale implementare soluzioni avanzate di EDR (Endpoint Detection and Response), monitorare continuamente l’attività di rete e mantenere aggiornati i backup dei dati critici. Solo una strategia di sicurezza multilivello può mitigare il rischio rappresentato da queste nuove e pericolose minacce.
We all know and love the humble seven-segment display, right? And if you want to make characters as well as numbers, you can do an okay job with sixteen segments off the shelf. But if you want something more art-deco, you’ll probably want to roll your own. Or at least, [Ben] did, and you can find his designs up on GitHub.
Taking inspiration from [Posy]’s epic investigation of segmented displays, [Ben] sat down with a sketchpad and created his own 20-segment font that displays numbers and letters with some strange, but frankly lovely, segment shapes. There is no center line, so letters like “T” and numbers like “1” are a little skewed, but we think it’s charming.
An unfortunate reality of pre-1990s computer systems is that any manuals and documentation that came with them likely only existed on paper. That’s not to say there aren’t scanned-in (PDF) copies of those documents floating around, but with few of these scans being indexable by search engines like Google and Duck Duck Go, they can be rather tricky to find. That’s where the Manx catalog website seeks to make life easier. According to its stats, it knows about 22,060 manuals (9,992 online) across 61 websites, with a focus on minicomputers and mainframes.
The code behind Manx is GPL 2.0 licensed and available on GitHub, which is where any issues can be filed too. While not a new project by any stretch of the imagination, it’s yet another useful tool to find a non-OCR-ed scan of the programming or user manual for an obscure system. As noted in a recent Hacker News thread, the ‘online’ part of the above listed statistics means that for manuals where no online copy is known, you get a placeholder message. Using the Bitsavers website along with Archive.org may still be the most pertinent way to hunt down that elusive manual, with the Manx website recommending 1000bit for microcomputer manuals.
Have you used the Manx catalog, or any of the other archiving websites? What have been your experiences with them? Let us know in the comments.
[Filip] got his hands on a sweet old Hammond X5 organ, but it had one crucial problem: only half of the keys worked. Each and every C#, D, D#, E, F, and F# would not play, up and down the keyboard, although the other notes in between sounded just fine.
Those of you with an esoteric knowledge of older electric organs will be saying “it’s a busted top-octave generator chip”, and you’re right. One of the TOGs worked, and the other didn’t. [Filip] rolled his own top-octave generator with a Pico, in Python no less, and the old beauty roared to life once more.
But what is a top-octave generator, you may ask? For a brief period of time in the early 70s, there were organs that ran on square waves. Because a musical octave is a doubling or halving of frequency, you can create a pitch for every key on the organ if you simply create one octave’s worth of pitches, and divide them all down using something as simple as a binary counter IC. But nobody makes top-octave chips any more.
We love how [Filip]’s design leans heavily on the Pico’s programmable input/output hardware modules to get the job done with essentially zero CPU load, allowing him to write in Python and entirely bypassing the cycle-counting and assembly language trickery. The voltage shifters and the switchable jumpers to swap between different top-octave chip types are a nice touch as well. If you have an organ that needs a top-octave chip in 2024, this is the way we’d do it. (And it sounds fantastic.)
To celebrate the twentieth anniversary of their Trinitron line of televisions, Sony launched the KX-45ED1. At forty three inches the screen on this particular model made it the largest tube television in the world, and it came with the kind of price tag that if you need to ask…you can’t afford it (likely around $100,000 USD today). Three decades later, only two of these mythical displays were thought to exist and [shank] chronicled his quest to acquire one of the last remaining “Big Boys” in the mini documentary below.
As it turns out, one of these gigantic tube televisions was located on the second floor of a restaurant in Japan still sitting in the same place it was installed in 1989. It hadn’t moved in the intervening decades, because the television and its specialized support stand weighed over 500 pounds. Having an object that heavy physically moved down a flight of stairs would seem to be the most formidable challenge for most, but compounding the issue for [shank] was that the building housing this colossal CRT was set to be permanently closed in less than a week.
With next to no time to arrange an international flight, [shank] utilized the power of internet to ask for help from anyone currently living near the “Big Boy” CRT’s soon-to-be final resting place. It just so happened that a fellow retro tech enthusiast based in Japan saw the post, and traveled over an hour by train at a moment’s notice to aid [shank]. The heartwarming story of total strangers united by a common interest of preserving a rare piece of tech history is certainly worth a watch. Let alone the goofy size comparison footage of the smallest CRT display sitting on top of the biggest one.
In un mondo fortemente digitale, spesso tendiamo a ignorare le novità e i progressi introdotti da paesi come la Cina e la Russia, considerandoli come realtà lontane e ostili verso i nostri obiettivi tecnologici. Tuttavia, queste informazioni, se adeguatamente esplorate e analizzate, potrebbero offrirci spunti preziosi per migliorare le nostre tecnologie e strategie di sicurezza.
Chiudersi dietro barricate di nazionalismo e costruire muri digitali non solo limita la nostra crescita, ma indebolisce anche la nostra capacità di affrontare le sfide globali. Al contrario, la collaborazione e la condivisione delle conoscenze tra nazioni diverse ci permettono di diventare più forti, creando un ecosistema tecnologico più sicuro e resiliente per tutti.
Il 19 dicembre 2024, a Pechino, si è svolto il “Salone 2024 dell’Open Source e della Sicurezza del Software”, un evento di grande rilievo ospitato dalla China Academy of Information and Communications Technology (CAICT).
Il report Software Supply Chain Security Development Insight Report (2024)
Durante l’incontro, è stato ufficialmente presentato il “Software Supply Chain Security Development Insight Report (2024)“, un rapporto fondamentale che offre una visione approfondita sullo stato della sicurezza della catena di fornitura del software, una tematica sempre più cruciale per la sicurezza informatica globale. Questo rapporto evidenzia le definizioni, le sfide e le opportunità legate alla governance della sicurezza nella catena di fornitura, con un focus particolare sulle politiche e sugli standard in Cina. La crescente attenzione alla sicurezza della catena di fornitura del software è il risultato di una consapevolezza globale sui rischi legati alle vulnerabilità nei software di terze parti. Questi rischi possono compromettere non solo la sicurezza delle applicazioni, ma anche l’integrità dell’intera infrastruttura IT di un’organizzazione. La governance della sicurezza della catena di fornitura, come sottolineato nel rapporto, è essenziale per promuovere uno sviluppo sano e sostenibile dell’industria del software, contribuendo a ridurre le minacce alla sicurezza e garantendo che i prodotti software siano sviluppati e gestiti in modo sicuro.
Il rapporto evidenzia l’importanza di una visione a 360 gradi nella gestione della sicurezza della catena di fornitura del software. A livello globale, sono emersi strumenti e tecnologie per migliorare la protezione delle catene di fornitura, ma è necessaria una coordinazione a livello nazionale e internazionale per ottenere risultati concreti. La collaborazione tra diversi attori della catena, tra cui sviluppatori, fornitori e utenti, è fondamentale per costruire un ecosistema di sicurezza robusto e resiliente.
Uno sguardo critico all’Open Source
Un altro aspetto fondamentale trattato nel rapporto riguarda l’adozione e l’implementazione di standard di sicurezza. In Cina, numerosi enti di standardizzazione hanno lavorato intensamente per sviluppare e promuovere norme che definiscano i requisiti di sicurezza per la catena di fornitura del software. Tra i principali risultati c’è la creazione degli standard GB/T43698-2024 e GB/T43848-2024, che stabiliscono requisiti di sicurezza per il software e metodi di valutazione della sicurezza del codice open source. Questi standard sono essenziali per uniformare e ottimizzare la gestione della sicurezza, facilitando l’adozione di buone pratiche da parte delle imprese.
Inoltre, il rapporto evidenzia come molte aziende cinesi stiano utilizzando la governance open source come punto di partenza per rafforzare la sicurezza della catena di fornitura. Questo approccio mira a migliorare la gestione dei fornitori e a costruire una distinta base del software, che costituisce un elemento cruciale per garantire la trasparenza e la sicurezza nelle fasi di sviluppo e distribuzione del software. Più di il 73% delle imprese cinesi ritiene che la governance open source sia un passo fondamentale per affrontare le vulnerabilità della catena di fornitura.
Un ulteriore punto trattato nel rapporto riguarda la gestione della sicurezza tra le parti della domanda e dell’offerta. La governance della sicurezza della catena di fornitura non riguarda solo i fornitori, ma coinvolge anche gli utenti finali del software. Le organizzazioni che acquistano software da terzi devono adottare pratiche rigorose per garantire che il software sia sicuro prima di essere integrato nei loro sistemi. Questo processo include la valutazione della sicurezza del software e la gestione dell’approvvigionamento per evitare l’introduzione di vulnerabilità.
Infine, il rapporto si conclude con una riflessione sulle prospettive future della sicurezza nella catena di fornitura del software. Sebbene ci sia stata una crescita significativa nella consapevolezza dei rischi e nell’adozione di misure di sicurezza, il panorama delle minacce è in continua evoluzione. Le organizzazioni devono essere pronte ad adattarsi rapidamente a nuove vulnerabilità e a rafforzare continuamente le proprie difese. Il rafforzamento della governance della sicurezza della catena di fornitura rimane un elemento centrale per proteggere le infrastrutture digitali globali.
[Corelatus] said recently that “someone” asked them to identify the phone signals in the 1982 film The Wall, based on the Pink Floyd song of the same name. We suspect that, like us, that someone might have been more just the hacker part of the brain asserting itself. Regardless, the detective work is fascinating, and you can learn a lot of gory details about phone network in-band signaling from the post.
The analysis is a bit more difficult because of the year the film was made. At that time, different countries used slightly different tone signaling standards. So after generating a spectrogram, the job was to match the tones with known standards to see which one best fit the data.
The signal was not common DTMF, as you might have guessed. Instead, it was a standard known as SS5. In addition to the tones being correct, the audio clip seemed to obey the SS5 protocol. SS5 was the technology attacked by the infamous blue box back when hacking often meant phone phreaking.
The same phone call appears on the album, and others have analyzed it with some even deeper detective work. For example, the call was made in 1979 from a recording studio by [James Guthrie], who called his own phone in the UK, where his next-door neighbor had instructions to hang up on the operator repeatedly.
If you want to see and hear the entire clip (which has several phone-related audio bits in it), watch the video below. The sequence of SS5 tones occurs at 3:13.
Un nuovo e preoccupante attacco informatico ha presumibilmente compromesso i dati personali di quasi 25.000 delegati delle Nazioni Unite, suscitando grande allarme sulla sicurezza delle informazioni sensibili a livello globale. La violazione dei dati è stata rivendicata dal famoso Threat Actor conosciuto con il nome di natohub, che ha rilasciato tre database distinti contenenti dettagli personali di numerosi delegati ONU.
Al momento, non possiamo confermare la veridicità della notizia, poiché l’organizzazione non ha ancora rilasciato alcun comunicato stampa ufficiale sul proprio sito web riguardo l’incidente. Pertanto, questo articolo deve essere considerato come ‘fonte di intelligence’.
Dettagli della violazione
In un post su un noto forum del DarkWeb, natohub ha presumibilmente annunciato la pubblicazione di dati appartenenti a 24.529 delegati. Ogni database sembrerebbe contenere una diversa porzione di dati sensibili, che potrebbero riguardare membri di varie organizzazioni internazionali.
Il primo database presumibilmente include 11.000 delegati, con informazioni come nomi, cognomi, indirizzi email, ID, telefono e stato di attività.
Il secondo database, con dati di 9.734 delegati, sembra comprendere dettagli ancora più sensibili, come titoli, unità organizzative, numeri di telefono e indirizzi email.
Il terzo database, che riguarda 3.795 utenti, presumibilmente contiene informazioni come nomi, cognomi, affiliazioni, email, ID e altri dati sensibili.
Natohub, che è stato collegato a violazioni simili in passato, ha presumibilmente violato la sicurezza di importanti entità internazionali come la NATO e le Nazioni Unite. Tuttavia, la connessione tra l’autore dell’attacco e i precedenti incidenti rimane ancora da confermare, il che rende difficile valutare l’esatta portata della minaccia.
Le implicazioni di questa violazione
Se i dati fossero effettivamente autentici, la fuga di queste informazioni sarebbe devastante non solo per gli individui direttamente coinvolti, ma anche per l’integrità delle organizzazioni che rappresentano. L’esposizione di 25.000 delegati delle Nazioni Unite sarebbe l’ennesimo segnale di un fenomeno che sta presumibilmente erodendo la fiducia nelle istituzioni globali, mettendo a rischio informazioni sensibili di inestimabile valore.
Tuttavia, poiché l’autenticità di questi dati non è stata completamente verificata, è difficile valutare le reali implicazioni per le vittime coinvolte. Se confermato, l’uso di tali dati potrebbecondurre a crimini come il furto di identità, il ricatto o il sabotaggio informatico, ma al momento non ci sono prove concrete che indichino un abuso diretto.
La crescente minaccia
La domanda sorge spontanea: quale sarà la risposta della comunità internazionale in materia di cybersecurity? Sebbene l’attacco sembri essere stato orchestrato da un Cybercriminale sofisticato come natohub, la sua identità e le sue motivazioni rimangono presumibilmente oscure. Questo solleva interrogativi cruciali riguardo alla vulnerabilità dei sistemi internazionali e alla possibilità che altre organizzazioni possano essere vulnerabili allo stesso tipo di attacco.
La velocità e la complessità con cui questi attacchi vengono realizzati richiedono una risposta tempestiva e coordinata. Tuttavia, le azioni delle singole nazioni e delle istituzioni internazionali sono insufficienti senza un cambiamento radicale a livello di sicurezza aziendale.
È fondamentale che le organizzazioni adottino misure di protezione avanzate, tra cui:
Autenticazione forte (MFA) per prevenire accessi non autorizzati.
Crittografia dei dati sensibili per garantire che anche in caso di furto, i dati siano inutilizzabili.
Monitoraggio proattivo e continuo per individuare minacce prima che diventino dannose.
Formazione continua del personale per riconoscere le minacce emergenti e le tecniche utilizzate dai Threat Actor
Conclusione
Le organizzazioni internazionali non possono più permettersi di operare con politiche di sicurezza datate. La crescente sofisticazione dei Cybercriminali, come presumibilmente dimostrato dal caso di natohub, richiede una risposta rapida e ben coordinata a livello globale. Le istituzioni devono collaborare per migliorare la condivisione delle informazioni relative alle minacce, sviluppare tecnologie di difesa innovative e adottare standard di sicurezza internazionali che proteggano i dati sensibili.
Come nostra consuetudine, lasciamo sempre spazio ad una dichiarazione da parte dell’azienda qualora voglia darci degli aggiornamenti sulla vicenda. Saremo lieti di pubblicare tali informazioni con uno specifico articolo dando risalto alla questione.
RHC monitorerà l’evoluzione della vicenda in modo da pubblicare ulteriori news sul blog, qualora ci fossero novità sostanziali. Qualora ci siano persone informate sui fatti che volessero fornire informazioni in modo anonimo possono utilizzare la mail crittografata del whistleblower.
Game Boys have a link cable that lets two of them play together. You know, to battle with a friend’s Pokemon and stuff like that. But who says that it should be limited to transmitting only what Big N wants you to?
[Chromalock] wrote a custom GB program that takes in data over the link cable, and displays it on the screen as video, as fast as it can be sent. Add in a microcontroller, a level shifter, and software on the big computer side, and you can hook up your Game Boy Color as a normal video device and send it anything you want, from a webcam to any program that outputs video.
Well, almost. The biggest limitation is the data link cable, of course. On the older Game Boys, the link cable is apparently only good for 8 kHz, while the Color models can pull a not-quite-blistering 512 kHz. Still, that’s enough for 60 fps in a low-res black and white mode, or a slow, screen-tearing high-res color experience. You pick your poison.
There are gotchas that have to do with the way the GB displays palettes that get left as “to-do” on the software side. There is room for improvement in hardware too. (GB Link looks like SPI to us, and we’d bet you can push the speeds even higher with clever GB-side code.) In short, this is an awesome demo that just invites further hacking.
If you want to know more about the Game Boy to get started, and maybe even if you don’t, you absolutely must watch The Ultimate Game Boy Talk. Trust us on this one.
Down-Sun picture of the RTG with the Central Station in the background. (Credit: NASA) Although the US’ Moon landings were mostly made famous by the fact that it featured real-life human beings bunny hopping across the lunar surface, they weren’t there just for a refreshing stroll over the lunar regolith in deep vacuum. Starting with an early experimental kit (EASEP) that was part of the Apollo 11 mission, the Apollo 12 through Apollo 17 were provided with the full ALSEP (Apollo Lunar Surface Experiments Package). It’s this latter which is the subject of a video by [Our Own Devices].
Despite the Apollo missions featuring only one actual scientist (Harrison Schmitt, geologist), these Bendix-manufactured ALSEPs were modular, portable laboratories for running experiments on the moon, with each experiment carefully prepared by scientists back on Earth. Powered by a SNAP-27 radioisotope generator (RTG), each ALSEP also featured the same Central Station command module and transceiver. Each Apollo mission starting with 12 carried a new set of experimental modules which the astronauts would set up once on the lunar surface, following the deployment procedure for that particular set of modules.
Although the connection with the ALSEPs was terminated after the funding for the Apollo project was ended by US Congress, their transceivers remained active until they ran out of power, but not before they provided years worth of scientific data on many aspects on the Moon, including its subsurface characteristics and exposure to charged particles from the Sun. These would provide most of our knowledge of our Moon until the recent string of lunar landings by robotic explorers.
Heading image: Apollo Lunar Surface Experiments Package of the Apollo 16 mission (Credit: NASA)
You can buy motorized camera sliders off-the-shelf, but they’re pretty costly. Alternatively, you can make one yourself, and it’s not even that hard if you’re kitted out with a 3D printer. [Creative 3D Printing] did just that with a nifty design that adds rotation into the mix. Check it out in the video below. Why should a camera get all the fun? Try your phone. The basic slider is built out of 3D-printed components and some good old aluminum extrusion. A small 12-volt motor trucks the camera cart back and forth using a leadscrew. It’s torquey enough and slow enough that there isn’t much need for more advanced control—the motor just does the job. There’s also a limit switch set up to trigger a neat auto-reverse function.
The neat part, though, is the rotational mechanism. A smooth steel rod is attached to the slider’s housing, which can be set up in a straight line or aligned diagonally if desired. In the latter case, it rotates the mounting on the camera cart via a crank, panning the camera as it moves along the slider’s trajectory.
It’s a mechanically sophisticated design and quite unlike most of the camera sliders we feature around these parts.
Rope-climbing robots are the stuff of engineering dreams. As kids, didn’t we all clutter our family home with constructions of towers and strings – Meccano, or Lego – to have ziplines spanning entire rooms? Good for the youngsters of today, this has been included in school curricula. At the University of Illinois, the ME 370 students have been given the task of building a robot that can hang from a rope and walk across it—without damaging the rope. The final projects show not only how to approach tricky design problems, but also the creative solutions they stumbled upon.
Imagine a tiny, rope-climbing walker in your workshop—what could you create?
The project is full of opportunities for those thinking out of the box. It’s all about the balance between innovation and practicality: the students have to come up with a solution that can move at least 2 meters per minute, fits in a shoebox, and has some creative flair—no wheels allowed! The constraints provide an extra layer of challenge, but that’s where the fun lies. Some students use inverted walkers, others take on a more creature-like approach. The clever use of motors and batteries shows just how far simple tech can go when combined with a bit of engineering magic.
This project is a fantastic reminder that even small, seemingly simple design challenges can lead to fascinating creations. It invites us adults to play, and by that, we learn: a win-win situation. You can find the original article here, or grab some popcorn and watch the video below.
There are many retrocomputer emulation projects out there, and given the relative fragility of the original machines as they enter their fifth decade, emulation seems to be the most common way to play 8-bit games. It’s easy enough to load one on your modern computer, but there are plenty of hardware options, too. “The computer we’d have done anything for back in 1983” seems to be a phrase many of them bring to mind, but it’s so appropriate because they keep getting better. Take [Stormbytes1970]’s Pi Pico-powered Sinclair ZX Spectrum mini laptop (Spanish language, Google Translate link), for example. It’s a slightly chunky netbook that’s a ZX Spectrum, and it has a far better keyboard than the original.
On the PCB is the Pico, the power supply circuitry, an SD card, and a speaker. But it’s when the board is flipped over that the interesting stuff starts. In place of the squidgy rubber keyboard of yore, it has a proper keyboard,. We’re not entirely sure which switch it uses, but it appears to be a decent one, nevertheless. The enclosure is a slick 3D-printed sub-netbook for retro gaming on the go. Sadly, it won’t edit Hackaday, so we won’t be slipping one in the pack next time we go on the road, but we like it a lot.
It’s not the first Spectrum laptop we’ve covered, but we think it has upped the ante over the last one. If you just want the Spectrum’s BASIC language experience, you can try a modern version that runs natively on your PC.
By the end of World War II the world had changed forever, as nuclear weapons were used for the first and – to this date – only time in anger. Although the use of these weapons was barely avoided during the Korean War in the early 1950s, the dawning of the Atomic Age had come in the form of obliterated cities and an increasing number of these weapons being test fired around the world. It was against this background that on December 8, 1953, US President Dwight D. Eisenhower held his ‘Atoms for Peace’ speech, during which he would not only promote the peaceful use of nuclear technologies but also lay the groundwork for what would become the International Atomic Energy Agency (IAEA), as announced in the full speech.
Under the Eisenhower administration the US became one of the world’s nuclear power pioneers, as it competed with the UK and later others in establishing world’s firsts in commercial nuclear power. Dresden Generating Station would become the first purely commercial boiling water reactor (BWR) in 1960 and Yankee-Rowe, the first pressurized water reactor (PWR) in 1961. Following these, the number of new reactors planned and constructed kept increasing year over year, setting the trend for the few decades of the US nuclear power industry.
Today the US operates 94 reactors, which generate nearly 20% of the country’s electricity. Exactly how did the US build so many reactors before 1990, and how does this compare to the recent revival with both new builds and retired plants being put back into service?
From Graphite Pile to Light Water Reactor
Drawing of the Chicago Pile-1 graphite-moderated fission reactor. (Credit: DoE) The first artificial nuclear reactor was the Chicago Pile-1, demonstrating the first human-made, self-sustaining nuclear fission reaction. This laid the groundwork for the second generation of nuclear fission reactors with commercial aspirations, the overwhelming majority of which are light water reactors (LWRs). These use water as both coolant and neutron moderator. When artificial fission reactors were being developed, it had already been established that in order to fission uranium-235 (U-235), moderated (thermal) neutrons were needed.
Moderating neutrons effectively means slowing them down using a material that interacts with but doesn’t capture neutrons. Heavy water (deuterium, or D2O) was a known moderator in the 1940s, as was graphite, but it was easiest and fastest to assemble a graphite pile reactor, with the uranium interspersed throughout the graphite blocks. Naturally, this meant that CP-1 had no means of cooling itself and only low power output, but it sufficed to test many theoretical assumptions experimentally.
Interestingly, the US and Canadian reactor designs diverge here. Canadian engineers, in their Generation II reactor designs, went with heavy water in the pressurized heavy water CANDU reactor (PHWR), as this allowed for the use of unenriched uranium as its fuel. While light water (H2O) is also a neutron moderator, it absorbs a significant number of neutrons, which requires enriched uranium (<5% U-235) and the resulting increase in neutrons to compensate for so that a chain reaction can even commence. Even so, US engineers opted for the much cheaper ultra-pure light water as an acceptable trade-off. Comparison of BWR & PWR light water reactors with a PHWR heavy water reactor. (Credit: World Nuclear Association) The two basic types of LWR that still form the backbone of the US nuclear fleet today are BWRs and PWRs, which differ primarily in their complexity. In a BWR the steam is generated in the reactor pressure vessel, from where it travels to the steam turbine before hitting the condenser and returning to the pressure vessel. A PWR separates this into two loops: the (high-pressure) primary loop where the water (heavy water in the case of a PWHR) is heated but not allowed to boil, and a secondary loop which the thermal energy is transferred into by the steam generator before heading to the steam turbine.
Unsurprisingly, a PWR is more efficient than a BWR due to the high-pressure primary loop, but BWRs have one advantage in that there’s less latency between the heat production and the conversion into electrical power. This makes BWRs better at load-following when integrated into a local grid, though this advantage has become less pronounced over the years with newer PWR designs and more efficient grid-storage solutions.
The reactivity of the reactor core is regulated with control rods, which are made out of a material with a large neutron absorption cross section, the ideal type of which depends on the design of the reactor core, but both cadmium (Cd-113) and hafnium (various isotopes) are popular options here. With all of these in place and a control scheme developed to keep the chain reaction occurring at an optimal pace, the next step is to start the reactor. Since the fresh reactor fuel won’t do this by itself, a startup neutron source is required, such as californium-252 or plutonium-238. This source is inserted at the beginning of startup and removed after successful commencing of the reaction.
With these designs designed and prototyped, all US engineers had to do now was to build them in large quantities to power the rapidly increasing electrical demand of the 1960s United States.
Mass-Produce It
How do you scale up building nuclear reactors from a few handcrafted prototypes and demonstrators to hundreds of units? Perhaps unsurprisingly this is done in much the same way as any other large-scale infrastructure project. Many parts of a nuclear power plant (NPP) are the same or similar as in a coal- or gas-fired plant, as they are after all still thermal plants, just with different ways to create the hot steam or air that makes the turbines spin. This made things quite easy for US nuclear engineers who could mostly focus on the part that makes a nuclear plant different from a coal-fired power plant: the reactor and steam generator instead of the boiler. As a bonus, an NPP doesn’t need a smokestack, coal or ash hopper, coal mill, exhaust scrubber and countless other parts that come with burning tons of coal every single day. Installation of the pressure vessel at unit 3 of the Haiyang nuclear power plant in December of 2023. The Chinese CAP1000 reactor is based on the US AP1000 reactor. (Credit: Shanghai Nuclear Engineering Research and Design Institute) The beating heart of an NPP is the reactor pressure vessel and its control mechanisms. These parts have to be of certain alloys and of a high quality level so that they are resistant to e.g. neutron flux and corrosion while inside the reactor for decades. With the research and development finished, once the production lines are in place and the workers hired and trained, all one has to do is to simply keep producing the steel and other components, while continuously transporting new pressure vessels, steam generators and everything else to the sites of new NPPs.
Having as few distinct reactor designs is incredibly helpful here, with General Electric’s BWR line of reactors taking the lion’s share of BWR construction in the US and around the globe. For PWRs, Babcock & Wilcox provided many of the designs (e.g. LLP, WH 4LP), along with Westinghouse.
Much as we can see today with the nuclear fleet build-out in China with the Westinghouse AP1000 and derived designs (CAP1000 and Hualong One), strong political and financial backing combined with a mature nuclear power supply chain means that the time from first concrete to grid connection can be as little as four to five years. After all, the components are made in parallel, so that no single step in the construction is blocked until final on-site assembly occurs. Meanwhile, experience is collected with each newly constructed reactor that helps to speed up and improve subsequent builds.
As a demonstration of this, a recently released report by the US Department of Energy (DoE) shows the massive time improvement for key milestones between Vogtle units 3 & 4:
Vogtle unit 3 was the first time the new AP1000 reactor was built in the US, completing its construction long after the Chinese nuclear sector had not only built a number of licensed AP1000 units, but also designed their own version that better fit the Chinese market and built a number of these both in China and abroad. The difference is that the US is now cobbling its nuclear industry back together after a decades-long hiatus – much like it did in the 1950s and 1960s – while China began building nuclear reactors in the 1990s and never quit building them.
The problem with institutional knowledge is that it’s costly to obtain and basically impossible to retain if you do not actively maintain it. When the US began building its nuclear fleet last century, this knowledge was strong and supply chains robust. During the 1980s and until recently, both were allowed to degrade, as engineers and workers retired or died, suppliers changed markets or went bankrupt, documentation was lost and tooling was scrapped.
Back From The Dead
Three Mile Island, including the training center and access road. (Credit: Groupmesa, Wikimedia) The current revival of the US and effectively the Western nuclear power industry poses many challenges, as much of this institutional knowledge has to be relearned and rediscovered. As the economics of the energy market change, and financing options become available with the scrapping of various anti-nuclear power regulations, there’s now a surge in interest among companies and investors in not only new builds, but also in reviving units that were already turned off and put into decommissioning status.
Prime examples of this are the Palisades NPP in Michigan and Three Mile Island unit 1, the former of which was originally transferred to Holtec for decommissioning, but which decided to refurbish this NPP instead. In the case of TMI-1, this reactor was still running until 2019, but is now being refurbished by the owner due to a much friendlier political and investment climate for nuclear power.
Returning a nuclear reactor from a decommissioning state back to an operational one is pretty much an abbreviated case of constructing one: every component has to be inspected, with missing, damaged or otherwise unsuitable components replaced. Following this the typical commissioning procedure has to be followed, with cold pressure tests, hot pressure tests, fuel loading and gradual increasing of the power output through a set testing protocol. Depending on the level of damage and number of systems that had to be upgraded to current standards, this could take around 1-2 years.
In the case of Palisades, the expectation is that it will resume operations by late 2025, and for TMI-1 it will likely take until 2028, mostly due to environmental reviews, emergency and security protocols and getting the appropriate permissions from the NRC. Meanwhile the Duane Arnold NPP in Iowa may also be restarting, per recent news, and the V.C. Summer NPP in South Carolina may see its partially built AP1000 reactors finished after all, assuming the necessary legal and regulatory hurdles can be cleared.
Although the US has in the past demonstrated that it can build many nuclear reactors fast and safely, it would appear that the biggest obstacles are primarily a lack of political willpower, an atrophied nuclear industry and an abundance of red tape. Whether these can be overcome remains to be seen, but the successfully running AP1000 GenIII+ PWRs in China, South Korea, and the US demonstrate that the problem never was US engineering chops.
Capacitive touch buttons are a great way to turn just about any (non-conductive) surface into a button, but people generally dislike the lack of tactile feedback. [KontinuumLab] apparently agreed and decided to experiment a bit with ways to make such buttons more springy. You can check out the results of those experiments in the video below. There are a few ways to add some spring to buttons and switches like these, including compliant mechanisms in the (3D-printed) plastic structure, but this isn’t always an option in a project. A separate plastic spring can be added, but they aren’t very durable. A metal spring works great but can be a bit of a hassle to integrate and they aren’t as cheap as the other options. So what about everyone’s favorite keyboard switch, the rubber dome type?
Silicone tubing is plentiful and (generally) cheap. It can be selected for just the right springiness and dimensions, and in the automated test that [KontinuumLab] ran, it is also very durable in this application. When your goal is to have a switch that activates at the end of the travel, this may work a treat, with the size of the silicone tube determining the travel before the finger gets close enough to trigger the switch. As rubber dome keyboards demonstrate, this is a highly reliable technology, though this version ditches the typical membrane for the capacitive touch sensor.
Sometimes, a metal spring is the right option, of course, such as when you want to make a surface a touch sensor and the PCB is at the other side of the enclosure. The fun part is that we have all of these options to make our projects work, with many being very affordable to hobbyists. Not all touch sensors require a finger, either.
One of the most annoying things about keyboard and mouse input has got to be the need to constantly switch between the two. Ever wish there was a single solution that combined them with elegance? Then you should definitely check out [lemosbor]’s Lapa keyboard, where the right half includes a mouse sensor.
Image by [lemosbor] via redditLapa, which is Russian for ‘paw’, certainly has that type of look. This hand-wired keyboard uses a pair of Pro Micros and an ADNS9800 optical sensor for mousing around. Under those ‘caps are MX blues, the OG clackers.
Let me just say that I love the look of this keyboard, and I don’t normally like black and brown together. But that oak — that oak is classy, and it looks good with the resin-and-varnish case. If you can handle a 36-key board — I myself cannot — then this would probably be a game changer. There are even slots for your palms to breathe.
Unfortunately it’s not open source, but a girl can dream, right? In the reddit post, [lemosbor] says that they would be interested in selling the next version, provided it’s the final one.
A New Wave of Kinesis Keyboards
Good news for all of those who are either missing the Microsoft 4000 keyboard, or anyone who just wants to try something more ergonomic than a standard rectangle without going too crazy. Kinesis are now making a keyboard they call mWave which very much resembles that discontinued offering from Redmond. It’s out of stock until June 1, 2025, but you can drool over the picture gallery and technical specs for now. Image via Kinesis Speaking of, this thing has brown Gateron low-profile switches, which I find interesting. But finally, unlike my precious Kinesis Advantage, all the switches are the same. No more crappy little rubber buttons for the Function layer. As with the Advantage, the home row row caps have a different sculpt to help the user locate them more easily. On the mWave, the arrow keys are sculpted as well.
This is a Bluetooth keyboard, but you can connect a USB cable if you need backlighting. For some reason, the PC model is black, and the Mac model is white. But they do sell keycap sets in case you want to sort of switch it up.
The most annoying thing about this keyboard aside from the bright green light in the middle has got to be the ‘6’ placement. No way does it ever belong on the left side, and that’s a hill I’m willing to die on. I suppose it’s just a carryover from (likely) aping the MS 4000 design, which has ‘6’ on the left as well. But back on the positive side of things, there are magnetically-attachable feet that provide an optional negative tilt, so that’s cool.
Image by [Thallium54] via redditAfter using a bare-bones Corne for a few years, [Thallium54] happened to buy a 3D printer and so decided it was time for something new. This here is a Totem with an FDM-printed case and keycaps. In case you’re wondering, this keycap profile is MBK, which are supposed to be much easier to print than MX keycaps. I wish I could tell you what desk mat that is. Can you tell me?
Do you rock a sweet set of peripherals on a screamin’ desk pad? Send me a picture along with your handle and all the gory details, and you could be featured here!
Historical Clackers: Imperial Model B
It might be difficult to imagine that there were any ergonomic keyboards over a hundred years ago, but one certainly existed — the Imperial Model B.
All other Imperial models had straight keyboards, but this elegantly curved keyboard offered a typing experience that one modern user described as ergonomic. Ergonomics aside, it may have been designed simply to match the curve of the type basket. Image via Science Museum Group One of the coolest things about this typewriter is that the user could change fonts or clean the machine by removing and replacing the entire keyboard. The type basket was attached and came along for the ride.
Model B arrived in 1915, four years after the Model A. Unlike its predecessor, Model B had two Shifts and a Backspace and was a commercial breakthrough for its makers, the Imperial Typewriter Company of Leicester, England.
An engineer named Hidalgo Moya was responsible for the basic design. Like some other machines of the same era, the Imperial Model B has typebars that down-strike from the front. Press a key, and the selected typebar would swing downward and strike the ribbon against the paper and platen.
This three-row QWERTY keyboard has a sweet knurled Space bar that maybe should have been a pair of Space bars, but that might not have looked as nice. There are 28 character keys with a FIGS and CAPS on each side of the keyboard. Mysteriously, there is an unlabeled key on the right side near the platen. Anyone care to speculate wildly as to what this was for? I’ll go first. Maybe it was the magic button that released the keyboard and type basket for swapping or cleaning.
The best part about this clacker hack is that [Sam] designed the circuit to work with nearly any electric typewriter, using a generic hardware circuit and an ESP32. As you might imagine, this is a complex one that required fiddly engineering. There’s I²C, multiplexers, and SMS management involving Twilio.
I love that [Sam] is using a huge roll of paper to capture the texts. I do the same with 96′ fax paper rolls in my thermal electronic typewriters, in part because it’s so fun to rip off the paper when I’m finished.
Ham radio enthusiasts, people looking to borrow their neighbors’ WiFi, and those interested in decoding signals from things like weather satellites will often grab an old satellite TV antenna and repurpose it. Customers have been leaving these services for years, so they’re pretty widely available. But for handheld operation, these metal dishes can get quite cumbersome. A 3D-printed satellite dish like this one is lightweight and small enough to be held, enabling some interesting satellite tracking activities with just a few other parts needed.
Although we see his projects often, [saveitforparts] did not design this antenna, instead downloading the design from [t0nito] on Thingiverse. [saveitforparts] does know his way around a satellite antenna, though, so he is exactly the kind of person who would put something like this through its paces and use it for his own needs. There were a few hiccups with the print, but with all the 3D printed parts completed, the metal mesh added to the dish, and a correctly polarized helical antenna formed into the print to receive the signals, it was ready to point at the sky.
The results for the day of testing were incredibly promising. Compared to a second satellite antenna with an automatic tracker, the handheld 3D-printed version captured nearly all of the information sent from the satellite in orbit. [saveitforparts] plans to build a tracker for this small dish to improve it even further. He’s been able to find some satellite trackers from junked hardware in some unusual places as well. Antennas seem to be a ripe area for 3D printing.
Stiamo assistendo a un periodo turbolento nel panorama della cybercriminalità, segnato dall’emergere di una nuova piattaforma di phishing-as-a-service (PaaS) chiamata ‘FlowerStorm’. Questa minaccia, che si concentra principalmente sugli utenti di Microsoft 365, ha rapidamente guadagnato terreno dopo l’imprevisto arresto del suo predecessore, Rockstar2FA, avvenuto nel novembre 2024.
Il crollo di Rockstar2FA
Rockstar2FA, un kit di phishing evoluto dall’ormai noto DadSec, ha subito un parziale crollo infrastrutturale l’11 novembre 2024 (Qui l’articolo completo). Secondo i ricercatori di Sophos, Sean Gallagher e Mark Parsons, molte pagine del servizio sono diventate inaccessibili, probabilmente a causa di problemi tecnici piuttosto che per interventi delle forze dell’ordine. In particolare, l’infrastruttura di Rockstar2FA faceva affidamento su un modello centralizzato che si è dimostrato vulnerabile a interruzioni multiple, lasciando spazio a nuove piattaforme come FlowerStorm.
La nascita di FlowerStorm
Comparsa per la prima volta a giugno 2024, FlowerStorm ha colmato rapidamente il vuoto lasciato da Rockstar2FA. Questa nuova piattaforma condivide molte caratteristiche con il suo predecessore, tra cui meccanismi avanzati di elusione, un pannello user-friendly e una gamma diversificata di opzioni di phishing. Tuttavia, è l’uso di tecniche Adversary-in-the-Middle (AiTM) che rende FlowerStorm particolarmente insidiosa. Queste tecniche permettono agli attaccanti di intercettare credenziali e cookie di sessione, bypassando così le protezioni di autenticazione multi-fattore (MFA).
I portali di phishing utilizzati da FlowerStorm imitano in modo convincente le pagine di login di Microsoft, progettate per ingannare gli utenti e raccogliere token MFA e credenziali. Inoltre, Sophos ha evidenziato che FlowerStorm utilizza un sistema modulare che permette agli operatori di personalizzare gli attacchi in base ai target, rendendo la piattaforma particolarmente adattabile.
La tematica botanica di FlowerStorm
In un curioso dettaglio, la piattaforma adotta un tema botanico per le sue operazioni. Termini come “Flower”, “Sprout”, “Blossom” e “Leaf” compaiono nei titoli HTML delle pagine di phishing. Anche i pattern di registrazione e hosting dei domini sono simili a quelli di Rockstar2FA, con un forte utilizzo di domini .ru e .com, supportati da servizi di Cloudflare. Le similitudini nei domini suggeriscono una possibile connessione tra i due operatori o almeno una condivisione delle stesse infrastrutture.
L’impatto di FlowerStorm
Source: Sophos I dati di telemetria di Sophos rivelano che il 63% delle organizzazioni e l’84% degli utenti colpiti da FlowerStorm risiedono negli Stati Uniti. Tra i settori più colpiti troviamo i servizi (33%), la manifattura (21%), il retail (12%) e i servizi finanziari (8%).
Oltre a questo, si segnala una crescente attenzione verso i settori governativi e sanitari, con attacchi mirati che sfruttano vulnerabilità specifiche nelle loro infrastrutture di email e autenticazione.
Difendersi da FlowerStorm
Si consigliano alcune contromisure per proteggersi da attacchi sofisticati come quelli di FlowerStorm:
Utilizzare MFA con token FIDO2 resistenti alle tecniche AiTM.
Implementare soluzioni di filtraggio email per bloccare i tentativi di phishing.
Adottare filtri DNS per impedire l’accesso a domini sospetti.
Monitorare attivamente i log di accesso per identificare attività sospette e sessioni compromesse.
Conclusione
FlowerStorm non è solo un nome, ma un simbolo di come la cybercriminalità stia evolvendo in modo sofisticato e imprevedibile. Proprio come una tempesta che travolge tutto ciò che incontra, questa piattaforma di phishing-as-a-service ha dimostrato di essere in grado di adattarsi, mutare e prosperare, colpendo senza pietà utenti vulnerabili. Con il suo approccio modulare e l’uso di tecniche avanzate come l’Adversary-in-the-Middle (AiTM), FlowerStorm rappresenta una delle minacce più insidiose del panorama cyber odierno. Non c’è più tempo da perdere: la difesa contro questa tempesta deve essere immediata, precisa e senza compromessi.
Known since 2014, Cloud Atlas targets Eastern Europe and Central Asia. We’re shedding light on a previously undocumented toolset, which the group used heavily in 2024. Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and execute malware code. See below for the infection pattern.
Typical Cloud Atlas infection pattern
When opened, the document downloads a malicious template formatted as an RTF file from a remote server controlled by the attackers. It contains a formula editor exploit that downloads and runs an HTML Application (HTA) file hosted on the same C2 server. The RTF and HTA downloads are restricted to certain time slots and victim IP addresses: requests are only allowed from target regions.
The malicious HTA file extracts and writes several files to disk that are parts of the VBShower backdoor. VBShower then downloads and installs another backdoor: PowerShower. This infection scheme was originally described back in 2019 and has changed only slightly from year to year.
Previously, Cloud Atlas employed PowerShower to download and run an executable file: a DLL library. This DLL would then fetch additional executable modules (plug-ins) from the C2 server and execute these in memory. Among these plug-ins was one specifically designed to exfiltrate files with extensions of interest to the attackers: DOC, DOCX, XLS, XLSX, PDF, RTF, JPG and JPEG. The plugins were downloaded and their output was uploaded via the WebDAV protocol over public cloud services. Interestingly, after a plug-in was successfully downloaded, the DLL would delete the file from the cloud.
The VBCloud backdoor now replicates the executable file’s original capabilities, such as downloading and executing malicious plug-ins, communicating with a cloud server, and performing other tasks. We first detected attacks using this implant in August of last year. Since then, we’ve observed numerous variations of the backdoor which have helped it to stay under the radar. This new campaign loads VBCloud via VBShower, which also downloads the PowerShower module. PowerShower probes the local network and facilitates further infiltration, while VBCloud collects information about the system and steals files. Below, we use a sample seen in September 2024 as a case study to examine each stage of a Cloud Atlas attack that employs the new toolkit.
Technical details
HTA
The exploit downloads the HTA file via the RTF template and runs it. It leverages the alternate data streams (NTFS ADS) feature to extract and create several files at %APPDATA%\Roaming\Microsoft\Windows\. These files make up the VBShower backdoor.
Sample HTA content
Below are the VBShower components loaded by the HTA dropper.
After the download is complete, the malware adds a registry key to auto-run the VBShower Launcher script. "Software\Microsoft\Windows\\CurrentVersion\Run","dmwappushservice","wscript /B "%APPDATA%\Roaming \Microsoft\Windows\AppCache028732611605321388.log:AppCache028732611605321388.vbs" The backdoor also launches further scripts: VBShower Launcher (copy) and VBShower Cleaner. wscript /B "%APPDATA%\Roaming \Microsoft\Windows\AppCache028732611605321388.log:AppCache02873261160532138892.vbs
wscript /B "%APPDATA%\Roaming \Microsoft\Windows\AppCache028732611605321388.log:AppCache0287326116053213889292.vbs The attackers create custom HTA files for each victim, so the names of the scripts and registry keys are mostly unique. For example, we have seen intertwine used as a name template, while the file names themselves looked as follows.
“intertwine.ini:intertwineing.vbs”;
“intertwine.ini:intertwineinit.vbs”;
“intertwine.ini:intertwine.vbs”;
“intertwine.ini:intertwine.con”.
VBShower
VBShower::Launcher
This script acts as a loader, responsible for reading and decrypting the contents of AppCache028732611605321388.log:AppCache028732611605321388.dat, before using the Execute() function to pass control to that file. Sample VBShower Launcher content
VBShower::Cleaner
This script is designed to clear the contents of all files inside the \Local\Microsoft\Windows\Temporary Internet Files\Content.Word\ folder by opening each in write mode. While the files persist, their contents are erased. This is how the Trojan covers its tracks, removing malicious documents and templates it downloaded from the web during the attack.
The script uses the same method to erase both its own contents and the contents of the VBShower Launcher copy, which is used solely for the malware’s first run.
Sample VBShower Cleaner content
VBShower::Backdoor
The backdoor’s payload is contained encrypted within a DAT file.
Encrypted VBShower backdoor
VBShower::Launcher goes through several stages to decrypt the backdoor.
First decrypted layer of VBShower Backdoor
Fully decrypted and deobfuscated VBShower Backdoor content
The VBShower backdoor then runs in memory, subsequently performing several operations in a loop.
Check for the autorun registry key and restore it if missing.
Attempt to download additional encrypted VB scripts from the C2 server and run these. If the downloaded data is larger than 1 MB, the module saves the script to disk inside alternate data streams (NTFS ADS) and runs it with the help of the “wscript” utility. Otherwise, it runs the script in the current context.
If an alternate data stream contains a TMP file, the backdoor sends it to the C2 server with a POST request. The additional scripts downloaded from the C2 use the TMP file to store their output.
VBShower::Payload
We were able to detect and analyze a number of scripts downloaded and executed by the VBShower backdoor.
VBShower::Payload (1)
The first script we found does the following.
Gets the domain, username and computer.
Gets the names and values of the registry keys in the SOFTWARE\Microsoft\Windows\CurrentVersion\Run branch.
Gets information about the file names and sizes in the following folders:
%AppData%;
%AllUsersProfile%;
%AllUsersProfile%\Canon;
%AllUsersProfile%\Intel;
%AllUsersProfile%\Control;
%AllUsersProfile%\libs;
%AllUsersProfile%\Adobe;
%AllUsersProfile%\Yandex;
%AllUsersProfile%\Firefox;
%AllUsersProfile%\Edge;
%AllUsersProfile%\Chrome;
%AllUsersProfile%\avp.
Gets the names of running processes, their start dates and the commands that started them.
Gets a list of scheduler tasks by running cmd.exe /c schtasks /query /v /fo LIST.
All data collected this way is saved in a TMP alternate data stream and forwarded to the C2 server by the VBShower::Backdoor component.
The paths listed above (%AllUsersProfile%\<subfolder>) are used for installing the VBCloud backdoor. The steps performed by the script are most likely needed to check if the backdoor is present and installed correctly.
Decrypted and deobfuscated contents of script 1
VBShower::Payload (2)
The second script reboots the system.
Decrypted and deobfuscated contents of script 2
VBShower::Payload (3)
A further script downloads a ZIP archive, extracts it into the %TMP% directory, and collects the names and sizes of downloaded files to then send an extraction report to the C2. This is done to verify that the files were received and unpacked.
Decrypted and deobfuscated contents of script 3
VBShower::Payload (4) and (5)
VBShower downloads two similar scripts that are designed for installing the VBCloud and PowerShower backdoors. These scripts first download an archive from a hardcoded link and then unpack it into the %ALLUSERSPROFILE% folder. In the case of VBCloud, the script changes the extension of the unpacked file from TXT to VBS and creates a scheduler task to run VBCloud. In the case of PowerShower, the extension of the unpacked file is changed from TXT to PS1, whereupon the script adds the file to the \Run registry branch.
Unlike VBShower’s own scripts, downloadable scripts with a payload are present on disk as files, rather than hidden inside alternate data streams.
Besides installing backdoors, these scripts build a report that consists of the names of running processes, their start dates and the commands that started them, registry keys and values in the \Run branch, and a list of files and directories at the path where the archive was unpacked. This report is then sent to the C2 server.
Decrypted and deobfuscated contents of the scripts for downloading and installing VBCloud and PowerShower
PowerShower
PowerShower is nearly identical to VBShower in terms of functionality.
Sample PowerShower script installed with VBShower
PowerShower downloads additional PowerShell scripts from the C2 and executes these. If the downloaded data begins with the character “P”, PowerShower interprets the data as a ZIP archive, rather than a PowerShell script, and saves the archive to disk as “%TMP%\Firefox.zip”. PowerShower does not unpack the archive, serving as a downloader only.
Decoded PowerShower script
The downloaded PowerShell scripts run in memory, without being saved to disk. Most of the scripts save their output to sapp.xtx, which PowerShower then sends as a report to the C2.
The PowerShower scripts use the same C2 domains as VBShower.
PowerShower::Payload (1)
The script gets a list of local groups and their members on remote computers via Active Directory Service Interfaces (ADSI). The script is most often used on domain controllers.
Sample script to get a local groups and members list, downloaded and executed by PowerShower
PowerShower::Payload (2)
Script for dictionary attacks on user accounts.
Sample password bruteforcing script, downloaded and executed by PowerShower
PowerShower::Payload (3)
The script unpacks the Firefox.zip archive previously downloaded by the PowerShower backdoor, and executes the keb.ps1 script contained in the archive as a separate PowerShell process with a hidden window. The keb.ps1 script belongs to the popular PowerSploit framework for penetration testing and kicks off a Kerberoasting attack.
Sample script that launches a Kerberoasting attack, downloaded and executed by PowerShower
PowerShower::Payload (4)
This script gets a list of administrator groups.
Sample script to get a list of administrator groups, downloaded and executed by PowerShower
PowerShower::Payload (5)
This script gets a list of domain controllers.
Sample script to get a list of domain controllers, downloaded and executed by PowerShower
PowerShower::Payload (6)
This script gets information about files inside the ProgramData directory.
Sample script to get information about files inside the ProgramData directory, downloaded and executed by PowerShower
PowerShower::Payload (7)
This script gets the account policy and password policy settings on the local computer.
Sample script to get policy settings, downloaded and executed by PowerShower
PowerShower::Payload::Inveigh
We also observed the use of PowerShell Inveigh, a machine-in-the-middle attack utility used in penetration testing. Inveigh is used for data packet spoofing attacks, and collecting hashes and credentials both by intercepting packets and by using protocol-specific sockets.
The Inveigh script is extracted from the ZIP archive downloaded by PowerShower and runs as described under PowerShower::Payload (3).
Sample Inveigh script, downloaded and executed by PowerShower
VBCloud
As described above, VBCloud is installed via VBShower. We found the following module installation paths. C:\ProgramData\avp\avp_upd.vbs C:\ProgramData\Adobe\AdobeLog.vbs C:\ProgramData\Adobe\manager.vbs C:\ProgramData\Adobe\sysman.vbs C:\ProgramData\Adobe\news_adobe.vbs C:\ProgramData\Adobe\upgrade.vbs C:\ProgramData\Edge\SrvMngrUpd.vbs C:\ProgramData\Edge\intelog.vbs C:\ProgramData\Chrome\ChromeSys.vbs
Sample VBCloud main module paths
The core functionality of the VBCloud module duplicates that of VBShower: both download and run PowerShell scripts with a payload, and then send the output to the C2. Unlike VBShower, however, VBCloud uses public cloud storage as the C2.
Sample VBCloud script
The VBCloud script does not contain any loops, and it is designed to execute only once. However, it gets triggered by a scheduled task every time the user logs into the system, which means it will run frequently. We’ve also seen variants of the backdoor that executed their core functionality in a loop with a thirty-minute delay between repetitions. These variants ran the script once via the \Run registry branch when the system booted up for the first time after being infected.
Decrypted and deobfuscated VBCloud script
VBCloud does the following:
Check the availability of the kim.nl.tab.digital WebDav server by sending an HTTP MKCOL request to create the directories named “kmsobuqjquut” and “rwqdmpaohxns” with the credentials hardcoded in the script. If the server is unavailable, the script switches to the backup address “webdav.mydrive.ch”.
If the WebDav server is available, create a file in the “kmsobuqjquut” directory on that server via an HTTP PUT The file name follows the pattern ddmmyy_HHMMSS, and the extension is randomly selected from among TXT, RTF, DOC, PPT, MDS, PNG and JPEG. We have seen files named “070824_001919.txt” and “250724_002919.doc”. Files like these contain the username and MAC addresses of network adapters, effectively confirming that the script is active on the infected system.
The Trojan then attempts to download one of three files from the “rwqdmpaohxns” directory: “criclyqnduv.txt”, “jhflenoqelp.txt” or “avnwiabihik.txt”. If VBCloud successfully downloads the file, it immediately deletes it from the cloud with an HTTP DELETE request, and then executes it in the current process via the Execute() function after decrypting the contents. As in the case of PowerShower, the payload can be made up of various scripts.
VBCloud::Payload (1)
This script is designed to send information about disks to the C2.
VBCloud::Payload (2)
This script is designed to exfiltrate files and documents. It iterates through local drives and removable media in search of files with the extensions DOC, DOCX, XLS, XLSX, PDF, TXT, RTF and RAR. The script checks the size of any files it finds to match this condition and collects those between 1000 and 3,000,000 bytes to exfiltrate. The files must have been modified no more than 72 hours before the current date. The script then copies matching files to a ZIP archive it creates, named “mapping.zip”. It also adds a file with metadata such as the created time, modified time, last opened time, and full path to the file. Upon exceeding 4,000,000 bytes, an archive is uploaded to cloud storage and deleted from the system. It is replaced with a new one, and the file harvesting process continues. The archive is uploaded in RC4-encrypted form, with a name that follows the template “%d_13134” and one of the following extensions chosen at random: MP3, AAC, MP2, FLAC, WAV, ALAC, MQA, OGG, DSD, WMA, and MP4.
Part of the file exfiltration script
VBCloud::Payload (3)
This script gets various system information such as the OS version, RAM size, manufacturer, computer name, username and domain name.
VBCloud::Payload (4)
Script to exfiltrate Telegram files:
The file D877F783D5D3EF8Cs contains the user ID and encryption key used for interaction between the desktop client and Telegram servers.
The file key_datas contains local encryption keys.
Part of the file exfiltration script
Geography of attacked users
Several dozen users were attacked in 2024, 82% of these in Russia. Isolated attacks were recorded in Belarus, Canada, Moldova, Israel, Kyrgyzstan, Vietnam and Turkey.
Conclusion
We continue to monitor activity linked to Cloud Atlas. In a new campaign that began in August 2023, the attackers made changes to their familiar toolkit. This time, instead of an executable library to load malware modules, the group relied on the VBShower backdoor as the loader. Besides, they are now using a new module in their attacks: VBCloud. This collects and uploads system information and other data. These actions employ a variety of PowerShell scripts that enable the attackers to perform a range of tasks on the victim’s system. VBCloud uses public cloud storage as a C2 server.
The infection chain consists of several stages and ultimately aims to steal data from victims’ devices. We’ve observed that, similar to past Cloud Atlas campaigns, phishing emails continue to be the initial access point. This underscores the still-pressing need for organizations to strengthen their infrastructure defenses and improve employee awareness to ward off these kinds of attacks.
[Lonyelon] wanted to build an anniversary gift for his girlfriend. He decided to say it with e-Paper, a wise choice given its persistence and longevity.
The project is an anniversary calendar. It displays a counter of the total time the couple has been together, measured in years, months, days, and hours—so it’s remarkably precise. [Lonyelon] also programmed it to display additional counters to create plenty of additional fun anniversaries—the couple can celebrate milestones like their 1000th day together, for example. It also cycles through a range of cute messages and displays photos of the couple together.
The code is on Github for the curious. The build is based around a LilyGO e-Paper display with an onboard ESP32 microcontroller. [Lonyelon] paired this with a 2,500 mAh battery. It lasts for ages because the device is programmed to update only every 20 minutes, spending the rest of its time in deep sleep. Since it’s an e-Paper display, it uses zero power when it’s not being updated, so it’s the perfect technology for this application.
It’s a simple project that comes from the heart—the core of any beautiful gift. In fact, some of the coolest projects we feature were built as gifts for romantic partners, family members, or even our fellow hackers. If you’ve been cooking up your own neat build, please let us know on the tipsline!
Dal 2014 una piccola realtà cripto monetaria si aggira nella rete. Non finisce spesso sui media come i grandi fratelloni Bitcoin e Ethereum, non supporta contratti, non fa scandalo ma umilmente e in silenzio fa quello che deve fare, e lo fa bene, ti permette di comprare e vendere mantenendo le transazioni anonime e sicure.
Alla scoperta di Monero
Monero, l’abbiamo capito, e’ una criptomoneta. Cosa la contraddistingue dalla marea di altre cripto cose che vanno in giro per la rete?
Prima di tutto definiamo una differenza fondamentale. E’ una Cripto Moneta con una sua Blockchain nativa. Questa Blockchain e’ basata su un algoritmo con diverse proprietà che la rendono fondamentalmente diversa da Bitcoin e Ethereum.
Punto primo: Monero non puo’ essere “farmato” con gli ASIC. Gli ASIC sono microprocessori disegnati e prodotti per fare una cosa e una cosa soltanto. Bitcoin e’ minato principalmente con questi processori che vengono principalmente prodotti (e usati) in Cina.
Questo alza drasticamente il costo di entrata nel mondo del mining Bitcoin (ognuno di questi giocattoli ha un pricetag con 3 zeri). Inoltre la Cina sta pesantemente investendo in Bitcoin per motivi geopolitici che non sto a speculare in questo articolo. Punto Secondo: la produzione di Monero è costante. Sarà sempre possibile minare un Monero nuovo a differenza di Bitcoin che ha un limite al massimo numero di BTC che possono essere minati.
Per Bitcoin questo numero e’ fissato da come funziona l’algoritmo ed e’ 21 milioni di BTC. ad oggi 19 Milioni sono gia’ stati minati e quando l’ultimo bitcoin sara’ minato l’unico incentivo per mantenere queste enormi infrastrutture piene di ASIC affamati di corrente sara’ la transaction fee (una percentuale minima di ogni transazione che va al miner per aver certificato la transazione).
In Monero invece sara’ sempre possibile minare nuova valuta e mantenere viva la blockchain.
Punto Terzo: Privacy garantita a livello protocollo. Mentre in Bitcoin tutte le transazioni sono visibili in Blockchain (e tracciabili) per ogni singolo “token”, in Monero non solo non è possibile tracciare chi ha mandato a chi ma anche l’ammontare della transazione.
Ecosistema:
Col passare degli anni a differenza di altre criptovalute si e’ sviluppato un mercato circolare di Monero, e’ una moneta spesso snobbata da grandi investitori interessati solo all’andamento del mercato e usata principalmente per fare quello che le crypto dovrebbero fare, abilitare un mercato libero ed egualitario.
Ad oggi e’ facilmente possibile comprare beni e soprattutto servizi con Monero in maniera semplice veloce e poco costosa. Un ottimo punto di partenza e’ ovviamente il sito ufficiale getmonero.org/ dove sara’ possibile scaricare sia il wallet sia iniziare a capire come minare, e spendere.
Ovviamente date le spiccate caratteristiche di anonimita’ del sistema Monero e’ una moneta molto popolare nei mercati underground. Questo dato di fatto dovrebbe regalarci due considerazioni fondamentali. La prima e’ che effettivamente e’ una moneta “a prova di privacy” la seconda e’ che e’ una moneta “Viva” costantemente usata, minata e in circolazione.
In Moniera!
Val la pena provarci? Prima domanda che viene alla mente a chiunque abbia mai provato a minare criptovaluta. Monero e’ come abbiamo detto resistente (se non immune) agli ASIC e alle GPU, questo significa che creare grossi centri di mining e’ complesso e costoso.
L’algoritmo monero e’ disegnato per dare una chance a tutti anche chi ha minime risorse da dedicare. Gira SOLO sul processore, mangia un discreto quantitativo di RAM. Piu’ core metti nel calderone piu’ monero usciranno fuori. L’approccio e’ estremamente distribuito. Puoi minare con un cellulare o col vecchio portatile che non usi piu’ o con una Raspberry PI. Ovviamente se ti avanza un processore server da 64core avrai risultati migliori ma è SEMPRE possibile minare Monero su qualsiasi cosa sia in grado di far girare DOOM.
La Community
Monero e’ una Community, su getmonero.org/ e’ possibile accedere alla community monero e partecipare attivamente alle discussioni del progetto, partecipare al crowdfunding di varie iniziative e incontrare altra gente che partecipa al mercato circolare.
Considerazioni
Personalmente non sono un estremista delle Crypto ma penso che e’ sempre bene conoscere le opzioni che si hanno a disposizione. Uso carte di credito virtuali come chiunque altro per comprare la maggior parte dei beni e servizi online MA ci sono casi in cui e’ preferibile avere un livello più alto di anonimita’. L’uso di criptomonete non vi rende automaticamente dei fantasmi nella rete ma l’oceano e’ fatto di piccole gocce. Ovviamente innumerevoli altre precauzioni sono necessarie ed è assolutamente necessario conoscere bene i tool a disposizione (sapevate che con Monero si possono fare wallet monouso?)
![The lemniscate constant $\varpi$ is like a mutant version of the number $\pi$:
\[ \pi = \int_{-1}^1 \frac{dx}{\sqrt{1 - x^2}} \approx 3.14159 \]
\[ \varpi = \int_{-1}^1 \frac{dx}{\sqrt{1 - x^4}} \approx 2.622057 \]
It obeys a lot of similar formulas. For example:
\[ \frac2\pi = \sqrt\frac12 \cdot \sqrt{\frac12 + \frac12\sqrt\frac12} \cdot \sqrt{\frac12 + \frac12\sqrt{\frac12 + \frac12\sqrt\frac12}} \cdots \]
\[
\frac2\varpi = \sqrt\frac12 \cdot \sqrt{\frac12 + \frac12 \bigg/ \!\sqrt\frac12} \cdot \sqrt{\frac12 + \frac12 \Bigg/ \!\sqrt{\frac12 + \frac12 \bigg/ \!\sqrt\frac12}} \cdots
\]](https://poliverso.org/photo/preview/640/29300721 "The lemniscate constant $\varpi$ is like a mutant version of the number $\pi$:
\[ \pi = \int_{-1}^1 \frac{dx}{\sqrt{1 - x^2}} \approx 3.14159 \]
\[ \varpi = \int_{-1}^1 \frac{dx}{\sqrt{1 - x^4}} \approx 2.622057 \]
It obeys a lot of similar formulas. For example:
\[ \frac2\pi = \sqrt\frac12 \cdot \sqrt{\frac12 + \frac12\sqrt\frac12} \cdot \sqrt{\frac12 + \frac12\sqrt{\frac12 + \frac12\sqrt\frac12}} \cdots \]
\[
\frac2\varpi = \sqrt\frac12 \cdot \sqrt{\frac12 + \frac12 \bigg/ \!\sqrt\frac12} \cdot \sqrt{\frac12 + \frac12 \Bigg/ \!\sqrt{\frac12 + \frac12 \bigg/ \!\sqrt\frac12}} \cdots
\]")
