The Privacy Post ha ricondiviso questo.

European Commission is moving ahead with ‘AI Factories’
poliverso.org/display/0477a01e…
European Commission is moving ahead with ‘AI Factories’The European Commission has started moving ahead with efforts to facilitate data centres for artificial intelligence (AI), needed to boost the EU’s competitiveness globally.euractiv.com/section/artificia…

The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Nuovo Malware per Android BingoMod: Il Furto di Denaro e la Distruzione dei Dati è servita
poliverso.org/display/0477a01e…
Nuovo Malware per Android BingoMod: Il Furto di Denaro e la Distruzione dei Dati è servita Un nuovo redhotcyber.com/post/la-storia… Android chiamato cleafy.com/cleafy-labs/bingomo… è in grado di rubare denaro dai conti bancari delle vittime


Nuovo Malware per Android BingoMod: Il Furto di Denaro e la Distruzione dei Dati è servita

Un nuovo malware Android chiamato BingoMod è in grado di rubare denaro dai conti bancari delle vittime e quindi distruggere i dati sui dispositivi infetti. Il malware si diffonde tramite messaggi SMS e finge di essere un prodotto di sicurezza per i dispositivi mobili.

Gli specialisti di Cleafy scrivono che BingoMod è ancora in fase di sviluppo e il suo autore si concentra principalmente sull’offuscamento del codice e su vari meccanismi di evasione del rilevamento. Sulla base dei commenti nel codice, i ricercatori ritengono che BingoMod potrebbe essere opera di uno sviluppatore rumeno.

BingoMod Mascherato da APP Sicure


Come accennato in precedenza, il malware viene distribuito tramite SMS e solitamente utilizza nomi diversi, tra cui: APP Protection, Antivirus Cleanup, Chrome Update, InfoWeb, SicurezzaWeb, WebSecurity, WebsInfo, WebInfo e APKAppScudo. Allo stesso tempo, è stato notato che in un caso il malware utilizzava l’icona del vero strumento gratuito AVG AntiVirus & Security, disponibile nel Google Play Store.

Durante l’installazione, BingoMod chiede all’utente il permesso di utilizzare i servizi di accessibilità, che consentono di abusare delle funzionalità avanzate per controllare il dispositivo.

Una volta che inizia a funzionare sul dispositivo della vittima, il malware ruba tutte le credenziali rilevate, acquisisce screenshot e intercetta i messaggi SMS. Crea inoltre un canale socket per ricevere comandi e un canale basato su HTTP per l’invio di screenshot, consentendo agli operatori del malware di eseguire operazioni remote quasi in tempo reale.

Va notato che una delle caratteristiche principali di BingoMod è che si basa sulle capacità dei servizi di accessibilità per impersonare l’utente e consentire la richiesta di trasferire il contenuto dello schermo tramite l’API di proiezione multimediale.

Comandi Remoti e Controllo del Dispositivo


“Il motore VNC (Virtual Network Computing) abusa dell’API Media Projection di Android per recuperare i contenuti dello schermo in tempo reale. Una volta ricevuto, viene convertito in un formato adeguato e trasmesso tramite HTTP all’infrastruttura degli aggressori”, scrivono i ricercatori.

Tra i comandi che gli operatori remoti possono inviare a BingoMod ci sono quello di fare clic su un’area specifica dello schermo, inserire testo in una posizione specifica e avviare un’applicazione specifica.

Inoltre, il malware consente attacchi manuali utilizzando overlay e notifiche false create dagli aggressori. Inoltre, un dispositivo infetto da BingoMod può essere utilizzato per diffondersi ulteriormente tramite SMS.

Tuttavia, il malware ha altre caratteristiche interessanti. Ad esempio, è in grado di rimuovere soluzioni di sicurezza dai dispositivi infetti, nonché di bloccare applicazioni specifiche specificate dall’operatore.

Evitare il rilevamento e cancellare i dati


Secondo Cleafy, per evitare il rilevamento, i creatori di malware utilizzano l’appiattimento del codice e l’offuscamento delle stringhe. A giudicare dalle statistiche di VirusTotal, questi trucchi producono il risultato desiderato e il malware è difficile da rilevare dai prodotti antivirus.

Inoltre, se BingoMod viene registrato sul dispositivo come applicazione con diritti di amministratore, gli aggressori possono inviare da remoto un comando per cancellare il sistema.

Gli analisti notano che questa funzione viene attivata solo dopo il successo del trasferimento dei dati e influisce solo sulla memoria esterna. Tuttavia, per distruggere completamente i dati, gli hacker criminali possono utilizzare le funzionalità di accesso remoto esistenti, cancellare tutti i dati e ripristinare le impostazioni di fabbrica del dispositivo.

L'articolo Nuovo Malware per Android BingoMod: Il Furto di Denaro e la Distruzione dei Dati è servita proviene da il blog della sicurezza informatica.


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Altermagnetism in Manganese Telluride and Others: the Future of Spintronics?
poliverso.org/display/0477a01e…
Altermagnetism in Manganese Telluride and Others: the Future of Spintronics? Magnetic materials are typically divided into ferromagnetic and antiferromagnetic types, depending on their magnetic moments (electron spins), resulting in either macroscopic (net) magnetism or not. Altermagnetism is phys.org/news/2024-02-altermag…


Altermagnetism in Manganese Telluride and Others: the Future of Spintronics?

Illustrative models of collinear ferromagnetism, antiferromagnetism, and altermagnetism in crystal-structure real space and nonrelativistic electronic-structure momentum space. (Credit: Libor Šmejkal et al., Phys. Rev. X, 2022)

Magnetic materials are typically divided into ferromagnetic and antiferromagnetic types, depending on their magnetic moments (electron spins), resulting in either macroscopic (net) magnetism or not. Altermagnetism is however a recently experimentally confirmed third type that as the name suggests alternates effectively between these two states, demonstrating a splitting of the spin energy levels (spin-split band structure). Like antiferromagnets, altermagnets possess a net zero magnetic state due to alternating electron spin, but they differ in that the electronic band structure are not Kramers degenerate, which is the feature that can be tested to confirm altermagnetism. This is the crux of the February 2024 research paper in Nature by [J. Krempaský] and colleagues.

Specifically they were looking for the antiferromagnetic-like vanishing magnetization and ferromagnetic-like strong lifted Kramers spin degeneracy (LKSD) in manganese telluride (MnTe) samples, using photoemission spectroscopy in the UV and soft X-ray spectra. A similar confirmation in RuO2 samples was published in Science Advances by [Olena Fedchenko] and colleagues.

What this discovery and confirmation of altermagnetism means has been covered previously in a range of papers ever since altermagnetism was first proposed in 2019 by [Tomas Jungwirth] et al.. A 2022 paper published in Physical Review X by [Libor Šmejkal] and colleagues details a range of potential applications (section IV), which includes spintronics. Specific applications here include things like memory storage (e.g. GMR), where both ferromagnetic and antiferromagnetics have limitations that altermagnetism could overcome.

Naturally, as a fairly new discovery there is a lot of fundamental research and development left to be done, but there is a good chance that within the near future we will see altermagnetism begin to make a difference in daily life, simply due to how much of a fundamental shift this entails within our fundamental understanding of magnetics.

Heading image: Illustrative models of collinear ferromagnetism, antiferromagnetism, and altermagnetism in crystal-structure real space and nonrelativistic electronic-structure momentum space. (Credit: Libor Šmejkal et al., Phys. Rev. X, 2022)


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Mandrake spyware sneaks onto Google Play again, flying under the radar for two years
poliverso.org/display/0477a01e…
Mandrake spyware sneaks onto Google Play again, flying under the radar for two years IntroductionIn May 2020, Bitdefender released a white paper bitdefender.com/blog/labs/mand… containing a detailed analysis of Mandrake, a sophisticated Android cyber-espionage platform, which had been active in


Mandrake spyware sneaks onto Google Play again, flying under the radar for two years


Introduction


In May 2020, Bitdefender released a white paper containing a detailed analysis of Mandrake, a sophisticated Android cyber-espionage platform, which had been active in the wild for at least four years.

In April 2024, we discovered a suspicious sample that appeared to be a new version of Mandrake. Ensuing analysis revealed as many as five Mandrake applications, which had been available on Google Play from 2022 to 2024 with more than 32,000 installs in total, while staying undetected by any other vendor. The new samples included new layers of obfuscation and evasion techniques, such as moving malicious functionality to obfuscated native libraries, using certificate pinning for C2 communications, and performing a wide array of tests to check if Mandrake was running on a rooted device or in an emulated environment.

Our findings, in a nutshell, were as follows.

  • After a two-year break, the Mandrake Android spyware returned to Google Play and lay low for two years.
  • The threat actors have moved the core malicious functionality to native libraries obfuscated with OLLVM.
  • Communication with command-and-control servers (C2) uses certificate pinning to prevent capture of SSL traffic.
  • Mandrake is equipped with a diverse arsenal of sandbox evasion and anti-analysis techniques.

Kaspersky products detect this threat as
HEUR:Trojan-Spy.AndroidOS.Mandrake.*.

Technical details

Background


The original Mandrake campaign with its two major infection waves, in 2016–2017 and 2018–2020, was analyzed by Bitdefender in May 2020. After the Bitdefender report was published, we discovered one more sample associated with the campaign, which was still available on Google Play.

The Mandrake application from the previous campaign on Google Play
The Mandrake application from the previous campaign on Google Play

In April 2024, we found a suspicious sample that turned out to be a new version of Mandrake. The main distinguishing feature of the new Mandrake variant was layers of obfuscation designed to bypass Google Play checks and hamper analysis. We discovered five applications containing Mandrake, with more than 32,000 total downloads. All these were published on Google Play in 2022 and remained available for at least a year. The newest app was last updated on March 15, 2024 and removed from Google Play later that month. As at July 2024, none of the apps had been detected as malware by any vendor, according to VirusTotal.

Mandrake samples on VirusTotal

Mandrake samples on VirusTotal
Mandrake samples on VirusTotal

Applications

Package nameApp nameMD5DeveloperReleasedLast updated on Google PlayDownloads
com.airft.ftrnsfrAirFS33fdfbb1acdc226eb177eb42f3d22db4it9042Apr 28,
2022
Mar 15,
2024
30,305
com.astro.dscvrAstro Explorer31ae39a7abeea3901a681f847199ed88shevabadMay 30,
2022
Jun 06,
2023
718
com.shrp.sghtAmberb4acfaeada60f41f6925628c824bb35ekodasldaFeb 27,
2022
Aug 19,
2023
19
com.cryptopulsing.browserCryptoPulsinge165cda25ef49c02ed94ab524fafa938shevabadNov 02,
2022
Jun 06,
2023
790
com.brnmth.mtrxBrain MatrixkodasldaApr 27,
2022
Jun 06,
2023
259

Mandrake applications on Google Play
Mandrake applications on Google Play

We were not able to get the APK file for
com.brnmth.mtrx, but given the developer and publication date, we assume with high confidence that it contained Mandrake spyware.
Application icons
Application icons

Malware implant


The focus of this report is an application named AirFS, which was offered on Google Play for two years and last updated on March 15, 2024. It had the biggest number of downloads: more than 30,000. The malware was disguised as a file sharing app.

AirFS on Google Play
AirFS on Google Play

According to reviews, several users noticed that the app did not work or stole data from their devices.

Application reviews
Application reviews

Infection chain


Like the previous versions of Mandrake described by Bitdefender, applications in the latest campaign work in stages: dropper, loader and core. Unlike the previous campaign where the malicious logic of the first stage (dropper) was found in the application DEX file, the new versions hide all the first-stage malicious activity inside the native library
libopencv_dnn.so, which is harder to analyze and detect than DEX files. This library exports functions to decrypt the next stage (loader) from the assets/raw folder.
Contents of the main APK file
Contents of the main APK file

Interestingly, the sample
com.shrp.sght has only two stages, where the loader and core capabilities are combined into one APK file, which the dropper decrypts from its assets.
While in the past Mandrake campaigns we saw different branches (“oxide”, “briar”, “ricinus”, “darkmatter”), the current campaign is related to the “ricinus” branch. The second- and third-stage files are named “ricinus_airfs_3.4.0.9.apk”, “ricinus_dropper_core_airfs_3.4.1.9.apk”, “ricinus_amber_3.3.8.2.apk” and so on.

When the application starts, it loads the native library:

Loading the native library
Loading the native library

To make detection harder, the first-stage native library is heavily obfuscated with the OLLVM obfuscator. Its main goal is to decrypt and load the second stage, named “loader“. After unpacking, decrypting and loading into memory the second-stage DEX file, the code calls the method
dex_load and executes the second stage. In this method, the second-stage native library path is added to the class loader, and the second-stage main activity and service start. The application then shows a notification that asks for permission to draw overlays.
When the main service starts, the second-stage native library
libopencv_java3.so is loaded, and the certificate for C2 communications, which is placed in the second-stage assets folder, is decrypted. The treat actors used an IP address for C2 communications, and if the connection could not be established, the malware tried to connect to more domains. After successfully connecting, the app sends information about the device, including the installed applications, mobile network, IP address and unique device ID, to the C2. If the threat actors find their target relevant on the strength of that data, they respond with a command to download and run the “core” component of Mandrake. The app then downloads, decrypts and executes the third stage (core), which contains the main malware functionality.

Second-stage commands:

CommandDescription
startStart activity
cupSet wakelock, enable Wi-Fi, and start main parent service
cdnStart main service
statCollect information about connectivity status, battery optimization, “draw overlays” permission, adb state, external IP, Google Play version
appsReport installed applications
accountsReport user accounts
batteryReport battery percentage
homeStart launcher app
hideHide launcher icon
unloadRestore launcher icon
coreStart core loading
cleanRemove downloaded core
overRequest “draw overlays” permission
optGrant the app permission to run in the background

Third stage commands:

CommandDescription
startStart activity
duidChange UID
cupSet wakelock, enable Wi-Fi, and start main parent service
cdnStart main service
statCollect information about connectivity status, battery optimization, “draw overlays” permission, adb state, external IP, Google Play version
appsReport installed applications
accountsReport user accounts
batteryReport battery percentage
homeStart launcher app
hideHide launcher icon
unloadRestore launcher icon
restartRestart application
apkShow application install notification
start_vLoad an interactive webview overlay with a custom implementation of screen sharing with remote access, commonly referred to by the malware developers “VNC”
start_aLoad webview overlay with automation
stop_vUnload webview overlay
start_i, start_dLoad webview overlay with screen record
stop_iStop webview overlay
upload_i, upload_dUpload screen record
overRequest “draw overlays” permission
optGrant the app permission to run in the background

When Mandrake receives a
start_v command, the service starts and loads the specified URL in an application-owned webview with a custom JavaScript interface, which the application uses to manipulate the web page it loads.
While the page is loading, the application establishes a websocket connection and starts taking screenshots of the page at regular intervals, while encoding them to base64 strings and sending these to the C2 server. The attackers can use additional commands to adjust the frame rate and quality. The threat actors call this “vnc_stream”. At the same time, the C2 server can send back control commands that make application execute actions, such as swipe to a given coordinate, change the webview size and resolution, switch between the desktop and mobile page display modes, enable or disable JavaScript execution, change the User Agent, import or export cookies, go back and forward, refresh the loaded page, zoom the loaded page and so on.

When Mandrake receives a
start_i command, it loads a URL in a webview, but instead of initiating a “VNC” stream, the C2 server starts recording the screen and saving the record to a file. The recording process is similar to the “VNC” scenario, but screenshots are saved to a video file. Also in this mode, the application waits until the user enters their credentials on the web page and then collects cookies from the webview.
The
start_a command allows running automated actions in the context of the current page, such as swipe, click, etc. If this is the case, Mandrake downloads automation scenarios from the URL specified in the command options. In this mode, the screen is also recorded.
Screen recordings can be uploaded to the C2 with the
upload_i or upload_d commands.
The main goals of Mandrake are to steal the user’s credentials, and download and execute next-stage malicious applications.

Data decryption methods


Data encryption and decryption logic is similar across different Mandrake stages. In this section, we will describe the second-stage data decryption methods.

The second-stage native library
libopencv_java3.so contains AES-encrypted C2 domains, and keys for configuration data and payload decryption. Encrypted strings are mixed with plain text strings.
To get the length of the string, Mandrake XORs the first three bytes of the encrypted array, then uses the first two bytes of the array as keys for custom XOR encoding.

Strings decryption algorithm
Strings decryption algorithm

The key and IV for decrypting AES-encrypted data are encoded in the same way, with part of the data additionally XORed with constants.

AES key decryption
AES key decryption

Mandrake uses the OpenSSL library for AES decryption, albeit in quite a strange way. The encrypted file is divided into 16-byte blocks, each of these decrypted with AES-CFB128.

The encrypted certificate for C2 communication is located in the
assets/raw folder of the second stage as a file named cart.raw, which is decrypted using the same algorithm.

Installing next-stage applications


When Mandrake gets an
apk command from the C2, it downloads a new separate APK file with an additional module and shows the user a notification that looks like something they would receive from Google Play. The user clicking the notification initiates the installation process.
Android 13 introduced the “Restricted Settings” feature, which prohibits sideloaded applications from directly requesting dangerous permissions. To bypass this feature, Mandrake processes the installation with a “session-based” package installer.

Installing additional applications
Installing additional applications

Sandbox evasion techniques and environment checks


While the main goal of Mandrake remains unchanged from past campaigns, the code complexity and quantity of the emulation checks have significantly increased in recent versions to prevent the code from being executed in environments operated by malware analysts. However, we were able to bypass these restrictions and discovered the changes described below.

The versions of the malware discovered earlier contained only a basic emulation check routine.

Emulator checks in an older Mandrake version
Emulator checks in an older Mandrake version

In the new version, we discovered more checks.

To start with, the threat actors added Frida detection. When the application starts, it loads the first-stage native library
libopencv_dnn.so. The init_array section of this library contains the Frida detector function call. The threat actors used the DetectFrida method. First, it computes the CRC of all libraries, then it starts a Frida detect thread. Every five seconds, it checks that libraries in memory have not been changed. Additionally, it checks for Frida presence by looking for specific thread and pipe names used by Frida. So, when an analyst tries to use Frida against the application, execution is terminated. Even if you use a custom build of Frida and try to hook a function in the native library, the app detects the code change and terminates.
Next, after collecting device information to make a request for the next stage, the application checks the environment to find out if the device is rooted and if there are analyst tools installed. Unlike some other threat actors who seek to take advantage of root access, Mandrake developers consider a rooted device dangerous, as average users, their targets, do not typically root their phones. First, Mandrake tries to find a su binary, a SuperUser.apk, Busybox or Xposed framework, and Magisk and Saurik Substrate files. Then it checks if the system partition is mounted as read-only. Next, it checks if development settings and ADB are enabled. And finally, it checks for the presence of a Google account and Google Play application on the device.

C2 communication


All C2 communications are maintained via the native part of the applications, using an OpenSSL static compiled library.

To prevent network traffic sniffing, Mandrake uses an encrypted certificate, decrypted from the
assets/raw folder, to secure C2 communications. The client needs to be verified by this certificate, so an attempt to capture SSL traffic results in a handshake failure and a breakdown in communications. Still, any packets sent to the C2 are saved locally for additional AES encryption, so we are able to look at message content. Mandrake uses a custom JSON-like serialization format, the same as in previous campaigns.
Example of a C2 request:
node #1
{
uid "a1c445f10336076b";
request "1000";
data_1 "32|3.1.1|HWLYO-L6735|26202|de||ricinus_airfs_3.4.0.9|0|0|0||0|0|0|0|Europe/Berlin||180|2|1|41|115|0|0|0|0|loader|0|0|secure_environment||0|0|1|0||0|85.214.132.126|0|1|38.6.10-21 [0] [PR] 585796312|0|0|0|0|0|";
data_2 "loader";
dt 1715178379;
next #2;
}
node #2
{
uid "a1c445f10336076b";
request "1010";
data_1 "ricinus_airfs_3.4.0.9";
data_2 "";
dt 1715178377;
next #3;
}
node #3
{
uid "a1c445f10336076b";
request "1003";
data_1 "com.airft.ftrnsfr\n\ncom.android.calendar\n\[redacted]\ncom.android.stk\n\n";
data_2 "";
dt 1715178378;
next NULL;
}
Example of a C2 response:
node #1
{
response "a1c445f10336076b";
command "1035";
data_1 "";
data_2 "";
dt "0";
next #2;
}
node #2
{
response "a1c445f10336076b";
command "1022";
data_1 "20";
data_2 "1";
dt "0";
next #3;
}
node #3
{
response "a1c445f10336076b";
command "1027";
data_1 "1";
data_2 "";
dt "0";
next #4;
}
node #4
{
response "a1c445f10336076b";
command "1010";
data_1 "ricinus_dropper_core_airfs_3.4.1.9.apk";
data_2 "60";
dt "0";
next NULL;
}
Mandrake uses opcodes from 1000 to 1058. The same opcode can represent different actions depending on whether it is used for a request or a response. See below for examples of this.

  • Request opcode 1000: send device information;
  • Request opcode 1003: send list of installed applications;
  • Request opcode 1010: send information about the component;
  • Response opcode 1002: set contact rate (client-server communication);
  • Response opcode 1010: install next-stage APK;
  • Response opcode 1011: abort next-stage install;
  • Response opcode 1022: request user to allow app to run in background;
  • Response opcode 1023: abort request to allow app to run in background;
  • Response opcode 1027: change application icon to default or Wi-Fi service icon.


Attribution


Considering the similarities between the current campaign and the previous one, and the fact that the C2 domains are registered in Russia, we assume with high confidence that the threat actor is the same as stated in the Bitdefender’s report.

Victims


The malicious applications on Google Play were available in a wide range of countries. Most of the downloads were from Canada, Germany, Italy, Mexico, Spain, Peru and the UK.

Conclusions


The Mandrake spyware is evolving dynamically, improving its methods of concealment, sandbox evasion and bypassing new defense mechanisms. After the applications of the first campaign stayed undetected for four years, the current campaign lurked in the shadows for two years, while still available for download on Google Play. This highlights the threat actors’ formidable skills, and also that stricter controls for applications before being published in the markets only translate into more sophisticated, harder-to-detect threats sneaking into official app marketplaces.

Indicators of Compromise


File Hashes
141f09c5d8a7af85dde2b7bfe2c89477
1b579842077e0ec75346685ffd689d6e
202b5c0591e1ae09f9021e6aaf5e8a8b
31ae39a7abeea3901a681f847199ed88
33fdfbb1acdc226eb177eb42f3d22db4
3837a06039682ced414a9a7bec7de1ef
3c2c9c6ca906ea6c6d993efd0f2dc40e
494687795592106574edfcdcef27729e
5d77f2f59aade2d1656eb7506bd02cc9
79f8be1e5c050446927d4e4facff279c
7f1805ec0187ddb54a55eabe3e2396f5
8523262a411e4d8db2079ddac8424a98
8dcbed733f5abf9bc5a574de71a3ad53
95d3e26071506c6695a3760b97c91d75
984b336454282e7a0fb62d55edfb890a
a18a0457d0d4833add2dc6eac1b0b323
b4acfaeada60f41f6925628c824bb35e
cb302167c8458e395337771c81d5be62
da1108674eb3f77df2fee10d116cc685
e165cda25ef49c02ed94ab524fafa938
eb595fbcf24f94c329ac0e6ba63fe984
f0ae0c43aca3a474098bd5ca403c3fca

Domains and IPs
45.142.122[.]12
ricinus[.]ru
ricinus-ca[.]ru
ricinus-cb[.]ru
ricinus-cc[.]ru
ricinus[.]su
toxicodendron[.]ru


securelist.com/mandrake-apps-r…


The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

La Relazione del Garante per la Protezione dei Dati 2023 commentata riga per riga (Parte II - GDPR e PA)
poliverso.org/display/0477a01e…
La Relazione del Garante per la Protezione dei Dati 2023 commentata riga per riga (Parte II - GDPR e PA)L'audio del video che ho preparato su YouTube per commentare la relazione 2023 del Garante per la Protezione dei Dati Personali italiano.Per vedere la versione con il documento e le mie evidenziazioni, è opportuno collegarsi


La Relazione del Garante per la Protezione dei Dati 2023 commentata riga per riga (Parte II - GDPR e PA)


L'audio del video che ho preparato su YouTube per commentare la relazione 2023 del Garante per la Protezione dei Dati Personali italiano.

Per vedere la versione con il documento e le mie evidenziazioni, è opportuno collegarsi al canale YouTube e vedere il video.

Questa è la seconda parte (GDPR e Pubblica Amministrazione)


zerodays.podbean.com/e/la-rela…


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Cardboard R/C Plane Actually Flies
poliverso.org/display/0477a01e…
Cardboard R/C Plane Actually Flies Many makers start by building mock-ups from cardboard, but [Alex-08] has managed to build an R/C plane that actually flies, out of cardboard instructables.com/How-to-Make-… you’ve been thinking of building an R/C plane from scratch yourself, this guide is an excellent place to start. [Alex-08] goes through excruciating


Cardboard R/C Plane Actually Flies

A painted RC plane made of cardboard. It has an orange propeller and camo-esque markings along with concentric blue, white, and red circles near the wingtips.

Many makers start by building mock-ups from cardboard, but [Alex-08] has managed to build an R/C plane that actually flies, out of cardboard.

If you’ve been thinking of building an R/C plane from scratch yourself, this guide is an excellent place to start. [Alex-08] goes through excruciating detail on how he designed and constructed this marvel. The section on building the wings is particularly detailed since that’s the most crucial element in making sure this plane can get airborne.

Some off-the-shelf R/C parts and 3D printed components round out the parts list to complement the large cardboard box used for most of the structural components. The build instructions even go through some tips on getting that vintage aircraft feel and how to adjust everything for a smooth flight.

Need a wind tunnel instead? You can build that out of cardboard too. If paper airplanes are more your thing, how about launching them from space? And if you’re just trying to get a head start on Halloween, why not laser cut an airplane costume from cardboard?


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

2024 Tiny Games Contest: Pi-O-Scope-Pong
poliverso.org/display/0477a01e…
2024 Tiny Games Contest: Pi-O-Scope-Pong [Aaron Lager]’s hackaday.io/project/197153-pi-… project takes a minimal approach to Pong by drawing on an oscilloscope to generate crisp paddles and ball. A Raspberry Pi takes care of the grunt work of signal generation, and even uses the two joysticks of an Xbox controller (connected to the Pi over Bluetooth) for https://hackaday


2024 Tiny Games Contest: Pi-O-Scope-Pong

[Aaron Lager]’s Pi-O-Scope-Pong project takes a minimal approach to Pong by drawing on an oscilloscope to generate crisp paddles and ball. A Raspberry Pi takes care of the grunt work of signal generation, and even uses the two joysticks of an Xbox controller (connected to the Pi over Bluetooth) for inputs.

Originally, [Aaron] attempted to generate the necessary signals directly from the Pi’s PWM outputs by doing a little bit of RC filtering on the outputs, but was repulsed by the smeary results. The solution? An old but perfectly serviceable 8-bit MAX506 DAC now handles crisping up the visuals with high-quality analog outputs. Code is available on the project’s GitHub repository.

There isn’t any score-keeping or sound, but one thing that it has over the original Pong is a round ball. The ball in the original Pong game was square, but mainly because cost was a concern during design and generating a round ball would have ballooned the part count.

In many ways, Pong itself is a great inspiration for the Tiny Games Challenge, because the simplicity of its gameplay was likely a big part of its success.

youtube.com/embed/WMYsr0fLufo?…

2024 Tiny Games Challenge


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

How “professional” ransomware variants boost cybercrime groups
poliverso.org/display/0477a01e…
How “professional” ransomware variants boost cybercrime groups IntroductionCybercriminals who specialize in ransomware do not always create it themselves. They have many other ways to get their hands on ransomware samples: buying a sample on the dark web, affiliating with other groups or finding a (leaked) ransomware variant. This requires no extraordinary effort, as


How “professional” ransomware variants boost cybercrime groups


Introduction


Cybercriminals who specialize in ransomware do not always create it themselves. They have many other ways to get their hands on ransomware samples: buying a sample on the dark web, affiliating with other groups or finding a (leaked) ransomware variant. This requires no extraordinary effort, as source code is often leaked or published. With a set of standard tools and a freshly built (and sometimes slightly altered) ransomware sample, victims can be sought, and the malicious activity can spread.

In the past months, we released several private reports detailing exactly this. You will find a few excerpts from these below. To learn more about our crimeware reporting service, contact us at crimewareintel@kaspersky.com.

SEXi


This past April, IxMetro was hit by an attack that used a still-new ransomware variant dubbed “SEXi”. As the name suggests, the group focuses primarily on ESXi applications. In each of the cases we investigated, the victims were running unsupported versions of ESXi, and there are various assumptions about the initial infection vector.

The group deploys one of two types of ransomware variants depending on the target platform: Windows or Linux. Both samples are based on leaked ransomware samples, namely Babuk for the Linux version and Lockbit for Windows. This is the first time we’ve seen a group use different leaked ransomware variants for their target platforms.

Another thing that sets this group apart is their contact method. Attackers will typically leave a note with an email address or leak site URL in it, but in this case, the note contained a user ID associated with the Session messaging app. The ID belonged to the attackers and was used across different ransomware attacks and victims. This signifies a lack of professionalism, as well as the fact that the attackers did not have a TOR leak site.

Key Group


While the SEXi group has employed leaked ransomware variants from two malware families, other groups have taken this approach to a whole different level. For example, Key Group, aka keygroup777, has used no fewer than eight different ransomware families throughout their relatively short history (since April 2022) – see the image below.

Use of leaked ransomware builders by Key Group
Use of leaked ransomware builders by Key Group

We were able to link different variants to Key Group by their ransom notes. In a little over two years that the group has been active, they have adjusted their TTPs slightly with each new ransomware variant. For example, the persistence mechanism was always via the registry, but the exact implementation differed by family. Most of the time, autorun was used, but we’ve also seen them using the startup folder.

For example, UX-Cryptor added itself to the registry as shown below.
HKU\$usersid\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
"Shell" = "$selfpath"
HKU\$usersid\Software\Microsoft\Windows\CurrentVersion\Run
"WindowsInstaller" = "$selfpath -startup"
"MSEdgeUpdateX" = "$selfpath"
HKU\$usersid\Software\Microsoft\Windows\CurrentVersion\RunOnce
"System3264Wow" = "$selfpath --init"
"OneDrive10293" = "$selfpath /setup"
"WINDOWS" = "$selfpath --wininit"
While the Chaos ransomware variant copied itself to
$user\$appdata\cmd.exe and launched a new process, the new process in turn created a new file in the startup folder: $user\$appdata\Microsoft\Windows\Start Menu\Programs\Startup\cmd.url. This contained the path to the ransomware file: URL=file:///$user\$appdata\cmd.exe.
Russian-speaking groups typically operate outside of Russia, but Key Group is an exception to this rule. Their operations are not very professional, as well as SEXi’s, and show a lack of comprehensive skills. For example, the main C2 channel is a GitHub repository, which makes them easier to track, and communication is maintained over Telegram rather than a dedicated server on the TOR network.

Mallox


Mallox is another relatively new ransomware variant that first came to light in 2021 and kicked off an affiliate program in 2022. The way the authors obtained the source code is unclear — they could have written it from scratch, used a published or a leaked one, or purchased it, as they claim. Since Mallox is a lesser-known and hence, also less-documented, ransomware variant compared to the likes of Lockbit and Conti, we decided to cover Mallox in this post.

Although starting as a private group conducting their own campaigns, Mallox launched an affiliate program shortly after inception. Interestingly, the group only wants to do business with Russian-speaking affiliates and not with English-speaking ones, they do not welcome novices as well. They are also very explicit about what types of organizations affiliates should infect: no less than $10 million in revenue and no hospitals or educational institutions.

Mallox uses affiliate IDs, making it possible to track affiliate activity over the course of time. In 2023, there were 16 active partners, which explains the spike in activity, most notably in the spring and autumn of 2023 as evidenced by the PE timestamp.

Number of discovered Mallox samples by PE timestamp (download)

In 2024, only eight of the original affiliates were still active, with no newcomers. Aside from this, Mallox has all the typical Big Game Hunting attributes that other groups also have, such as a leak site, a server hosted on TOR, and others.

Conclusion


Getting into the ransomware business has never been too difficult. Of-the-shelf solutions have been available, or else one could become an affiliate and outsource many tasks to others. Initially, with tools like Hidden Tear, the impact was relatively low: the tools were easy to detect and contained implementation errors, which helped decryption. They targeted regular consumers rather than large organizations. This has changed these days, as the impact can be much bigger with the advent of the Big Game Hunting era and the release of “professional” ransomware variants, which can affect entire companies, organizations, hospitals and so on. Such samples are more efficient in terms of speed, configurability, command line options, platform support and other features. That said, while getting your hands on a “professional” ransomware variant might be easy, the whole process of exploiting and exploring an organization can be quite time consuming, if not impractical, for newbies.

We also see that groups using leaked variants seldom look professional, with Key Group and SEXi among the examples of this. The reason why they are effective is either that they are able to set up a successful affiliate scheme (Key Group), or that they have found a niche where they can deploy their ransomware effectively (SEXi). In these two scenarios, the leaking or publication of ransomware variants can be considered a threat to organizations and individuals.

If you would like to stay up to date on the latest TTPs being used by criminals, or if you have questions about our private reports, contact us at crimewareintel@kaspersky.com.

Indicators of compromise


SEXi
4e39dcfb9913e475f04927e71f38733a
0a16620d09470573eeca244aa852bf70

Key Group
bc9b44d8e5eb1543a26c16c2d45f8ab7
acea7e35f8878aea046a7eb35d0b8330

Mallox
00dbdf13a6aa5b018c565f4d9dec3108
01d8365e026ac0c2b3b64be8da5798f2


securelist.com/sexi-key-group-…


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Programming Ada: Implementing the Lock-Free Ring Buffer
poliverso.org/display/0477a01e…
Programming Ada: Implementing the Lock-Free Ring Buffer In the previous article hackaday.com/2024/07/30/progra… we looked at designing a lock-free ring buffer (LFRB) in Ada, contrasting and comparing it with the C++-based version which it is based on, and highlighting the Ada way of doing things. In this article we’ll cover


Programming Ada: Implementing the Lock-Free Ring Buffer

In the previous article we looked at designing a lock-free ring buffer (LFRB) in Ada, contrasting and comparing it with the C++-based version which it is based on, and highlighting the Ada way of doing things. In this article we’ll cover implementing the LFRB, including the data request task that the LFRB will be using to fill the buffer with. Accompanying the LFRB is a test driver, which will allow us to not only demonstrate the usage of the LFRB, but also to verify the correctness of the code.

This test driver is uncomplicated: in the main task it sets up the LFRB with a 20 byte buffer, after which it begins to read 8 byte sections. This will trigger the LFRB to begin requesting data from the data request task, with this data request task setting an end-of-file (EoF) state after writing 100 bytes. The main task will keep reading 8-byte chunks until the LFRB is empty. It will also compare the read byte values with the expected value, being the value range of 0 to 99.

Test Driver


The Ada version of the test driver for the LFRB can be found in the same GitHub project as the C++ version. The file is called test_databuffer.adb and can be found in the ada/reference/ folder. The Makefile to build the reference project is found in the /ada folder, which requires an Ada toolchain to be installed as well as Make. For details on this aspect, see the first article in this series. When running make in the folder, the build files are placed under obj/ and the resulting binary under bin/.

The LFRB package is called LFRingDataBuffer, which we include along with the dataRequest package that contains the data request task. Obviously, since typing out LFRingDataBuffer over and over would be tiresome, we rename the package:
with LFRingDataBuffer;
with dataRequest; use dataRequest;

procedure test_databuffer is
package DB renames LFRingDataBuffer;
[..]
After this we can initialize the LFRB:
initret : Boolean;
[..]
initret := DB.init(20);
if initret = False then
put_line("DB Init failed.");
return;
end if;
Before we start reading from the LFRB, we create the data request task:
drq : DB.drq_access;
[..]
drq := new dataRequestTask;
DB.setDataRequestTask(drq);
This creates a reference to a dataRequestTask instance, which is found in the dataRequest package. We pass this reference to the LFRB so that it can call entries on it, as we will see in a moment.

After this we can start reading data from the LFRB in a while loop:
bytes : DB.buff_array (0..7);
read : Unsigned_32;
emptied : Boolean;
[..]
emptied := False;
while emptied = False loop
read := DB.read(8, bytes);
[..]
if DB.isEoF then
emptied := DB.isEmpty;
end if;
end loop;
As we know what the value of each byte we read has to be, we can validate it and also print it out to give the user something to look at:
idx : Unsigned_32 := 0;
[..]
idx := 0;
for i in 0 .. Integer(read - 1) loop
put(Unsigned_8'Image(bytes(idx)) & " ");
if expected /= bytes(idx) then
aborted := True;
end if;

idx:= idx + 1;
expected := expected + 1;
end loop;
Of note here is that put() from the Ada.Text_IO package is similar to the put_line() procedure except that it doesn’t add a newline. We also see here how to get the string representation of an integer variable, using the 'Image attribute. For Ada 2012 we can use it in this fashion, though since 2016 and in Ada 2022 we can also use it directly on a variable, e.g.:
put(bytes(idx)'Image & " ");
Finally, we end the loop by checking both whether EoF is set and whether the buffer is empty:
if DB.isEoF then
emptied := DB.isEmpty;
end if;
With the test driver in place, we can finally look at the LFRB implementation.

Initialization


Moving on to the LFRB’s implementation file (lfringdatabuffer.adb), we can in the init procedure see a number of items which we covered in the previous article already, specifically the buffer type and its allocation, as well as the unchecked deallocation procedure. All of the relevant variables are set to their appropriate value, which is zero except for the number of free bytes (since the buffer is empty) and the last index (capacity – 1).

Flags like EoF (False) are also set to their starting value. If we call init with an existing buffer we first delete it before creating a new one with the requested capacity.

Reading

Simplified layout of a ring buffer.Simplified layout of a ring buffer.
Moving our attention to the read function, we know that the buffer is still empty, so nothing can be read from the buffer. This means that the first thing we have to do is request more data to fill the buffer with. This is the first check in the read function:
if eof = false and len > unread then
put_line("Requesting data...");
requestData;
end if;
Here len is the requested number of bytes that we intend to read, with unread being the number of unread bytes in the buffer. Since len will always be more than zero (unless you are trying to read zero bytes, of course…), this means that we will call the requestData procedure. Since it has no parameters we omit the parentheses.

This procedure calls an entry on the data request task before waiting for data to arrive:
dataRequestPending := True;
readT.fetch;

while dataRequestPending = True loop
delay 0.1; -- delay 100 ms.
end loop;
We set the atomic variable dataRequestPending which will be toggled upon a write action, before calling the fetch entry on the data request task reference which got passed in from the test driver earlier. After this we loop with a 100 ms wait until the data has arrived. Depending on the context, having a time-out here might be desirable.

We can now finally look at the data request task. This is found in the reference folder, with the specification ([url=https://github.com/MayaPosch/LockFreeRingBuffer/blob/master/ada/reference/dataRequest.ads]dataRequest.ads[/url]) giving a good idea of what the Ada rendezvous synchronization mechanism looks like:
package dataRequest is
task type dataRequestTask is
entry fetch;
end dataRequestTask;
end dataRequest;
Unlike an Ada task, which is auto-started with the master task to which the subtask belongs, a task type can be instantiated and started at will. To communicate with the task we use the rendezvous mechanism, which presents an interface (entries) to other tasks that are effectively like procedures, including the passing of parameters. Here we have defined just one entry called fetch, for hopefully obvious reasons.

The task body is found in [url=https://github.com/MayaPosch/LockFreeRingBuffer/blob/master/ada/reference/dataRequest.adb]dataRequest.adb[/url], which demonstrates the rendezvous select loop:
task body dataRequestTask is
[..]
begin
loop
select
accept fetch do
[..]
end fetch;
or
terminate;
end select;
end loop;
end dataRequestTask;
To make sure that the task doesn’t just exit after handling one call, we use a loop around the select block. By using or we can handle more than one call, with each entry handler (accept) getting its own section so that we can theoretically handle an infinite number of entries with one task. Since we only have one entry this may seem redundant, but to make sure that the task does exit when the application terminates we add an or block with the terminate keyword.

With this structure in place we got a basic rendezvous-enabled task that can handle fetch calls from the LFRB and write into the buffer. Summarized this looks like the following:
data : DB.buff_array (0..9);
wrote : Unsigned_32;
[..]
wrote := DB.write(data);
put_line("Wrote " & Unsigned_32'Image(wrote) & HT & "- ");
Here we can also see the way that special ASCII characters are handled in Ada’s Text_IO procedures, using the [url=https://en.wikibooks.org/wiki/Ada_Programming/Libraries/Ada.Characters.Latin_1?useskin=vector]Ada.Characters.Latin_1[/url] package. In this case we concatenate the horizontal tab (HT) character.

Skipping ahead a bit to where the data is now written into the LFRB’s buffer, we can read it by first checking how many bytes can be read until the end of the buffer (comparing the read index with the buffer end index). This can result in a number of of outcomes: either we can read everything in one go, or we may need to read part from the front of the buffer, or we have fewer bytes left unread than requested. These states should be fairly obvious so I won’t cover them here in detail, but feel free to put in a request.

To take the basic example of reading all of the requested bytes in a single chunk, we have to read the relevant indices of the buffer into the bytes array that was passed as a bidirectional parameter to the read function:
function read(len: Unsigned_32; bytes: in out buff_array) return Unsigned_32 is
This is done with a single copy action and an array slice on the (dereferenced) buffer array:
readback := (read_index + len) - 1;
bytes := buffer.all(read_index .. readback);
We’re copying into the entire range of the target array, so no slice is necessary here. On the buffer array, we start at the first unread byte (read_index), with that index plus the number of bytes we intend to read as the last byte. Minus one due to us starting the array with zero instead of 1. This would be a handy optimization, but since we’re a stickler for tradition, this is what we have to live with.

Writing


Writing into the buffer is easier than reading, as we only have to concern ourselves with the data that is in the buffer. Even so it is quite similar, just with a focus on free bytes rather than unread ones. Hence we start with looking at how many bytes we can write:
locfree : Unsigned_32;
bytesSingleWrite: Unsigned_32;
[..]
locfree := free;
bytesSingleWrite := free;
if (buff_last - data_back) < bytesSingleWrite then
bytesSingleWrite := buff_last - data_back + 1;
end if;
We then have to test for the different scenarios, same as with reading. For example with a straight write:
if data'Length <= bytesSingleWrite then
writeback := (data_back + data'Length) - 1;
buffer.all(data_back .. writeback) := data;
elsif
[..]
end if;
Of note here is that we can obtain the size of a regular array with the 'Length attribute. Since we can write the whole chunk in one go, we set the slice on the target (the dereferenced buffer) from the write index (data_back) to (and including) the size of the data we’re writing (minus one, because tradition). If we have to do partial copying of the data we need to use array slices here as well, but here it is only needed on the buffer.

Finally, we have two more items to take care of in the write function. The first is letting the data request procedure know that data has arrived by setting dataRequestPending to false. The other is to check whether we can request more data if there is space in the buffer:
if eof = true then
null;
elsif free > 204799 then
readT.fetch;
end if;
There are a few notable things in this code. The first is that Ada does not allow you to have empty blocks, but requires you to mark those with null. The other is that magic numbers can be problematic. Originally the fixed data request block size in NymphCast was 200 kB before it became configurable. If we were to change the magic number here to e.g. 10 (bytes), we’d call the fetch entry on the data request task again on the first read request, getting us a full buffer.

EoF


With all of the preceding, we now have a functioning, lock-free ring buffer in Ada. Obviously we have only touched on the core parts of what makes it tick, and skimmed over the variables involved in keeping track of where what is going and where it should not be, not to mention how much. Much of this should be easily pieced together from the linked source files, but can be expanded upon, if desired.

Although we have a basic LFRB now, the observing among us may have noticed that most of the functions and procedures in the Ada version of the LFRB as located on GitHub are currently stubs, and that the C++ version does a lot more. Much of this functionality involves seeking in the buffer and a number of other tasks that make a lot of sense when combined with a media player like in NymphCast. These features will continue to be added over time as the LFRB project finds more use, but probably aren’t very interesting to cover.

Feel free to sound off in the comments on what more you may want to see involving the LFRB.


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Programming Tiny Blinkenlight Projects with Light
poliverso.org/display/0477a01e…
Programming Tiny Blinkenlight Projects with Light [mitxela] has a tiny problem, literally: some of his projects are so small as to defy easy programming. While most of us would probably solve the problem of having no physical space on a board to mount a connector with WiFi or Bluetooth, he took a different path and gave this clever light-based mitxela.com/projects/lig


Programming Tiny Blinkenlight Projects with Light

[mitxela] has a tiny problem, literally: some of his projects are so small as to defy easy programming. While most of us would probably solve the problem of having no physical space on a board to mount a connector with WiFi or Bluetooth, he took a different path and gave this clever light-based programming interface a go.

Part of the impetus for this approach comes from some of the LED-centric projects [mitxela] has tackled lately, particularly wearables such as his LED matrix earrings or these blinky industrial piercings. Since LEDs can serve as light sensors, albeit imperfect ones, he explored exactly how to make the scheme work.

For initial experiments he wisely chose his larger but still diminutive LED matrix badge, which sports a CH32V003 microcontroller, an 8×8 array of SMD LEDs, and not much else. The video below is a brief summary of the effort, while the link above provides a much more detailed account of the proceedings, which involved a couple of false starts and a lot of prototyping that eventually led to dividing the matrix in two and ganging all the LEDs in each half into separate sensors. This allows [mitxela] to connect each side of the array to the two inputs of an op-amp built into the CH32V003, making a differential sensor that’s less prone to interference from room light. A smartphone app alternately flashes two rectangles on and off with the matrix lying directly on the screen to send data to the badge — at a low bitrate, to be sure, but it’s more than enough to program the badge in a reasonable amount of time.

We find this to be an extremely clever way to leverage what’s already available and make a project even better than it was. Here’s hoping it spurs new and even smaller LED projects in the future.

youtube.com/embed/IHD3ji-F600?…


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

The Atomic Gardener Of Eastbourne
poliverso.org/display/0477a01e…
The Atomic Gardener Of Eastbourne Pity the video team at a large hacker camp, because they have a huge pile of interesting talks in the can but only the limited resources of volunteers to put them online. Thus we often see talks appearing from past camps, and such it is with one from Electromagnetic Field 2022 media.ccc.de/v/emf2022-353-the…. It’s from [Sarah Angliss], and


The Atomic Gardener Of Eastbourne

Pity the video team at a large hacker camp, because they have a huge pile of interesting talks in the can but only the limited resources of volunteers to put them online. Thus we often see talks appearing from past camps, and such it is with one from Electromagnetic Field 2022. It’s from [Sarah Angliss], and as its subject it takes the extraordinary work of [Muriel Howorth], a mid-20th-century British proponent of irradiated seeds as a means to solve world hunger.

Today we are used to genetic modification in the context of plants, and while it remains a controversial subject, the science behind it is well known. In the period following the Second World War there was a different approach to improving crops by modifying their genetics: irradiating seeds in a scattergun approach to genetic modification, in the hope that among thousands of duds there might be a mutant with special properties.

To this came Muriel Howorth, at first charged with telling the story of atomic research for the general public. She took irradiated seeds from Oak Ridge in the USA, and turned them into a citizen science program, with an atomic gardening society who would test these seeds and hopefully, find the supercrops within. It’s a wonderfully eccentric tale that might otherwise be the plot of a Wallace and Gromit movie, and but for a few interested historians of popular science it might otherwise have slipped into obscurity. We’re sorry we didn’t catch this one live back when we attended the event.

media.ccc.de/v/emf2022-353-the…


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

La Relazione 2023 del Garante privacy commentata riga per riga Parte III: GDPR e sanità.
poliverso.org/display/0477a01e…
La Relazione 2023 del Garante privacy commentata riga per riga Parte III: GDPR e sanità.Il terzo audio della neonata (ed estiva...) serie video di commento "riga per riga" alla Relazione annuale 2023 del Garante per la Protezione dei Dati italiano riguarda il capitolo su GDPR, Codice Privacy, protezione dei dati e sanità.SI tratta di una


La Relazione 2023 del Garante privacy commentata riga per riga Parte III: GDPR e sanità.


Il terzo audio della neonata (ed estiva...) serie video di commento "riga per riga" alla Relazione annuale 2023 del Garante per la Protezione dei Dati italiano riguarda il capitolo su GDPR, Codice Privacy, protezione dei dati e sanità.

SI tratta di una parte interessantissima: FSE, dossier sanitario, piattaforma nazionale di telemedicina, cimitero dei feti, ransomware e attacchi alle strutture sanitarie, errori di comunicazione causati da pazienti omonimi, e-mail inviate con tutti gli indirizzi visibili in cc, VPN e doppio fattore di autenticazione, profili di autorizzazione errati, e tanto altro.


zerodays.podbean.com/e/la-rela…


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Getting an Old HVAC System Online
poliverso.org/display/0477a01e…
Getting an Old HVAC System Online Standardization might sound boring, but it’s really a great underlying strength of modern society. Everyone agreeing on a way that a certain task should be done saves a lot of time, energy, and money. But it does take a certain amount of consensus-building, and at the time [JC]’s HVAC system was built the manufacturers still hadn’t agreed on a standard control


Getting an Old HVAC System Online

Standardization might sound boring, but it’s really a great underlying strength of modern society. Everyone agreeing on a way that a certain task should be done saves a lot of time, energy, and money. But it does take a certain amount of consensus-building, and at the time [JC]’s HVAC system was built the manufacturers still hadn’t agreed on a standard control scheme for these machines yet. But with a little ingenuity and an Arduino, the old HVAC system can be given a bit of automatic control.

The original plan for this antiquated system, once off-the-shelf solutions were found to be incompatible, was to build an interface for the remote control. But this was going to be overly invasive and complex. Although the unit doesn’t have a standard remote control system, it does have extensive documentation so [JC] was able to build a relay module for it fairly easily with an Arduino Nano Matter to control everything and provide WiFi functionality. It also reports the current status of the unit and interfaces with the home automation system.

While some sleuthing was still needed to trace down some of the circuitry of the board to make sure everything was wired up properly, this was a much more effective and straightforward (not to mention inexpensive) way of bringing his aging HVAC system into the modern connected world even through its non-standardized protocols. And, although agreeing on standards can sometimes be difficult, they can also be powerful tools once we all agree on them.


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

What are Photons, Anyway?
poliverso.org/display/0477a01e…
What are Photons, Anyway? Photons are particles of light, or waves, or something like that, right? [Mithuna Yoganathan] explains this conundrum in more detail youtube.com/watch?v=Z8Fo2xZjpi… than you probably got in your high school physics class.While quantum physics has been around for over a century, it can still be a bit tricky to wrap one’s head around since some of the behaviors


What are Photons, Anyway?

A finger points at a diagram of a battery with two green bars. Above it is another battery with four smaller green bars with a similar area to the first battery's two. The bottom batter is next to a blue box with a blue wave emanating from it and the top battery has a red box with a red wave emanating from it. Below the red wave is written "2x wavelength" and below the top battery is "1/2 energy in a photon."

Photons are particles of light, or waves, or something like that, right? [Mithuna Yoganathan] explains this conundrum in more detail than you probably got in your high school physics class.

While quantum physics has been around for over a century, it can still be a bit tricky to wrap one’s head around since some of the behaviors of energy and matter at such a small scale aren’t what we’d expect based on our day-to-day experiences. In classical optics, for instance, a brighter light has more energy, and a greater amplitude of its electromagnetic wave. But, when it comes to ejecting an electron from a material via the photoelectric effect, if your wavelength of light is above a certain threshold (bigger wavelengths are less energetic), then nothing happens no matter how bright the light is.

Scientists pondered this for some time until the early 20th Century when Max Planck and Albert Einstein theorized that electromagnetic waves could only release energy in packets of energy, or photons. These quanta can be approximated as particles, but as [Yoganathan] explains, that’s not exactly what’s happening. Despite taking a few classes in quantum mechanics, I still learned something from this video myself. I definitely appreciate her including a failed experiment as anyone who has worked in a lab knows happens all the time. Science is never as tidy as it’s portrayed on TV.

If you want to do some quantum mechanics experiments at home (hopefully with more luck than [Yoganathan]), then how about trying to measure Planck’s Constant with a multimeter or LEGO? If you’re wondering how you might better explain electromagnetism to others, maybe this museum exhibit will be inspiring.

youtube.com/embed/Z8Fo2xZjpiE?…


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

New Noyb lawsuit says Hamburg data watchdog acted as lawyer for German newspaper
euractiv.com/section/data-priv…
@privacy
Noyb sued the Hamburg data protection authority on 1 August in a bid to overturn its recent decision that German newspaper Der Spiegel "pay or okay" model was lawful.

The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

1/3 🚨 Today, the #AIAct will officially become EU law.

Did it deliver on centering people and #HumanRights like civil society advocated for during the legislative process?

Not really. But there's still some silver linings 🌥️

Read our statement ⤵️ edri.org/our-work/statement-eu…

reshared this

in reply to EDRi

2/3 Curious about how the final EU #AIAct fared against the collective demands of a broad civil society coalition that urged EU decision-makers to prioritise the protection of #HumanRights in the law?

Here's our detailed analysis ⤵️
edri.org/our-work/eu-ai-act-fa…

Nelfaneor reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

New note by cybersecurity
poliverso.org/display/0477a01e…
Azure, il cloud di Microsoft è stato colpito da un attacco informatico key4biz.it/azure-il-cloud-di-m… (Italy e non Italy 😁)Microsoft ha confermato che i disservizi di ieri sul cloud Azure, che a cascata ha condizionato i servizi di email, Microsoft 365 e Xbox Live, sono stati causati da un attacco di tipo DDoS. Cosa


Azure, il cloud di Microsoft è stato colpito da un attacco informatico


@Informatica (Italy e non Italy 😁)
Microsoft ha confermato che i disservizi di ieri sul cloud Azure, che a cascata ha condizionato i servizi di email, Microsoft 365 e Xbox Live, sono stati causati da un attacco di tipo DDoS. Cosa è successo “Un picco di utilizzo inatteso ha causato un calo delle prestazioni


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

New note by cybersecurity
poliverso.org/display/0477a01e…
Azure, ieri nuovo down IT al cloud di Microsoft. Fuori uso email e Teams key4biz.it/azure-ieri-nuovo-do… (Italy e non Italy 😁)Ieri nuovo down di Microsoft, stavolta non legato all’incidente di Crowdstrike, ma al funzionamento dei suoi servizi cloud, a partire dai server Azure, che a cascata ha condizionato i servizi


Azure, ieri nuovo down IT al cloud di Microsoft. Fuori uso email e Teams


@Informatica (Italy e non Italy 😁)
Ieri nuovo down di Microsoft, stavolta non legato all’incidente di Crowdstrike, ma al funzionamento dei suoi servizi cloud, a partire dai server Azure, che a cascata ha condizionato i servizi di email, Microsoft 365 e Xbox Live. Per fortuna il problema è stato risolto dopo


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

Pubblicata la relazione annuale NOYB per il 2023

«oltre a presentare più di 40 nuovi reclami, il 2023 è stato un anno di importanti decisioni nei casi @noybeu che hanno portato a multe significative contro diverse aziende.»

@privacypride@feddit.it

noyb.eu/en/annual-report-2023-…

reshared this

The Privacy Post ha ricondiviso questo.

Did you know?
If your project combines two pieces of #FreeSoftware into one, or merges code from one into another, it is important to check whether the licences of each piece of software or code allow or prohibit this combination:

media.fsfe.org/w/bhe12sek49D8o…

#developer #licensing

The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

New note by cybersecurity
poliverso.org/display/0477a01e…
Blackout Microsoft, se ne parla ancora, perché le consapevolezze non sono mai troppe key4biz.it/blackout-microsoft-… (Italy e non Italy 😁)Era venerdì 19 luglio 2024, quando si è verificato un grosso “blackout” a livello mondiale sui sistemi di Microsoft, generato da un malfunzionamento del software di cybers

The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

New note by cybersecurity
poliverso.org/display/0477a01e…
Ecco come Delta Air scuote CrowdStrike startmag.it/cybersecurity/ecco… (Italy e non Italy 😁)In calo le azioni di CrowdStrike sulla scia della notizia che Delta Air chiederà un risarcimento per il tilt informatico del 19 luglio. Tutti i dettagliL'articolo proviene dalla sezione #Cybersecurity di #StartMag la testata diretta da Michele startm


Ecco come Delta Air scuote CrowdStrike


@Informatica (Italy e non Italy 😁)
In calo le azioni di CrowdStrike sulla scia della notizia che Delta Air chiederà un risarcimento per il tilt informatico del 19 luglio. Tutti i dettagli

L'articolo proviene dalla sezione #Cybersecurity di #StartMag la testata diretta da Michele startmag.it/cybersecurity/ecco…


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

Greek prosecutor drops case against spy service over malware use
euractiv.com/section/data-priv…
@privacy
Greece’s Supreme Court prosecutor has shelved a case against the intelligence service, EYP, as a preliminary probe by the court showed no evidence that the agency used illegal phone malware to spy on targets.

The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

New note by cybersecurity
poliverso.org/display/0477a01e…
Cyber caos, la spiegazione di Microsoft all’incidente che ha interessato oltre 8,5 milioni di dispositivi key4biz.it/cyber-caos-la-spieg… (Italy e non Italy 😁)Dopo CrowdStrike, anche Microsoft ha pubblicato sul suo blog una lunga analisi tecnica sull’incidente che il 19 luglio ha inter


Cyber caos, la spiegazione di Microsoft all’incidente che ha interessato oltre 8,5 milioni di dispositivi


@Informatica (Italy e non Italy 😁)
Dopo CrowdStrike, anche Microsoft ha pubblicato sul suo blog una lunga analisi tecnica sull’incidente che il 19 luglio ha interessato oltre 8,5 milioni di dispositivi in tutto il mondo. La lunga disamina


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

We :fsfe: systematically monitor and advocate for #RouterFreedom across Europe

💥 Check out our #RouterFreedom tech wiki, which collects information on how to use a different modem or router from your internet provider.
docs.fsfe.org/en/teams/router-…

#deviceneutrality #softwarefreedom

The Privacy Post reshared this.

in reply to Free Software Foundation Europe

had stumbled over this lately: We have a German #Telekom mobile+DSL hybrid contract with a Speedport Pro Plus router here. The device is a mess, would love to replace it. Unfortunately there seems no alternative for it, for hybrid. Would Telekom have to disclose how their hybrid protocol works?
Questa voce è stata modificata (1 anno fa)
The Privacy Post ha ricondiviso questo.

New note by cybersecurity
poliverso.org/display/0477a01e…
L’intervento di Israele nella causa WhatsApp contro NSO: un’analisi dettagliata insicurezzadigitale.com/linter… (Italy e non Italy 😁)Nel caso di alto profilo tra WhatsApp e NSO Group, il governo israeliano ha adottato misure straordinarie per prevenire la divulgazione di segreti di stato. Questa causa evi


L’intervento di Israele nella causa WhatsApp contro NSO: un’analisi dettagliata


@Informatica (Italy e non Italy 😁)
Nel caso di alto profilo tra WhatsApp e NSO Group, il governo israeliano ha adottato misure straordinarie per prevenire la divulgazione di segreti di stato. Questa causa evidenzia la complessa interazione tra sicurezza nazionale, processi legali e


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

PsiQuantum costruirà il più grande centro di calcolo quantistico negli Stati Uniti a Chicago
poliverso.org/display/0477a01e…
PsiQuantum costruirà il più grande centro di calcolo quantistico negli Stati Uniti a Chicago PsiQuantum prevede di costruire il più grande centro di calcolo quantistico negli Stati Uniti sul sito dell’ex stabilimento US Steel South Works a Chicago. L’azienda intende implementare un sistema su larga scala, rifiutando l’idea di realizzare


PsiQuantum costruirà il più grande centro di calcolo quantistico negli Stati Uniti a Chicago

PsiQuantum prevede di costruire il più grande centro di calcolo quantistico negli Stati Uniti sul sito dell’ex stabilimento US Steel South Works a Chicago. L’azienda intende implementare un sistema su larga scala, rifiutando l’idea di realizzare installazioni di piccole dimensioni. Ad esempio, come Condor di IBM, la cui potenza non supera i 1100 qubit.

Negli ultimi due mesi, la startup con sede a Palo Alto ha scavalcato i grandi nomi per diventare un leader a sorpresa nel settore. Con un finanziamento di oltre un miliardo di dollari da parte di BlackRock, Founders Fund, Playground Global e il ramo di rischio di Microsoft, la startup è stata nominata come locataria commerciale di riferimento in un enorme nuovo campus di ricerca quantistica nel South Side di Chicago.

Oltre ai finanziamenti dalle aziende private, le attività della PsiQuantum sono anche supportate dal DARPA, l’ala di ricerca avanzata del Dipartimento della Difesa. L’ambizioso progetto mira a stabilire gli Stati Uniti come leader nelle tecnologie quantistiche, prima di avversari preoccupanti, vale a dire la Cina.

È stato riferito che le industrie critiche dell’Illinois come l’agricoltura, i prodotti farmaceutici, l’energia, la produzione di materiali, i servizi finanziari, ecc. trarranno vantaggio dalla costruzione di un gigantesco computer quantistico.

“I computer quantistici sono teoricamente promettenti da decenni. Ma lo sviluppo della tecnologia e il passaggio dall’hype alla realtà richiedono progetti infrastrutturali come l’Illinois Quantum and Microelectronics Park” ha affermato J. Jeremy O’Brien CEO e co-fondatore di PsiQuantum.

Per rafforzare il parco quantistico e costruire un forte ecosistema quantistico, PsiQuantum collaborerà con l’Università dell’Illinois Urbana-Champaign. Inoltre collaborerà anche con l’Università di Chicago, l’Università dell’Illinois Chicago e la Northwestern University. Insieme lavoreranno su progetti di ricerca ed esploreranno opportunità per lo sviluppo di programmi educativi nel campo delle applicazioni quantistiche.

“Dato il potenziale illimitato della tecnologia dell’informatica quantistica, è fondamentale impegnarsi in partnership, ricerca e infrastrutture quantistiche in tutto il nostro Paese” ha detto J.B. Pritzker Governatore dell’Illinois.

Le attività di PsiQuantum a Chicago creeranno almeno 150 posti di lavoro nei prossimi cinque anni. Il progetto coinvolgerà dottorandi nel campo della fisica quantistica e, nel complesso, la creazione di un computer quantistico avrà un impatto importante. Tale impatto sarà nei campi dell’ingegneria meccanica, ottica ed elettrica, dello sviluppo di software e del lavoro tecnico di laboratorio.

L'articolo PsiQuantum costruirà il più grande centro di calcolo quantistico negli Stati Uniti a Chicago proviene da il blog della sicurezza informatica.


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

A History of Internet Outages
poliverso.org/display/0477a01e…
A History of Internet Outages We heard a story that after the recent hurricane, a man noted that while the house was sweltering hot because the power was still out, his kids were more anxious for the internet to come back online. The Internet is practically a basic necessity for most people, but as you may have noticed with the recent CrowdStrike debacle, the Internet isn’t always reliable. Grante


A History of Internet Outages

We heard a story that after the recent hurricane, a man noted that while the house was sweltering hot because the power was still out, his kids were more anxious for the internet to come back online. The Internet is practically a basic necessity for most people, but as you may have noticed with the recent CrowdStrike debacle, the Internet isn’t always reliable. Granted, the problem in that case wasn’t the Internet per se, but a problem with many critical hosts that provide services. [Thomas Germain] from the BBC took the opportunity to recall some of the more bizarre reasons we’ve had massive Internet outages in the past.

While teens after a hurricane might miss social media, global outages can be serious business. With 8.5 million computers dead, 911 services went down, medical surgeries were canceled, and — of course — around 46,000 flights were canceled in a single day. We have short memories for these outages, but as [Thomas] points out, this was far from the first massive outage, and many of them have very strange backstories.

How strange? Well, apparently, all of Armenia’s Internet depends on a single fiber optic cable. A 75-year-old woman in Georgia (the country, not the US state) sliced it with a spade while hunting for copper and took down the entire country. A few years later, a tractor in South Africa took out the Internet all across Zimbabwe. If those aren’t strange enough, sharks like to bite undersea cables, as you can see in the video below.

As the Internet becomes more entrenched in necessary services, we are surprised that there are not more requirements for dissimilar redundancy like those on a spacecraft or nuclear power plant. Even preventing third parties from pushing updates directly into production servers might have helped in this case. High-end data centers often have multiple network access points with different carriers. They also have generators or other means to deal with power outages. None of this helps, of course, if you depend on a group of servers that all get the same software updates and the update goes bad.

We don’t know why sharks hate undersea cables. We love them. If you want more specifics on the CrowdStrike event, our [Jonathan Bennett] has been following it for you.

youtube.com/embed/1ex7uTQf4bQ?…


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

OpenAI sfida Google! La fine dei motori di ricerca è vicina con SearchGPT?
poliverso.org/display/0477a01e…
OpenAI sfida Google! La fine dei motori di ricerca è vicina con SearchGPT? OpenAI fa un passo avanti nella ricerca sul web con il suo ultimo annuncio: “Stiamo testando SearchGPT, un prototipo di nuove funzioni di ricerca progettate per combinare la forza dei redhotcyber.com/post/che-cose-…


OpenAI sfida Google! La fine dei motori di ricerca è vicina con SearchGPT?

OpenAI fa un passo avanti nella ricerca sul web con il suo ultimo annuncio: “Stiamo testando SearchGPT, un prototipo di nuove funzioni di ricerca progettate per combinare la forza dei nostri modelli di intelligenza artificiale con approfondimenti dal web per darti risposte veloci e tempestive chiare e pertinenti”.

Attualmente lanciato con un gruppo ristretto di utenti ed editori di stampa, questo prototipo potrebbe, in futuro, essere integrato direttamente in ChatGPT ed essere un insidioso rivale per Google.

Con questo strumento basato su GPT-4, l’obiettivo è fornire ai modelli linguistici conoscenze in tempo reale provenienti dal web, e in particolare dai siti di stampa. “SearchGPT risponderà alle tue domande in modo rapido e diretto con informazioni aggiornate provenienti da tutto il Web, fornendoti collegamenti chiari a fonti pertinenti “, afferma l’azienda. L’utente può, se lo desidera, porre ulteriori domande e le informazioni si arricchiscono gradualmente.
OpenAI lavora per migliorare SearchGPT con lo scopo di presentare le notizie in tempo reale utilizzando il large Language model GPT-4.

Un forte ecosistema di media partner


L’ascesa di OpenAI sui media negli ultimi mesi non ha nulla a che fare con questo annuncio. Al contrario, vuole domare il settore con ingenti finanziamenti. L’azienda ha costruito un vero e proprio ecosistema di partnership con media, agenzie e gruppi di stampa di tutto il mondo per poter fornire contenuti arricchiti attraverso i siti di queste aziende.

Nessuna sorpresa quindi leggere il commento di Nicholas Thompson, CEO di The Atlantic, che ha concluso un “accordo su contenuti e prodotti con OpenAI”. Gli articoli del mensile americano saranno rilevabili nei prodotti OpenAI, incluso ChatGPT, e, in qualità di partner, il media aiuterà a “modellare il modo in cui le notizie vengono fornite e presentate nei futuri prodotti in tempo reale”.

Anche un modo astuto per affrontare il copyright


Oltre a lanciare il prototipo SearchGPT, OpenAI sta anche lanciando un modo per consentire agli editori di gestire il modo in cui appaiono nello strumento, in modo da avere più scelta. I siti possono apparire nei risultati di ricerca anche se non partecipano alla formazione di modelli di intelligenza artificiale generativa, afferma OpenAI, tentando di porre una barriera tra le aziende che hanno dato il consenso all’utilizzo dei propri dati a fini di formazione e quelle che si oppongono.

Le ambizioni di OpenAI non sembrano fermarsi alla ricerca sul web alimentata dall’intelligenza artificiale. Al contrario, la start-up potrebbe addirittura trovarsi a pestare i piedi a giganti come Google e Microsoft – che non è altro che il suo principale investitore – offrendo esperienze di ricerca in settori come l’informazione locale e il commercio.

Sembra che la linea rossa stia per essere superata dalla compagnia di Sam Altman e tornare indietro non è un’opzione.

L'articolo OpenAI sfida Google! La fine dei motori di ricerca è vicina con SearchGPT? proviene da il blog della sicurezza informatica.


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Hacker Olympics
poliverso.org/display/0477a01e…
Hacker Olympics The opening ceremony of the Summer Olympics is going on today. It’s an over-the-top presentation meant to draw people into sport. And for the next few weeks, we’ll be seeing people from all across the world competing in their chosen physical activities. There will be triumph and defeat, front-runners who nonetheless lag behind on that day, and underdogs who sneak ahead. In short, a


Hacker Olympics

The opening ceremony of the Summer Olympics is going on today. It’s an over-the-top presentation meant to draw people into sport. And for the next few weeks, we’ll be seeing people from all across the world competing in their chosen physical activities. There will be triumph and defeat, front-runners who nonetheless lag behind on that day, and underdogs who sneak ahead. In short, a lot of ado about sport, and I don’t necessarily think that’s a bad thing. Sports are fun.

But where is the Hacker Olympics? Or even more broadly the Science Olympics or Engineering Olympics? Why don’t we celebrate the achievements of great thinkers, planners, and builders the same way that we celebrate fast runners or steady shooters? With all the pomp and showmanship and so on?

Here at Hackaday, we try our best! When we see a cool hack, we celebrate it. But we’re one little blog, with about a millionth the budget of the International Olympic Commission. However, we have you all as our biggest multiplier. It would be awesome if we could take over the entire city of Paris in celebration of science and engineering, but until then, if you see something smart, share it with us. And if you see something on Hackaday that you think was awesome, share it with your friends.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

OSHW Model Rocket Kit Embraces the Hexagon
poliverso.org/display/0477a01e…
OSHW Model Rocket Kit Embraces the Hexagon If you’ve ever built a model rocket, you’ll know there’s not a whole lot to them. Essentially it’s a cardboard tube, a plastic nosecone, some fins, and a little clip that will keep it riding the launch rail as it accelerates off the pad. Extra points awarded if you add in a parachute, but strictly speaking, even that’s a luxury. Stick an Estes


OSHW Model Rocket Kit Embraces the Hexagon

If you’ve ever built a model rocket, you’ll know there’s not a whole lot to them. Essentially it’s a cardboard tube, a plastic nosecone, some fins, and a little clip that will keep it riding the launch rail as it accelerates off the pad. Extra points awarded if you add in a parachute, but strictly speaking, even that’s a luxury. Stick an Estes motor in that thing and send it.

But pointing out that lightweight cardboard tubes can be tricky to ship without getting crushed, [Concrete Dog] has come up with HEXA, a clever model rocket kit that uses pre-scored cardstock instead. The immediate advantage is that this allows the rocket to be shipped as flat sheets of material, but as a secondary bonus, once folded into its final shape the rocket has an awesome hexagonal cross section.
HEXA is certified Open Hardware
As with a traditional kit, both the nosecone and fins are plastic. Except here they’ve been 3D printed in either PLA or PETG depending on their proximity to he hot and fiery area of the rocket. [Concrete Dog] says the printed parts are largely ready to fly as-is, but that some quality time with a piece of sandpaper and a coat of paint could improve the aerodynamics a bit if you were so inclined.

Ready for the best part? [Concrete Dog] has decided to release all of the design files for the rocket under the CERN Open Hardware Licence, meaning you’re free to reproduce and modify the rocket as you see fit. In fact, on July 24th, the HEXA rocket was officially certified as Open Hardware by the Open Source Hardware Association (OSHWA) — a first for a DIY rocket, as far as we can tell.

youtube.com/embed/VGaovg9804U?…


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

Bug Critico in Docker: Vulnerabilità con Punteggio 10 Ricompare Dopo 5 Anni
poliverso.org/display/0477a01e…
Bug Critico in Docker: Vulnerabilità con Punteggio 10 Ricompare Dopo 5 Anni Gli sviluppatori Docker hanno rilasciato un aggiornamento docker.com/blog/docker-securit… per correggere una redhotcyber.com/post/vulnerabi…


Bug Critico in Docker: Vulnerabilità con Punteggio 10 Ricompare Dopo 5 Anni

Gli sviluppatori Docker hanno rilasciato un aggiornamento per correggere una vulnerabilità critica in alcune versioni del Docker Engine. La vulnerabilità consente agli aggressori di aggirare i plugin di autorizzazione (AuthZ) se vengono soddisfatte determinate condizioni.

Il problema è stato inizialmente scoperto e risolto nel Docker Engine 18.09.1, rilasciato a gennaio 2019. Tuttavia, per un motivo sconosciuto, questa correzione non è stata trasferita alle versioni successive, provocando la ricomparsa della vulnerabilità.

Questo problema è stato notato nuovamente solo nell’aprile 2024. Di conseguenza, questa settimana sono state rilasciate nuovamente le patch per tutte le versioni supportate di Docker Engine.

Gli aggressori hanno quindi avuto cinque anni per sfruttare questo bug, anche se non è noto con certezza se la vulnerabilità sia stata effettivamente utilizzata per attaccare e ottenere accesso non autorizzato alle istanze Docker.

La vulnerabilità viene ora tracciata con l’identificatore CVE-2024-41110 ed è valutata con un massimo di 10 punti sulla scala CVSS. Il problema consente a un utente malintenzionato di inviare una richiesta API appositamente predisposta con una lunghezza del contenuto pari a 0 per indurre il demone Docker a inoltrarla al plug-in AuthZ.

Poiché con una lunghezza del contenuto pari a 0, il plug-in AuthZ non può eseguire una validazione adeguata, ciò rischia di approvare richieste di azioni non autorizzate, inclusa l’escalation dei privilegi.

Il CVE-2024-41110 influisce sulle versioni di Docker Engine precedenti al 19.03.15, 20.10.27, 23.0.14, 24.0.9, 25.0.5, 26.0.2, 26.1.4, 27.0.3 e 27.1.0 e sugli utenti che utilizzano plug-in autorizzazione per il controllo degli accessi.

Non è stato confermato che gli utenti che non utilizzano tali plugin, così come gli utenti di Mirantis Container Runtime e dei prodotti Docker commerciali, siano vulnerabili a CVE-2024-41110, indipendentemente dalla versione.

Si consiglia a chiunque sia interessato da questo bug di eseguire l’aggiornamento alle versioni 23.0.14 e 27.1.0 il prima possibile, dove il problema sarà risolto.

È stato inoltre riferito che l’ultima versione di Docker Desktop (4.32.0) è dotata anche di una versione vulnerabile del Docker Engine, ma l’impatto del problema è limitato poiché è necessario l’accesso all’API Docker per lo sfruttamento e l’eventuale escalation dei privilegi è limitato alla macchina virtuale. Si prevede che la prossima versione di Docker Desktop (4.33.0) risolva questo problema.

L'articolo Bug Critico in Docker: Vulnerabilità con Punteggio 10 Ricompare Dopo 5 Anni proviene da il blog della sicurezza informatica.


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

George Washington Gets Cleaned Up With a Laser
poliverso.org/display/0477a01e…
George Washington Gets Cleaned Up With a Laser Now, we wouldn’t necessarily call ourselves connoisseurs of fine art here at Hackaday. But we do enjoy watching [Julian Baumgartner]’s YouTube channel, where he documents the projects that he takes on as a professional conservationists. Folks send in their dirty or damaged pieces, [Julian] works his magic, and the end result often looks


George Washington Gets Cleaned Up With a Laser

Now, we wouldn’t necessarily call ourselves connoisseurs of fine art here at Hackaday. But we do enjoy watching [Julian Baumgartner]’s YouTube channel, where he documents the projects that he takes on as a professional conservationists. Folks send in their dirty or damaged pieces, [Julian] works his magic, and the end result often looks like a completely different piece. Spoilers: if you’ve ever looked at an old painting and wondered why the artist made it so dark and dreary — it probably needs to be cleaned.

Anyway, in his most recent video, [Julian] pulled out a piece of gear that we didn’t expect to see unleashed against a painting of one of America’s Founding Fathers: a Er:YAG laser. Even better, instead of some fancy-pants fine art restoration laser, he apparently picked up second hand unit designed for cosmetic applications. The model appears to be a Laserscope Venus from the early 2000s, which goes for about $5K these days.

Now, to explain why he raided an esthetician’s closet to fix up this particular painting, we’ve got to rewind a bit. As we’ve learned from [Julian]’s previous videos, the problem with an old dirty painting is rarely the paining itself, it’s the varnish that has been applied to it. These varnishes, especially older ones, have a tendency to yellow and crack with age. Now stack a few decades worth of smoke and dirt on top of it, and you’ve all but completely obscured the original painting underneath. But there’s good news — if you know what you’re doing, you can remove the varnish without damaging the painting itself.

In most cases, this can be done with various solvents that [Julian] mixes up after testing them out on some inconspicuous corner of the painting. But in this particular case, the varnish wasn’t reacting well to anything in his inventory. Even his weakest solvents were going right through it and damaging the paint underneath.

Because of this, [Julian] had to break out the big guns. After experimenting with the power level and pulse duration of the 2940 nm laser, he found the settings necessary to break down the varnish while stopping short of cooking the paint it was covering. After hitting it with a few pulses, he could then come in with a cotton swab and wipe the residue away. It was still slow going, but it turns out most things are in the art conservation world.

This isn’t the first time we’ve covered [Julian]’s resourceful conservation methods. Back in 2019, we took at look the surprisingly in-depth video he created about the design and construction of his custom heat table for flattening out large canvases.

youtube.com/embed/2Ag5LIpP1Ao?…


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

Il buono, il cattivo e le novità nell'ultima settimana: 22-26/07/2024
poliverso.org/display/0477a01e…
Il buono, il cattivo e le novità nell'ultima settimana: 22-26/07/2024Buon sabato e ben ritrovato caro cyber User.Questo sabato riprende NINAsec, ho deciso di dedicare nuovamente del tempo a questo tipo di comunicazione, riunendo ciò che succede nei sette giorni e riassumendolo qui per la lettura.💓 Azioni coraggiose e positiveIn una azione importante contro il


Il buono, il cattivo e le novità nell'ultima settimana: 22-26/07/2024


Buon sabato e ben ritrovato caro cyber User.

Questo sabato riprende NINAsec, ho deciso di dedicare nuovamente del tempo a questo tipo di comunicazione, riunendo ciò che succede nei sette giorni e riassumendolo qui per la lettura.

💓 Azioni coraggiose e positive


In una azione importante contro il crimine informatico, Meta ha cancellato 63.000 account Instagram legati al gruppo di cybercriminali nigeriani noto come Yahoo Boys. Questi account erano coinvolti in truffe di sextortion e una rete di 2.500 account mirava a uomini adulti negli Stati Uniti. Inoltre, Meta ha eliminato 1.300 account Facebook, 200 Pagine e 5.700 Gruppi che fornivano consigli e materiali per truffe. L'azienda ha implementato misure per bloccare la creazione di nuovi account da parte di truffatori.

In parallelo, le forze dell'ordine francesi e Europol stanno collaborando per eliminare il malware PlugX dai dispositivi infetti in Francia, Malta, Portogallo, Croazia, Slovacchia e Austria. Questa operazione è condotta dal Centro per la Lotta contro il Crimine Digitale (C3N) della Gendarmeria Nazionale con l'assistenza di Sekoia. L'ANSSI sta notificando individualmente le vittime in Francia sul processo di pulizia e il suo impatto.

Nel frattempo, la NCA, in collaborazione con l'FBI e la PSNI, ha smantellato il servizio di attacco DDoS su commissione DigitalStress. Questa operazione, parte dell'iniziativa internazionale Operazione Power Off, ha portato al sequestro del dominio del servizio e all'arresto di uno dei suoi amministratori sospetti. La NCA ha avvertito gli utenti che i loro dati sono stati raccolti e saranno analizzati per identificarli.

💀 Minacce preoccupanti


Nel panorama in continua evoluzione della sicurezza informatica, è emersa una nuova minaccia formidabile: LummaC2 info-stealer. Questo malware viene diffuso tramite avvelenamento SEO, annunci sui motori di ricerca e piattaforme come Steam, presentandosi come software illegale e installatori legittimi. LummaC2 utilizza tecniche avanzate come il side-loading di DLL e l'abuso di piattaforme come Steam per acquisire domini C2. Mira a rubare informazioni da una vasta gamma di programmi, inclusi portafogli digitali, browser, client FTP e programmi VPN.

Un'altra minaccia proviene dal gruppo di hacker sponsorizzato dallo stato bielorusso, GhostWriter, che ha intensificato le sue attività di spionaggio informatico contro organizzazioni ucraine e agenzie governative locali utilizzando il malware PicassoLoader. Questo gruppo ha utilizzato email di phishing relative al progetto Hoverla dell'USAID per compromettere gli indicatori finanziari, economici e di governance in Ucraina.

Inoltre, un avviso congiunto dell'FBI, CISA, NSA e altre agenzie ha avvertito di imminenti attacchi informatici contro infrastrutture critiche degli Stati Uniti da parte del gruppo nordcoreano Andariel. Questo gruppo, noto anche come Silent Chollima, Onyx Sleet e Stonefly, prende di mira principalmente i settori della difesa, dell'aerospaziale, del nucleare e dell'ingegneria negli Stati Uniti, Giappone, Corea del Sud e India.

Un ulteriore sviluppo allarmante riguarda un attore minaccioso noto come Stargazer Goblin, che ha creato una piattaforma di distribuzione di malware come servizio (DaaS) su GitHub, utilizzando oltre 3.000 account falsi per diffondere malware che ruba informazioni. Questa operazione, chiamata Stargazers Ghost Network, distribuisce archivi protetti da password contenenti malware tramite repository GitHub e siti WordPress compromessi.

Il popolare gioco mobile Hamster Kombat è diventato un nuovo vettore per la distribuzione di malware. Nonostante non sia disponibile su canali ufficiali, il gioco ha guadagnato enorme popolarità su Telegram, dove i criminali informatici lo utilizzano per distribuire malware. I ricercatori di ESET hanno scoperto un APK dannoso chiamato 'Hamster.apk' su Telegram, che in realtà è uno spyware Android Ratel in grado di rubare dati sensibili dai dispositivi.

Infine, i criminali informatici stanno sfruttando l'hype intorno all'imminente uscita di Grand Theft Auto VI per distribuire malware tramite annunci Facebook ingannevoli. Questi annunci attirano i giocatori a scaricare un falso installer di GTA VI, che è in realtà un malware loader FakeBat, capace di distribuire ulteriori malware come info-stealer e RAT.

🎉 Aggiornamento sulle novità


Il panorama delle minacce continua a evolversi, con attori che sfruttano vulnerabilità non patchate in ServiceNow, inclusa una grave falla RCE, per rubare credenziali da agenzie governative e aziende private. Nonostante ServiceNow abbia risolto queste falle il 10 luglio 2024, gli attacchi sono stati osservati per almeno una settimana, utilizzando exploit disponibili e scanner di rete.

Una nuova campagna, chiamata SeleniumGreed e identificata da Wiz, sfrutta i servizi Selenium Grid esposti per il mining di criptovaluta illecito. Questa campagna, attiva dal 2023, coinvolge l'esecuzione di codice Python tramite l'API WebDriver per distribuire un miner XMRig. Con oltre 30.000 istanze esposte, è urgente che gli utenti affrontino questa configurazione errata.

Dal dark web emerge Krampus, un nuovo malware loader che sta guadagnando popolarità per le sue capacità versatili. Krampus può gestire script di archivio e PowerShell, sideload crypto miners e altro, rendendosi difficile da rilevare con misure di sicurezza tradizionali. Le organizzazioni sono invitate ad aggiornare i loro protocolli di sicurezza per combattere queste minacce sofisticate.

I ricercatori hanno anche rivelato una vulnerabilità di escalation dei privilegi, chiamata ConfusedFunction, nel servizio Google Cloud Platform's Cloud Functions. Questa falla permette agli attaccanti di sfruttare i permessi eccessivi del Default Cloud Build Service Account per accedere ad altri servizi e dati sensibili. Google ha aggiornato il comportamento predefinito per prevenire l'abuso, ma le istanze esistenti rimangono vulnerabili.

Un malware mai visto prima, chiamato FrostyGoop, ha interrotto il sistema di riscaldamento centralizzato di un'azienda energetica in Ucraina, lasciando oltre 600 edifici senza riscaldamento per due giorni durante temperature sotto lo zero. FrostyGoop sfrutta il protocollo Modbus per alterare direttamente i sistemi di controllo industriale, rappresentando una minaccia significativa per gli ambienti OT a livello globale.

Il gruppo di spionaggio Daggerfly ha aggiornato il suo arsenale di malware, rilasciando nuove versioni del backdoor Macma per macOS e una nuova famiglia di malware basata sul framework modulare MgBot. Questi aggiornamenti dimostrano uno sviluppo continuo e una maggiore sofisticazione, evidenziando gli sforzi persistenti del gruppo per evitare il rilevamento.

Infine, i ricercatori di ESET hanno scoperto un exploit zero-day che prende di mira Telegram per Android, chiamato EvilVideo. Questo exploit permetteva agli attaccanti di inviare payload Android dannosi mascherati da file video, inducendo gli utenti a installare malware. Telegram ha risolto il problema nella versione 10.14.5, ma la capacità degli attori di innovare sottolinea la necessità di una vigilanza continua.

Questa settimana ha visto notevoli successi nella lotta contro il crimine informatico, ma ha anche messo in evidenza nuove e persistenti minacce. È fondamentale rimanere vigili e aggiornati sulle ultime patch di sicurezza per proteggere le nostre informazioni e infrastrutture. NINAsec potrebbe servire anche a questo.

😋 FunFact


Nasce Failstrike, nuovo punto di riferimento su CrowdStrike outage dello scorso 18-19 luglio 2024, con una sorta di esposizione di “quanti danni sono stati causati” e i relativi numeri.


Anche quest'oggi abbiamo concluso, ti ringrazio per il tempo e l'attenzione che mi hai dedicato, augurandoti buon fine settimana, ti rimando al mio blog e alla prossima settimana per un nuovo appuntamento con NINAsec.


buttondown.email/ninasec/archi…


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Vintage Ribbon Cable Repair Saves Poqet PC
poliverso.org/display/0477a01e…
Vintage Ribbon Cable Repair Saves Poqet PC It sometimes seems as though computing power in your pocket is a relatively new phenomenon, but in fact there have been ultraportable computers since the 8-bit era. They started to become useful around the end of the 1980s though as enterprising manufacturers started cramming full-fat PC XTs into pocket form factors. Of these the one to own was


Vintage Ribbon Cable Repair Saves Poqet PC

It sometimes seems as though computing power in your pocket is a relatively new phenomenon, but in fact there have been ultraportable computers since the 8-bit era. They started to become useful around the end of the 1980s though as enterprising manufacturers started cramming full-fat PC XTs into pocket form factors. Of these the one to own was the Poqet PC, a slim clamshell design that would run for ages on a pair of AA cells . If you have one today you’d be lucky if its display ribbon cable is without faults though, and [Robert’s Retro] is here with a fix previously thought impossible.

A large proportion of the video below the break is devoted to dismantling the unit, no easy task. The cable once exposed is found to have delaminated completely, and he takes us through the delicate task of attaching a modern equivalent. We particularly like the way in which the cable’s own springiness is used to retract it. The result has a white cable rather than the original black, but that’s a small price to pay for a machine that works rather than a broken paperweight.

If early pocket computing is your thing, it’s a subject we’ve covered before.

youtube.com/embed/uWWvhXO2oaQ?…


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Analyzing Feature Learning in Artificial Neural Networks and Neural Collapse
poliverso.org/display/0477a01e…
Analyzing Feature Learning in Artificial Neural Networks and Neural Collapse Artificial Neural Networks (ANNs) are commonly used for machine vision purposes, where they are tasked with object recognition. This is accomplished by taking a multi-layer network and using a training data set to configure the weights associated with each ‘neuron’. Due to the


Analyzing Feature Learning in Artificial Neural Networks and Neural Collapse

Artificial Neural Networks (ANNs) are commonly used for machine vision purposes, where they are tasked with object recognition. This is accomplished by taking a multi-layer network and using a training data set to configure the weights associated with each ‘neuron’. Due to the complexity of these ANNs for non-trivial data sets, it’s often hard to make head or tails of what the network is actually matching in a given (non-training data) input. In a March 2024 study (preprint) by [A. Radhakrishnan] and colleagues in Science an approach is provided to elucidate and diagnose this mystery somewhat, by using what they call the average gradient outer product (AGOP).

Defined as the uncentered covariance matrix of the ANN’s input-output gradients averaged over the training dataset, this property can provide information on the data set’s features used for predictions. This turns out to be strongly correlated with repetitive information, such as the presence of eyes in recognizing whether lipstick is being worn and star patterns in a car and truck data set rather than anything to do with the (highly variable) vehicles. None of this was perhaps too surprising, but a number of the same researchers used the same AGOP for elucidating the mechanism behind neural collapse (NC) in ANNs.

NC occurs when an ANN gets overtrained (overparametrized). In the preprint paper by [D. Beaglehole] et al. the AGOP is used to provide evidence for the mechanism behind NC during feature learning. Perhaps the biggest take-away from these papers is that while ANNs can be useful, they’re also incredibly complex and poorly understood. The more we learn about their properties, the more appropriately we can use them.


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Your QuickTake Camera And Your Modern PC
poliverso.org/display/0477a01e…
Your QuickTake Camera And Your Modern PC An object of desire back in the mid-1990s might have been Apple’s QuickTake camera. In a form factor not unlike a monocular it packed a 640×480 digital camera, the images from which could be downloaded to a computer via a serial cable. A quarter century later it’s a great retro camera for the enthusiast, but both the serial ports and the operating


Your QuickTake Camera And Your Modern PC

An object of desire back in the mid-1990s might have been Apple’s QuickTake camera. In a form factor not unlike a monocular it packed a 640×480 digital camera, the images from which could be downloaded to a computer via a serial cable. A quarter century later it’s a great retro camera for the enthusiast, but both the serial ports and the operating systems needed to run its software have passed into history. Time for the junk pile? Not at all, for [Crazylegstoo] has produced a new piece of software for 2024 that works for both QuickTake 100 and 150 cameras with USB serial ports on modern operating systems.

Called JQuickTake, it’s a Java app which has the advantage of building on that early Java promise of running cross platform so can be had for Mac or Windows. It allows retrieval of both metadata and images from the camera, but sadly it doesn’t display any of the images. It also doesn’t work with the QuickTake 200. Happily though, there are instructions for building a serial cable, and suggestions for how to deal with the proprietary QTK image format.

Meanwhile if you lack a PC or Mac all is not lost. You can also use these cameras with an Apple II.

Header image: Hannes Grobe, CC BY-SA 4.0.


The Privacy Post reshared this.

The Privacy Post ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Mario Tchou: l’ingegnere cinese che accompagnò l’Olivetti dalle valvole ai transistor
poliverso.org/display/0477a01e…
Mario Tchou: l’ingegnere cinese che accompagnò l’Olivetti dalle valvole ai transistor Chi legge della Olivetti, azienda fondata a Ivrea all’inizio del Novecento da Camillo Olivetti, scopre la storia di una delle tante eccellenze del Made in Italy. Camillo si laureò in ingegneria al Politecnico di Torino, nella stessa città dove, nel 1896, fondò


Mario Tchou: l’ingegnere cinese che accompagnò l’Olivetti dalle valvole ai transistor

Chi legge della Olivetti, azienda fondata a Ivrea all’inizio del Novecento da Camillo Olivetti, scopre la storia di una delle tante eccellenze del Made in Italy. Camillo si laureò in ingegneria al Politecnico di Torino, nella stessa città dove, nel 1896, fondò la “C. Olivetti & C.” per la produzione di strumenti di misurazione elettrica. Nel 1908, dopo un breve trasferimento a Milano, Camillo decise di tornare a Ivrea per creare la nuova “Ing. C. Olivetti & C.”, questa volta per produrre macchine da scrivere e da calcolo. La filosofia che guidava l’azienda era quella di riuscire a coniugare innovazione, design e attenzione alle esigenze dei suoi dipendenti.

Nel 1932 entrò a far parte della Olivetti il figlio Adriano, anch’egli laureato in ingegneria chimica al Politecnico. Fu proprio lui, dopo la scomparsa di Camillo nel 1943, a condurre l’azienda e a creare la Divisione Elettronica, che ospitò il primo laboratorio di ricerca elettronica in Italia. Dalla Olivetti uscirono macchine come la Lettera 22 (creata da Marcello Nizzoli nel 1950) e la Divisumma 24 (creata da Natale Capellaro), macchine che oggi fanno parte della collezione permanente del MoMA di New York. Ma nonostante il genio esuberante e originale di Camillo e la collaborazione dei suoi due figli Adriano e Massimo, il successo fu raggiunto anche grazie al lavoro e all’ingegno di tanti altri tecnici, il più importante dei quali fu Mario Tchou, un ingegnere italiano di origini cinesi, figlio di Yin Tchou, Segretario a Roma presso l’Ambasciata della Repubblica di Cina.

Intervista


Gaia: Ing. Tchou, Lei è nato a Roma e la sua famiglia è di origini cinesi. Potrebbe dirci qualcosa a proposito?

Ing. Tchou: Certo, sono nato a Roma il 26 giugno 1924, da Evelyn Wang e Yin Tchou. Mio padre Yin nacque in Cina, ad Hangzhou, nel 1889. Per lavoro, arrivò per la prima volta in Italia nel 1915, dove imparò la lingua e si interessò alla struttura industriale del Paese.

Gaia: Tornò subito in Cina?

Ing. Tchou: Sì, tornò in Cina per occuparsi della produzione e del commercio della seta. Successivamente, grazie al fatto che alcuni membri della sua famiglia appartenevano alla “Nomenklatura” e alla sua conoscenza della lingua italiana, gli venne offerto un lavoro presso l’ambasciata cinese a Roma. Quindi, nel 1918, si trasferì a Roma, impiegato come diplomatico. Dopo 3 anni, nel 1921, fu raggiunto dalla sua promessa sposa, mia madre Evelyn, che sposò e dalla quale ebbe tre figli.

Gaia: Sua madre Evelyn, che ricordo ha?

Ing. Tchou: Mia madre, anche lei nata a Hangzhou, fu una donna colta ed emancipata. Venne educata alla McTyeire School, una scuola privata femminile d’élite di Shanghai. Proseguì gli studi a Londra, dove si interessò anche di politica, battendosi per i diritti delle donne. Divenne sostenitrice di alcuni movimenti di indipendenza femminile, tra cui la Women’s Suffrage Society e la Women’s Rights League. Fu anche oratrice a rappresentanza delle donne cinesi al: IX Congresso dell’Alleanza Internazionale per il Suffragio Universale, tenutosi a Roma nel maggio del 1923.

Gaia: La vita della sua famiglia a Roma?

Ing. Tchou: Negli anni tra il 1922 e il 1926, io (Mario) e le mie due sorelle, Maria e Laura, nascemmo a Roma. Crescemmo in un ambiente multiculturale, confrontandoci sia con la cultura cinese che con quella italiana. Nonostante i nostri tratti orientali ci distinguessero dalla maggior parte della popolazione italiana, questo non ci creava nessun disagio e la nostra era una famiglia felice. Conducevamo una vita tranquilla e avevamo tutto quello che potevamo desiderare. Dato lo status di diplomatico, mio padre era spesso invitato a eventi mondani e la nostra famiglia godeva di tutti i benefici a essi riservati.

Gaia: Gli studi?

Ing. Tchou: Come molti ragazzi della Roma bene, siamo stati indirizzati a scuole prestigiose. In particolare, Maria si iscrisse al liceo artistico, mentre io (Mario) e Laura optammo per il liceo classico. Al Torquato Tasso conseguii la maturità nel 1942, con un anno di anticipo, presentandomi come privatista. Ero uno studente brillante: mi appassionavano la matematica e la filosofia. Subito dopo il diploma, mi iscrissi alla facoltà di Ingegneria dell’Università La Sapienza.

Gaia: Ci dice qualcosa dell’Università?

Ing. Tchou: Nel 1942 ero una matricola all’Università La Sapienza di Roma, facoltà di Ingegneria, corso di Elettrotecnica. Qui ebbi la fortuna di incontrare il prof. Edoardo Amaldi il quale, grazie anche alle insistenze di mio padre, che voleva che io proseguissi gli studi in America, nel 1946 mi suggerì di fare domanda per una borsa di studio alla Catholic University of Washington. Ottenuta la borsa di studio, partii per l’America. Siccome noi cinesi siamo un popolo operoso e laborioso e io non facevo eccezione, capii che era il momento di fare sul serio e di dedicarmi anima e corpo allo studio. Infatti, nel 1947 conseguii la laurea (Bachelor) in ingegneria elettrica.

Gaia: E il lavoro?

Ing Tchou: Una volta laureato, mi trasferii a New York per insegnare al Manhattan College, ma continuai a studiare al Polytechnic Institute of Brooklyn (Politecnico di New York) e nel 1949 conseguii un dottorato in fisica con una tesi sperimentale. In quello stesso anno sposai Mariangela Siracusa, una ragazza colombiana che si trovava anche lei a New York grazie a una borsa di studio. Ma fu nel 1952 che il puzzle iniziò a comporsi: ottenni un incarico alla Columbia University. Il direttore del dipartimento di ingegneria elettronica, John Ragazzini (Progetto Manhattan ndr), specializzato in elettronica, su suggerimento di Enrico Fermi, ex professore di fisica della Columbia, mi propose un incarico di Professore Assistente e di collaboratore del Marcellus Hartley Research Laboratory, laboratorio in cui si stava preparando il terreno per l’era del digitale e del quale successivamente sarei diventato direttore.

Gaia: L’incontro con Olivetti?

Ing Tchou: In quegli anni (1949), Enrico Fermi era in Italia in visita all’opificio di Adriano Olivetti. Ad Adriano parlò dei progressi fatti in America sullo sviluppo dell’elettronica, in particolare nei laboratori della Columbia University, e della corsa alla costruzione di potenti “Cervelli Elettronici” da parte delle maggiori potenze mondiali. In Inghilterra era stato costruito il Mark I, e alla Columbia, grazie anche alla IBM, si portavano avanti studi importantissimi.

Gaia: Quindi Lei era alla Columbia e Adriano Olivetti in Italia…

Ing Tchou: Le parole di Fermi attirarono l’attenzione di Adriano. Ma Olivetti sapeva due cose. La prima: nonostante quello dell’elettronica fosse un settore decisivo, in patria nessuno poteva aveva ancora quelle competenze; la seconda: era già fallito un tentativo di accordo con l’Università di Roma per la progettazione di un “cervello elettronico”. Quindi, su suggerimento del fratello Dino, si decise l’apertura di uno studio di ricerche elettroniche a New Canaan, nel Connecticut. Un ufficio capace di seguire da vicino gli sviluppi delle nuove tecnologie, utili anche per le attività della Olivetti. Ed è proprio in questi uffici che nel 1952 incontrai Dino Olivetti.

Gaia: In che modo sei stato coinvolto nel progetto di costruzione del calcolatore elettronico in Italia e cosa ti ha spinto a tornare a lavorare in Italia?

Ing Tchou: Anche in Italia si iniziò a comprendere l’importanza della ricerca nel nuovo settore dell’elettronica. Su suggerimento di Fermi e grazie alla disponibilità di nuovi fondi pubblici, il rettore dell’Università di Pisa chiese ad Adriano Olivetti di sostenere economicamente e tecnicamente la costruzione di un calcolatore elettronico. Adriano accettò senza esitazione. Tuttavia, non potendo contare su competenze specifiche in Italia, si rivolse al fratello Dino e a Guglielmo Negri, suo collaboratore diretto, per farsi aiutare nella selezione di un tecnico esperto. Entrambi gli suggerirono il mio nome. Nel 1954, a New York, incontrai l’ingegner Olivetti, che mi propose di tornare a lavorare in Italia. Accettai subito la proposta, anche perché mi ero da poco separato da mia moglie.

Gaia: Quali furono i primi passi?

Ing Tchou: All’Università di Pisa, Adriano Olivetti stipulò un accordo che gli assicurava i futuri diritti commerciali su tutti i brevetti, anticipando capitali, apparecchiature e competenze. A me (Mario) si affidò la direzione di uno dei due gruppi di ricerca formati. Il primo aveva sede a Pisa. Al secondo, venne assegnato il compito di costruire un calcolatore, si trasferì nella provincia di Pisa, dando vita al Laboratorio di Ricerche Elettroniche, con a capo Roberto Olivetti.

Gaia: Il primo progetto del Laboratorio di Elettronica?

Ing Tchou: Mi occupai personalmente del reclutamento delle persone, italiani e stranieri. Un giovane team composto da tecnici che avevano già maturato esperienza nell’elettronica. Venne “arruolato” anche un entusiasta ingegnere canadese, Martin Friedmann, esperto nella progettazione di memorie ed elettronica a transistor. I membri del gruppo si divisero i compiti: progettazione della RAM (a nuclei magnetici), istruzioni e I/O. Nel 1957, il Laboratorio di Ricerche Elettroniche (Barbaricina) presentò con largo anticipo ELEA 9001 o macchina zero, il prototipo di un calcolatore elettronico dalla struttura ingombrante, composto da pannelli, tanti cavi e molte valvole.

Gaia: Poi?

Ing Tchou: Intanto una nuova tecnologia rivoluzionaria, il transistor, si faceva largo per efficienza, dimensioni, velocità e consumi. A questo punto ebbi un’intuizione: abbandonare le valvole e riprogettare ELEA 9001 da zero, con elementi allo stato solido. Per sviluppare in casa anche i componenti elettronici, Olivetti, insieme a Telettra, fondò SGS (Società Generale Semiconduttori) per la costruzione di diodi e transistor. Nel 1958 collaudata una prima versione della nuova macchina, ricostruita a transistor.

Questa nuova macchina leggeva istruzioni lunghe 8 caratteri, ognuno dei quali formato da 6 bit, con una potenza di calcolo pari a 10.000 operazioni al secondo. La memoria centrale era realizzata con nuclei magnetici di ferrite, ognuno dei quali attraversato da fili che servivano per la lettura e la scrittura della memoria. I programmi erano caricati tramite una tastiera presente sulla consolle, che faceva da interfaccia all’operatore. Inoltre, come in un pannello sinottico, erano presenti delle lampadine che segnalavano il corretto funzionamento del calcolatore.

Gaia: L’ELEA era stato accantonato?

Ing Tchou: No, considerata la crescita del gruppo, fummo costretti a trasferire il Laboratorio di Elettronica in provincia di Milano (Borgolombardo). Presentammo alla Fiera Campionaria il nuovo calcolatore ELEA (Elaboratore Elettronico Aritmetico) 9003. Il nostro stand, di fronte a quello della IBM, era il più visitato. Fu un successo. Ero anche ottimista per la realizzazione di una nuova macchina, l’ELEA 6001, avversaria diretta della IBM 1620

Gaia: I successi continuavano?

Ing Tchou: Sì, fino al 27 febbraio del 1960, quando, come un fulmine a ciel sereno, arrivò la notizia della morte di Adriano Olivetti, mentre su un treno si dirigeva in Svizzera. E a poco più di un anno dalla morte di Adriano Olivetti, il destino mi riservò la stessa sorte. Sulla Milano-Torino, nei pressi dello svincolo per Santhià, l’auto sulla quale viaggiavo si schiantò contro un autocarro, guidato da un autista anziano.

Gaia: Una conseguenza diretta della morte di Adriano Olivetti e di Mario Tchou fu l’amputazione dello spirito imprenditoriale e creativo dell’azienda. La Divisione Elettronica fu smembrata e venduta nel 1964 alla concorrenza, gli americani della General Electric. L’Italia perse così la sua occasione di entrare da protagonista nell’era digitale.

L'articolo Mario Tchou: l’ingegnere cinese che accompagnò l’Olivetti dalle valvole ai transistor proviene da il blog della sicurezza informatica.


The Privacy Post reshared this.