Youth Hacking 4 Freedom Awards Ceremony has started!!
Finally we will know the 6 winners and their projects!! 🚀🚀
Thanks a lot to our donor Reinhard Wiesemann and por sponsor @openssf for your support!
The Privacy Post reshared this.
TINKER DONE ✅✅
Our winners 🏆 were tinkering with led lights 🎆🚦 and #arduino to create really cool #YH4F badges!!
Are you prepared for our 2024 #awardsceremony this evening?
The Privacy Post reshared this.
🌟🌟🌟It's Youth Hacking 4 Freedom weekend!🌟🌟🌟
Our winners are in beautiful Brussels 🍟🇧🇪 connecting with their peers with awesome food, a LED soldering workshop, and some puzzling 😉.
Wanna see what they are creating right now 🤔 and everything about the 🚀2024 amazing projects 🚀?
Stay tuned!
reshared this
California Governor Gavin Newsom signed Assembly Bill (AB) 1008 into law on September 28, amending the definition of “personal information” under the California Consumer Privacy Act (CCPA) to provide that personal information can exist in “abstract d…Future of Privacy Forum
The Privacy Post reshared this.
Curious about alternatives to proprietary social media? Join us at #LCOY24!
The FSFE’s system administrator, Tobias Diekershoff, will give an introduction to the decentralised social network #Fediverse as part of a @bitsundbaeume_berlin workshop.
When: 26 October, 12:00 - 12:45
Where: LCOY24, Berlin Charlottenburg, Schillerstr. 120
This talk is in German
Come learn how the Fediverse supports a more open, sustainable digital world. See you there!
fsfe.org/events/index.en.html#…
If you know about a FSFE related event that is not yet listed here or that you run on your own, you can easily add it by using our event announcement tool....FSFE - Free Software Foundation Europe
The Privacy Post reshared this.
The #EDRigram has dropped in your inboxes! Catch up on the latest #DigitalRights news:
📜 #EUTechSociety Summit highlights
📦 Unpacking #DigitalFairness
🇪🇺 paradoxical securitisation policies
and more! Read the latest edition ⤵️
edri.org/our-work/edri-gram-24…
What has the EDRis network been up to over the past two weeks? Find out the latest digital rights news in our bi-weekly newsletter.European Digital Rights (EDRi)
reshared this
1/3 🗓️ On 1 October, 41 civil society organisations – including @edri – co-hosted the #EUTechSociety Summit.
It was the first ever #TechPolicy summit in #Brussels led entirely by non-profit organisations and not funded by #BigTech ✊🏾
Read event highlights ⤵️ edri.org/our-work/tech-and-soc…
Throughout the day, EU decision-makers, journalists and civil society held discussions, joined panels and participated in activities that fostered dialogue about the intersections of technology, society and the environment.European Digital Rights (EDRi)
reshared this
Ecco un'idea, Pinterest: Chiedete il consenso agli utenti prima di tracciarli!
noyb ha presentato un reclamo contro Pinterest all'autorità francese per la protezione dei dati (CNIL)
mickey22 October 2024
Privacity reshared this.
📣 Women* in tech workshop: Let’s spark more Adas in our tech world! 📣
📍 SFSCON - NOI Techpark
🗓️ Saturday, 9 Nov
⏰ 09:20h
💻 Free, registration needed: sfscon.it/workshops/lets-spark…
🚀 Join us to explore how to encourage women, especially girls, to tinker and code! Let's discuss ways to promote diversity & gender equity in the #FreeSoftware community. 💻🌍
Share your experiences, ideas, and perspectives as we collaborate to create a more inclusive and diverse future in tech for everyone!
reshared this
⚠️ WARNING: the instance swiss-chaos.social has nothing to do with chaos.social! ⚠️
This instance is NOT chaos.social, but is an instance of disinformation and conspiracy theories called SWISS-chaos.social!
The name adopted wants to make people believe that it is a sort of "Swiss branch" of the illustrious instance that hosts the most important activists for digital human rights. But that is not true!
like this
reshared this
@informapirata ⁂ :privacypride: @@ordnung @rixx @Leah (Cloudstylistin) @Esserci. O no?
I don't understand, just because they express their thoughts against the Great Reset, Adverse Effects of the Covid Vaccine , they must be labeled as conspirators , conspiracy theories ???
@x Anyone who opens an instance with a deliberately misleading name to spread the anti-scientific disinformation that circulates on the internet (not to express thoughts: there is no original thought, but only toxic waste shared as fertilizer), is just a professional disinformer.
Do you understand the problem now?
@informapirata ⁂ :privacypride: @@ordnung @rixx @Leah (Cloudstylistin) @Esserci. O no?
Anyone who opens an instance with a deliberately misleading name
I agree with you .
But you can't tell me they spread anti-scientific misinformation , maybe they have their reasons
@informapirata ⁂ :privacypride:
But this is your thought , it's okay . But what do you know about these people on this social network or in general why they think this way!
You don't know how many people I know who are sick after the Covid vaccine, and now they think differently . I told you this to tell you that , you don't know why those people think that way.
Just because you think differently, others are conspiracy theorists
I am for freedom of speech
if such a person would come to your social network , what would you do you would ban him on the first post?
> But this is your thought , it's okay
No. It's not my opinion, but the current scientific consensus.
> I am for freedom of speech
I am for freedom of discussion. A flock of parrots that copy and paste anti-scientific slogans are enemies of discussion.
> to your social network , what would you do you would ban him on the first post?
If one writes, I warn him; if more than one, I silence him; if he only writes this nonsense, I ban him. I don't pay for a server to host bullshit.
@x
Nel suo libro "The Tech Coup: How to Save Democracy from Silicon Valley", Marietje Schaake evidenzia il potere incontrollato delle aziende tecnologiche e il loro impatto sulla democrazia, sostituendosi spesso ai governi e minacciando il principio di legalità democratica (vedasi l'uso di spyware come Pegasus o operazioni offensive nel cyberspazio).
La mancanza di responsabilità e controlli permette loro di agire senza limiti. Schaake propone di applicare le stesse regole di trasparenza e responsabilità pubblica anche nel mondo digitale.
Anche perché, le aziende che lavorano per il governo dovrebbero essere soggette a responsabilità legali, e la trasparenza nell'uso dei data center è cruciale per una governance efficace.
like this
reshared this
The Privacy Post reshared this.
📢 Anche quest'anno gli studenti del secondo anno dell'ITS Academy LAST saranno nostri ospiti a @sfscon
🔗🤝Il partenariato con Edulife e l'ITS Academy Last, avviato lo scorso anno, prosegue con entusiasmo: gli studenti saranno accolti dal team della FSFE, che fornirà loro una guida sui talk da seguire durante la conferenza.
💻 Gli studenti del primo anno di LAST, invece, inizieranno presto le lezioni online per approfondire il mondo del #SoftwareLibero e del copyright.
reshared this
🔗🤝 The FSFE 
partnership with ITS Academy Last and the Edulife Foundation continues!
📢ITS second year students will participate in @sfscon 2024 with official greetings & recommendation of talks to attend by the FSFE Team.
💻And soon, the first year students will engage in a series of online lessons to further develop their learning of basic legal concepts such as copyright law and licensing.
The Privacy Post reshared this.
Wow!
It's impressive how "open" is @OpenSource!
I've been silenced on #OSI forum for ten days after posting discuss.opensource.org/t/priva….
Now I'm back... and guess what?
I'm too dangerous to #OpenWashing.
🤷♂️
#OpenSource #OpenSourceAI #OSAID #AIAct #privacy
In the last opinion article from OSI, Mr. Choudhury argued: You can’t legally give us all the data? Fine, we’ll fork it. For example, you made an AI that recognizes bone cancer in humans but the data can’t be shared.OSI Discuss
The Privacy Post likes this.
reshared this
You are an insufferable pain in the ass — you know how I feel — but the post you cited is measured and well argued.
Penalizing you for writing it makes no sense!
And this one is even better!
discuss.opensource.org/t/list-…
(and likely the real reason of my censorship)
Let’s try to keep a list of well known issues that are still unaddressed at the RC1 version of the Open Source AI definition proposed by OSI.OSI Discuss
informapirata ⁂ reshared this.
The Privacy Post reshared this.
The 2024 #YH4F Award Ceremony is just around the corner! 🎉
While we wait to see this year’s winners, check out the amazing projects that won in 2023!
🌟 Get inspired by last year's awesome participants! 🙌
fsfe.org/news/2023/news-202310…
#SoftwareFreedom #FreeSoftware
*
A real-time plotter for microcontrollers; a classroom quiz platform; a radio tool; a device that provides bags to pick up your dog's poo; a game engine to ...FSFE - Free Software Foundation Europe
The Privacy Post reshared this.
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.www.youtube.com
reshared this
Maronno Winchester reshared this.
Vuoi parlare di Software Libero in Italia? Partecipa all'Italian Community Meeting durante @sfscon la Conferenza del Software Libero in Alto Adige! Scopri novità, condividi esperienze e affronta le sfide future insieme a noi. 🤔
🕐 Sabato 9 novembre, 10:30-13:00 - Seminario 3 o online
🎫 Registrati gratis: lnkd.in/eMcm6xNx
👍 Proponi il tuo intervento entro il 24.10.2024: share.fsfe.org/apps/forms/s/sC…
reshared this
Interested in discussing the most pressing issues surrounding #FreeSoftware in Italy and meet fellow volunteers from other associations? 🤔
Join us at the Italian Community Meeting during @sfscon. Discover the latest #FreeSoftware updates in #Italy, share your stories, and discuss future challenges together.
📅 Sat. 9 Nov, 10:30-13:00 - Seminar 3 or online
🎫 Free registration: lnkd.in/eMcm6xNx
🗣️ Submit your talk by 24.10: share.fsfe.org/apps/forms/s/sC…
Will you be there?
The Privacy Post reshared this.
Per la rassegna de “I Martedì della Privacy”, nell’ambito delle iniziative dell’Istituto Italiano per la Privacy e la Valorizzazione dei Dati, martedì 22 ottobre 2024 dalle ore 17:00 alle 18:30 si terrà l'Open Webinar IIP dedicato alla prima certi…Istituto Italiano Privacy
reshared this
📢 Il 26 ottobre saremo al #LinuxDayMilano2024 con dario@pan.rent! 🐧
🕒 9:30: Talk su “Denaro Pubblico? Codice Pubblico!” – scopri perché il software finanziato con denaro pubblico deve essere libero #publiccode.
📖 16:00: Lettura di Ada e Zangemann
Ti aspettiamo 🚀 @unixmib
reshared this
1/3 🇫🇷 Today, @edri member @LaQuadrature & 14 other civil society groups are taking a 'social scoring' algorithm used by the French welfare system to court.
This algorithm, used to 'combat social fraud', is unfair and stigmatising 🙅♀️
Read more ⤵️ laquadrature.net/en/2024/10/16…
On the eve of International Day for the Eradication of Poverty, 15 civil society organisations are taking the algorithm used to score beneficiaries of the Caisses d'Allocations Familiales (CAF), the family branch of the French welfare system, to the …La Quadrature du Net
reshared this
2/3 What's so harmful about such a 'social scoring' system?
❌ these #AI-powered 'anti-fraud' policies lead to over-#surveillance & criminalisation of poor and marginalised people
❌ they violate people's #privacy rights - personal data of over 32 million people is analysed
❌ they're discriminatory - factors that increase a 'suspicion score' include having low income, being unemployed, receiving benefits as a disabled person, etc.
reshared this
3/3 France is not the only country in the EU using automated social control systems.
🇳🇱 After the Dutch childcare benefits scandal in 2021, @bitsoffreedom & @edri called for a ban of this type of social scoring algorithms in the EU #ArtificialIntelligence Act #AIAct. Read our blogpost from 2021: lnkd.in/eCx35eS
We will continue to monitor and take action to stop discriminatory algorithms ✊🏾
reshared this
Exceptions against #RouterFreedom undermine users’ rights in Italy 🇮🇹
💥We urge Italy's telecom regulator, AGCOM, to remove these restrictions and fully restore users' rights to choose their own equipment to connect to fiber networks: fsfe.org/news/2024/news-202410…
#SoftwareFreedom #DeviceNeutrality
In 2018 Italy implemented Router Freedom. However regulatory decisions in 2019 and 2023 introduced exceptions for fiber networks. The Free Software Foundat...FSFE - Free Software Foundation Europe
reshared this
Today, the Future of Privacy Forum (FPF) released a new report, Synthetic Content: Exploring the Risks, Technical Approaches, and Regulatory Responses, which analyzes the various approaches being pursued to address the risks associated with “syntheti…Future of Privacy Forum
The Privacy Post reshared this.
Excitement is building for the upcoming #YH4F Award Ceremony in Brussels! 🎉
Who will be the 2024 edition’s 6 winners? 🌟
We can’t wait to see the inspiring projects and celebrate their incredible contributions!
👏 Stay tuned! #FreeSoftware #SoftwareFreedom openssf@social.lfx.dev
The Privacy Post reshared this.
Why isn’t software funded by taxpayers released as Free Software? 🤔💻
We need legislation 📜 requiring publicly financed software to be #FreeSoftware. If it’s public money 💰, it should be public code! 👨💻👩💻
Code paid by the people should be available to the people! 🙌 #PublicCode
reshared this
CGUE: Meta deve "minimizzare" l'uso dei dati personali per gli annunci pubblicitari
Con la sentenza odierna nella causa C-446/21 (Schrems contro Meta), la Corte di giustizia dell'Unione europea (CGUE) ha dato pieno appoggio a una causa intentata contro Meta per il suo servizio Facebook.
mickey04 October 2024
Protection of young people online should be achieved through empowerment not exclusion ✊🏾
This is the highlight of @edri and our members' submission in response to the European Commission's call for evidence for the #DigitalServicesAct #DSA guidelines for the protection of minors online.
Read more ⤵️ edri.org/our-work/protection-t…
EDRi submitted a response to the European Commission’s call for evidence for the DSA Art. 28 guidelines for the protection of minors online.European Digital Rights (EDRi)
reshared this
🚀✨ Ada & Zangemann: A Tale of Software, Skateboards, and Raspberry Ice Cream! 🍦🛹
The illustrated story is now an animated movie 🎥
➡️ media.fsfe.org/w/j1c6LQVZ8qnCL…
#SoftwareFreedom #AdaZangemann
Ada & Zangemann - A Tale of Software, Skateboards, and Raspberry Ice Cream
The famous inventor Zangemann lives in a huge villa high above the city. Adults and children alike love his inventions and are desperate to have them. But then something happens: when Zangemann wants to take another close-up look at his inventions during a walk through the city, a child hits him in the shin with the skateboard. That hurts! Enraged, the inventor makes a momentous decision... The clever girl Ada sees through what is going on. Together with her friends, she forges a plan.This animated movie tells the story of the famous inventor Zangemann and the girl Ada, a curious tinkerer. Ada begins to experiment with hardware and software, and in the process realises how crucial it is for her and others to control technology.
An Open Educational Resource that inspires children to tinker and create technology.
Find out more about this film and book at ada.fsfe.org
Copyright (c) 2024 Free Software Foundation Europe e.V.
This work is licensed under the Creative Commons Attribution-ShareAlike 4.0 (CC‑BY‑SA‑4.0) International License.
To view a copy of this license, visit: creativecommons.org/licenses/b…
reshared this
On National Coming Out Day, it’s important to recognize that Coming Out is a right of passage for many LGBTQ+ individuals and a decision that they should be empowered to make for themselves.Future of Privacy Forum
The Privacy Post reshared this.
💥The FSFE submitted last month its arguments in the #Apple vs. @EUCommission litigation, arguing how interoperability is key for our digital societies
📎 Want to know more about this case? Check out this article by @heiseonline heise.de/en/news/FSFE-Apple-is…
Apple is blocking free software and clearly violating the new EU competition law, complain activists. They are backing the Commission.Leo Becker (heise online)
reshared this
Il Parlamento olandese ha appena approvato una risoluzione esemplare su #ChatControl a larga maggioranza
Si esprimono "irriconciliabili preoccupazioni riguardo alla proporzionalità del regolamento europeo CSAM" +++ "l'ordine di difesa da emettere sulle comunicazioni private di tutti i cittadini" è inaccettabile +++ Il governo e gli esperti elaborano "una proposta europea alternativa per combattere la diffusione di immagini di abusi sui minori online"
like this
reshared this
reshared this
reshared this
We are participating in the #LibreOffice and #OpenSource Conference 2024in Luxemburg! 👏
If you see our colleagues @kirschner or @lexelas around say hi to them!
reshared this
Braun TS2 Radio Turns 68, Gets Makeover
poliverso.org/display/0477a01e…
Braun TS2 Radio Turns 68, Gets MakeoverThe Braun TS2 radio was a state-of-the art tube set in 1956. Today it still looks great, but unsurprisingly, the one that [Manuel Caldeier] has needed a little tender loving care youtube.com/watch?v=NTmJkDLp_U…. The table radio had a distinct style for its day and push-buttons. However, the dial glass and the speaker grill needed replacement. Even more
Braun TS2 Radio Turns 68, Gets Makeover
The Braun TS2 radio was a state-of-the art tube set in 1956. Today it still looks great, but unsurprisingly, the one that [Manuel Caldeier] has needed a little tender loving care. The table radio had a distinct style for its day and push-buttons. However, the dial glass and the speaker grill needed replacement. Even more interesting, the radio has a troublesome selenium rectifier, giving him the perfect chance to try out his new selenium rectifier solid-state replacement.
The radio is as good-looking inside as it is outside. You can tell that this isn’t his first restoration, as he has several tricks to test things at different stages of the project.
While the radio looked good, it smelled of smoke, which required a big effort to clean. The dial glass was intact enough for him to duplicate it in a graphic program and print it on a transparent adhesive sticker. With a deep breath, he removed the original markings from the glass so he could add the sticker to it. That didn’t work because the label needed cutouts. So now he is waiting for a piece of acrylic that will have the art UV printed on it.
We want to see the next part as we imagine the radio sounds as good as it looks when it is working. If you want to know more about the rectifier replacement, we covered that earlier. Even years later, Braun would have a clean aesthetic.
youtube.com/embed/NTmJkDLp_Uw?…
hackaday.com/2024/10/09/braun-…
The Privacy Post reshared this.
Muah.ai è stato Hackerato! Tutte le fantasie proibite degli utenti ora sono pubbliche!
poliverso.org/display/0477a01e…
Muah.ai è stato Hackerato! Tutte le fantasie proibite degli utenti ora sono pubbliche!Giorno dopo giorno, scopriamo nuovi modi per effettuare attacchi all’intelligenza artificiale redhotcyber.com/post/che-cose-… direttamente dal campo. Questa volta però, un redhotcyber.com/post/i-padri-f… ha divulgato i prompt di input degli utenti destando
Muah.ai è stato Hackerato! Tutte le fantasie proibite degli utenti ora sono pubbliche!
Giorno dopo giorno, scopriamo nuovi modi per effettuare attacchi all’intelligenza artificiale direttamente dal campo. Questa volta però, un hacker ha divulgato i prompt di input degli utenti destando grossa preoccupazione.Un hacker si è introdotto in Muah.ai, un sito web che consente agli utenti di creare i propri partner sessuali virtuali “senza censura”, e ha rubato un enorme database di interazioni degli utenti con i chatbot.
La fuga di notizie comprendeva query contenenti fantasie sessuali, compresi scenari legati al CSAM. Sebbene non sia chiaro se il sistema di intelligenza artificiale fosse in grado di rispondere a tali richieste, i dati mostrano che gli utenti hanno tentato di utilizzare la piattaforma per tali scopi.
L’hacker ha dichiarato a 404 Media che Muah.ai è scarsamente protetto e consiste in diversi progetti open source messi insieme. L’hack è iniziato per curiosità, ma dopo aver scoperto il contenuto del database, l’hacker ha deciso di informare i giornalisti. Ha anche sottolineato di aver scoperto le vulnerabilità piuttosto rapidamente.
L’amministratore del sito, che si fa chiamare Harward Khan, ha dichiarato che l’hack è stato organizzato da concorrenti “spinti dalla brama di profitto”, mentre Muah.ai è un progetto orientato alla comunità. L’hack è stato scoperto la settimana scorsa, ma Khan non ha fornito prove delle sue parole. L’hacker, invece, ha dichiarato di lavorare nel campo dell’informatica ma di non essere legato allo sviluppo dell’intelligenza artificiale.
L’hack ha creato seri rischi per gli utenti di Muah.ai, poiché le loro fantasie sessuali possono ora essere collegate a indirizzi e-mail personali, molti dei quali sembrano essere account personali con nomi reali. La fuga di notizie contiene anche query che descrivono fantasie di dominazione sessuale, tortura e coercizione. 404 Media ha contattato diversi utenti i cui dati sono stati compromessi, ma nessuno di loro ha fornito commenti.
Dopo la scoperta dell’hack, sul server Discord è apparso un post sull’attacco hacker. Il post confermava l’attacco e affermava che i dati della chat non vengono memorizzati e vengono cancellati dopo un reset. Tuttavia, il database sembra contenere molte informazioni che collegano gli utenti alle loro richieste.
L'articolo Muah.ai è stato Hackerato! Tutte le fantasie proibite degli utenti ora sono pubbliche! proviene da il blog della sicurezza informatica.
The Privacy Post reshared this.
Salvare o Cancellare? Il Nuovo Mistero di Word e dei file che scompaiono!
poliverso.org/display/0477a01e…
Salvare o Cancellare? Il Nuovo Mistero di Word e dei file che scompaiono!Microsoft ha avvisato support.microsoft.com/en-us/of… gli utenti di un problema che potrebbe causare l’eliminazione di alcuni documenti da parte di Word per Windows invece di salvarli. Il problema riguarda solo gli utenti di Word per Microsoft 365 versione 2409 (build
Salvare o Cancellare? Il Nuovo Mistero di Word e dei file che scompaiono!
Microsoft ha avvisato gli utenti di un problema che potrebbe causare l’eliminazione di alcuni documenti da parte di Word per Windows invece di salvarli. Il problema riguarda solo gli utenti di Word per Microsoft 365 versione 2409 (build 18025.20104).Microsoft ha confermato il problema quando gli utenti hanno iniziato a lamentarsi in massa ( 1 , 2 , 3 ) del fatto che Word stava eliminando alcuni file. Come ha spiegato l’azienda, il problema si verifica solo se l’utente chiude Word dopo aver modificato un documento e gli viene chiesto di salvarlo. Dopo aver salvato le modifiche in questo modo, il file potrebbe scomparire.
Inoltre, sui sistemi interessati, i file archiviati localmente potrebbero essere eliminati se i loro nomi contengono un carattere “#” e l’estensione del file è scritta in lettere maiuscole (ad esempio, .DOCX o .RTF).
Attualmente, gli sviluppatori stanno già studiando il problema e si consiglia alle vittime di adottare una serie di misure finché l’azienda non rilascia una patch. Quindi, se un file viene eliminato, Microsoft consiglia di controllare il Cestino (il file eliminato può essere ripristinato da lì) e, in generale, si consiglia agli utenti di salvare manualmente i documenti prima di chiudere Word, poiché in questo caso l’errore non viene visualizzato.
Inoltre, gli utenti interessati possono abilitare l’impostazione “Non mostrare la visualizzazione Backstage durante l’apertura o il salvataggio di file utilizzando le scorciatoie da tastiera” nel menu File -> Opzioni -> Salva. Un’altra soluzione alternativa consiste nel ripristinare temporaneamente una versione precedente finché Microsoft non rilascerà una correzione.
L'articolo Salvare o Cancellare? Il Nuovo Mistero di Word e dei file che scompaiono! proviene da il blog della sicurezza informatica.
The Privacy Post reshared this.
Aggiornamenti urgenti per i chipset Qualcomm: Vulnerabilità sfruttata in attacchi mirati
poliverso.org/display/0477a01e…
Aggiornamenti urgenti per i chipset Qualcomm: Vulnerabilità sfruttata in attacchi miratiQualcomm ha rilasciato correzioni per la vulnerabilità redhotcyber.com/post/vulnerabi… redhotcyber.com/post/la-minacc… nvd.nist.gov/vuln/detail/CVE-2… (punteggio CVSS 7.8) nel Digital Signal Processor (DSP). Il problema riguarda decine di chipset ed è
Aggiornamenti urgenti per i chipset Qualcomm: Vulnerabilità sfruttata in attacchi mirati
Qualcomm ha rilasciato correzioni per la vulnerabilità zero-day CVE-2024-43047 (punteggio CVSS 7.8) nel Digital Signal Processor (DSP). Il problema riguarda decine di chipset ed è stato scoperto dagli esperti di Google Project Zero e Amnesty International.Gli specialisti della sicurezza informatica hanno spiegato che la vulnerabilità è di tipo use-after-free e può portare alla corruzione delle informazioni in memoria se sfruttata con successo da aggressori locali (anche con bassi privilegi).
Come riportato da Qualcomm in un bollettino sulla sicurezza pubblicato questa settimana, gli esperti di Google TAG e Amnesty International hanno scoperto che la vulnerabilità è già stata sfruttata dagli aggressori. Non è ancora noto di che tipo di attacchi stiamo parlando.
Ma vale la pena notare che entrambi i gruppi di ricerca sono specializzati nelle vulnerabilità 0-day che vengono utilizzate in sofisticati attacchi di spionaggio rivolti a giornalisti, politici dell’opposizione, dissidenti e così via.
“Secondo il Google Threat Analysis Group, CVE-2024-43047 potrebbe essere soggetto a sfruttamento limitato e mirato”, ha avvertito Qualcomm. “Le patch per questo problema che interessa il driver FASTRPC sono già state fornite agli OEM e si consiglia vivamente di aggiornare i dispositivi interessati il prima possibile.”È noto che il problema interessa più di 60 chipset, inclusi i prodotti delle serie FastConnect, QCA, QCS, Video Collaboration, SA, SD, SG, Snapdragon, SW, SXR, WCD, WCN e WSA. In particolare, sono vulnerabili Snapdragon 660 e i modelli più recenti, i modem Qualcomm 5G, nonché i kit Wi-Fi/Bluetooth FastConnect 6700, 6800, 6900 e 7800.
Oltre a questa vulnerabilità zero-day, Qualcomm ha corretto altri 19 bug nei suoi prodotti. Tra questi problemi, possiamo notare il bug critico CVE-2024-33066 (9,8 punti sulla scala CVSS), associato ad un’errata validazione dell’input nel gestore delle risorse WLAN.
L'articolo Aggiornamenti urgenti per i chipset Qualcomm: Vulnerabilità sfruttata in attacchi mirati proviene da il blog della sicurezza informatica.
The Privacy Post reshared this.
Lagrange Points and Why You Want to Get Stuck At Them
poliverso.org/display/0477a01e…
Lagrange Points and Why You Want to Get Stuck At Them hackaday.com/wp-content/upload…Visualization of the Sun-Earth Lagrange points.Orbital mechanics is a fun subject, as it involves a lot of seemingly empty space that’s nevertheless full of very real forces, all of which must be taken into account lest one’s spacecraft ends up performing a sudden lithobraking maneuver into a
Lagrange Points and Why You Want to Get Stuck At Them
Visualization of the Sun-Earth Lagrange points.
Orbital mechanics is a fun subject, as it involves a lot of seemingly empty space that’s nevertheless full of very real forces, all of which must be taken into account lest one’s spacecraft ends up performing a sudden lithobraking maneuver into a planet or other significant collection of matter in said mostly empty space. The primary concern here is that of gravitational pull, and the way it affects one’s trajectory and velocity. With a single planet providing said gravitational pull this is quite straightforward to determine, but add in another body (like the Moon) and things get trickier. Add another big planetary body (or a star like our Sun), and you suddenly got yourself the restricted three-body problem, which has vexed mathematicians and others for centuries.The three-body problem concerns the initial positions and velocities of three point masses. As they orbit each other and one tries to calculate their trajectories using Newton’s laws of motion and law of universal gravitation (or their later equivalents), the finding is that of a chaotic system, without a closed-form solution. In the context of orbital mechanics involving the Earth, Moon and Sun this is rather annoying, but in 1772 Joseph-Louis Lagrange found a family of solutions in which the three masses form an equilateral triangle at each instant. Together with earlier work by Leonhard Euler led to the discovery of what today are known as Lagrangian (or Lagrange) points.
Having a few spots in an N-body configuration where you can be reasonably certain that your spacecraft won’t suddenly bugger off into weird directions that necessitate position corrections using wasteful thruster activations is definitely a plus. This is why especially space-based observatories such as the James Webb Space Telescope love to hang around in these spots.
Stable and Unstable Stable
Although the definition of Lagrange points often makes it sound like you can put a spacecraft in that location and it’ll remain there forever, it’s essential to remember that ‘stationary’ only makes sense in particular observer’s reference frame. The Moon orbits the Earth, which orbits the Sun, which ultimately orbits the center of the Milky Way, which moves relative to other galaxies. Or it’s just the expansion of space-time which make it appear that the Milky Way moves, but that gets one quickly into the fun corners of theoretical physics.A contour plot of the effective potential defined by gravitational and centripetal forces. (Credit: NASA)
Within the Earth-Sun system, there are five Lagrange points (L1 – L5), of which L2 is currently the home of the James Webb Space Telescope (JWST) and was the home to previous observatories (like the NASA WMAP spacecraft) that benefit from always being in the shadow of the Earth. Similarly, L1 is ideal for any Sun observatory, as like L2 it is located within easy communication distancePerhaps shockingly, the L3 point is not very useful to put any observatories or other spacecraft, as the Sun would always block communication with Earth. What L3 has in common with L1 and L2 is that all of these are unstable Lagrange points, requiring course and attitude adjustments approximately every 23 days. This contrasts with L4 and L5, which are the two ‘stable’ points. This can be observed in the above contour plot, where L4 and L5 are on top of ‘hills’ and L1 through L3 are on ‘saddles’ where the potential curves up in one direction and down another.
One way to look at it is that satellites placed in the unstable points have a tendency to ‘wander off’, as they don’t have such a wide region of relatively little variance (contour lines placed far from each other) as L4 and L5 do. While this makes these stable points look amazing, they are not as close to Earth as L1 and L2, and they have a minor complication in the fact that they are already occupied, much like the Earth-Moon L4 and L5 points.
Because of how stable the L4 and L5 points are, the Earth-Moon system ones have found themselves home to the Kordylewski clouds. These are effectively concentrations of dust which were first photographed by Polish astronomer Kazimierz Kordylewski in 1961 and confirmed multiple times since. Although a very faint phenomenon, there are numerous examples of objects caught at these points in e.g. the Sun-Neptune system (Neptune trojans) and the Sun-Mars system (Mars trojans). Even our Earth has picked up a couple over the years, many of them asteroids. Of note that is the Earth’s Moon is not in either of these Lagrange points, having become gravitationally bound as a satellite.
All of which is a long way to say that it’s okay to put spacecraft in L4 and L5 points as long as you don’t mind fragile technology sharing the same region of space as some very large rocks, with an occasional new rocky friend getting drawn into the Lagrange point.
Stuff in Lagrange Points
A quick look at the Wikipedia list of objects at Lagrange points provides a long list past and current natural and artificial objects at these locations, across a variety of system. Sticking to just the things that we humans have built and sent into the Final Frontier, we can see that only the Sun-Earth and Earth-Moon systems have so far seen their Lagrange points collect more than space rocks and dust.Starting with Sun-Earth, the L1 point has:
- Solar and Heliospheric Observatory (SOHO, ESA)
- Advanced Composition Explorer (ACE, NASA)
- Global Geospace Science WIND (GGS, NASA)
- Deep Space Climate Observatory (DSCOVR, NOAA)
- Aditya-L1 (ISRO)
These will be joined if things go well by IMAP in 2025 along with SWFO-L1, NEO Surveyor in 2027. These spacecraft mostly image the Sun, monitor solar wind, image the Earth and its weather patterns, for which this L1 point is rather excellent. Of note here is that strictly taken most of these do not simply linger at the L1 point, but rather follow a Lissajous orbit around said Lagrange point. This particular orbital trajectory was designed to compensate for the instability of the L1-3 points and minimize the need for course corrections.
Moving on, the Sun-Earth L2 point is also rather busy:
- Gaia space observatory (ESA)
- Spektr-RG astrophysics observatory (Russian-German)
- James Webb Space Telescope (JWST, NASA, ESA, CSA)
- Euclid space telescope (ESA)
- Chang’e 6 orbiter (CNSA)
Many of the planned spacecraft that should be joining the L2 point are also observatories for a wide range of missions, ranging from general observations in a wide range of spectra to exoplanet and comet hunting.
Despite the distance and hazards of the Sun-Earth L4 and L5 points, these host the Solar TErrestrial RElations Observatory (STEREO) A and B solar observation spacecraft. The OSIRIS-REx and Hayabusa 2 spacecraft have passed through or near one of these points during their missions. The only spacecraft planned to be positioned at one of these points is ESA’s Vigil, which is scheduled to launch by 2031 and will be at L5.
Contour plot of the Earth-Moon Lagrange points. (Credit: NASA)
Only the Moon’s L2 point currently has a number of spacecraft crowding about, with NASA’s THEMIS satellites going through their extended mission observations, alongside the Chinese relay satellite Queqiao-2 which supported the Chang’e 6 sample retrieval mission.In terms of upcoming spacecraft to join the sparse Moon Lagrange crowd, the Exploration Gateway Platform was a Boeing-proposed lunar space station, but it was discarded in favor of the Lunar Gateway which will be placed i a polar near-rectilinear halo orbit (NRHO) with an orbital period of about 7 days. This means that this space station will cover more of the Moon’s orbit rather than remain stationary. It is intended to be launched in 2027, as part of the NASA Artemis program.
Orbital Mechanics Fun
The best part of orbits is that you have so many to pick from, allowing you to not only pick the ideal spot to idle at if that’s the mission profile, but also to transition between them such as when traveling from the Earth to the Moon with e.g. a trans-lunar injection (TLI) maneuver. This involves a low Earth orbit (LEO) which transitions into a powered, high eccentric orbit which approaches the Moon’s gravitational sphere of influence.Within this and low-energy transfer alternatives the restricted three-body problem continuously applies, meaning that the calculations for such a transfer have to account for as many variables as possible, while in the knowledge that there is no perfect solution. With our current knowledge level we can only bask in the predictable peace and quiet that are the Lagrange points, if moving away from all those nasty gravity wells like the Voyager spacecraft did is not an option.
Top image: The Cosmic Cliffs of the Carina Nebula, one of the first images released from the James Webb Space Telescope.
hackaday.com/2024/10/09/lagran…
The Privacy Post reshared this.
EDRi
in reply to EDRi • • •2/3 🤝🏽 We were joined by 350+ MEPs, EU decisionmakers, civil society representatives and journalists to strategise, discuss and imagine an alternative EU tech agenda that centers people, the planet and democracy.
📸 by @Omarhavana
EDRi
in reply to EDRi • • •3/3 We're grateful to all speakers & attendees for joining the #EUTechSociety Summit 💚
💜 This one-of-a-kind event was made possible thanks to all 41 co-hosting organisations, and the financial support from EDRi donors
Huge thanks also to @Omarhavana for capturing moments throughout the day with great photos! 📸