Finché la gente continuerà a sostenere bandiere, anziché i veri ideali in cui crede, non avremo mai una società senziente.

RT @MatteoPugliese: Ho riassunto alcuni dati utili a comprendere le #vulnerabilità italiane sfruttate per manipolare l'opinione pubblica co…

Europe’s military fragmentation is one of the largest wastes of public money in the world. In 2025, EU defence spending is projected to reach €392B, around 2.1% of GDP. Yet Europe still operates around 178 major weapons systems, compared with roughly 30 in the U.S. The European Parliament estimates the cost of non-Europe in defence at €18–57B every year. This makes no sense. EU countries and the UK are each other’s main economic partners, share the same geography, supply chains, industrial base and geopolitical threats. Yet defence is still organised as 27 separate markets. Fragmented procurement means smaller production runs, higher unit costs, duplicated R&D, weaker interoperability and dependence on external suppliers. Joint procurement, common platforms and a real European defence industrial base are not ideology. They are basic economic logic.

Apple and Google are gradually expanding their use of hardware-based attestation. They're convincing a growing number of services to adopt it. Google's Play Integrity API and Apple's App Attest API are very similar. Apple brought it to the web via Privacy Pass, which Google intends on doing too. Google's Play Integrity API requires hardware attestation for the strong integrity level and is gradually phasing in requiring it for the more commonly used device integrity level. Apple already has it as a requirement. Over the long term, this will increasingly lock out hardware and OS competition. The purpose of these systems is disallowing people from using hardware and software not approved by Apple or Google. This is wrongly presented as being a security feature. Banks and government services are the main ones adopting it but Apple and Google are encouraging every service to use it. Apple's Privacy Pass brought hardware attestation to the web to help with passing captchas on their own hardware. Many people saw that as harmless since few sites would be willing to lock out non-Apple-hardware users. Apple and Google are both likely to bring broader hardware attestation to the web. Google's reCAPTCHA is planning an approach where they use Privacy Pass on Apple hardware, their own approach on Google Mobile Services Android devices and a QR code scanning system to require an iOS or Google certified Android device for Windows and other systems: support.google.com/recaptcha… Banking and government services increasingly require using a mobile app where they can use attestation to force using an Apple or Google approved device and OS. Apple's privacy pass, Google's 'cancelled' Web Environment Integrity and now reCAPTCHA Mobile Verification are bringing this to the web. Current media coverage for reCAPTCHA Mobile Verification misunderstands it and the impact of it. They're bringing a hardware attestation requirement to Windows, desktop Linux, OpenBSD, etc. by requiring a QR scan from a certified smartphone to pass reCAPTCHA in some cases. They could expand it more. Control over reCAPTCHA puts Google in a position where they can require having either iOS or a certified Android device to use an enormous amount of the web. Google defines certification requirements for Android which includes forcing bundling Google Chrome, etc. It's enormously anti-competitive. Google's Play Integrity API bans using GrapheneOS despite it being far more secure than anything they permit. It also bans using any other alternative. This isn't somehow specific to an AOSP-based OS. You can't avoid this by using a mobile OS based on FreeBSD instead. You'll just be more locked out. Google's Play Integrity API permits devices with no security patches for 10 years. The device integrity level can be bypassed via spoofing but they can detect it quite well and block it once it starts being done at scale. The strong integrity level requires leaked keys from TEEs/SEs to bypass it. It doesn't provide a useful security feature, but it does lock out competition very well. Services requiring Apple App Attest or Google Play Integrity are primarily helping to lock in Apple and Google having a duopoly for mobile devices. Play Integrity is more relevant due to AOSP being open source. Governments are increasingly mandating using Apple's App Attest and Google's Play Integrity for not only their own services but also commercial services. The EU is leading the charge of making these requirements for digital payments, ID, age verification, etc. Many EU government apps require them. Instead of governments stopping Apple and Google from engaging in egregiously anti-competitive behavior, they're directly participating in locking out competition via their own services. Requiring people to have an Apple device or Google-certified Android device is anti-competition, not security. reCAPTCHA Mobile Verification will currently work with sandboxed Google Play on GrapheneOS but it clearly exists to provide a way for them to start using hardware attestation on systems without it. People without an iOS or Android device will be locked out when this is required even without that. This isn't about security or any missing functionality. GrapheneOS can be verified via hardware attestation. Google bans using GrapheneOS for Play Integrity because we don't license Google Mobile Services and conform to anti-competitive rules already found to be illegal in South Korea and elsewhere. Services shouldn't ban people from using arbitrary hardware and operating systems in the first place. Google's security excuse is clearly bogus when they permit devices with no patches for 10 years but not a much more secure OS. It's for enforcing their monopolies via GMS licensing, that's all.

Perché Michele Geraci partecipa alla “Davos russa” con un badge che lo presenta come rappresentante del ministero dello Sviluppo economico? Sta militando incarichi? Qualcuno si è dimenticato di aggiornare la sua scheda? O sta davvero rappresentando il @mimit_gov?

Today, I presented state awards of Ukraine to the people without whom Operation “Spiderweb” would not have happened. We have no right to name them – everything remains absolutely classified and will remain so for a long time. This is already a historic operation by the Security Service of Ukraine, one that was carefully prepared, and on this very day one year ago, it entered its final stage – striking Russian military equipment. Farther than Ukrainian long-range capabilities had ever reached before. As precisely as no one in Russia expected. And as justly as the enemy’s strategic aviation deserves. “Spiderweb” destroyed or at least damaged 41 aircraft. Never before had Russia lost such equipment, in such numbers, and as a result of strikes by drones that were incomparably cheaper. Ukraine has once again proved that it knows how to act asymmetrically, that it defends itself actively and truly creatively, and that Russia has no chance of overcoming Ukrainian courage. Ukraine will always be one step ahead – in technology, in bravery, and in the ability to capture the world’s attention and rally the support of millions of human hearts. Ukraine is now applying long-range sanctions against Russia for this war literally every day. We did not start this war, we did not provoke it, and the only thing we wanted for Ukraine and Ukrainians was peace. But as long as the Russians choose the opposite, and as long as Russia does everything to drag out this war and expand it, Ukrainians will continue to find responses that will definitely work. I thank all our warriors for their precision! I thank the Security Service of Ukraine for its long-range leadership! I thank everyone who helps us! Glory to Ukraine!

Promesse a debito Gli impegni traditi sulla difesa, e la credibilità perduta dell’Italia Di @GabrieleCarrer Strategikon linkiesta.it/2026/05/credibi…

‼️🚨 Malicious actors can now use your SSD's activity, just by getting you to open their website, to spy on which other sites you're browsing and which apps you're running. The attack, called FROST, is accurate: 88.95% on identifying websites, 95.83% on identifying applications. It works on macOS and Linux, across browsers, and runs entirely in JavaScript. The browser makers were told, and largely shrugged. Chromium says fingerprinting isn't a security bug. Apple called it out of scope. Mozilla acknowledged it and shipped nothing. Researchers at Graz University of Technology developed the attack. It abuses the Origin Private File System, a browser feature that lets sites store files on your disk without asking. The attack creates one huge file, then constantly times how fast it can read from it. When you open another tab or launch an app, that activity competes for the same SSD, and the tiny changes in read speed leak what you're doing. A trained neural network turns those timing patterns into guesses about which site or app it is.

Risolto il mistero

A russian influence campaign hijacked hundreds of Bluesky accounts, many belonging to influential Americans, to spread propaganda, researchers said, in a striking disinformation tactic that weaponized authentic identities rather than relying on fake accounts. france24.com/en/live-news/20…

La giornalista che fa propaganda russa nella televisione francese ilpost.link/K2uFE736fR

Nel leggere questa notizia, già triste di per se, quello che purtroppo trovo sconfortante sono la pletora di bot e simpatizzanti del grande freddo che non perde occasione per portare avanti la propria campagna nel nostro paese.

NewsMap Real-time interactive news worldwide map. 144 active sources. Search by keyword. Filter daily/weekly news. newsmap.cc/ Tip by @SchiphorstSkip

Ukraine picked through Oreshnik wreckage after the May 24 strike near Bila Tserkva. What they found: inert concrete warheads, the warhead separation unit, and electronics made in Russia and Belarus. The missile carried no explosives. Zero casualties. defence-blog.com/ukraines-in…

The moment rus realizes its threats no longer scare us, it loses its strongest weapon against Europe. Interesting enough, even Russian state TV now discusses this shift with disbelief. Fear was always part of their strategy, and it’s starting to fail.

"Trim the headcount" is certainly an interesting choice of words coming from a country where the death rate from windows' "failures" is apparently higher than from car accidents..

Proud to unveil the Luce Migliore A Ferrari electric vehicle designed by me and ChatGPT in 8 seconds at a cost of $0.10

Montezemolo l'ha toccata piano...

How the EU’s plan to turbocharge Italy’s economy fell flat ft.trib.al/TSmCHvr

Ora è ufficiale: La russia è alla canna del gas

Lithuanian authorities are on high alert after a massive data leak involving more than 600,000 entries from national data registers, which is believed to have been executed by another country. Lithuanians are especially cautious given that the country, with a population of 2.9 million, is one of the main targets of R russia’s hybrid waragainst Europe, which includes sabotage, arson attacks and vandalism, as well as influence operations. apnews.com/article/lithuania…