Thermify. These are installations that UK Power Grid, a power supply company in the south and east of England, has offered to its customers. Thermify Heat Hub, as it is called, is a rather revolutionary approach to house heating, combining an effective heating system with data processing in the wall. Each Heat Hub system consists of a cluster that consists of about 500 Raspberry Pi Compute 4 or 5 modules. They have been selected specifically because of their thermal properties and the ability to process cloud tasks. Each Raspberry Pi module is multiplied in a special oil that performs a double function. Firstly, it ensures effective cooling of these modules, i.e., it allows them to operate at optimal temperatures when performing intensive calculations, and secondly, this oil serves as a medium for transferring rain heat to the home heating system. This approach eliminates the need to use traditional cooling systems, which normally consume extra energy in conventional data centers and where heat is simply discharged into the atmosphere, which means waste. In the case of Thermify systems, the heat accumulated in oil is transferred by the heat exchanger to the central heating system and is used to heat the hot water in use. This means that the system is a direct substitute for a traditional gas or electric boiler that has been used to heat water in boilers and water in tap so far.

Read more

This is part of my podcast, translated from polish into english (I'm recording my podcast in Polish) :

How huge corporations use open source software,

virtually giving nothing in return, or even if they do, it is very little and very late. That's what I'm about to tell you. The idea to talk about it came from the fact that this month there was a very big problem between the volunteer group taking care of the ffmpeg project and Alphabet. Alphabet uses this ffmpeg library, which is a library for video and audio processing, virtually everywhere. They use it in their AI, they use it on Google, they use it on YouTube. In fact, YouTube is based on this library and would not work without it. So you could say this is the key library for this company.

There's something in Google like Project Zero.

It is a team that uses artificial intelligence to view various open software and generate error reports. And it was the team responsible for ffmpeg that was flooded with an incredibly large number of reported errors, but Google stopped there. They reported mistakes, but did not propose any amendments. In theory, after the 90-day deadline, Google may publicly disclose all the security gaps it has found and reported to the ffmpeg maintainers. The problem is that Google used its computing resources, its AI, to automatically find errors in the code, And the ffmpeg team, it's a team of volunteers who work for free, in their spare time, they actually do it typically as a hobby. They can't be forced to do anything faster, so they had to choose to fix mistakes as quickly as Google fills them with their reports, which is not too impossible, or risk the public disclosure of security gaps in the software, which would not be very good. Interestingly, at the same time and funny and tragic, it is the fact that open source companies do not pay for this, and therefore they have no contract, they have no guaranteed support, there is no NDA, there is no such thing. but there is also no guarantee that this software will work, or that it will be available. In fact, such a Google, basing YouTube on this open library, risks that the maintainers can change their license at some point, block access to it and actually eliminate their YouTube service if they just decide to be mean enough.

And how do we know that this could happen?

Read more

Current situation in the world

The modern digital landscape is characterised by an increasing confrontation between citizens' right to privacy and governments' aspirations for greater oversight of electronic communications. Authorities around the world are stepping up efforts to weaken or circumvent end-to-end encryption, often under the pretext of fighting crime, protecting children, or ensuring national security. These actions represent an unprecedented attack on the fundamental digital security infrastructure that protects billions of users from cybercriminals, authoritarian regimes, and other malicious actors.

European Union

One of the most controversial initiatives is the so-called Chat Control – a 2022 proposal from the European Commission that would require communication service providers to scan all private messages and files to detect child sexual abuse material (CSAM). This proposal has been further modified by successive presidencies of the Council of the EU, but its essence remains unchanged - the introduction of mandatory client-side scanning, which in practice means breaking end-to-end encryption. In October 2025, the Danish presidency again tried to push through this proposal, but met with strong opposition from member states. Germany, which had previously supported the proposal, changed its position and refused to support the Danish proposals on 7 October 2025, which meant that it did not have the required majority. Jens Spahn, chairman of the CDU/CSU parliamentary group, stated: "We are against the surveillance of chats. It would be like preemptively opening all the letters to see if there is anything illegal in them. This is not acceptable." The Signal Foundation has officially stated that it will withdraw its application from the EU if Chat Control is adopted. Similar declarations have been made by other companies offering encrypted communication services. More than 40 European companies have published an open letter warning that Chat Control will destroy privacy, weaken encryption and seriously harm the competitiveness of European businesses. Characteristically, in the latest version of the proposal, state communications are excluded from the obligation to scan - while citizens and businesses would be subject to mass surveillance, politicians retain the right to private communications.

United Kingdom

Read more

Jaguar Land Rover (JLR)

Jaguar Land Rover (JLR) has fallen victim to one of the most destructive cyberattacks in the history of the British automotive industry. The attack, which began on August 31, 2025, led to a complete halt to global production and caused a domino effect throughout the supply chain, generating losses estimated at £5-10 million per day. A group called "Scattered Lapsus$ Hunters" - a coalition of three well-known cybercriminal collectives - has claimed responsibility for the attack:

• Scattered Spider - a loose network of young hackers, mostly teenagers from the UK and the US
• Lapsus$ - a group known for attacks on large technology corporations
• ShinyHunters - specializing in data theft and extortion.

The Scattered Spider is a particularly dangerous group, consisting mainly of young people, some as young as 16 years old, coming from an English-speaking hacker community called "The Com". The group was previously responsible for attacks on M&S (£300 million in losses), Co-op and Harrods.

The attackers used a combination of advanced techniques:

• Social Engineering - manipulation of IT employees to gain access to systems
• SAP NetWeaver vulnerability exploitation - exploitation of critical vulnerabilities CVE-2025-31324 and CVE-2025-42999
• Lack of authorization in Visual Composer - allowed unauthorized access to systems

The main reason for the success of the attack was the exploitation of critical vulnerabilities in the SAP NetWeaver system. These vulnerabilities enabled attackers to:

• Execution of arbitrary commands on SAP servers
• Upload malicious executable files
• Full System Control

Additional factors affecting the scale and effects of the attack were:

Read more

Atlassian Jira has dominated the project management and customer service market for years, but rising licensing costs, customization limitations, and vendor dependency are driving more and more organizations to look for open source alternatives. This article provides a detailed overview of the most important solutions that can replace Jira Service Management (helpdesk, ITSM) functionalities. Each of the presented tools offers a unique approach to project management and user service, while maintaining the benefits of open source.

Open source alternatives to Jira Service Management

In this article I describe:

• osTicket
• Zammad
• OTRS
• GLPI

  Read more

Atlassian Jira has dominated the project management and customer service market for years, but rising licensing costs, customization limitations, and vendor dependency are driving more and more organizations to look for open source alternatives. This article provides a detailed overview of the most important solutions that can replace the functionalities of Jira Software (project management, bug tracking). Each of the presented tools offers a unique approach to project management and user service, while maintaining the benefits of open source.

Open source alternatives to Jira Software

In this article I describe:

• OpenProject
• Redmine
• GitLab
• Taiga
• MantisBT (Mantis Bug Tracker)
• Bugzilla
• Trac

Read more