An anonymous reader quotes a report from Ars Technica: Will Google ever launch its "Find My" network? The Android ecosystem was supposed to have its own version of Apple's AirTags by now. Google has had a crowd-sourced device-tracking network sitting dormant on 3 billion Android phones since December 2022. Partners have been ready to go with Bluetooth tag hardware since May 2023! This was all supposed to launch a year ago, but Google has been in a holding pattern. The good news is we're finally seeing some progress after a year of silence. The reason for Google's lengthy delay is actually Apple. A week before Google's partners announced their Android network Bluetooth tags, Google and Apple jointly announced a standard to detect "unknown" Bluetooth trackers and show users alerts if their phone thinks they're being stalked. Since you can constantly see an AirTag's location, they can be used for stalking by just covertly slipping one into a bag or car; nobody wants that, so everyone's favorite mobile duopoly is teaming up.

Google did its half of this partnership and rolled out AirTag detection in July 2023. At the same time, Google also announced: "We've made the decision to hold the rollout of the Find My Device network until Apple has implemented protections for iOS." Surely Apple would be burning the midnight oil to launch iOS Android tag detection as soon as possible so that Google could start competing with AirTags. It looks like iOS 17.5 is the magic version Google is waiting for. The first beta was released to testers recently, and 9to5Mac recently spotted strings for detecting "unwanted" non-Apple tracking devices that were suddenly following you around. This 17.5 update still needs to ship, and the expectation is sometime in May. That would be 11 months after Google's release. [...]

With the impending iOS release, Google seems to be getting its ducks in a row as well. 9to5Google has a screenshot of the new Find My Device settings page that is appearing for some users, which gives them a chance to opt out of the anonymous tracking network. That report also mentions that some users received an email Thursday of an impending tracking network launch, saying: "You'll get a notification on your Android devices when this feature is turned on in 3 days. Until then, you can opt out of the network through Find My Device on the web." The vast majority of Android users have not gotten this email, though, suggesting maybe it was a mistake. It's very weird to announce a launch in "days remaining" rather than just saying what date something will launch, and this email went out Thursday, which would mean a bizarre Sunday launch when everyone is off for the weekend.

An anonymous reader writes: Could you imagine discovering that your identity had been used to take out fraudulent loans and when you tried to resolve the issue by providing your state ID and Social Security card you were instead arrested, charged with multiple felonies, jailed for over a year, incarcerated in a mental hospital and given psychotropic drugs, eventually to be released with a criminal record and a judge's order that you could no longer use your real name? As dystopian as this might sound, it actually happened. And it was only after the victim learned his oppressor worked for The University of Iowa Hospital and contacted their security department was the investigation taken seriously leading to the perpetrator's arrest. The Gazette reports: Matthew David Keirans, 58, was convicted of one count of false statement to a National Credit Union Administration insured institution -- punishable by up to 30 years in federal prison -- and one count of aggravated identity theft -- punishable by up to two years in federal prison. Keirans worked as a systems architect in the hospital's IT department from June 28, 2013 to July 20, 2023, when he was terminated for misconduct related to the identity theft investigation. Keirans worked at the hospital under the name William Donald Woods, an alias he had been using since about 1988, when he worked with the real William Woods at a hot dog cart in Albuquerque, N.M. [...] By 2013, Keirans had moved to eastern Wisconsin. He started his IT job with UI Hospitals and worked remotely. He earned more than $700,000 in his 10 years working for the hospital. In 2023, his salary was $140,501, according to the hospital.

In 2019, the real William Woods was homeless, living in Los Angeles. He went to a branch of the national bank and explained that he recently discovered someone was using his credit and had accumulated a lot of debt. Woods didn't want to pay the debt and asked to know the account numbers for any accounts he had open at the bank so he could close them. Woods gave the bank employee his real Social Security card and an authentic California Identification card, which matched the information the bank had on file. Because there was a large amount of money in the accounts, the bank employee asked Woods a series of security questions that he was unable to answer. The bank employee called Keirans, whose the phone number was connected to the accounts. He answered the security questions correctly and said no one in California should have access to the accounts. The employee called the Los Angeles Police Department, and officers spoke with Woods and Keirans. Keirans faxed the Los Angeles officers a copy of Woods' Social Security card and birth certificate, as well as a Wisconsin driver's license Keirans had acquired under Woods' name. The driver's license had the name William David Woods -- David is Keirans' real middle name -- rather than William Donald Woods. When questioned, Keiran told an LAPD officer he sometimes used David as a middle name, but his real name was William Donald Woods. The real Woods was arrested and charged with identity theft and false impersonation, under a misspelling of Keirans' name: Matthew Kierans.

Because Woods continued to insist, throughout the judicial process, that he was William Woods and not Matthew Kierans, a judge ruled in February 2020 that he was not mentally competent to stand trial and he was sent to a mental hospital in California, where he received psychotropic medication and other mental health treatment. In March 2021, Woods pleaded no contest to the identity theft charges -- meaning he accepted the conviction but did not admit guilt. He was sentenced to two years imprisonment with credit for the two years he already served in the county jail and the hospital and was released. He was also ordered to pay $400 in fines and to stop using the name William Woods. He did not stop. Woods continued to attempt to regain his identity by filing customer disputes with financial organizations in an attempt to clear his credit report. He also reached out to multiple law enforcement agencies, including the Hartland Police Department in Wisconsin, where Keirans lived. Woods eventually discovered where Keirans was working, and in January 2023 he reached out to the University of Iowa Hospitals' security department, who referred his complaint to the University of Iowa Police Department.

University of Iowa Police Detective Ian Mallory opened an investigation into the case. Mallory found the biological father listed on Woods' birth certificate -- which both Woods and Keirans had sent him an official copy of -- and tested the father's DNA against Woods' DNA. The test proved Woods was the man's son. On July 17, 2023, Mallory interviewed Keirans. He asked Keirans what his father's name was, and Keirans accidentally gave the name of his own adoptive father. Mallory then confronted Keirans with the DNA evidence, and Keirans responded by saying, "my life is over" and "everything is gone." He then confessed to the prolonged identity theft, according to court documents. The full story can be ready via The Gazette.

An anonymous reader quotes a report from 404 Media: Last week, Ernie Smith, the publisher of the website Tedium, got a "copyright infringement notice" from a law firm called Commonwealth Legal: "We're reaching out on behalf of the Intellectual Property division of a notable entity, in relation to an image connected to our client," it read. [...] In this case, though, the email didn't demand that the photo be taken down or specifically threaten a lawsuit. Instead, it demanded that Smith place a "visible and clickable link" beneath the photo in question to a website called "tech4gods" or the law firm would "take action." Smith began looking into the law firm. And he found that Commonwealth Legal is not real, and that the images of its "lawyers" are AI generated.

The threat to "activate the case No. 86342" is obviously nonsense. Beyond that, Commonwealth Legal's website looks generic and is full of stock photos, though I've seen a lot of generic template websites for real law firms. All of its lawyers have vacant, thousand-yard stares that are commonly generated by websites like This Person Does Not Exist, none of them come up in any attorney or LinkedIn searches, and the only reverse image search results for them are for a now-broken website called Generated.Photos, which offered a service to "use AI to generate people online that don't exist, change clothing and modify face and body traits. Download generated people in different postures." "All of the faces scanned were likely AI generated, most likely by a Generative Adversarial Network (GAN) model," Ali Shahriyari, cofounder and CTO of the AI detection startup Reality Defender told 404 Media. Commonwealth Legal's listed address is the fourth floor of a one-story building that looks nothing like the image on its website, and both of its phone numbers are disconnected. No one responded to the contact form that I filled out. Smith realized that what's happening here isn't a copyright enforcement or copyright trolling attempt at all. Instead, it's a backlink SEO scam, where a website owner tries to improve their Google ranking by asking, paying, or threatening someone to link to their website.

Tech4Gods.com is a gadget review website run by a man named Daniel Barczak, whose content is "complemented by AI writing assistants." In this case, the photo that Smith had "infringed" was a photo downloaded from the royalty free, free-to-use website Unsplash, which 404 Media also sometimes uses. The image was not taken by Barczak, and has nothing to do with him, he told me in an email: "I certainly don't own any images on the web," he said. The original photographer did not respond to a request for comment sent through Unsplash. Barczak told me that he had been previously buying backlinks to his website for SEO, but said he wasn't aware of who was doing this or why. "I have no idea; it certainly has nothing to do with me," he said. "However, recently, someone has been building spammy links against my site that I have been dealing with." "I have mastered on-page SEO, but unfortunately, I buy links due to a lack of time," he added. "In the past, I had a bad link builder. I wonder if it's him going mad at me for letting him go It's hard to say the web is massive, and everyone can link whenever they want." Link building is an SEO strategy devised to get outside websites to link to your website. He added that "bad links may damage [the site's] profile in Google's eyes." In this case, however, the "lawyers" were threatening a well-established tech blogger, and a link from Tedium would likely be treated as a positive in the search algorithm's eyes.

Jessica Lyons reports via The Register: The FCC appears to finally be stepping up efforts to secure decades-old flaws in American telephone networks that are allegedly being used by foreign governments and surveillance outfits to remotely spy on and monitor wireless devices. At issue are the Signaling System Number 7 (SS7) and Diameter protocols, which are used by fixed and mobile network operators to enable interconnection between networks. They are part of the glue that holds today's telecommunications together. According to the US watchdog and some lawmakers, both protocols include security weaknesses that leave folks vulnerable to unwanted snooping. SS7's problems have been known about for years and years, as far back as at least 2008, and we wrote about them in 2010 and 2014, for instance. Little has been done to address these exploitable shortcomings.

SS7, which was developed in the mid-1970s, can be potentially abused to track people's phones' locations; redirect calls and text messages so that info can be intercepted; and spy on users. The Diameter protocol was developed in the late-1990s and includes support for network access and IP mobility in local and roaming calls and messages. It does not, however, encrypt originating IP addresses during transport, which makes it easier for miscreants to carry out network spoofing attacks. "As coverage expands, and more networks and participants are introduced, the opportunity for a bad actor to exploit SS7 and Diameter has increased," according to the FCC [PDF].

On March 27 the commission asked telecommunications providers to weigh in and detail what they are doing to prevent SS7 and Diameter vulnerabilities from being misused to track consumers' locations. The FCC has also asked carriers to detail any exploits of the protocols since 2018. The regulator wants to know the date(s) of the incident(s), what happened, which vulnerabilities were exploited and with which techniques, where the location tracking occurred, and -- if known -- the attacker's identity. This time frame is significant because in 2018, the Communications Security, Reliability, and Interoperability Council (CSRIC), a federal advisory committee to the FCC, issued several security best practices to prevent network intrusions and unauthorized location tracking. Interested parties have until April 26 to submit comments, and then the FCC has a month to respond.

An anonymous reader shares a report: The Federal Communications Commission has scheduled an April 25 vote to restore net neutrality rules similar to the ones introduced during the Obama era and repealed under former President Trump. The text of the pending net neutrality order wasn't released today. The FCC press release said it will prohibit broadband providers "from blocking, slowing down, or creating pay-to-play Internet fast lanes" and "bring back a national standard for broadband reliability, security, and consumer protection."

[...] Numerous consumer advocacy groups praised the FCC for its plan today. Lobby groups representing Internet providers expressed their displeasure. While there hasn't been a national standard since then-Chairman Ajit Pai led a repeal in 2017, Internet service providers still have to follow net neutrality rules because California and other states impose their own similar regulations. The broadband industry's attempts to overturn the state net neutrality laws were rejected in court.

Although ISPs seem to have been able to comply with the state laws, they argue that the federal standard will hurt their businesses and consumers. "Reimposing heavy-handed regulation will not just hobble network investment and innovation, it will also seriously jeopardize our nation's collective efforts to build and sustain reliable broadband in rural and unserved communities," cable lobbyist Michael Powell said today. Powell, the CEO of cable lobby group NCTA-The Internet & Television Association, was the FCC chairman under President George W. Bush. Powell said the FCC must "reverse course to avoid years of litigation and uncertainty" in a reference to the inevitable lawsuits that industry groups will file against the agency.

smooth wombat writes: Chase bank announced a new program that will allow brands to target Chase customers based on the customer's purchases. According to the press release, the new program is called Chase Media Solutions and "serves as a key conduit for brands, connecting them with consumers' personal passions and interests. In turn, Chase customers benefit from personalized offers and the ability to earn cash back with brands they love or are discovering for the first time."

The bank is hoping to combine insights from its large customer base and 6 million small business customers as part of its efforts to build out its own two-sided commerce platform and bring in benefits to both business clients and banking customers. Chase Media Solutions follows from the integration of card-linked marketing platform Figg, which JPMorgan Chase & Co. acquired in 2022, the bank said.

An anonymous reader shares a report: Google offers a VPN via its "Google One" monthly subscription plan, and while it debuted on phones, a desktop app has been available for Windows and Mac OS for over a year now. Since a lot of people pay for Google One for the cloud storage increase for their Google accounts, you might be tempted to try the VPN on a desktop, but Windows users testing out the app haven't seemed too happy lately. An open bug report on Google's GitHub for the project says the Windows app "breaks" the Windows DNS, and this has been ongoing since at least November.

A VPN would naturally route all your traffic through a secure tunnel, but you've still got to do DNS lookups somewhere. A lot of VPN services also come with a DNS service, and Google is no different. The problem is that Google's VPN app changes the Windows DNS settings of all network adapters to always use Google's DNS, whether the VPN is on or off. Even if you change them, Google's program will change them back. Most VPN apps don't work this way, and even Google's Mac VPN program doesn't work this way. The users in the thread (and the ones emailing us) expect the app, at minimum, to use the original Windows settings when the VPN is off. Since running a VPN is often about privacy and security, users want to be able to change the DNS away from Google even when the VPN is running.

Thawing ice in the Arctic may open up new routes for internet cables that lie at the bottom of the ocean and carry most international data traffic. And more routes matter when underwater infrastructure is at risk of attack. From a report: Baltic Sea gas and telecoms cables were damaged last year, with a Chinese vessel a potential suspect. Red Sea data cables were cut last month after a Yemeni government warning of attacks by Iran-backed Houthi rebels. Over 90 percent of all Europe-Asia traffic flows through the Red Sea route. The problem of critical data relying on only one path is clear. "It's clearly a kind of concentration of several cables, which means that there is a risk that areas will bottleneck," Taneli Vuorinen, the executive vice president at Cinia, a Finland-based company working on an innovative pan-Arctic cable, said.

"In order to meet the increasing demand, there's an increasing pressure to find diversity" of routes, he said. The Far North Fiber project is seeking to offer just that. The 14,500 kilometer long cable will directly link Europe to Japan, via the Northwest Passage in the Arctic, with landing sites in Japan, the United States (Alaska), Canada, Norway, Finland and Ireland. It would have been unthinkable until just a few years ago, when a thick, multiyear layer of ice made navigation impossible. But the Arctic is warming up at a worrying pace with climate change, nearly four times faster than the rest of the world. Sea ice is shrinking by almost 13 percent every decade.

Microsoft is currently testing a new AI-powered Xbox chatbot that can be used to automate support tasks. From a report: Sources familiar with Microsoft's plans tell The Verge that the software giant has been testing an "embodied AI character" that animates when responding to Xbox support queries. I understand this Xbox AI chatbot is part of a larger effort inside Microsoft to apply AI to its Xbox platform and services.

The Xbox AI chatbot is connected to Microsoft's support documents for the Xbox network and ecosystem, and can respond to questions and even process game refunds from Microsoft's support website. "This agent can help you with your Xbox support questions," reads a description of the Xbox chatbot internally at Microsoft. Microsoft expanded the testing pool for its Xbox chatbot more broadly in recent days, suggesting that this prototype "Xbox Support Virtual Agent" may one day handle support queries for all Xbox customers. Microsoft confirmed the existence of its chatbot to The Verge.

"After being in development since 2019, the huge NetBSD 10.0 is out today as a wonderful Easter surprise," reports Phoronix: NetBSD 10 provides WireGuard support, support for many newer Arm platforms including for Apple Silicon and newer Raspberry Pi boards, a new Intel Ethernet drive, support for Realtek 2.5GbE network adapters, SMP performance improvements, automatic swap encryption, and an enormous amount of other hardware support improvements that accumulated over the past 4+ years.

Plus there is no shortage of bug fixes and performance optimizations with NetBSD 10. Some tests of NetBSD 10.0 in development back during 2020 showed at that point it was already 12% faster than NetBSD 9.
"A lot of development went into this new release," NetBSD wrote on their blog, saying "This also caused the release announcement to be one of the longest we ever did."

Among the new userspace programs is warp(6), which they describe as a "classic BSD space war game (copyright donated to the NetBSD Foundation by Larry Wall)."

A Linux Foundation subsidiary has developed a free and open-source 3D game engine distributed under the Apache license. And last week the Open 3D Foundation announced "a big step forward, showcasing the power of open-source technologies in giving gamers around the globe unforgettable gaming experiences."

"We are proud to unveil MadWorld as the first mobile title powered by O3DE," said Joe Bryant, Executive Director of the Open 3D Foundation, "demonstrating the large potential of open-source technologies in game development."

And then this week Los Angeles Business Journal reported that El Segundo-based gaming studio Carbonated Inc. "has raised $11 million of series A funding to finance the development and release of its debut game title... Prior to its most recent round, Carbonated closed an $8.5 million seed funding round in 2020, which also included participation from Andreessen and Bitkraft." Since its founding [in 2015], the company has been focusing on research and development for its upcoming first title, called "MadWorld." The third-person, multiplayer shooter game is set in a post-apocalyptic world and features both player-versus-player and player-versus-environment features. Players of the game will battle for land control in a dystopian setting. Using a combination of open-source mapping tools and Carbonated's proprietary custom operations technology, called Carbyne, the game's world is designed around real-life cities and locations. Players are initially dropped into the game's version of their own real-time location.

The game allows players to optionally engage using blockchain technology with a digital asset-ownership layer powered by a blockchain network called XPLA.
Earlier this month Madworld "opened up for Early Access registration," reports the egamers web site, arguing that the game "is set to redefine the gaming landscape and will make its public debut later this year." After a catastrophic event named "The Collapse," MadWorld takes place in a desolate Earth where players engage in a battle for survival, highlighting the game's unique setting and immersive experience. The game's world is intricately designed with 250,000 land plots mapped out on a hexagonal grid, each presenting unique resources and strategic benefits. This innovative approach to game design enhances the gameplay experience and introduces a new layer of strategy and competition.

MadWorld's gameplay is centered around integrating Web3 technologies, which allows for the ownership, enhancement, and trading of tokenized representations of real-world locations. This feature encourages players to create clans and work together or compete for essential resources that are spread across the vast game world. Clans can acquire these resources by paying tributes to NFT landowners using "Rounds," the in-game currency. This mechanism not only fosters a sense of community and teamwork but also creates unique economic opportunities within the game by blending traditional gaming elements with the emerging field of digital assets.
"With its use of O3DE, Carbonated can enhance the game's visual fidelity, performance, and scalability," according to the Linux Foundation's announcement, "in order to deliver a fast-paced adventure on mobile platforms." O3DE is an open-source game engine developed by a collaborative community of industry experts. It includes state-of-the-art rendering capabilities, dynamic lighting, and realistic physics simulation. These features have enabled Carbonated to build realistic dystopian environments and create action-packed gameplay in MadWorld.
According to its official site, MadWorld "is set to be released to the public sometime in 2024 and is currently being tested on iOS and Android operating systems."

Carbonated's CEO Travis Boatman made this prediction to the site Decrypt. "We think mobile is where the breakout will happen for Web3."

In November of 2021 America passed a "Bipartisan Infrastructure Law" which included $7.5 billion for up to 20,000 EV charging spots, or around 5,000 stations, notes the Washington Post (citing an analysis from the EV policy analyst group Atlas Public Policy).

And new stations are now already open in Hawaii, New York, Ohio and Pennsylvania, "and under construction in four other states. Twelve additional states have awarded contracts for constructing the charging stations." A White House spokesperson said America should reach its goal of 500,000 charging stations by 2026.

So why is it that right now — more than two years after the bill's passage — why does the Federal Highway System say the program has so far only delivered seven open charging stations with a total of 38 charging spots? Nick Nigro, founder of Atlas Public Policy, said that some of the delays are to be expected. "State transportation agencies are the recipients of the money," he said. "Nearly all of them had no experience deploying electric vehicle charging stations before this law was enacted." Nigro says that the process — states have to submit plans to the Biden administration for approval, solicit bids on the work, and then award funds — has taken much of the first two years since the funding was approved. "I expect it to go much faster in 2024," he added.

"We are building a national EV charging network from scratch, and we want to get it right," a spokesperson for the Federal Highway Administration said in an email. "After developing program guidance and partnering with states to guide implementation plans, we are hitting our stride as states move quickly to bring National Electric Vehicle Infrastructure stations online...."

Part of the slow rollout is that the new chargers are expected to be held to much higher standards than previous generations of fast chargers. The United States currently has close to 10,000 "fast" charging stations in the country, of which over 2,000 are Tesla Superchargers, according to the Department of Energy. Tesla Superchargers — some of which have been opened to drivers of other vehicles — are the most reliable fast-charging systems in the country. But many non-Tesla fast chargers have a reputation for poor performance and sketchy reliability. EV advocates have criticized Electrify America, the company created by Volkswagen after the company's "Dieselgate" emissions scandal, for spending hundreds of millions of dollars on chargers that don't work well. The company has said they are working to improve reliability. The data analytics company J.D. Power has estimated that only 80 percent of all charging attempts in the country are successful.

Biden administration guidance requires the new publicly funded chargers to be operational 97% of the time, provide 150kW of power at each charger, and be no more than one mile from the interstate, among many other requirements.EV policy experts say those requirements are critical to building a good nationwide charging program — but also slow down the build-out of the chargers. "This funding comes with dozens of rules and requirements," Laska said. "That is the nature of what we're trying to accomplish....

"States are just not operating with the same urgency that some of the rest of us are."
The article notes that private companies are also building charging stations — but the publicly-funded spots would increase America's car-charging capacity by around 50 percent, "a crucial step to alleviating 'range anxiety' and helping Americans shift into battery electric cars.

"States just have to build them first."

Global bank messaging network SWIFT is planning a new platform in the next one to two years to connect the wave of central bank digital currencies now in development to the existing finance system, it has told Reuters. From the report: The move, which would be one of the most significant yet for the nascent CBDC ecosystem given SWIFT's key role in global banking, is likely to be fine-tuned to when the first major ones are launched. Around 90% of the world's central banks are now exploring digital versions of their currencies. Most don't want to be left behind by bitcoin and other cryptocurrencies, but are grappling with technological complexities.

SWIFT's head of innovation, Nick Kerigan, said its latest trial, which took 6 months and involved a 38-member group of central banks, commercial banks and settlement platforms, had been one of the largest global collaborations on CBDCs and "tokenised" assets to date. It focused on ensuring different countries' CBDCs can all be used together even if built on different underlying technologies, or "protocols", thereby reducing payment system fragmentation risks.

Court filings unsealed last week allege Meta created an internal effort to spy on Snapchat in a secret initiative called "Project Ghostbusters." Gizmodo: Meta did so through Onavo, a Virtual Private Network (VPN) service the company offered between 2016 and 2019 that, ultimately, wasn't private at all. "Whenever someone asks a question about Snapchat, the answer is usually that because their traffic is encrypted we have no analytics about them," said Mark Zuckerberg in an email to three Facebook executives in 2016, unsealed in Meta's antitrust case on Saturday. "It seems important to figure out a new way to get reliable analytics about them... You should figure out how to do this."

Thus, Project Ghostbusters was born. It's Meta's in-house wiretapping tool to spy on data analytics from Snapchat starting in 2016, later used on YouTube and Amazon. This involved creating "kits" that can be installed on iOS and Android devices, to intercept traffic for certain apps, according to the filings. This was described as a "man-in-the-middle" approach to get data on Facebook's rivals, but users of Onavo were the "men in the middle."

Meta's Onavo unit has a history of using invasive techniques to collect data on Facebook's users. Meta acquired Onavo from an Israeli firm over 10 years ago, promising users private networking, as most VPNs do. However, the service was reportedly used to spy on rival social media apps through tens of millions of people who downloaded Onavo. It gave Facebook valuable intel about competitors, and this week's court filings seem to confirm that. A team of senior executives and roughly 41 lawyers worked on Project Ghostbusters, according to court filings. The group was heavily concerned with whether to continue the program in the face of press scrutiny. Facebook ultimately shut down Onavo in 2019 after Apple booted the VPN from its app store.

The Register: Cloudflare has revealed a little about how it maintains the millions of boxes it operates around the world -- including the concept of an "error budget" that enacts "empathy embedded in automation." In a Tuesday post titled "Autonomous hardware diagnostics and recovery at scale," the internet-taming biz explains that it built fault-tolerant infrastructure that can continue operating with "little to no impact" on its services. But as explained by infrastructure engineering tech lead Jet Marsical and systems engineers Aakash Shah and Yilin Xiong, when servers did break the Data Center Operations team relied on manual processes to identify dead boxes. And those processes could take "hours for a single server alone, and [could] easily consume an engineer's entire day."

Which does not work at hyperscale. Worse, dead servers would sometimes remain powered on, costing Cloudflare money without producing anything of value. Enter Phoenix -- a tool Cloudflare created to detect broken servers and automatically initiate workflows to get them fixed. Phoenix makes a "discovery run" every thirty minutes, during which it probes up to two datacenters known to house broken boxen. That pace of discovery means Phoenix can find dead machines across Cloudflare's network in no more than three days. If it spots machines already listed for repairs, it "takes care of ensuring that the Recovery phase is executed immediately."

Electricity demand from UK data centers will jump sixfold over the next 10 years as a boom in AI requires increased computing power, according to the head of National Grid. From a report: That will ramp up pressure on the country's electricity network, which must move vast quantities of renewable energy from as far away as Scottish wind farms to data centers around London. And it's a grid already under strain from the accelerating electrification of home heating, transportation and industries.

"Future growth in foundational technologies like artificial intelligence and quantum computing will mean larger-scale, energy-intensive computing infrastructure," National Grid Chief Executive Officer John Pettigrew said Tuesday at a conference in Oxford. It's an outlook replicated in many other countries, which are grappling with how to fund the massive spending required to expand capacity. Global electricity demand from data centers, AI and cryptocurrencies may more than double over the next three years, according to International Energy Agency forecasts.

An anonymous reader quotes a report from The Verge, written by Nilay Patel: Today, I'm talking to Jay Graber, the CEO of Bluesky Social, which is a decentralized competitor to Twitter, er, X. Bluesky actually started inside of what was then known as Twitter — it was a project from then-CEO Jack Dorsey, who spent his days wandering the earth and saying things like Twitter should be a protocol and not a company. Bluesky was supposed to be that protocol, but Jack spun it out of Twitter in 2021, just before Elon Musk bought the company and renamed it X. Bluesky is now an independent company with a few dozen employees, and it finds itself in the middle of one of the most chaotic moments in the history of social media. There are a lot of companies and ideas competing for space on the post-Twitter internet, and Jay makes a convincing argument that decentralization -- the idea that you should be able to take your username and following to different servers as you wish -- is the future. It's a powerful concept that's been kicking around for a long time, but now it feels closer to reality than ever before. You've heard us talk about it a lot on Decoder: the core idea is that no single company -- or individual billionaire -- can amass too much power and control over our social networks and the conversations that happen on them.

Bluesky's approach to this is something called the AT Protocol, which powers Bluesky's own platform but which is also a technology that anyone can use right now to host their own servers and, eventually, interoperate with a bunch of other networks. You'll hear Jay explain how building Bluesky the product alongside AT Protocol the protocol has created a cooperate-compete dynamic that runs throughout the entire company and that also informs how it's building products and features -- not only for its own service but also for developers to build on top of. Jay and I also talked about the growth of the Bluesky app, which now has more than 5 million users, and how so many of the company's early decisions around product design and moderation have shaped the type of organic culture that's taken hold there. Content moderation is, of course, one of the biggest challenges any platform faces, and Bluesky, in particular, has had its fair share of controversies. But the idea behind AT Protocol and Bluesky is devolving control, so Bluesky users can pick their own moderation systems and recommendation algorithms -- a grand experiment that I wanted to know much more about.

Finally, Jay and I had the opportunity to get technical and go deeper on standards and protocols, which are the beating heart of the decentralization movement. Bluesky's AT Protocol is far from the only protocol in the mix -- there's also ActivityPub, which is what powers Mastodon and, soon, Meta's Threads. There's been some real animosity between these camps, and I asked Jay about the differences between the two, the benefits of Bluesky's approach, and how she sees the two coexisting in the future.

The Baffler says a new publishing house launched earlier this month "brings Silicon Valley-style startup disruption to the business of books."

Authors Equity has "a tiny core staff, offloading its labor to a network of freelancers," and like a handful of other publishers "is upending the way that authors get paid, eschewing advances and offering a higher percentage of profits instead." It is worth watching because its team includes several of the most important publishing people of the twenty-first century. And if it works, it will offer a model for tightening the connection between book culture and capitalism, a leap forward for the forces of efficiency and the fantasies of frictionless markets, ushering in a world where literature succeeds if and only if it sells....

Authors Equity's website presents its vision in strikingly neoliberal corporatespeak. The company has four Core Principles: Aligned Incentives; Bespoke Teams; Flexibility and Transparency; and Long-Term Collaboration. What do they mean by these MBA keywords? Aligned Incentives is explained in the language of human capital: "Our profit-share model rewards authors who want to bet on themselves." Authors, that is, take on more of the financial risk of publication. At a traditional publishing house, advances provide authors with guaranteed cash early in the process that they can use to live off while writing. With Authors Equity, nothing is guaranteed and nothing given ahead of time; an author's pay depends on their book's profits.

In an added twist, "Profit participation is also an option for key members of the book team, so we're in a position to win together." Typically, only an author's agent's income is directly tied to an author's financial success, but at Authors Equity, others could have a stake. This has huge consequences for the logic of literary production. If an editor, for example, receives a salary and not a cut of their books' profits, their incentives are less immediately about profit, offering more wiggle room for aesthetic value. The more the people working on books participate in their profits, the more, structurally, profit-seeking will shape what books look like.

"Bespoke Teams" is a euphemism for gigification. With a tiny initial staff of six, Authors Equity uses freelance workers to make books, unlike traditional publishers, which have many employees in many departments... Their fourth Core Principle — Long-Term Collaboration — addresses widespread frustration with a systemic problem in traditional publishing: the fetishization of debut authors who receive decent or better advances, fail to earn out, and then struggle to have a career. It's a real problem and one where authors' interests and capitalist rationalization are, as it were, aligned. Authors Equity sees that everyone might profit when an author can build a readership and develop their skill.
The article concludes with this prediction. "It's not impossible that we'll look back in twenty years and see its founding as auguring the beginning of the startup age in publishing."

Food for thought... Pulp-fiction mystery writer Mickey Spillane once said, "I'm a writer, not an author. The difference is, a writer makes money."

CNN looks back to when "dial-up internet (and its iconic dial tone) was 'still a thing..." "File-sharing services like Napster and LimeWire were just beginning to take off... And in sweaty dorm rooms and sparse basements across the world, people brought their desktop monitors together to set up a local area network (LAN) and play multiplayer games — "Half-Life," "Counter-Strike," "Starsiege: Tribes," "StarCraft," "WarCraft" or "Unreal Tournament," to name just a few. These were informal but high-stakes gatherings, then known as LAN parties, whether winning a box of energy drinks or just the joy of emerging victorious. The parties could last several days and nights, with gamers crowded together among heavy computers and fast food boxes, crashing underneath their desks in sleeping bags and taking breaks to pull pranks on each other or watch movies...

It's this nostalgia that prompted writer and podcaster Merritt K to document the era's gaming culture in her new photobook "LAN Party: Inside the Multiplayer Revolution." After floating the idea on X, the social media platform formerly known as Twitter, she received an immediate — and visceral — response from old-school gamers all too keen to share memories and photos from LAN parties and gaming conventions across the world... It's strange to remember that the internet was once a place you went to spend time with other real people; a tethered space, not a cling-film-like reality enveloping the corporeal world from your own pocket....

Growing up as a teenager in this era, you could feel a sense of hope (that perhaps now feels like naivete) about the possibilities of technology, K explained. The book is full of photos featuring people smiling and posing with their desktop monitors, pride and fanfare apparent... "It felt like, 'Wow, the future is coming,'" K said. "It was this exciting time where you felt like you were just charting your own way. I don't want to romanticize it too much, because obviously it wasn't perfect, but it was a very, very different experience...."

"We've kind of lost a lot of control, I think over our relationship to technology," K said. "We have lost a lot of privacy as well. There's less of a sense of exploration because there just isn't as much out there."
One photo shows a stack of Mountain Dew cans (remembering that by 2007 the company had even released a line of soda called "Game Fuel"). "It was a little more communal," the book's author told CNN. "If you're playing games in the same room with someone, it's a different experience than doing it online. You can only be so much of a jackass to somebody who was sitting three feet away from you..."

They adds that that feeling of connecting to people in other places "was cool. It wasn't something that was taken for granted yet."

BleepingComputer reports on "a new denial-of-service attack dubbed 'Loop DoS' targeting application layer protocols."

According to their article, the attack "can pair network services into an indefinite communication loop that creates large volumes of traffic." Devised by researchers at the CISPA Helmholtz-Center for Information Security, the attack uses the User Datagram Protocol (UDP) and impacts an estimated 300,000 host and their networks. The attack is possible due to a vulnerability, currently tracked as CVE-2024-2169, in the implementation of the UDP protocol, which is susceptible to IP spoofing and does not provide sufficient packet verification. An attacker exploiting the vulnerability creates a self-perpetuating mechanism that generates excessive traffic without limits and without a way to stop it, leading to a denial-of-service (DoS) condition on the target system or even an entire network. Loop DoS relies on IP spoofing and can be triggered from a single host that sends one message to start the communication.

According to the Carnegie Mellon CERT Coordination Center (CERT/CC) there are three potential outcomes when an attacker leverages the vulnerability:

— Overloading of a vulnerable service and causing it to become unstable or unusable.
— DoS attack on the network backbone, causing network outages to other services.
— Amplification attacks that involve network loops causing amplified DOS or DDOS attacks.

CISPA researchers Yepeng Pan and Professor Dr. Christian Rossow say the potential impact is notable, spanning both outdated (QOTD, Chargen, Echo) and modern protocols (DNS, NTP, TFTP) that are crucial for basic internet-based functions like time synchronization, domain name resolution, and file transfer without authentication... The researchers warned that the attack is easy to exploit, noting that there is no evidence indicating active exploitation at this time. Rossow and Pan shared their findings with affected vendors and notified CERT/CC for coordinated disclosure. So far, vendors who confirmed their implementations are affected by CVE-2024-2169 are Broadcom, Cisco, Honeywell, Microsoft, and MikroTik.

To avoid the risk of denial of service via Loop DoS, CERT/CC recommends installing the latest patches from vendors that address the vulnerability and replace products that no longer receive security updates. Using firewall rules and access-control lists for UDP applications, turning off unnecessary UDP services, and implementing TCP or request validation are also measures that can mitigate the risk of an attack. Furthermore, the organization recommends deploying anti-spoofing solutions like BCP38 and Unicast Reverse Path Forwarding (uRPF), and using Quality-of-Service (QoS) measures to limit network traffic and protect against abuse from network loops and DoS amplifications.
Thanks to long-time Slashdot reader schneidafunk for sharing the article.