"I've been somewhat okay about backing up our home data," writes long-time Slashdot reader 93 Escort Wagon.

But they could use some good advice: We've got a couple separate disks available as local backup storage, and my own data also gets occasionally copied to encrypted storage at BackBlaze. My daughter has her own "cloud" backups, which seem to be a manual push every once in a while of random files/folders she thinks are important. Including our media library, between my stuff, my daughter's, and my wife's... we're probably talking in the neighborhood of 10 TB for everything at present. The whole setup is obviously cobbled together, and the process is very manual. Plus it's annoying since I'm handling Mac, Linux, and Windows backups completely differently (and sub-optimally). Also, unsurprisingly, the amount of data we possess does seem to be increasing with time.

I've been considering biting the bullet and buying an NAS [network-attached storage device], and redesigning the entire process — both local and remote. I'm familiar with Synology and DSM from work, and the DS1522+ looks appealing. I've also come across a lot of recommendations for QNAP's devices, though. I'm comfortable tackling this on my own, but I'd like to throw this out to the Slashdot community.

What NAS do you like for home use. And what disks did you put in it? What have your experiences been?
Long-time Slashdot reader AmiMoJo asks "Have you considered just building one?" while suggesting the cheapest option is low-powered Chinese motherboards with soldered-in CPUs. And in the comments on the original submission, other Slashdot readers shared their examples:

• destined2fail1990 used an AMD Threadripper to build their own NAS with 10Gbps network connectivity.
• DesertNomad is using "an ancient D-Link" to connect two Synology DS220 DiskStations
• Darth Technoid attached six Seagate drives to two Macbooks. "Basically, I found a way to make my older Mac useful by simply leaving it on all the time, with the external drives attached."

But what's your suggestion? Share your own thoughts and experiences. What NAS do you like for home use? What disks would you put in it?

And what have your experiences been?

A federal judge blocked the launch of Venu, a sports streaming joint venture by Disney, Fox, and Warner Bros. Discovery, due to concerns it would substantially lessen competition and harm FuboTV. Variety reports: Fubo launched in 2015 as a start-up focused on streaming sports programming. [...] Venu, expected to launch in late August ahead of the start of the NFL's coming fall season and priced at an initial price tag of $42.99 per month, was to carry all of the sports offerings of ESPN, Fox Sports 1 and 2, and TNT for a price that is seen as more than a regional sports network but less than a full programming package available via YouTube TV or Hulu + Live TV. The three parent companies are targeting a new generation of consumers who disdain the high costs of traditional cable packages are more at home with signing up for streaming venues that are relatively easy to get in and out of based on the availability of favorite entertainment programs or sporting events.

Judge Garnett found that once Venu launches, FuboTV would face "a swift exodus" of large numbers of subscribers, and indicated she felt "that Fubo's bankruptcy and delisting of the company's stock will likely soon follow. These are quintessential harms that money cannot adequately repair." Fubo alleged that Venu's launch "will cause it to lose approximately 300,000 to 400,000 (or nearly 30%) of its subscribers, suffer a significant decline in its ability to attract new subscribers, lose between $75 and $95 million in revenue, and be transformed into a penny stock awaiting delisting from the New York Stock Exchange, all before year-end 2024," the judge said in her decision. "We respectfully disagree with the court's ruling and are appealing it," Disney, Fox and Warner Bros. Discovery said in a statement. "We believe that Fubo's arguments are wrong on the facts and the law, and that Fubo has failed to prove it is legally entitled to a preliminary injunction. Venu Sports is a pro-competitive option that aims to enhance consumer choice by reaching a segment of viewers who currently are not served by existing subscription options."

AT&T and Verizon are urging the FCC to reject SpaceX's plan to offer cellular service with T-Mobile, arguing that it would cause harmful interference to terrestrial mobile networks. Ars Technica reports: Filings urging the Federal Communications Commission to deny SpaceX's request for a waiver were submitted by AT&T and Verizon this week. The plan by SpaceX's Starlink division also faces opposition from satellite companies EchoStar (which owns Dish and Hughes) and Omnispace. SpaceX and T-Mobile plan to offer Supplemental Coverage from Space (SCS) for T-Mobile's cellular network using SpaceX satellites. As part of that plan, SpaceX is seeking a waiver of FCC rules regarding out-of-band emission limits.

AT&T's petition to deny the SpaceX waiver request said the FCC's "recent SCS order appropriately recognized that SCS deployments should not present any risk to the vital terrestrial mobile broadband networks upon which millions of Americans rely today. The Commission authorized SCS as secondary to terrestrial mobile service, correctly explaining that the SCS framework must 'retain service quality of terrestrial networks, protect spectrum usage rights, and minimize the risk of harmful interference.'" AT&T said SpaceX's requested "ninefold increase" to the allowable power flux-density limits for out-of-band emissions "would cause unacceptable harmful interference to incumbent terrestrial mobile operations. Specifically, AT&T's technical analysis shows that SpaceX's proposal would cause an 18% average reduction in network downlink throughput in an operational and representative AT&T PCS C Block market deployment." Verizon's opposition to the waiver request similarly said that SpaceX's proposal "would subject incumbent, primary terrestrial licensee operations in adjacent bands to harmful interference." Wireless phone performance will suffer, Verizon said [...]. SpaceX and T-Mobile told FCC staff that their plan will not harm other wireless operations and predicted that competitors will make misleading claims. SpaceX also argued that the FCC's emissions limit is too strict and should be changed.

An anonymous reader shares a report: Sonos laid off approximately 100 employees this morning, a source familiar with the situation tells The Verge. Those affected -- I'm told the marketing division took a significant hit -- abruptly lost access to the company's internal network. Sonos is also in the process of winding down some of its customer support offices, including one in Amsterdam that will close later this year.

Sonos confirmed the layoffs to The Verge on Wednesday afternoon, providing a statement from CEO Patrick Spence. [...] These latest cuts come as Sonos continues to grapple with the fallout from its disastrous mobile app redesign. On Sonos' earnings call last week, CEO Patrick Spence stressed that fixing the app is the company's number one priority -- so much so that two hardware launches planned for later this year have now been delayed to keep all focus on the app. Further reading: Sonos' $30M App Fail is Cautionary Tale Against Rushing Unnecessary Updates.

"T-Mobile will be shutting down their 2G network beginning next month, making older phones obsolete," writes Slashdot reader Dustin Destree. From the Mobile Report: Most phones today use 4G and 5G, and T-Mobile's 2G service somehow managed to outlive the company's 3G service, which was killed off in 2022. Nonetheless, after postponing a previous shutdown date of April 2nd, we seem to finally have a date for T-Mobile sunsetting its 2G service, and it's pretty soon. T-Mobile has added a date for when its 2G service's capacity and coverage is "expected to change." The service should begin shutdown on September 1st, 2024. The date was quietly added without a major announcement, and it was added sometime after August 5th, as a former Google cache of the page (which has now also been updated) previously showed.

Starting today, users of the social magazine app Flipboard can follow any federated accounts, "meaning those that participate in the social network of interconnected servers known as the fediverse," writes TechCrunch's Sarah Perez. "This now includes Threads accounts in addition to Mastodon accounts and others." From the report: With the update, which deepens Flipboard's connection with the ActivityPub social graph, any Flipboard user can follow user profiles from any other federated service. If their Flipboard account is also federated, they can interact with those users' posts and participate in conversations, as well. Flipboard's user base, however, is currently undisclosed. [...] The Flipboard app supports full fediverse integration, but the company hasn't yet allowed all users to turn on federation as it's a phased rollout. We're told the goal is to make federation a setting users can select later this year, similar to how Threads added a "fediverse sharing" option in June. When federation is enabled, people will be able to not only share to the fediverse but also see and engage with conversations around their Flipboard posts that are taking place in the fediverse.

With Tuesday's update on Flipboard, people can find and follow others in the fediverse across three areas of its app: Search, Explore and Community. In search results, Flipboard will surface federated accounts and profile results in a new section, "Fediverse Accounts." Editorial recommendations can also be found in the app's "Explore" tab under "Fediverse," and every week a new selection of accounts will be featured in the Community section. Activity from the fediverse will also be displayed in the Flipboard notifications panel, allowing people to engage and follow others in the fediverse directly from their notifications. For Flipboard users, that means they can now follow user profiles from Threads and Mastodon in the Flipboard app, including high-profile users like President Joe Biden (POTUS) and former President Barack Obama on Threads, as well as various creators, like Marques Brownlee, and journalists, like Kara Swisher.

An anonymous reader quotes a report from Ars Technica: Over the past few days, a software package called Deep-Live-Cam has been going viral on social media because it can take the face of a person extracted from a single photo and apply it to a live webcam video source while following pose, lighting, and expressions performed by the person on the webcam. While the results aren't perfect, the software shows how quickly the tech is developing -- and how the capability to deceive others remotely is getting dramatically easier over time. The Deep-Live-Cam software project has been in the works since late last year, but example videos that show a person imitating Elon Musk and Republican Vice Presidential candidate J.D. Vance (among others) in real time have been making the rounds online. The avalanche of attention briefly made the open source project leap to No. 1 on GitHub's trending repositories list (it's currently at No. 4 as of this writing), where it is available for download for free. [...]

Like many open source GitHub projects, Deep-Live-Cam wraps together several existing software packages under a new interface (and is itself a fork of an earlier project called "roop"). It first detects faces in both the source and target images (such as a frame of live video). It then uses a pre-trained AI model called "inswapper" to perform the actual face swap and another model called GFPGAN to improve the quality of the swapped faces by enhancing details and correcting artifacts that occur during the face-swapping process. The inswapper model, developed by a project called InsightFace, can guess what a person (in a provided photo) might look like using different expressions and from different angles because it was trained on a vast dataset containing millions of facial images of thousands of individuals captured from various angles, under different lighting conditions, and with diverse expressions.

During training, the neural network underlying the inswapper model developed an "understanding" of facial structures and their dynamics under various conditions, including learning the ability to infer the three-dimensional structure of a face from a two-dimensional image. It also became capable of separating identity-specific features, which remain constant across different images of the same person, from pose-specific features that change with angle and expression. This separation allows the model to generate new face images that combine the identity of one face with the pose, expression, and lighting of another.

For the first time, two new all-electric passenger trains are operating in the US, which is woefully behind the rest of the world in electrifying its rolling stock. The Verge: The two new trains are operated by Caltrain. California Governor Gavin Newson and House Speaker Emerita Nancy Pelosi were on hand to take the inaugural ride, which took place on Saturday. The trains were put into regular service the following day, running along the route between San Jose and San Francisco.

It's taken almost 20 years since the idea of electric trains was first proposed in California. But officials insisted the new trains will be quieter and faster than the diesel-powered trains in current operation while also providing a better experience for passengers. The two trains will be joined by 17 others that should be in service by mid-September.

[...] It shouldn't come as any shock that the US is lagging behind the rest of the world in introducing electric trains. India is on the cusp of electrifying 100 percent of its rail lines, while China is nearing three-quarters of its network. Over 57 percent of the rail system in the European Union is electric.

A company called ChargerHelp provides certified technicians to service EV charging stations (for a monthly fee). And they've just issued their annual "reliability report," reports CleanTechnica: Its analysis of more than 19 million data points collected from public and private sources in 2023 — including real-time assessments of 4,800 chargers from ChargerHelp technicians in the field — finds that â"software consistently overestimates station uptime, point-in-time status, and the ability to successfully charge a vehicle...."

[W]hen ChargerHelp technicians personally inspected 4,800 charge points, they found more than 10% were reported to be online but were in fact unable to complete a test charge... These findings by ChargerHelp are backed up by many smaller scale studies and surveys over the past several years that have found that claims of 95% uptime or greater do not match real world experience. A 2022 study of 657 chargers at 181 non-Tesla public charging sites in the San Francisco Bay Area determined that only 73% were capable of delivering a charge for more than two minutes, for example.

[I]mprovements have been slow to materialize. In fact, driver satisfaction with public charging has only worsened over the past year, according to the latest J.D. Power Electric Vehicle Experience Ownership Study, released in February. As the variety, price, and range of EVs available to US drivers have become more attractive, mistrust of public charging now constitutes the most significant headwind for EV adoption, J.D. Power says.
The report also "lists the biggest infrastructure pain points," reports the Verge, "including a failure to report broken stalls, inaccurate station status messages, aging equipment, and some habitually unreliable network providers (who go unnamed in the study, unfortunately)." EV chargers can break in many ways, the study concludes. These include broken retractor systems intended to protect the cable from getting mangled by vehicle tires, broken screens, and inoperable payment systems. There is also general damage to the cabinet and, of course, broken cables and connectors.

Across the chargers recorded, ChargerHelp calculates that actual uptime is only 73.7 percent, compared to the 84.6 percent self-reported by the EV network providers.

"AT&T has been told to stop running ads that claim the carrier is already offering cellular coverage from space," reports Ars Technica: AT&T intends to offer Supplemental Coverage from Space (SCS) and has a deal with AST SpaceMobile, a Starlink competitor that plans a smartphone service from low-Earth-orbit satellites. But AST SpaceMobile's first batch of five satellites isn't scheduled to launch until September.

T-Mobile was annoyed by AT&T running an ad indicating that its satellite-to-cellular service was already available, and filed a challenge with the advertising industry's self-regulatory system run by BBB National Programs. The BBB National Advertising Division (NAD) ruled against AT&T last month and the carrier appealed to the National Advertising Review Board (NARB), which has now also ruled against AT&T...

AT&T, which is also famous for renaming its 4G service "5GE," reluctantly agreed to comply with the recommendation and released a new version of the satellite-calling commercial with more specific disclaimers.
The 30-second ad — titled "Epic Bad Golf Day" — featured Ben Stiller golfing chasing a badly-hit golf ball all the way into the desert (accompanied by the Pixies' song "Where is My Mind").

But according to the article, T-Mobile filed an official complaint with the advertising review board that "the use of humor does not shield an advertiser from its obligation to ensure that claims are truthful and non-misleading." The ad originally included small text that described the depicted satellite call as a "demonstration of evolving technology." The text was changed this week to say that "satellite calling is not currently available...."

The original version also had text that said, "the future of help is an AT&T satellite call away." The NARB concluded that this "statement can be interpreted reasonably as stating that 'future' technology has now arrived... In the updated version of the ad, AT&T changed the text to say that "the future of help will be an AT&T satellite call away."

"CrowdStrike has continued doing what gave it such an expansive footprint in the first place," writes CSO Online — "detecting cyber threats and protecting its clients from them."

They interviewed Adam Meyers, CrowdStrike's SVP of counter adversary operations, whose team produced their 2024 Threat Hunting Report (released this week at the Black Hat conference). Of seven case studies presented in the report, the most daring is that of a group CrowdStrike calls Famous Chollima, an alleged DPRK-nexus group. Starting with a single incident in April 2024, CrowdStrike discovered that a group of North Koreans, posing as American workers, had been hired for multiple remote IT worker jobs in early 2023 at more than thirty US-based companies, including aerospace, defense, retail, and technology organizations.

CrowdStrike's threat hunters discovered that after obtaining employee-level access to victim networks, the phony workers performed at minimal enough levels to keep their jobs while attempting to exfiltrate data using Git, SharePoint, and OneDrive and installing remote monitoring and management (RMM) tools RustDesk, AnyDesk, TinyPilot, VS Code Dev Tunnels, and Google Chrome Remote Desktop. The workers leveraged these RMM tools with company network credentials, enabling numerous IP addresses to connect to victims' systems.

CrowdStrike's OverWatch hunters, a team of experts conducting analysis, hunted for RMM tooling combined with suspicious connections surfaced by the company's Falcon Identity Protection module to find more personas and additional indicators of compromise. CrowdStrike ultimately found that over 100 companies, most US-based technology entities, had hired Famous Chollima workers. The OverWatch team contacted victimized companies to inform them about potential insider threats and quickly corroborated its findings.
Thanks to Slashdot reader snydeq for sharing the news.

Longtime Slashdot reader schwit1 shares a report from Ars Technica: The upper stage from a Chinese rocket that launched a batch of Internet satellites Tuesday has broken apart in space, creating a debris field of at least 700 objects in one of the most heavily-trafficked zones in low-Earth orbit. US Space Command, which tracks objects in orbit with a network of radars and optical sensors, confirmed the rocket breakup Thursday. Space Command initially said the event created more than 300 pieces of trackable debris. The military's ground-based radars are capable of tracking objects larger than 10 centimeters (4 inches). Later Thursday, LeoLabs, a commercial space situational awareness company, said its radars detected at least 700 objects attributed to the Chinese rocket. The number of debris fragments could rise to more than 900, LeoLabs said. The culprit is the second stage of China's Long March 6A rocket, which lifted off Tuesday with the first batch of 18 satellites for a planned Chinese megaconstellation that could eventually number thousands of spacecraft. The Long March 6A's second stage apparently disintegrated after placing its payload of 18 satellites into a polar orbit.

Space Command said in a statement it has "observed no immediate threats" and "continues to conduct routine conjunction assessments to support the safety and sustainability of the space domain." According to LeoLabs, radar data indicated the rocket broke apart at an altitude of 503 miles (810 kilometers) at approximately 4:10 pm EDT (20:10 UTC) on Tuesday, around 13-and-a-half hours after it lifted off from northern China. At this altitude, it will take decades or centuries for the wispy effect of aerodynamic drag to pull the debris back into the atmosphere. As the objects drift lower, their orbits will cross paths with SpaceX's Starlink Internet satellites, the International Space Station and other crew spacecraft, and thousands more pieces of orbital debris, putting commercial and government satellites at risk of collision.

According to Agrarheute, hackers launched a cyberattack on a Swiss farmer's computer system, disrupting the flow of vital data from a milking robot. Tragically, this led to the death of a cow and her calf. From the report (translated from German into English): According to the CSO, hackers attacked the computers of a farmer from Hagendorn. The dairy farmer's milking robot was also connected to these computers. When the animal owner stopped receiving milking data, he initially suspected a dead zone. But then he learned from the manufacturer of his milking system that he had been hacked. Apparently it was a ransomware attack. The hackers demanded $10,000 to decrypt the data. The farmer considered whether he should give in to the cyber criminals' demands. At first he thought the data on the amount of milk produced was bearable. In addition, the milking robot also worked without a computer or network connection. The cows could therefore continue to be milked.

For one cow , however, the cyberattack ended tragically. The farmer normally receives vital data from his cows via the system. This is particularly important and critical for pregnant animals. One cow's calf died in the womb. Because the computer was paralyzed, Bircher was unable to recognize the emergency in time. They tried everything to at least save the cow, but in the end it had to be put down. Overall, the attack caused monetary damages amounting to the equivalent of over 6,400 euros, mainly due to veterinary costs and the purchase of a new computer. However, the hackers came away empty-handed.

An anonymous reader quotes a report originally published by Business Insider: A Chinese state-backed company has launched its first 18 satellites in its bid to build a vast orbital network aimed at rivaling Starlink, according to local media. The launch on Monday by Shanghai Spacecom Satellite Technology involved 18 satellites and one rocket, per The China Securities Journal, which is run by state news agency Xinhua. According to the outlet, the rocket lifted off from the Taiyuan satellite and missile launch center in Shanxi province.

These satellites mark the first step in the company's effort to create a 15,000-strong network of Low Earth Orbit satellites, which the firm has dubbed the "Thousand Sails Constellation." The company said it plans to reach that final tally by 2030, per The China Securities Journal. Domestic media has widely called the project the Chinese version of Starlink, which runs about 6,000 satellites. Elon Musk has said that he plans to eventually host a network of 42,000 satellites.

The Thousand Sails Constellation, also known as the G60 project, is one of three planned major satellite networks in the country. Each is expected to field 10,000 or more satellites. Most are anticipated to orbit between 200 and 1,200 miles above the Earth's surface, which is also where Starlink satellites are generally found. The three constellations, along with dozens of ambitious space projects from other Chinese firms, have been fueled by a recent push from the central government to loop the private sector into its science and technology goals.

Mike Masnick, a semi-regular Slashdot contributor and founder of the tech blog Techdirt, is joining the board of Bluesky, where he "will be providing advice and guidance to the company to help it achieve its vision of a more open, more competitive, more decentralized online world." Masnick writes: In the nearly three decades that I've been writing Techdirt I've been writing about what is happening in the world of the internet, but also about how much better the internet can be. That won't change. I will still be writing about what is happening and where I believe we should be going. But given that there are now people trying to turn some of that better vision into a reality, I cannot resist this opportunity to help them achieve that goal. The early internet had tremendous promise as a decentralized system that enabled anyone to build what they wanted on a global open network, opening up all sorts of possibilities for human empowerment and creativity. But over the last couple of decades, the internet has moved away from that democratizing promise. Instead, it has been effectively taken over by a small number of giant companies with centralized, proprietary, closed systems that have supplanted the more open network we were promised.

There are, of course, understandable reasons why those centralized systems have been successful, such as by providing a more user-friendly experience on the front-end. But there was a price to pay: losing user autonomy, privacy and the benefits of decentralization (not to mention losing a highly dynamic, competitive internet). The internet need not be so limited, and over the years I've tried to encourage people and companies to make different choices to return to the original promise and benefits of openness. With Bluesky, we now have one company who is trying. "Mike's work has been an inspiration to us from the start," says Jay Graber, CEO of Bluesky. "Having him join our board feels like a natural progression of our shared vision for a more open internet. His perspective will help ensure we're building something that truly serves users as we continue to evolve Bluesky and the AT Protocol."

At the Flash Memory Summit 2024 this week, NVM Express published the NVMe 2.1 specifications, which hope to enhance storage unification across AI, cloud, client, and enterprise. Phoronix's Michael Larabel writes: New NVMe capabilities with the revised specifications include:

- Enabling live migration of PCIe NVMe controllers between NVM subsystems.
- New host-directed data placement for SSDs that simplifies ecosystem integration and is backwards compatible with previous NVMe specifications.
- Support for offloading some host processing to NVMe storage devices.
- A network boot mechanism for NVMe over Fabrics (NVMe-oF).
- Support for NVMe over Fabrics zoning.
- Ability to provide host management of encryption keys and highly granular encryption with Key Per I/O.
- Security enhancements such as support for TLS 1.3, a centralized authentication verification entity for DH-HMAC-CHAP, and post sanitization media verification.
- Management enhancements including support for high availability out-of-band management, management over I3C, out-of-band management asynchronous events and dynamic creation of exported NVM subsystems from underlying NVM subsystem physical resources. You can learn more about these updates at NVMExpress.org.

An anonymous reader shares a report: Google has revealed technical details of its in-house data transfer tool, called Effingo, and bragged that it uses the project to move an average of 1.2 exabytes every day. As explained in a paper [PDF] and video to be presented on Thursday at the SIGCOMM 2024 conference in Sydney, bandwidth constraints and the stubbornly steady speed of light mean that not even Google is immune to the need to replicate data so it is located close to where it is processed or served.

Indeed, the paper describes managed data transfer as "an unsung hero of large-scale, globally-distributed systems" because it "reduces the network latency from across-globe hundreds to in-continent dozens of milliseconds." The paper also points out that data transfer tools are not hard to find, and asks why a management layer like Effingo is needed. The answer is that the tools Google could find either optimized for transfer time or handled point-to-point data streams -- and weren't up to the job of handling the 1.2 exabytes Effingo moves on an average day, at 14 terabytes per second. To shift all those bits, Effingo "balances infrastructure efficiency and users' needs" and recognizes that "some users and some transfers are more important than the others: eg, disaster recovery for a serving database, compared to migrating data from a cluster with maintenance scheduled a week from now."

An anonymous reader quotes a report from Ars Technica: Hackers delivered malware to Windows and Mac users by compromising their Internet service provider and then tampering with software updates delivered over unsecure connections, researchers said. The attack, researchers from security firm Volexity said, worked by hacking routers or similar types of device infrastructure of an unnamed ISP. The attackers then used their control of the devices to poison domain name system responses for legitimate hostnames providing updates for at least six different apps written for Windows or macOS. The apps affected were the 5KPlayer, Quick Heal, Rainmeter, Partition Wizard, and those from Corel and Sogou.

Because the update mechanisms didn't use TLS or cryptographic signatures to authenticate the connections or downloaded software, the threat actors were able to use their control of the ISP infrastructure to successfully perform machine-in-the-middle (MitM) attacks that directed targeted users to hostile servers rather than the ones operated by the affected software makers. These redirections worked even when users employed non-encrypted public DNS services such as Google's 8.8.8.8 or Cloudflare's 1.1.1.1 rather than the authoritative DNS server provided by the ISP. "That is the fun/scary part -- this was not the hack of the ISPs DNS servers," Volexity CEO Steven Adair wrote in an online interview. "This was a compromise of network infrastructure for Internet traffic. The DNS queries, for example, would go to Google's DNS servers destined for 8.8.8.8. The traffic was being intercepted to respond to the DNS queries with the IP address of the attacker's servers."

In other words, the DNS responses returned by any DNS server would be changed once it reached the infrastructure of the hacked ISP. The only way an end user could have thwarted the attack was to use DNS over HTTPS or DNS over TLS to ensure lookup results haven't been tampered with or to avoid all use of apps that deliver unsigned updates over unencrypted connections. As an example, the 5KPlayer app uses an unsecure HTTP connection rather than an encrypted HTTPS one to check if an update is available and, if so, to download a configuration file named Youtube.config. StormBamboo, the name used in the industry to track the hacking group responsible, used DNS poisoning to deliver a malicious version of the Youtube.config file from a malicious server. This file, in turn, downloaded a next-stage payload that was disguised as a PNG image. In fact, it was an executable file that installed malware tracked under the names MACMA for macOS devices or POCOSTICK for Windows devices. As for the hacked ISP, the security firm said "it's not a huge one or one you'd likely know."

"In our case the incident is contained but we see other servers that are actively serving malicious updates but we do not know where they are being served from. We suspect there are other active attacks around the world we do not have purview into. This could be from an ISP compromise or a localized compromise to an organization such as on their firewall."

This week America's Securities and Exchange Commission filed fraud charges against the former CEO of the startup social media site "IRL"

The BBC reports: IRL — which was once considered a potential rival to Facebook — took its name from its intention to get its online users to meet up in real life. However, the initial optimism evaporated after it emerged most of IRL's users were bots, with the platform shutting in 2023...

The SEC says it believes [CEO Abraham] Shafi raised about $170m by portraying IRL as the new success story in the social media world. It alleges he told investors that IRL had attracted the vast majority its supposed 12 million users through organic growth. In reality, it argues, IRL was spending millions of dollars on advertisements which offered incentives to prospective users to download the IRL app. That expenditure, it is alleged, was subsequently hidden in the company's books.
IRL received multiple rounds of venture capital financing, eventually reaching "unicorn status" with a $1.17 billion valuation, according to TechCrunch. But it shut down in 2023 "after an internal investigation by the company's board found that 95% of the app's users were 'automated or from bots'."

TechCrunch notes it's the second time in the same week — and at least the fourth time in the past several months — that the SEC has charged a venture-backed founder on allegations of fraud... Earlier this week, the SEC charged BitClout founder Nader Al-Naji with fraud and unregistered offering of securities, claiming he used his pseudonymous online identity "DiamondHands" to avoid regulatory scrutiny while he raised over $257 million in cryptocurrency. BitClout, a buzzy crypto startup, was backed by high-profile VCs such as a16z, Sequoia, Chamath Palihapitiya's Social Capital, Coinbase Ventures and Winklevoss Capital.

In June, the SEC charged Ilit Raz, CEO and founder of the now-shuttered AI recruitment startup Joonko, with defrauding investors of at least $21 million. The agency alleged Raz made false and misleading statements about the quantity and quality of Joonko's customers, the number of candidates on its platform and the startup's revenue.

The agency has also gone after venture firms in recent months. In May, the SEC charged Robert Scott Murray and his firm Trillium Capital LLC with a fraudulent scheme to manipulate the stock price of Getty Images Holdings Inc. by announcing a phony offer by Trillium to purchase Getty Images.

In 2006 MySpace reportedly became America's most-visited web site — passing both Google and Yahoo Mail.

So what happened? TribLive reports: The co-founders, Tom Anderson and Chris DeWolfe, sold MySpace to Rupert Murdoch's News Corporation for $580 million in 2005, and that company sold it to the online advertising company Specific Media and Justin Timberlake in 2011, which later became the ad tech firm Viant, according to SlashGear. Viant was bought by Time in 2016, which was acquired by Meredith Corporation at the end of 2017, according to The Guardian. Meredith then sold Myspace to Viant Technology LLC, which currently operates the platform, SlashGear said.

During its time under Timberlake, Myspace morphed from a social media platfrom and turned over a new leaf as a music discovery site, SlashGear reported. The once booming online atmosphere has turned into a ghost town, according to The Guardian. Despite the number of people on Myspace dwindling, a handful of devoted users remains.
The glory days of MySpace drew this bittersweet remembrance from TechRadar: Not everyone on the TechRadar team looks back on those early MySpace years fondly, with our US editor in chief Lance Ulanoff recalling that it "it was like peoples' brains had been turned inside out and whatever didn't stick, dropped onto the page and was represented as a GIF".

Many of us do, though, remember picking our Top 8s (the site's weird ranking system for your friends) and decorating our MySpace pages with as many flashing lights as possible.