On Wednesday, the SEC filed (PDF) to appeal a 2023 court ruling that determined XRP is not considered a security when sold to retail investors on exchanges. The announcement sent the price of XRP tumbling more than 8%. "XRP, which was created by the founders of Ripple, is the native token of the open source XRP Ledger, which Ripple uses in its cross-border payments business," notes CNBC. "It is the fifth-largest coin by market cap, excluding stablecoins Tether (USDT) and USD Coin (USDC)." CNBC reports: Ripple, the largest holder of XRP coins, scored a partial victory last summer after a three-year battle with the SEC. U.S. District Judge Analisa Torres handed down the decision, which was hailed as a landmark win for the crypto industry. Still, while XRP isn't considered a security when sold to retail investors on exchanges, it is considered an unregistered security offering if sold to institutional investors.

Ripple declined to comment but referred to Wednesday evening posts on X by CEO Brad Garlinghouse and chief legal officer Stuart Alderoty. Alderoty said the company is evaluating whether to file a cross appeal, and called the SEC's decision to appeal "disappointing, but not surprising." The SEC, under Chair Gary Gensler, has become notorious for its refusal to provide clear guidance for crypto businesses, instead opting to regulate by enforcement actions. "XRP's status as a non-security is the law of the land today - and that does not change even in the face of this misguided - and infuriating - appeal," Garlinghouse said on X.

An anonymous reader shares a report: The arrival of energy-assisted magnetic recording (EAMR) technologies like Seagate's HAMR will play a crucial role in accelerating HDD capacity growth in the coming years. According to the new IEEE International Roadmap for Devices and Systems Mass Data Storage, we will see 60 TB hard disk drives in 2028. If the prediction is accurate, we will see HDD storage capacity doubling in just four years, something that did not happen for a while. Also, IEEE believes that HDD unit sales will increase.

IEEE's latest HDD development roadmap spans 2022 to 2037 and covers 15 years of hard drive evolution. The arrival of HAMR in 2024 will play a pivotal role in the increase in HDD capacity (even though Western Digital has managed to stay competitive with Seagate's HAMR HDDs using a set of its technologies) over the next few years. IEEE engineers expect HDDs to leapfrog to 40TB in 2025 and 60TB in 2028, doubling capacity from 30TB in 2024. By 2037, there will be 100TB of storage space, according to IEEE.

To get to those extreme capacities, HDD makers will have to increase the areal density of their platters steadily. To get to 40TB per drive, they will have to get to 2 TB/inch^2 in 2025 and then to over 4 TB/inch^2 in 2028 to build 60TB HDDs. By 2037, areal density will grow to over 10 Tb/inch^2. Increasing areal density will necessitate the use of new media, magnetic films, and all-new write and read heads.

Mozilla has released Firefox 131 for multiple platforms, addressing security vulnerabilities and introducing some new features. The update fixes at least seven high-risk security issues, none reportedly exploited in the wild. New features include Tab Preview, which displays thumbnails and details when hovering over background tabs, and temporary location permission storage. Firefox now also supports URL fragment text directives, allowing users to link to specific text passages on web pages.

California Governor Gavin Newsom signed a law giving the California Energy Commission the authority to require bidirectional charging in electric vehicles (EVs) in the future -- although no timeline is set. Bidirectional charging allows EVs to not only charge from the grid but also supply electricity back to the grid, potentially enhancing grid resiliency, supporting renewable energy, and reducing peak electricity demand. Electrek reports: The idea started in 2023 when state Senator Nancy Skinner introduced a bill which would require EVs to have bidirectional charging by 2027. As this bill made its way through the legislative process, it got watered down from that ambitious timeline. So the current form of the bill, which is now called SB 59, took away that timeline and instead gave the California Energy Commission (CEC) the go-ahead to issue a requirement whenever they see it fit. The bill directs the CEC, the California Air Resources Board, and the California Public Utilities Commission to examine the use cases of bidirectional charging and give them the power to require specific weight classes of EVs to be bidirectional-capable if a compelling use case exists.

The state already estimates that integrating EVs into the grid could save $1 billion in costs annually, so there's definitely a use case there, but the question is the cost and immediacy of building those vehicles into the grid. The reason this can't be done immediately is that cars take time to design, and while adding bidirectional charging to an EV isn't the most difficult process, it also only really becomes useful with a whole ecosystem of services around the vehicle.

And that ecosystem has been a bit of a hard sell so far. It's all well and good to tell someone they can make $500/year by selling energy to the grid, but then you have to convince them to buy a more expensive charging unit and keep their car plugged in all the time, with someone else managing its energy storage. Some consumers might push back against that, so part of CEC's job is to wait to pull the trigger until it becomes apparent that people are actually interested in the end-user use case for V2G -- otherwise, no sense in requiring a feature that nobody is going to use.

U.S. real estate developers "are having a hard time keeping up with demand," reports the Los Angeles Times, "as businesses in search of secure spots for their servers rent nearly every square foot that becomes available..." Construction of new data centers is at "extraordinary levels" driven by "insatiable demand," a recent report on the industry by real estate brokerage JLL found. "Never in my career of 25 years in real estate have I seen demand like this on a global scale," said JLL real estate broker Darren Eades, who specializes in data centers...

The biggest drivers are AI and cloud service providers that include some of the biggest names in tech, such as Amazon, Microsoft, Google and Oracle. With occupancy in conventional office buildings still down sharply following the impact of the COVID-19 pandemic and property values falling, data centers represent a rare ripe opportunity for real estate developers, who are pursuing opportunities in major markets like Los Angeles and less urban locales that are served by plentiful and preferably cheap power needed to run data centers. "If you can find a cluster of power to build a site, they'll come," Eades said of developers. Construction is taking place at an "extraordinary" pace nationwide and still not keeping up, the JLL data center report said. [Data center] "Vacancy declined to a record low of 3% at midyear due to insatiable demand and despite rampant construction."

Development increased more than sevenfold in two years, with the pipeline of new projects leveling off in the first half of 2024, a potential signal that the U.S. power grid cannot support development at a faster pace. But when projects currently under construction or planned are complete, the U.S. colocation market, in which businesses rent space in a data center owned by another company for their servers and other computing hardware, will triple in size from current levels... Real estate investors and landlords are being drawn into the market because demand from tenants is high and they are likely to renew their leases after shouldering the costs of setting up data centers. "They invest in their space and in your space and they tend to stick around longer," said Mark Messana, president of Downtown Properties, which owns offices in Los Angeles and San Francisco. "As we all know, the office market is struggling a little bit, so it's nice to be able to have some data customers in the mix..."

Power demand for computing is growing so intense that it threatens to strain the nation's electrical grid, sending users to remote locations where power is plentiful and preferably cheap. Data center developers are working in Alabama, the Dakotas and Indiana, "traditionally states that wouldn't have data centers," Eades said.
The article includes "the mother of all data centers" in the western U.S. — a 30-story building where "thousands of miles of undersea fiber-optic cables disappear into an ordinary-looking office tower." Once a prestigious location for businesses, "The recent departure of a law firm that had been in the building more than 50 years cleared out five floors that will quickly be re-leased to data tenants, said Eades, who represents the landlord..."

To retrofit the building for data centers, "two elevators were removed so the empty shafts could hold water pipes used to help keep the temperature cool enough for the heat-producing servers" — and developers are happy rents "can be double what they are at newer downtown office high-rises, according to real estate data provider CoStar...

"By 2030, data centers could account for as much as 11% of U.S. power demand — up from 3% now, according to analysts at Goldman Sachs."

Meta has been fined $101.5 million by the Irish Data Protection Commission (DPC) for storing over half a billion user passwords in plain text for years, with some engineers having access to this data for over a decade. The issue, discovered in 2019, predominantly affected non-US users, especially those using Facebook Lite. AppleInsider reports: Meta Ireland was found guilty of infringing four parts of GDPR, including how it "failed to notify the DPC of a personal data breach concerning storage of user passwords in plain text." Meta Ireland did report the failure, but only some months after it was discovered. "It is widely accepted that user passwords should not be stored in plaintext, considering the risks of abuse that arise from persons accessing such data," said Graham Doyle, Deputy Commissioner at the DPC, in a statement about the fine. "It must be borne in mind, that the passwords the subject of consideration in this case, are particularly sensitive, as they would enable access to users' social media accounts."

Other than the fine and an official reprimand, the full extent of the DPC's ruling is yet to be released publicly. The details published so far do not reveal whether the passwords included any of US users as well as ones in Ireland or across the rest of the European Union. It's most likely that the issue concerns only non-US users, however. That's because in 2019, Facebook told CNN that the majority of the plain text passwords were for a service called Facebook Lite, which it described as being a cut-down service for areas of the world with slower connectivity.

An anonymous reader quotes a report from Ars Technica: Software fixes are now responsible for more than 1 in 5 automotive recalls. That's the key finding from a decade's worth of National Highway Traffic Safety Administration recall data, according to an analysis from the law firm DeMayo Law. While that's a sign of growing inconvenience for drivers, the silver lining is that a software patch is usually a much quicker fix than something requiring hardware replacement. "Our analysis suggests we're witnessing a shift in how automotive recalls are handled. The growing number of software-related recalls, coupled with the ability to address issues remotely, could revolutionize the recall process for both manufacturers and vehicle owners," said a spokesperson for DeMayo Law.

In 2014, 34 of 277 automotive recalls were software fixes. The percentage of software recalls floated around 12-13 percent (apart from a spike in 2015) before growing steadily from 2020. In 2021, 16 percent of automotive recalls (61 out of 380) were for software. In 2022, almost 22 percent of recalls were software fixes (76 out of 348), and last year topped 23 percent (82 out of 356). Leading the way was Chrysler, with 82 different software recalls since 2014. Ford (66 recalls) and Mercedes-Benz (60) are the two runner-ups. Meanwhile, Tesla ranks only eighth, with 26 software recalls since 2014, which puts it on par with Hyundai (25) and Kia (25).

Electrical systems were the most common problem area, which makes sense -- this is also the second-most common hardware fix recall and would probably be the top if it were not for the massive Takata airbag recall, which has affected more than 100 million cars worldwide. The other common systems affected by recalls requiring software remedies were related to backover prevention -- whether that be reversing cameras, collision warnings, or automatic emergency braking -- airbags, powertrains, and exterior lighting. "It should be noted that not all recalls involving a software fix are to solve a software problem," notes Ars' Jonathan M. Gitlin. "Take the recent Jaguar I-Pace recall, which was triggered by battery fires caused by battery cells damaged during assembly. Jaguar's fix? A software update that sets a new, lower limit to the storage capacity of the battery pack, preventing it from fully charging to 100 percent."

rPlus Energies has broken ground on a $1 billion solar + battery storage project in east-central Utah. Electrek reports: The Green River Energy Center in Emery County, Utah, is a 400-megawatt (MW) solar and 400 MW/1,600-megawatt-hour battery storage project that will supply power to western electric utility PacifiCorp under a power purchase agreement. EliTe Solar is supplying solar panels, and Tesla is providing battery storage. Sundt Construction is the engineering, procurement, and construction contractor for the project. Securing over $1 billion in construction debt financing in July, the Green River project is expected to create around 500 jobs. Salt Lake City-based rPlus Energies gives the target completion date as 2026.

In 2022 about 346,000 electric cars were reportedly sold in California. But the same year its greenhouse gas emissions dropped a whopping 9.3 million metric tons — the amount produced by 2.2 million gas-powered cars — lowering emissions 2.4% from the year before. "The biggest drop came from transportation, due largely to the increased use of renewable fuels," according to the state's Air Resources Board, touting a newly-released report. (And electricity sector emissions also fell by 2.6 million metric tons, or 4.1%, "even as electricity usage rose," according to The Hill — "a dichotomy that the regulators attributed to an increase in solar and wind power generation.")

So despite a growing economy, "the latest data underscores a continued trend of steady emissions decline..." according to a statement from the Board. "Between 2000 to 2022, emissions fell by 20% while California's gross domestic product increased by 78%, pointing to the effectiveness of the state's climate change and air quality programs." And the amount of carbon dioxide equivalent emitted per unit of economic output ("carbon intensity") has also dropped 55% in the last 20 years: [In 2022] the electricity sector had its lowest carbon intensity since 2000. Wind and solar now represent 30% of generation and in-state solar increased by 15% from 2021, driven by requirements under the state's Cap-and-Trade Program and Renewables Portfolio Standard. Furthermore, California increased its battery storage by 757% from 2019 through 2023, bolstering its renewable energy efforts. The storage capacity is enough to power 6.6 million homes for up to four hours.

Industrial emissions declined by 2%, also falling to the lowest level in 22 years. While refinery emissions remained essentially flat, emissions from oil and gas extraction declined, as did emissions from other fuel use, cement manufacturing, and cogeneration facilities. [The Hill says 2022's industrial emissions were 21.7% below year-2000 levels, according to the report.]

Livestock emissions, which are responsible for 70% of agriculture's greenhouse gas emissions, peaked in 2012 and once again saw reductions in 2022. The decrease is driven by the use of methane digesters funded by the California Climate Investments and incentivized by the Low Carbon Fuel Standard, which capture emissions at the source and convert them to clean fuel.

Landfill methane emissions also continued to decline in 2022. This decline can be attributed in part to the state's efforts to reduce disposal of organic waste, as well as the California Landfill Methane Regulation, which requires landfill operators to monitor and capture emissions escaping from their facilities.
One local news site calls the drop in emissions "shocking," but adds that "the trend is expected to continue. In the second quarter of 2024, 118,181 zero-emission vehicles were purchased in the state, good for about one-quarter of all new car sales."

California governor Gavin Newsom said his state "is proving that climate action goes hand-in-hand with economic growth. We've slashed carbon pollution by a whopping 20% since the turn of the century all while building the world's fifth largest economy. Cleaner air, more good jobs — that's the California way."

The administrators of Great Britain's power grid admit that it's often unable to use energy-storage batteries due to old computer systems and an old network with "not enough cables", according to the Financial Times — though the system operator says they're making progress after upgrading their system last December: The company has plans to lower the rate at which batteries are sidelined to single figures by early next year [said Craig Dyke, from National Grid's electricity system operator], calling current levels "higher than where we want them to be". Dyke's comments came in response to a letter from four leading battery storage groups which said National Grid's "electricity system operator" or ESO division was making the country's power costlier and dirtier by failing to use their technology properly. "Consumers are paying more, clean renewable energy is being wasted, and fossil fuel generation is being used instead," they said... depriving them of revenue and undermining investor confidence.
While the U.K. has the world's second-largest offshore wind market, the article notes that when the system operator can't send its power where it's needed, "the ESO pays wind farms in one place to switch off... and can also need to pay gas-fired power plants in another area to turn on. These payments add up to hundreds of millions of pounds each year, and the costs are passed on to household and business energy bills."

"Use of battery storage abroad has soared in places such as California, where batteries soak up solar power during the day and regularly supply a fifth of the state's power in the evening..."

Thanks to long-time Slashdot reader AmiMoJo for sharing the article.

Microsoft has launched a new Windows app that serves as a hub for streaming Windows environments from services like Windows 365 and Azure Virtual Desktop. However, it's limited to Microsoft work and school accounts with "no signs that Microsoft plans to support consumer accounts," notes The Verge's Tom Warren. From the report: This new unified app has been in testing for nearly a year, and includes a customizable home screen, multi-monitor support, and USB redirection so you can use local devices like webcams, storage devices, and printers as if they were plugged directly into a cloud PC. This Windows app is limited to Microsoft work and school accounts, as it's primarily designed for existing users of Remote Desktop clients for Windows and other operating systems to move to. Microsoft has had similar apps for connecting to PCs remotely in Windows for decades, including the Remote Desktop Connection app that still ships as part of Windows 11. These apps, including the new Windows one, are useful for connecting to work PCs from a personal laptop or PC. The Windows app is available from the Microsoft Store and Apple App Store. An Android version enters public preview mode today.

An anonymous reader shares a report: Last week, the FBI took control of a botnet made up of hundreds of thousands of internet-connected devices, such as cameras, video recorders, storage devices, and routers, which was run by a Chinese government hacking group, FBI director Christopher Wray and U.S. government agencies revealed Wednesday. The hacking group, dubbed Flax Typhoon, was "targeting critical infrastructure across the U.S. and overseas, everyone from corporations and media organizations to universities and government agencies," Wray said at the Aspen Cyber Summit cybersecurity conference on Wednesday.

"But working in collaboration with our partners, we executed court-authorized operations to take control of the botnet's infrastructure," Wray said, explaining that once the authorities did that, the FBI also removed the malware from the compromised devices. "Now, when the bad guys realized what was happening, they tried to migrate their bots to new servers and even conducted a [Distributed Denial of Service] attack against us."

An anonymous Slashdot reader writes: Haiku (the MIT-licensed operating system, inspired by BeOS) has released its fifth beta for Haiku R1.

Some new features include improved UI color management, improved dark mode coloring, Tracker improvements, TUN/TAP support for VPN connections, TCP throughput improvements, performance optimizations, UFS2 (BSD's filesystem) read-only support, new FAT filesystem driver, improved hardware support, improved POSIX compliance, improved performance, and more.
Slashdot has been covering the fate of the BeOS since 2000 (as well as the short-lived derivative project ZETA — and Haiku).

And now "With a history of over two decades and previously known as OpenBeOS, today's Haiku is pushing forward..." writes the site NotebookCheck: Haiku is a spiritual successor to BeOS, with a focus on a clean and user-friendly design paired with low system requirements. The minimum system requirements are still an Intel Pentium II/AMD Athlon CPU or better, at least 384 MB RAM, an 800x600 screen, and at least 3GB storage. It works on both 32-bit and 64-bit x86 PCs, and the 32-bit version can run many unmodified BeOS applications. It might be the best desktop open-source operating system not based on Linux or Unix... It works well in a virtual machine like VirtualBox or UTM.

23andMe has agreed to pay $30 million to settle a lawsuit over a data breach that exposed the personal information of 6.4 million customers in 2023. BleepingComputer reports: The proposed class action settlement (PDF), filed Thursday in a San Francisco federal court and awaiting judicial approval, includes cash payments for affected customers, which will be distributed within ten days of final approval. "23andMe believes the settlement is fair, adequate, and reasonable," the company said in a memorandum filed (PDF) Friday.

23andMe has also agreed to strengthen its security protocols, including protections against credential-stuffing attacks, mandatory two-factor authentication for all users, and annual cybersecurity audits. The company must also create and maintain a data breach incident response plan and stop retaining personal data for inactive or deactivated accounts. An updated Information Security Program will also be provided to all employees during annual training sessions. "23andMe denies the claims and allegations set forth in the Complaint, denies that it failed to properly protect the Personal Information of its consumers and users, and further denies the viability of Settlement Class Representatives' claims for statutory damages," the company said in the filed preliminary settlement.

"23andMe denies any wrongdoing whatsoever, and this Agreement shall in no event be construed or deemed to be evidence of or an admission or concession on the part of 23andMe with respect to any claim of any fault or liability or wrongdoing or damage whatsoever."

An anonymous reader quotes a report from Ars Technica: Researchers still don't know the cause of a recently discovered malware infection affecting almost 1.3 million streaming devices running an open source version of Android in almost 200 countries. Security firm Doctor Web reported Thursday that malware named Android.Vo1d has backdoored the Android-based boxes by putting malicious components in their system storage area, where they can be updated with additional malware at any time by command-and-control servers. Google representatives said the infected devices are running operating systems based on the Android Open Source Project, a version overseen by Google but distinct from Android TV, a proprietary version restricted to licensed device makers.

Although Doctor Web has a thorough understanding of Vo1d and the exceptional reach it has achieved, company researchers say they have yet to determine the attack vector that has led to the infections. "At the moment, the source of the TV boxes' backdoor infection remains unknown," Thursday's post stated. "One possible infection vector could be an attack by an intermediate malware that exploits operating system vulnerabilities to gain root privileges. Another possible vector could be the use of unofficial firmware versions with built-in root access." The following device models infected by Vo1d are: [R4, TV BOX, KJ-SMART4KVIP].

One possible cause of the infections is that the devices are running outdated versions that are vulnerable to exploits that remotely execute malicious code on them. Versions 7.1, 10.1, and 12.1, for example, were released in 2016, 2019, and 2022, respectively. What's more, Doctor Web said it's not unusual for budget device manufacturers to install older OS versions in streaming boxes and make them appear more attractive by passing them off as more up-to-date models. Further, while only licensed device makers are permitted to modify Google's AndroidTV, any device maker is free to make changes to open source versions. That leaves open the possibility that the devices were infected in the supply chain and were already compromised by the time they were purchased by the end user. "These off-brand devices discovered to be infected were not Play Protect certified Android devices," Google said in a statement. "If a device isn't Play Protect certified, Google doesn't have a record of security and compatibility test results. Play Protect certified Android devices undergo extensive testing to ensure quality and user safety."

Users can confirm if their device runs Android TV OS via this link and following the steps here.

An anonymous reader quotes a report from Ars Technica: Earlier this year, we got a look at something unusual: the results of an internal investigation conducted by Harvard Business School that concluded one of its star faculty members had committed research misconduct. Normally, these reports are kept confidential, leaving questions regarding the methods and extent of data manipulations. But in this case, the report became public because the researcher had filed a lawsuit that alleged defamation on the part of the team of data detectives that had first identified potential cases of fabricated data, as well as Harvard Business School itself. Now, the court has ruled (PDF) on motions to dismiss the case. While the suit against Harvard will go on, the court has ruled that evidence-backed conclusions regarding fabricated data cannot constitute defamation -- which is probably a very good thing for science.

The researchers who had been sued, Uri Simonsohn, Leif Nelson, and Joe Simmons, run a blog called Data Colada where, among other things, they note cases of suspicious-looking data in the behavioral sciences. As we detailed in our earlier coverage, they published a series of blog posts describing an apparent case of fabricated data in four different papers published by the high-profile researcher Francesca Gino, a professor at Harvard Business School. The researchers also submitted the evidence to Harvard, which ran its own investigation that included interviewing the researchers involved and examining many of the original data files behind the paper. In the end, Harvard determined that research misconduct had been committed, placed Gino on administrative leave and considered revoking her tenure. Harvard contacted the journals where the papers were published to inform them that the underlying data was unreliable.

Gino then filed suit alleging that Harvard had breached their contract with her, defamed her, and interfered with her relationship with the publisher of her books. She also added defamation accusations against the Data Colada team. Both Harvard and the Data Colada collective filed a motion to have all the actions dismissed, which brings us to this new decision. Harvard got a mixed outcome. This appears to largely be the result that the Harvard Business School adopted a new and temporary policy for addressing research misconduct when the accusations against Gino came in. This, according to the court, leaves questions regarding whether the university had breached its contract with her. However, most of the rest of the suit was dismissed. The judge ruled that the university informing Gino's colleagues that Gino had been placed on administrative leave does not constitute defamation. Nor do the notices requesting retractions sent to the journals where the papers were published. "I find the Retraction Notices amount 'only to a statement of [Harvard Business School]'s evolving, subjective view or interpretation of its investigation into inaccuracies in certain [data] contained in the articles,' rather than defamation," the judge decided.

More critically, the researchers had every allegation against them thrown out. Here, the fact that the accusations involved evidence-based conclusions, and were presented with typical scientific caution, ended up protecting the researchers. The court cites precedent to note that "[s]cientific controversies must be settled by the methods of science rather than by the methods of litigation" and concludes that the material sent to Harvard "constitutes the Data Colada Defendants' subjective interpretation of the facts available to them." Since it had already been determined that Gino was a public figure due to her high-profile academic career, this does not rise to the standard of defamation. And, while the Data Colada team was pretty definitive in determining that data manipulation had taken place, its members were cautious about acknowledging that the evidence they had did not clearly indicate Gino was the one who had performed the manipulation. Finally, it was striking that the researchers had protected themselves by providing links to the data sources they'd used to draw their conclusions. The decision cites a precedent that indicates "by providing hyperlinks to the relevant information, the articles enable readers to review the underlying information for themselves and reach their own conclusions."

An anonymous reader quotes a report from Ars Technica: One of the things enterprise storage and destruction company Iron Mountain does is handle the archiving of the media industry's vaults. What it has been seeing lately should be a wake-up call: roughly one-fifth of the hard disk drives dating to the 1990s it was sent are entirely unreadable. Music industry publication Mix spoke with the people in charge of backing up the entertainment industry. The resulting tale is part explainer on how music is so complicated to archive now, part warning about everyone's data stored on spinning disks. "In our line of work, if we discover an inherent problem with a format, it makes sense to let everybody know," Robert Koszela, global director for studio growth and strategic initiatives at Iron Mountain, told Mix. "It may sound like a sales pitch, but it's not; it's a call for action."

Hard drives gained popularity over spooled magnetic tape as digital audio workstations, mixing and editing software, and the perceived downsides of tape, including deterioration from substrate separation and fire. But hard drives present their own archival problems. Standard hard drives were also not designed for long-term archival use. You can almost never decouple the magnetic disks from the reading hardware inside, so that if either fails, the whole drive dies. There are also general computer storage issues, including the separation of samples and finished tracks, or proprietary file formats requiring archival versions of software. Still, Iron Mountain tells Mix that "If the disk platters spin and aren't damaged," it can access the content.

But "if it spins" is becoming a big question mark. Musicians and studios now digging into their archives to remaster tracks often find that drives, even when stored at industry-standard temperature and humidity, have failed in some way, with no partial recovery option available. "It's so sad to see a project come into the studio, a hard drive in a brand-new case with the wrapper and the tags from wherever they bought it still in there," Koszela says. "Next to it is a case with the safety drive in it. Everything's in order. And both of them are bricks." "Optical media rots, magnetic media rots and loses magnetic charge, bearings seize, flash storage loses charge, etc.," writes Hacker News user abracadaniel in a discussion post about the article. "Entropy wins, sometimes much faster than you'd expect."

An anonymous reader quotes a report from Ars Technica: Microsoft has updated a key cryptographic library with two new encryption algorithms designed to withstand attacks from quantum computers. The updates were made last week to SymCrypt, a core cryptographic code library for handing cryptographic functions in Windows and Linux. The library, started in 2006, provides operations and algorithms developers can use to safely implement secure encryption, decryption, signing, verification, hashing, and key exchange in the apps they create. The library supports federal certification requirements for cryptographic modules used in some governmental environments. Despite the name, SymCrypt supports both symmetric and asymmetric algorithms. It's the main cryptographic library Microsoft uses in products and services including Azure, Microsoft 365, all supported versions of Windows, Azure Stack HCI, and Azure Linux. The library provides cryptographic security used in email security, cloud storage, web browsing, remote access, and device management. Microsoft documented the update in a post on Monday. The updates are the first steps in implementing a massive overhaul of encryption protocols that incorporate a new set of algorithms that aren't vulnerable to attacks from quantum computers. [...]

The first new algorithm Microsoft added to SymCrypt is called ML-KEM. Previously known as CRYSTALS-Kyber, ML-KEM is one of three post-quantum standards formalized last month by the National Institute of Standards and Technology (NIST). The KEM in the new name is short for key encapsulation. KEMs can be used by two parties to negotiate a shared secret over a public channel. Shared secrets generated by a KEM can then be used with symmetric-key cryptographic operations, which aren't vulnerable to Shor's algorithm when the keys are of a sufficient size. [...] The other algorithm added to SymCrypt is the NIST-recommended XMSS. Short for eXtended Merkle Signature Scheme, it's based on "stateful hash-based signature schemes." These algorithms are useful in very specific contexts such as firmware signing, but are not suitable for more general uses. Monday's post said Microsoft will add additional post-quantum algorithms to SymCrypt in the coming months. They are ML-DSA, a lattice-based digital signature scheme, previously called Dilithium, and SLH-DSA, a stateless hash-based signature scheme previously called SPHINCS+. Both became NIST standards last month and are formally referred to as FIPS 204 and FIPS 205. In Monday's post, Microsoft Principal Product Manager Lead Aabha Thipsay wrote: "PQC algorithms offer a promising solution for the future of cryptography, but they also come with some trade-offs. For example, these typically require larger key sizes, longer computation times, and more bandwidth than classical algorithms. Therefore, implementing PQC in real-world applications requires careful optimization and integration with existing systems and standards."

South Korean police have arrested two former Samsung executives for allegedly leaking $3.2 billion worth of Samsung secrets to China to aid in building 20nm DRAM chips. Tom's Hardware reports: The authorities reported that one of the arrested suspects, 66-year-old Mr. Choi, set up a joint venture building chips in China alongside some local officials and served as its CEO. He was allegedly assisted by a plant designer, Mr. Oh, in this venture, while he also attempted to recruit other South Korean experts to work for him. However, Choi's arrest comes after being suspected of leaking Samsung memory technologies to build 20nm DRAM chips at the Chinese factory, Chengdu Gaozhen.

Samsung is one of the leading memory manufacturers, working with other major companies like Nvidia to produce VRAM while offering its own storage and memory solutions. The police said Choi's move "weakened the nation's competitiveness when the countries are in a global chip war." With the capture of the company's head, the authorities claim that this will stop the operation of the Chinese venture. However, investigators are still looking into the case to determine if other cases of industrial espionage will spring up from this case.

Discord has reduced the upload limit for free users from 25MB to 10MB per file, citing financial and operational reasons. "Every day, millions of files are uploaded to Discord and stored securely for your future access. Storage management is expensive, so we regularly review how people use Discord and their storage needs. In fact, our data shows that 99% of users stick to files smaller than 10MB," the company wrote in an updated support page. Dexerto reports: Discord increased its file-sharing limit to 25MB in April last year. Before that, the limit was set at 8MB for free users. While the new 10MB limit isn't terrible by comparison, it can still be frustrating for those who frequently share high-quality photos and videos. The messaging app is recommending those who want higher sharing limits use Nitro. "Unlike other platforms, we store your files for as long as you need them, so it is crucial that we manage our storage sustainably. If you need more upload capacity, Nitro Basic offers a 50MB limit, and Nitro gives you up to 500 MB, so you have options that fit your needs," the company said on its official support page.

For those who aren't aware, a Nitro Basic subscription costs $3 a month. Nitro users, who pay $10 a month, get to stream videos in 4K and use emojis in channels. In comparison, messaging platforms like WhatsApp and Telegram offer a 2 GB file limit.