You probably haven’t heard the name Tony Bonnani, but he’s one of the most prolific writers on the internet. He publishes several articles a day, often churning out pieces within minutes of each other. Compared to most journalists, Tony Bonnani writes at a superhuman pace.

There’s one other interesting thing about Bonnani: He probably doesn’t exist. His name, face and stories appear to be the products of a content farm headquartered at a Connecticut shopping center. And one of his stories may have convinced thousands of people that they’d never be able to eat a Big Mac in California ever again.

The culture war comes for the Big Mac

In recent weeks, misinformation about chain restaurant closures has proliferated on social media. Rumors that Chili’s and Fuddruckers were going out of business gained enough traction to prompt both chains to issue responses.

But perhaps most perplexing of all is the rumor that McDonald’s is shutting down its California locations. The Google search term “McDonald’s leaving California” began trending two days ago. This morning, it briefly eclipsed “Giants” and “Warriors” as search terms. A quick Google search of the phrase yields a flurry of YouTube videos speculating about the chain’s exodus.

“MCDONALD’S TO SHUTDOWN IN CALIFORNIA……. (SHOCKING)” reads the title of one video with 50,000 views, uploaded two days ago.

Another video, with more than 400,000 views, takes a more moderate approach: “Another Scandal Hits California While McDonald’s Considers Leaving the State.”

On Google News, searching the term dredges up a few recent articles about individual franchisees struggling to manage costs with the state’s minimum wage increase. But only one article, which was picked up by MSN, has a headline suggesting that the chain is actually leaving the state: “McDonald’s on the verge of CLOSING in California After $20 Minimum Wage.”

Although the link still pops up on Google, the webpage for the article no longer exists. MSN, which is Microsoft’s news aggregator, likely took it down. MSN does not produce content of its own, but recirculates articles submitted by its content partners, which have syndication agreements with the service.

SFGATE traced that article back to an outlet called UnitedLiberty, which has more than 20,000 followers on MSN. The website churns out formulaic articles with a conservative slant, populated by short paragraphs and generic photos. Most list a single YouTube video for a source, like the story “9 Self-Defense Tactics Against Violent Mobs That Won’t Land You In Jail,” which cites a video by a channel called Armed Attorneys.

Some headlines, like “3 Supreme Court Justices Recuse Themselves From Election Case,” are blatant misinformation. Others, like the McDonald’s headline, are misleading. Many are simply incendiary: “RFK Jr OPPOSES Gun Ban, Argues Guns ARE NOT To Blame For Violence.”

The McDonald’s closure story cites a video from a YouTube channel called Market Gains, which is likely the source of the rumor. (SFGATE reached out to McDonald’s for comment, but did not receive a response in time for publication.) The video was posted seven days ago, and although its title suggests that the franchise is closing its California locations (“McDonald’s Is Suddenly CLOSING In California After $20 Minimum Wage”), the video is actually a summary of several news articles discussing individual franchisees’ struggles to balance costs, like this piece from Fox Business.

The text of UnitedLiberty’s article is different from the Market Gains video, but the titles are nearly identical. The article’s text, unlike its headline, does not suggest that the chain is on the verge of leaving the state, but given the panic that has ensued, many people didn’t read beyond the headline.

The talented Mr. Bonnani

Most of the site’s articles, including the McDonald’s closure piece, are written by an author named Tony Bonnani. Yesterday, 12 articles were published under his name, several within the span of a minute. The previous day, Bonnani “wrote” five articles, and about 10 more the day before that.

For such a prolific writer, Bonnani is a digital ghost. Searching his name yielded only links to his articles, nothing more. His author photo appears nowhere else on the web. TrueMedia, a tool for fighting A.I.-manipulated content, rated Bonnani’s headshot as “highly suspicious” for use of generative AI.

Using fake human authors to push out AI-generated is not a new phenomenon. Last year, Sports Illustrated deleted the profiles of several fake writers after it was caught publishing AI-generated articles.

On its own, this steady churn of garbage content would be banal, if a tad depressing. But UnitedLiberty is not an isolated node in the information ecosystem. MSN has a wide readership, showing up by default on Microsoft web browsers and products.

Although UnitedLiberty’s article did not spawn the rumor, it played a role in circulating it. UnitedLiberty helped the rumor cross over from YouTube to digital news, accelerating its spread. This created a feedback loop of sorts; the aforementioned 400,000-view YouTube video cites Bonnani’s article, and includes several screenshots of the article on MSN before it was taken down.

David Harris, a lecturer on AI ethics and social media at UC Berkeley and former misinformation researcher at Meta, referred to the proliferation of this type of low-grade content as the “ens—ttification of the internet,” a term coined by journalist Cory Doctorow to describe the decay of internet platforms.

“The internet is filling up with s—t, and it’s really bad for our societies,” Harris told SFGATE. “It’s not just a minor irritation, like the junk mail flyers that I still seem to get every week in my actual mailbox. It’s a major, major threat to our information environment and our democracy.”

In his research, Harris said he’s noticed many fake news websites similar to UnitedLiberty that produce content at “inhuman rates.” Some even include summaries of his own published articles, scraped without his permission.

It’s unclear how this sort of content arrived on a publisher like MSN, though it’s not the first time MSN has published misinformation. In October, MSN disseminated a false story that San Francisco Supervisor Dean Preston had resigned after a fight with Elon Musk.

SFGATE reached out to MSN to find out how stories like UnitedLiberty’s end up on its site but did not receive a response by the time of publication. However, we did hear back from Bonnani’s boss.

‘Good writers are VERY hard to find’

UnitedLiberty is part of a company called Get Media, LLC, headquartered in a Connecticut shopping center. Public records obtained by SFGATE list a Connecticut man named Kris Lippi as the principal of Get Media, LLC.

UnitedLiberty also shares an IP address with three other websites: Boomers Remember, ISoldMyHouse and Circle Squared. All three websites also feature writing by authors who churn out articles at astonishing rates. All three are run by LLCs that list Lippi as their principal. And in public records, all three list their headquarters in the same shopping center, within a stone’s throw of a dentist’s office and a Thai restaurant.

Like UnitedLiberty, ISoldMyHouse has a syndication agreement with MSN. While some ISoldMyHouse and UnitedLiberty articles draw little engagement on the platform, others draw thousands of likes and comments.

Article continues below this ad In recent weeks, misinformation about chain restaurant closures has proliferated on social media. Rumors that Chili’s and Fuddruckers were going out of business gained enough traction to prompt both chains to issue responses.

In recent weeks, misinformation about chain restaurant closures has proliferated on social media. Rumors that Chili’s and Fuddruckers were going out of business gained enough traction to prompt both chains to issue responses. Photos via Getty; Illustration by SFGATE

Tony Bonnani published a second article about McDonald’s leaving California on May 27. That article was picked up by MSN on May 30, and remains on the site as of publication.

The article cites a YouTube video, titled “80% of American’s Can’t Afford Fast Food | McDonalds Leaving CA,” as its only source. And that video cites Bonnani’s original article multiple times.

The snake is eating its own tail. Lippi’s articles scrape YouTube videos. YouTubers then cite those articles, and new articles scrape those videos for new content. This ens—ttification feedback loop amplifies misinformation, creating an echo chamber loud enough to influence Google Trends.

When SFGATE reached out for comment, Lippi denied that AI was involved in the production of the articles. He referred to Bonnani and the other prolific authors on his sites as “freelance writers.”

“I’m not sure how you would do a news story with AI because it’s my understanding the knowledge is only current to a certain date in the past,” he wrote in an email to SFGATE.

SFGATE asked twice to be put in touch with Bonnani. Both times, Lippi declined.

When pressed on the rapid clip of Bonnani’s output, Lippi replied that the multiple articles published within the span of a minute were pre-written and scheduled for simultaneous publication. Then, he extended a job offer.

“I must say, I do appreciate your hustle, and if you would like to freelance for me, let me know and maybe we could work something out,” he added. “Good writers are VERY hard to find.”

May 31, 2024

Here's the basics of my set up for what I can bring around:

• A Crucial 1TB M.2 Drive
• A M.2 Drive Enclosure that has USB 3.1 Gen 2 output So with these together are desktop performance in a small thing. It is not a flash drive that just gets ruined in like 3 months of constant use.

And with these, I use a Ventoy set up called Medicat. I love it, and there's no issue with it for me, besides that Medicat/Microsoft requires NTFS for Windows stuff. Aside from standard NTFS bullshit, it's wonderful.

Since I have so much space, I had the idea of storing a Linux set up for on the go use on any laptop/computer without needing to sign into 10 websites for one time use. Here's my two methods of how to do it:

• Make a persistent data block for Fedora/Ubuntu/etc. and make a Live ISO point to it, then boot from Ventoy into the ISO, which then handles mounting the "drive".
• Clear a space on the drive, install a distro like Fedora/Debian and encrypt it, allowing me to just run apt upgrade and move on like a normal PC.

Here's the upsides and downsides to both that I can see, just thinking about it.

Persistence:

• ✅ Don't need to fuck with partitions of NTFS, last time I tried to shrink the drive NTFS had a breakdown and I couldn't fix it.
• ✅ Can expand the persistence as time goes on
• ❌ NTFS constantly has issues with me, where I can cleanly eject the drive but I need to run ntfsfix to make it work again, and I don't know when that will happen in the future.
• ❓ Not sure how it will go with Arch Linux, but that might be a bad choice for a drive I boot into for fun/infrequently.

Partition and full install:

• ✅ Easier to just get going, point an ISO to install there and good to go.
• ✅ Easier to upgrade to new packages/editions, instead of downloading new ISOs and pointing it each time. I'm unsure if it would let me use a .dat file from Fedora 36 for Fedora 40, for example.
• ✅ I can encrypt it so I don't need to worry about people nabbing it and messing with personal files.
• ✅ I can use something like ext4 or btrfs, so I don't need to rely on NTFS.
• ❌ Trying to resize NTFS was really fucky, and felt like I was breaking something. I did break it, and had to reinstall Medicat/Ventoy.
• ❓ I'm unsure of how to boot from it and keep Medicat/Ventoy as the main option. Maybe create a file on Ventoy to boot the distro? Maybe it varies from BIOS to BIOS?

Wanting to hear the thoughts from people smarter than me, maybe have done this before. I just want to make it clear It's not a USB flash drive, this won't break randomly from one too many R/Ws.

Hello! The TL;DR is:

I have an m.2 drive that is in a sturdy enclosure that has 1 TB. I have Ventoy with Medicat on there, with some backups of important data.

I still have a lot of room left on there, so I was thinking what else I could do, and the idea of basically installing a Linux Distro to a chunk of free space on there. Maybe Debian/Fedora or Arch.

Is there anything I should be aware of to help not break that system or rapidly kill the drive? It's not a USB flash drive, it's a M.2 drive that's put on a small board that then allows it to talk via USB C/Thunderbolt.

EDIT: Just to be sure, if I use Ventoy's EFI, do I need to be worried about a conflict with the bootloader of the Linux install?

Firmware security company Binarly on Wednesday disclosed the details of an attack method that can be used to compromise many consumer and enterprise devices by leveraging malicious UEFI logo images.

The attack method, dubbed LogoFAIL, exploits vulnerabilities in the image parsers used by the UEFI firmware to display logos during the boot process or in the BIOS setup. Getting the affected parsers to process a specially crafted image can enable the attacker to hijack the execution flow and run arbitrary code.

Hackers can use the LogoFAIL attack to compromise the entire system and bypass security measures such as Secure Boot.

“These vulnerabilities can compromise the entire system’s security, rendering ‘below-the-OS’ security measures like any shade of Secure Boot ineffective, including Intel Boot Guard. This level of compromise means attackers can gain deep control over the affected systems,” Binarly explained.

Binarly’s analysis showed that UEFI vendors use various types of parsers for BMP, PNG, JPEG, GIF and other types of images. The security firm’s research targeted firmware from Insyde, AMI and Phoenix and led to the discovery of two dozen vulnerabilities, more than half of which have been assigned a ‘high severity’ rating.

The impacted firmware is shipped with hundreds of consumer and enterprise computer models — including x86 and ARM-based devices — made by companies such as Acer, Dell, Framework, Fujitsu, Gigabyte, HP, Intel, Lenovo, MSI, Samsung, and Supermicro. This means millions of devices worldwide could be exposed to attacks.

A LogoFAIL attack can be launched by abusing the firmware update procedure to replace the legitimate logo with a malicious version. Attacks through physical access may also be possible, using an SPI flash programmer, assuming that the logo is not protected by hardware verified boot technologies.

Some vendors — this includes Intel, Acer and Lenovo — offer features that enable users to customize the logos displayed during boot, which can make it possible to launch LogoFAIL attacks from the OS, without the need for physical access to the device.

It’s important to note that while image parser vulnerabilities have been found in devices from all of the aforementioned vendors, they cannot always be exploited. In Dell’s case, for instance, the logo is protected by Intel Boot Guard, which prevents its replacement even if the attacker has physical access to the targeted system. In addition, Dell does not offer any logo customization features.

Details of the attack were presented by Binarly at the Black Hat Europe conference on Wednesday, and the company has published a technical blog post describing its findings.

The security firm has published a video showing a proof-of-concept (PoC) LogoFAIL exploit in action, demonstrating how an attacker who has admin permissions on the operating system can escalate privileges to the firmware level.

The vulnerabilities were reported to impacted vendors through CERT/CC several months ago, but it can take a lot of time for patches for these types of security holes to reach end devices, even if vendors create the fixes.

Microsoft is singing the praises of the new Outlook and wants to persuade users to switch. But beware: if you try out the new Outlook, you risk transferring your IMAP and SMTP credentials of mail accounts and all your emails to Microsoft servers. Although Microsoft explains that it is possible to switch back to the previous apps at any time, the data will already be stored by the company. This allows Microsoft to read the emails. Start menu shows new Outlook as recommended app

The new Outlook now appears as a recommended app in the Windows Start menu of Windows 11 devices with the 2023 update. The Outlook client itself also offers to test the new Outlook version with a "The new Outlook" switch. This is still under development, but is set to replace the mail program and the calendar included in Windows in 2024. In a recent tech community article, Microsoft employee Caitlin Hart also explains that it will also replace the classic Outlook. However, unlike the Windows Mail and Calendar apps, the timetable for this has not yet been set.

When adding a mail account in the new Outlook that is not hosted by Microsoft but is located on company mail servers, for example, the program displays a message. It links to a support article that simply states that non-Microsoft accounts are synchronized with the Microsoft cloud, whereby Gmail, Yahoo, iCloud and IMAP accounts are currently supported. The new Outlook also does this in the versions for Android, iOS and Mac. This means that copies "of your email, calendar, and contacts will be synchronized between your email provider and Microsoft data center". This gives the company full access to all emails and allows it to read and analyze them. Microsoft wants to provide functions that way that Gmail and IMAP do not offer. Warning message of the new Outlook version when adding a non-Microsoft account

The note makes you wonder: What does Microsoft transfer where? When creating an IMAP account, c't was able to sniff the traffic between new Outlook and the Microsoft servers. It contained the target server, log-in name and password which were sent to those Servers of Microsoft. Although TLS-protected, the data is sent to Microsoft in plain text within the tunnel. Without informing or inquiring about this, Microsoft grants itself access to the IMAP and SMTP login data of users of the new Outlook.

When switching from the old Outlook to the new one, it is installed the new software in parallel. Previously set up IMAP accounts are not automatically transferred, but the account stored in Windows is. During the test with Google accounts, authentication with OAuth2 was used. Users receive an authentication request and Microsoft does not receive any specific access data, but only an access token that users can revoke again.

An answer to our request for a statement from Microsoft is still pending. At this point in time, however, we must warn against trying out the new Outlook without thinking. In addition to all the emails, some credentials may even end up with Microsoft.

Microsoft already attracted attention with such data redirections at the beginning of the year. After Office updates were applied on Mac computers, Outlook redirected the data to Microsoft's cloud servers without any user notification. At that time, the remedy was to delete IMAP accounts and set them up again. However, this is obviously no longer helpful with the new Outlook.

The Federal Commissioner for Data Protection and Freedom of Information of Germany, Professor Ulrich Kelber, is alarmed by the data detour in Microsoft's new Outlook. He posted on Mastodon that he wants to ask for a report from the Irish Data Protection Commissioner, who is responsible for companies like Microsoft, during a meeting of the European data protection supervisory authorities on Tuesday of the coming week.

Title. Mainly asking for the library side, but PC cafe is also interesting to ask about.

Mainly since Windows 11 is 64-bit only, and it seems Windows 12 is going to subscription based on top of that, neither of which public libraries can afford tossing out computers and paying more in subscription fees than they make with overdue books.

My local library is only open for 2 days a week, due to a lack of funds for hiring more staff in the area. They use older Dell all in ones, and that just makes me think if they don't have the money for being open 5 days a week, they don't have the money to buy 4 new computers for the space.

Not even getting into the bigger libraries part of that system or the ones nearby. Some have 8 computers in groups, with 4 stations of groups.

So I was just wondering, if anyone has started or is aware of a Library/Public Computer focused linux-based OS? Perhaps one that allows immutable systems, and the library card system backed most use to enable end user access. Perhaps that's a config file tucked away somewhere.

And I guess the PC cafe OS is interesting, simply due to the fact that Linux gaming has been making huge strides, and PC cafes are still popular in Japan, Korea, and China.

EDIT: I am not in control or assistance to the library, just looking if there's a potential solution to libraries like mine. If I could give links to a library computer manager, or if I could give upstream bug reports to people making such software.