• The developer of the 'node-ip' project made the GitHub repository read-only after disputing the severity of a reported vulnerability (CVE-2023-42282).
• The vulnerability involved incorrect identification of private IP addresses in non-standard formats, but the developer argued it had a dubious security impact.
• The situation highlights ongoing issues with unverified CVE reports causing unnecessary panic and frustration for open-source project maintainers.

• Boeing admitted that a missing work order led to a door plug blowing off an Alaska Airlines 737 Max in January.
• The National Transportation Safety Board (NTSB) reprimanded Boeing for sharing investigative information and referred Boeing's conduct to the Department of Justice.
• Boeing's attempt to be transparent and take responsibility for the incident was criticized, highlighting the impact of procedural lapses on flight safety.

• Time removed its paywall in June 2023, resulting in a rise in advertising revenue but a loss of digital subscribers, with traffic remaining relatively flat.
• The decision was influenced by broader industry trends and the publisher's focus on working with advertisers and leveraging its brand equity in other ventures.
• Time aims to achieve profitability by expanding its direct advertising and sponsorship business, growing its global events slate, and exploring new ventures like connected television.

• Firefox 127 has introduced privacy tweaks that are causing user dissatisfaction, particularly due to changes like the separation of normal and private windows on the taskbar and the closing of private tabs when the main instance closes on iOS.
• Despite user complaints, the update includes new privacy and security enhancements such as upgrading subresources from HTTP to HTTPS and masking CPU architecture to reduce fingerprinting.
• Mozilla plans to address user feedback by reintroducing the "browser.privateWindowSeparation.enabled" preference as an opt-in and adding more intuitive privacy settings in future updates.

• Proton, known for its secure email and productivity services, is transitioning to a nonprofit foundation model, ensuring it remains mission-focused without reliance on external subsidies.
• The Proton Foundation, now the primary shareholder, is located in Switzerland, which mandates that foundations act according to their established purpose, bolstering Proton's commitment to privacy.
• Proton has expanded its offerings to include cloud storage, password management, calendars, and VPN services, all designed with end-to-end encryption and hosted in Switzerland, enhancing its privacy-first approach.

------

> We believe that if we want to bring about large-scale change, Proton can’t be billionaire-subsidized (like Signal), Google-subsidized (like Mozilla), government-subsidized (like Tor), donation-subsidized (like Wikipedia), or even speculation-subsidized (like the plethora of crypto “foundations”)," Proton CEO Andy Yen wrote in a blog post announcing the transition. "Instead, Proton must have a profitable and healthy business at its core."

• The New York Times suffered a breach of its GitHub repositories in January 2024, leading to the theft and leak of sensitive personal information of freelancers.
• Attackers accessed the repos using exposed credentials, but the breach did not impact the newspaper's internal systems or operations.
• The stolen data, amounting to 273GB, was leaked on 4chan and included various personal details of contributors as well as information related to assignments and source code, including the viral Wordle game.

• Mozilla has reinstated previously banned Firefox add-ons in Russia that were designed to circumvent state censorship, such as a VPN and a tool to access Tor websites.
• The ban was initially imposed at the request of Russia's internet censorship agency, Roskomnadzor, but Mozilla lifted it to support an open and accessible internet.
• Mozilla's decision reflects its commitment to users in Russia and globally, despite the potential risks associated with the regulatory environment in Russia.

• Microsoft inadvertently highlighted the benefits of using a local account over a Microsoft account on Windows 11 in a recent support page update.
• Using a local account allows for offline sign-in, is independent of cloud services, and limits settings, files, and applications to a single device, enhancing privacy.
• Despite these benefits, Microsoft requires internet access or workarounds for the initial setup of Windows 11, making it challenging to use a local account from the start.

• YouTube is testing server-side ad injection to counter ad blockers, integrating ads directly into videos to make them indistinguishable from the main content.
• This new method complicates ad blocking, including tools like SponsorBlock, which now face challenges in accurately identifying and skipping sponsored segments.
• The feature is currently in testing and not widely rolled out, with YouTube encouraging users to subscribe to YouTube Premium for an ad-free experience.

• Joey Chestnut, a legendary competitive eater and 16-time Nathan's Famous Hot Dog Eating Contest champion, has been banned from the 2024 contest due to a new deal with rival brand Impossible Foods.
• Major League Eating (MLE) and Nathan's tried to accommodate Chestnut but ultimately enforced their exclusivity provisions, which prohibit competitors from endorsing rival brands.
• Chestnut, who stated he had no contract with MLE or Nathan's, expressed his disappointment on social media, claiming the ban was an attempt to change the rules and emphasizing his commitment to continue competing.

• Kaspersky uncovered iOS vulnerabilities in 'Operation Triangulation', reported to Apple, but was refused bounty payment
• Apple's Security Bounty Program offers rewards up to $1 million for discovering vulnerabilities to prevent them from being sold on the dark web
• Apple's refusal to pay Kaspersky could be due to restrictions on financial transactions with companies in sanctioned countries like Russia.

• Web3 developer Brian Guan lost $40,000 after accidentally posting his wallet's secret keys publicly on GitHub, with the funds being drained in just two minutes.
• The crypto community's reactions were mixed, with some offering support and others mocking Guan's previous comments about developers using AI tools like ChatGPT for coding.
• This incident highlights ongoing debates about security practices and the role of AI in software development within the crypto community.

• Hiker finds pipe feeding China's tallest waterfall, sparking social media controversy and investigation by local government officials.
• Yuntai tourism park operators admit to using a pipe to enhance waterfall flow during dry season to maintain visitor satisfaction.
• Social media users express mixed reactions, with some understanding the situation while others criticize the artificial enhancement of natural landscapes.

• Humane warns AI Pin owners to stop using charging case due to potential fire safety risk from certain battery cells.
• Issue isolated to specific battery cells in Charge Case Accessory, not related to hardware design.
• Ai Pin, Battery Booster(s), and Charge Pad not affected, as disqualified vendor does not supply components for those products.

• Elon Musk accused of illegally selling $7.5 billion in Tesla stock in Q4 2022.
• Lawsuit alleges Musk and board violated fiduciary duties by selling shares ahead of disappointing vehicle sales data.
• Shareholder seeks disgorgement of $3 billion in illegal gains and damages from directors for reckless behavior.

For those who don't know, Ladybird is a new open-source browser not based on Chromium or Gecko. It started as part of the SerenityOS project. Since then it's taken on a life of its own with lots of contributors and some pretty cool progress. I've been watching the updates on Andreas's YouTube channel and it really gives you an appreciation for how hard it is to build a browser engine.

https://www.youtube.com/channel/UC3ts8coMP645hZw9JSD3pqQ

Anyway, I think he sees a real future in Ladybird, unlike Serenity which was mostly a hobby, and I'm actually really excited by him focusing his full energy on the browser. Best of luck Andreas!

Note that these are not all FOSS.

• Photo Editing:

  • GIMP
  • Krita
  • Paint.NET

• Video Editing:

  • DaVinci Resolve
  • CapCut
  • Shotcut

• Audio Editing:

  • Audacity
  • Cakewalk
  • GarageBand

• 3D Graphics:

  • Blender
  • Spline
  • Rumba

• Office Software:

  • LibreOffice
  • Microsoft 365 Free Apps
  • WPS Office

• Antivirus Software:

  • Windows Security
  • Avast Free Antivirus
  • Malwarebytes

• Productivity Tools:

  • Bitwarden
  • VSCodium
  • PDF-XChange Editor
  • 7-Zip
  • OBS Studio
  • LanguageTool

Reminder to switch browsers if you haven't already!

------

• Google Chrome is starting to phase out older, more capable ad blocking extensions in favor of the more limited Manifest V3 system.
• The Manifest V3 system has been criticized by groups like the Electronic Frontier Foundation for restricting the capabilities of web extensions.
• Google has made concessions to Manifest V3, but limitations on content filtering remain a source of skepticism and concern.