Raisin8659

Orchestra of the age of Enlightenment

The Fryderyk Chopin Institute

Source: https://www.goodnewsnetwork.org/otherworldly-images-show-breathtaking-beauty-of-oceans-in-photo-competition/

“Following the Taal Volcano eruption in the Philippines, the water column filled with particles from the stirred-up sediments,” remembers Jialing Cai. “Navigating through the low visibility and dense fog during a blackwater dive, I found this female paper nautilus. When I pressed the shutter, the particles reflected my light. The scene felt unusually serene following the natural disaster and reminds me of a fairytale set in a snowy night. As underwater photographers, we aim to shoot in clear water but this image reminds us that grains of sand, organic matter, or tiny organisms are integral parts of the underwater environment. I aim to accept their presence and seek non-disruptive ways to incorporate them into my images.”

Summary

New research suggests that moderate beer consumption could be beneficial for gut health, similar to probiotics. Beer contains bacteria that boost the intestinal microbiome and anti-inflammatory polyphenols that combat various health issues. Popcorn, often considered a junk food, is actually rich in fiber, vitamins, nutrients, and antioxidants. Potatoes can be made healthier by cooling them before consumption, converting carbs into slowly digestible and gut-friendly resistant starch. Dairy milk is a good source of iodine, essential for thyroid health, while chocolate, especially dark chocolate, is high in flavonoids that combat toxins. Homemade pizza, especially with unrefined flour and fresh toppings, can be a nutritious way to enjoy this classic dish.

Summary

GitHub has officially launched its passkeys security feature into general availability, following a two-month beta testing period. Passkeys enable cloud-synced authentication using cryptographic key pairs, allowing users to sign in to websites and apps with their screen-lock PIN, biometrics, or a physical security key. This technology combines the security benefits of passwords and two-factor authentication (2FA) into a single step, simplifying secure access to online services. GitHub's move aligns with industry efforts, including collaborations between major tech companies like Google, Apple, Microsoft, and the FIDO Alliance, to make passwordless logins a reality across devices, browsers, and operating systems. Passkeys are seen as a significant step in enhancing security in the software supply chain, a vital aspect of the cybersecurity landscape.

Summary

The Perennial restaurant was the first carbon-neutral restaurant in the world. Myint and Leibowitz, the owners, were motivated by the knowledge that agriculture and food systems contribute nearly a third of greenhouse gas emissions worldwide. They wanted to make their industry part of the solution.

After a few years of running the restaurant, Myint and Leibowitz realized that they needed to do more to make a difference. They closed the restaurant and expanded the mission of the nonprofit Zero Foodprint, which asks restaurant customers and other participating businesses to give one percent of their sales to a pool that funds regenerative agriculture.

So far, Zero Foodprint has funded 96 projects impacting over 7,000 acres with a benefit equivalent to restoring over 80,000 tons of CO2 emissions. Myint envisions a state-wide funding tool, where a dollar on the trash bill could go directly to these projects.

Myint believes that regenerative agriculture is the future of food and that it can help solve the world's carbon dioxide problem. He is working with state and local governments to implement Zero Foodprint programs, finding that existing USDA programs are oversubscribed and overly bureaucratic.

Summary

• ThemeBleed exploit is a new vulnerability in Windows Themes that allows remote code execution (RCE).

• The vulnerability was discovered by Gabe Kirkpatrick and assigned the CVE identifier CVE-2023-38146.

• It is a race condition vulnerability that can be triggered by opening a specially crafted .theme file.

• Microsoft has released a patch for the vulnerability in the September 2023 Patch Tuesday updates.

• However, the patch does not fix the more fundamental problem in the verification procedure of .msstyles files, nor does it add MOTW warnings to .themepack files.

• The researcher notes that the vulnerability appears to be only present in Windows 11.

Summary

The Electronic Frontier Foundation (EFF) has released a new version of Privacy Badger that updates how it fights "link tracking" across a number of Google products. With this update, Privacy Badger removes tracking from links in Google Docs, Gmail, Google Maps, and Google Images results. Privacy Badger now also removes tracking from links added after scrolling through Google Search results.

Link tracking is a technique that allows a company to follow you whenever you click on a link to leave its website. Google uses different techniques for link tracking in different browsers and products. One common approach is to surreptitiously redirect the outgoing request through the tracker's own servers.

The EFF says that there is virtually no benefit to you when this happens, and that the added complexity mostly just helps Google learn more about your browsing.

The new version of Privacy Badger works by blocking all Google link tracking requests at the network layer. This is a more reliable way to prevent tracking, but it is not compatible with Google's Manifest V3 (MV3) extension API.

The EFF says that it would like to see this important functionality gap resolved before MV3 becomes mandatory for all extensions.

Privacy Badger is a free and open-source browser extension that helps to protect your privacy online. It is available for Chrome, Firefox, and Edge.

More info and installation links: https://privacybadger.org/

Summary

The UK Parliament has passed the Online Safety Bill (OSB), claiming it will enhance online safety but actually leading to increased censorship and surveillance. The bill grants the government the authority to compel tech companies to scan all user data, including encrypted messages, to detect child abuse content, effectively creating a backdoor. This jeopardizes privacy and security for everyone. The bill also mandates the removal of content deemed inappropriate for children, potentially resulting in politicized censorship decisions. Age-verification systems may infringe on anonymity and free speech. The implications of how these powers will be used are a cause for concern, with the possibility that encrypted services may withdraw from the UK if their users' security is compromised.

Summary

addy.io has passed an independent security audit conducted by Securitum. The audit included a web application penetration test and a source code audit. No significant vulnerabilities were identified during testing, and the 2 low-risk issues that were found have been fixed.

Full report: https://addy.io/addy-io-security-audit.pdf