š Continue reading online to avoid the email cutoff issue š
Unsupervised Learning is a security, AI, and meaning-focused newsletter that looks at how best to thrive as humans in a world thatās changing faster than ever. It combines original ideas and analysis to bring you not just whatās happeningābut why it matters, and how to respond.
Hey there,
Ok, probably the coolest thing Iāve seen this week is this video of Chris Cappetta having deep philosophical conversations with custom AIās based on Anthropicās Claude.
Conversations with Claude #3 - Exploring Morality - Tuned instructions and open-sourced code
I watched almost an hour of these conversations (heās on video #3 already) and I was blown away by the quality of the AIās responses. I mean, I think the answers were nearly perfect about meaning, self, morality, and free will. Like, theyāre very similar to answers I, or Sam Harris, or my ideal philosophy professor would give if we were given an hour to write each response. Just unbelievable. Highly recommend this video. WATCH IT
Ok, letās get to itā¦
ĀMy new essay on why itās often so frustrating to be in security.
Efficient Security Principle (ESP)
A way of explaining why security's baseline is so low in places, and why it's so hard to raise
danielmiessler.com/p/efficient-security-principle
Hereās a new video on how to create custom patterns in Fabric, i.e., patterns that only you can run and that arenāt shared with the project. WATCH THE VIDEO
How to Create Custom Fabric Patterns
The YouTube channel is going decently well after just a few videos. Please take 14 microseconds and go hit the subscribe button. It saves kittens. SUBSCRIBE
The most interesting story this week has to be the XZ situation. So insane. Hereās my favorite write-up of the whole thing. (HT Joseph Thacker). Iām trying to figure out what I find so interesting about it, and hereās what Iāve come up with:
Itās movie shit
Pre-meditated
The attacker with kindness, plays the long game
The attacker eventually takes over the project just via attrition
Theyāre still patient
Very technical hack of a related library to ssh, but not it directly
The submitted code was obfuscated too, and would have been hard to find
And then, complete heroism / luck on finding it so soon
I love the jokes about us being lucky that this was the only one, and we caught it. š . Also š
You probably couldnāt guess this, but Iām going to talk about how AI can help here.
So one of the subsystems of my massive Human 3.0 project is going to be continuous monitoring engines for tons of stuff.
Voting records compared to lobbying donations
Watching meteors so we donāt miss one
Finding vulns in OSS and submitting fixes or hitting up the devs
Tracking propaganda / viral content and doing OSINT on the people using it
Thatās one of my favorite ones. And I love the idea of being able to look up an OSINT profile on anyone whoās submitting code. Imagine comparing:
Username / email
How many commits
Reactions to their commits
Analysis of trends
Seeing if they ever went rogue
You could do this not just for coding, but for gamers regarding cheating, politicians with regard to affiliations and influence, and tons of other stuff.
Basically, AI will give us the ability to continuously monitor activity that today doesnāt happen because itās too resource-intensive. But AI doesnāt get tired. It never sleeps. It can just monitor and alert.
This is one of the things Iām most excited about building and see others build.
ā
Related to that, check this out:
create_investigation_visualization
Ā MORE
This is a new pattern we just added to Fabric thatāumācreates a visualization of an investigation.
So my buddy John Hammond just did a video about a hack of an Apex Legends tournament, and he walked through investigative work that he and some other folks did throughout like a 20-minute video.
Well, this pattern turns investigations like that into conceptual timelines! Hereās the one for his work on that story:
Hammondās investigation of the hack. Click to enhance.
I showed a buddy that and he sent me the new massive investigation on Havana Syndrome done by Insider. This is the potential energy weapon campaign thatās been being waged against high-level US officials for years now. The investigation is super elaborate but so big itās hard to wrap your head around. Hereās what Fabric produced for that one!
Insiderās Havana Syndrome Investigation. Click to enhance.
And you can basically send ANY investigation or research or timeline into this thing, and itāll do its best to piece it together visually. CHECK OUT THE PATTERN
Ā ĀSponsor
Enhance Enterprise Security: Trust Every Device with Kolide!
What do you call an endpoint security product that works perfectly but makes users miserable? A failure. The old approach to endpoint security is to lock down employee devices and roll out changes through forced restarts, but it just. Doesn't. Work.
IT is miserable because they've got a mountain of support tickets, employees start using personal devices just to get their work done, and executives opt out the first time it makes them late for a meeting. You can't have a successful security implementation unless you work with end users. That's where Kolide comes in.
Kolideās user-first device trust solution notifies users as soon as it detects an issue on their device, and teaches them how to solve it without needing help from IT. That way, untrusted devices are blocked from authenticating, but users don't stay blocked.
Kolide is designed for companies with Okta and it works on macOS, Windows, Linux, and mobile devices.
So if you have Okta and you're looking for a device trust solution that respects your team, visit kolide.com/unsupervisedlearning to watch a demo and see how it works.
Ā kolide.com/unsupervisedlearning
Watch a Demo Ā ĀiPhone users are getting bombarded with legit-looking Apple ID reset notifications in a new phishing scam called "push bombing." MORE
My buddy just headed over to work at this vendor Dazz, and it turns out theyāre a sponsor this week, which came in completely separately. Pretty excited about what theyāre doing, might talk to them about advising. Check it out.
ā¬ļø
Ā ĀSponsor
Application Security Posture Management (ASPM) For Dummies
According to Gartner, 40% of security teams will have an ASPM solution in place by 2026 to unify security remediation and fully arm themselves against evolving threats. Do you know your ASPM ABC's? Consider this your crash course on unifying security visibility across code-to-cloud environments, easily detecting root causes & owners, and quickly prioritizing and remediating issues.
Ā dazz.io/lp/application-security-posture-management-aspm-for-dummies
Get the Guide! Ā ĀAT&T just admitted that the data they said didnāt come from their systems was a real thing, but they said it was old. It affected around 72 million people. | RESPONSE: Passcodes reset for affected customers. | MORE
NYC is rolling out AI gun detectors in subways, but thereās a history of pretty bad results up til now. MORE
Police are now using GPS darts to tag and track fleeing cars, making high-speed chases a thing of the past. MORE
š Continue reading online to avoid the email cutoff issue š
Every US federal agency is now mandated to appoint a chief AI officer to ensure the responsible use of AI technologies. MORE
Databricks and Mosaic's collaboration on a 132B parameter MoE model showcases a significant leap in AI performance. Canāt wait to play with this one. MORE
Ā Āš”One thing I donāt think is intuitive about AI progress is that the battle of local vs. pinnacle wonāt always look the same.
Thereās might be a bar of quality beyond which it doesnāt matter how much smarter or more capable the thing is. And I think local models are going to hit thatāfor most peopleāfor most tasksābefore too long. Like for daily and common tasks.
Like once you have an EA with a 120 IQ that has full access to everything in your life and takes care of you 24/7, how much will it matter if GPT-6 can make you a better one with a 145 IQ?
Maybe Iām wrong there, and you just keep getting more and more returns, or maybe EA is a bad example because they really are the brain of your life. But I think there are lots of types of tasks where you donāt get that much more benefit from a fleet of AIs performing most life tasks at like a 120 IQ level.
And I donāt think weāre far from that with local models? My point is that common tasks for humans arenāt likely to change much. Nor are our expectations of quality for those tasks (this Iām less sure about).
So what happens when good enough gets hit for most situations? Does it just become a question of getting that level of model into toilet brushes and baby seats and wallpaint?
Ā ĀMicrosoft and OpenAI are eyeing a $100 billion project for an AI supercomputer, dubbed "Stargate", that could redefine computing power. MORE
OpenAI's Voice Engine can mimic someone's voice from just a 15-second sample, opening up new possibilities and ethical questions. MORE
Ā Āš”I donāt get this announcement timing. Itās 2024. Why release this? And even better, why release it and then not have a release?
Maybe it was just a public service announcement to be careful of voice deepfakes? Kind of has that vibe at the end of the blog.
Ā ĀAlaska's Fairbanks airport is deploying a headless, dog-sized robot camouflaged as a coyote to scare off birds and wildlife. MORE
In this piece, an engineering manager argues their own role shouldn't exist, claiming it's a mishmash of tasks done poorly. Love these kinds of write-ups. MORE
U.S. tech giants are now eyeing Mexico for AI gear production, moving away from China. Yes please. MORE
EV owners are finding out the hard way that their vehicles chew through tires much faster than expected, often without prior warning. Is this because of increased torque? I should just ask AI, pretty sure the answer is yes. MORE
X, formerly known as Twitter, is exploring NSFW Communities for adult content sharing, a move that could reshape its engagement with online sex workers. MORE
š Continue reading online to avoid the email cutoff issue š
The Philippines is preparing for countermeasures against China's coastguard, signaling a possible escalation in their maritime tensions. MORE
Despite the pandemic's initial hit, we're witnessing a roaring 2020s with record highs in net worth, stock market, and housing prices. This always trips me out and makes me sense danger when you have such weird asymmetries in how things are going. MORE
U.S. literacy has plummeted to 79% from 96% in the late '80s, costing the country up to $2.2 trillion annually. Seriously? Tracking nicely with vaccination rates. MORE
Vinyl records have not only outsold CDs for the second consecutive year but also made over twice as much money. MORE
Florida just made it a law that kids under 14 need parental consent to have social media accounts. MORE
Chronic absenteeism in U.S. schools has surged post-pandemic, affecting students across all demographics with no easy fix in sight. MORE
Ā Āš”Has it surged in immigrant households where the parents massively value education? Where the parents are extremely adamant about pushing self-discipline in their kids.
I doubt it.
Iām starting to thing the absolute biggest divide in upbringing, achievement, and outcomes comes down to the mindset given by parents. Itās a type of privilege for sure, but not like the word is being thought of today.
More to come on this because I got the idea from Dr. Kennedy on Hubermanās podcast recently. The idea is that you have to teach your kids how to get good at doing things that they donāt like, and make them uncomfortable.
This might be THE superpower. And it might be one of the things kids have lost the most in the last 10-30 years. Iāll continue reading on this, but if you have any supporting or opposing data let me know.
Ā ĀSilicon nanospikes are shredding 96% of viruses on contact. MORE
Martin Scorsese is a secret VHS hoarder, amassing over 4,400 tapes of broadcasted content over decades. MORE
Finland's been crowned the happiest country for the seventh year, despite its past high suicide rates and current geopolitical tensions. MORE
š A new paper says your financial health might be influencing your brain's wiring and how sharp you stay as you age. MORE
Nearly half of all single-family homes bought in 2023 were snagged by private investors, says Washington Times. MORE
š Continue reading online to avoid the email cutoff issue š
Why 3 Body Problem Is So Good (and why so many other things suck)
I think I figured out why 3 Body Problem is such a great TV show.
First, itās based on great books. Iām not sure how closely itās following the books because I read them a long time ago, but the point is that they do have good content to go off of.
But I think I figured out the main ingredient this show has that so many others donāt: authenticityāor, in other words, adherence to a cold reality.
Conversely, I think the biggest problem with most shows and movies today is that they arenāt there to show you something real. Theyāre there to create a franchise with lots of staying power and spinoffs and sequels. And as a result, you hardly ever see anyone you care about die. Truly bad things hardly ever happen. Or at least that the viewer cares about.
Marvel is a great example. How many core characters have died after dozens of movies? How many stayed dead? Now think about how many regular people died. Millions? Billions? Do you ever remember caring about that? They have thousands of people dying in scenes and the cast is barely struggling in the fight, and theyāre cracking jokes and posing the whole time.
3 Body Problem is great for the same reason Game of Thrones was so good in the early books and movies. You didnāt know what was going to happen, but you did know two things.
The world is dangerous.
Because the world is dangerous, any character you care about could die at any moment.
3 Body Problem is good because itās real. Real danger. Real characters. And uncertainty. Itās authentic. True to life. But with creativity and fiction added on top, of course.
Anyway, you should check it out. Itās good. And if you like it, maybe youāll agree that this is why.
Feeling strange about this new talk Iām doing. Itās quite personal. Not in that itās about me, but itās about something Iām very passionate about, and Iām going to be trying to convey that passion to others. Feels vulnerable, but authentic. Canāt wait to see if itās accepted well or if Iāll need to go back to a more classical style.
āļø Tracecat is an AI-native, open-source rival to Tines and Splunk SOAR. | by tracecataiĀ | MORE
š§ Centerpiece turns your search bar into a supercharged launcher for just about anything on Wayland. | by friedowĀ | MORE
š§ Metaview's AI tool revolutionizes hiring by recording, analyzing, and summarizing job interviews, letting managers focus on candidates, not notes. | by Kyle WiggersĀ | MORE
āļø Composio is crafting tools to empower AI Agents, seamlessly meshing with crewAI for a smarter integration. | by Soham GanatraĀ and Karan VaidyaĀ | MORE
āļø Edgar lets you simulate building a Dyson Swarm, turning sci-fi into interactive fun. | by HackerNewsXĀ | MORE
Someone just scraped the entirety of OpenAI's Community Forum, and it's a goldmine of insights. MORE
Yohei Nakajima discovered an AI that can list, read, and answer questions about its own code. Sick project. MORE
Emmett Shear suggests learning parenting from the parents of people you admire. MORE
Moxie Marlinspike says working on OSS projects is like working with everyone who ever applied to your company. lol. MORE
In a world overflowing with content, we're facing a crisis of quality, not quantity. MORE
Check out the video above of the guy talking philosophy and ethics with an AI. Itās stunning. And then, given whatever you feel about AI, ask yourself a few questions:
What does it mean for an AI to be that good at those conversations?
How much does it matter if itās completely "fake"?
What does it even mean for that conversation to be "fake" if itās that good?
At what point does it become uncomfortably similar to us? I mean weāre moist robots, right? What if weāre doing a very similar thing when we answer questions to what that AI is doing?
Where does that leave us?
Let me know your thoughts. EMAIL ME
It does not matter what you bear, but how you bear it.
Ā Seneca ĀThank you for reading.
UL is a personal and strange combination of security, tech, AI, and lots of deeply human content. And because itās so diverse, itās harder for it to go as viral as something more niche.
So if you know someone weird like us, please share it with them. š«¶Ā
Share UL with someone like usā¦Yours,