Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how best to thrive as humans in a post-AI world. It combines original ideas, analysis, and mental models to bring not just the news, but why it matters and how to respond.
Greetings,
Busy is good, right? I’ve been productively scrambling in the last few weeks and now HackerCamp is within striking distance. Lots of podcast appearances, our migration to Beehiiv, customer engagements to keep the skills sharp, a new talk that I’m excited about. It’s all splendid. Wouldn’t want it else-wise!
I’m also trying out a new style of content links this week, with rich HTML embeddings for the stories, but with my own custom summaries like usual! Added benefit: you get to see the link! Let me know how you like it.
I hope you’re busy as well, and that it’s the good kind.
In this episode:
🧠 Is modern parenting creating narcissists?
🔒 Top cybersecurity official warns of Chinese hackers
🇷🇺 New Russian hacking unit identified
🚀 NVIDIA's AI red team philosophy
📈 McKinsey says AI will massively boost productivity
💊 MDMA helps white supremacist move away from hate
🔎 Google further soils the bed
MY WORK
Is Modern Parenting Creating Narcissists?
What if modern parenting's focus on vulnerability and trauma is creating people who only think about themselves?
danielmiessler.com/p/modern-parenting-narcissists
SECURITY NEWS
Top cybersecurity official warns of sabotage from Chinese hackers
CISA director Jen Easterly warned that Chinese hackers are likely to target and disrupt US critical infrastructure, including pipelines and railways, amid rising tensions between the two nations. I love how plainly our government just calls them on their shit now. Refreshing.
thehill.com/policy/cybersecurity/4047488-top-cybersecurity-official-warn-of-sabotage-from-chinese-hackers/?utm_source=pocket_saves
New Russian Hacking Unit Identified
- Microsoft researchers have discovered a distinct hacking group within the Russian Main Intelligence Directorate (GRU) called "Cadet Blizzard"
- Cadet Blizzard has been active since at least 2020, focusing on government services, law enforcement, nonprofits, IT service providers, and emergency services
- The group uses a hacktivist front called "Free Civilian" to publish and share stolen data, including data from Ukrainian government agencies
https://cyberscoop.com/microsoft-gru-russia-ukraine-hacking/?utm_source=pocket_saves
Chinese Hackers Exploit VMware Zero-Day
Chinese state-sponsored group UNC3886 exploited a zero-day flaw in VMware ESXi hosts to backdoor Windows and Linux systems. The vulnerability, CVE-2023-20867, enabled privileged command execution without authentication and no default logging on guest VMs.
thehackernews.com/2023/06/chinese-hackers-exploit-vmware-zero-day.html?utm_source=pocket_saves
U.S. spy agencies buy tons of US citizens’ data
This isn’t really surprising, but it’s a bit disturbing to think about. U.S. spy agencies have been purchasing vast quantities of Americans' personal data, raising privacy concerns as commercially available information (CAI) replicates results of intrusive surveillance techniques. The report commissioned by the Director of National Intelligence highlights the need for better policies, procedures, and safeguards around the acquisition of such data. I’ve been saying for a long time that data brokers are the biggest threat to US citizen privacy, not hackers. MORE
Sponsor
🚀Skyrocket Your Business with SOC 2 Compliance
Show your customers you mean business by securing their data! Achieving SOC 2 compliance not only boosts trust but also helps raise capital, attract larger clients, and outshine competitors. 🌟
🎯 Simplify your journey with Vanta's SOC 2 Compliance Checklist!
📥 Download now and unlock the secrets to a smooth compliance process.
Join 5000+ global customers who trust Vanta, the market-leading platform for managing compliance. Automate up to 90% of SOC 2, ISO 27001, GDPR, HIPAA, and more!
Get audit-ready in weeks, not months, and save up to 85% on costs! 💰
Don't miss this opportunity to elevate your business and protect your customers' data!
vanta.com/downloads/the-soc-2-compliance-checklist
Get SOC 2 Compliant TodayA Look at NVIDIA’s Red Team
NVIDIA introduces its AI red team philosophy and framework for assessing machine learning (ML) systems from an information security perspective. The cross-functional team combines offensive security professionals and data scientists to identify and mitigate risks in ML systems. The framework aims to provide a foundation for continuous security improvement throughout the ML development lifecycle.
developer.nvidia.com/blog/nvidia-ai-red-team-an-introduction/?utm_source=pocket_saves
Chinese spies stole data through Barracuda flaws
Chinese espionage group UNC4841 exploited a critical bug in Barracuda's Email Security Gateway devices, stealing data from government and academic accounts since October 2022. Mandiant identified the China-based threat group and confirmed that Barracuda has patched the vulnerability and replaced infected devices.
www.theregister.com/2023/06/15/chinese_spies_behind_barracuda_esg/?utm_source=pocket_saves
Shell hit by Clop again
Shell confirmed on Thursday it had been impacted by the Clop ransomware gang’s breach of the MOVEit file transfer tool after the group listed the British oil and gas multinational on its extortion site. This Clop/MOVEit situation is starting to look more and more like Solarwinds, but it’s not clear yet HOW much that’s true.
therecord.media/shell-impacted-in-clop-ransomware-attack?utm_source=pocket_saves
US DMV data hit by MOVEit
Over 6.5 million Americans' personal data exposed in a massive MOVEit hack, affecting residents of Louisiana and Oregon. The cyberattack targeted government agencies and global organizations, with potential links to Russian ransomware group Clop.
arstechnica.com/information-technology/2023/06/millions-of-americans-personal-dmv-data-exposed-in-massive-moveit-hack/?utm_source=pocket_saves
New Player in Internet Mapping Offerings
Detection-focused threat intelligence startup Silent Push launched with $10 million in seed funding, aiming to provide a comprehensive view of internet-facing infrastructure by mapping the entire web daily. Curious what opening they see in that market with Shodan, Expanse, and Censys already there.
www.securityweek.com/threat-intelligence-firm-silent-push-launches-with-10-million-in-seed-funding/?utm_source=pocket_saves
TECHNOLOGY NEWS
McKinsey Says AI Will Massively Boost Productivity
Generative AI could unlock trillions of dollars in value and transform the nature of work, but it also presents new challenges that need to be addressed.
- Generative AI could add $2.6 trillion to $4.4 trillion annually across 63 use cases, increasing the impact of all artificial intelligence by 15 to 40 percent.
- About 75 percent of the value from generative AI use cases falls across four areas: Customer operations, marketing and sales, software engineering, and R&D.
- Industries like banking, high tech, and life sciences could see the biggest impact as a percentage of their revenues from generative AI.
- Generative AI has the potential to change the anatomy of work, automating work activities that absorb 60 to 70 percent of employees’ time today.
- The pace of workforce transformation is likely to accelerate, with half of today’s work activities potentially automated between 2030 and 2060.
www.mckinsey.com/capabilities/mckinsey-digital/our-insights/the-economic-potential-of-generative-ai-the-next-productivity-frontier
Accenture Jumps Big into AI
Global consulting firm Accenture commits $3 billion to its AI and data practice, focusing on new hires, training, and acquisitions. This move highlights the growing importance of AI in various industries and raises questions about its impact on the job market.
news.crunchbase.com/ai-robotics/accenture-artificial-intelligence-investment/?utm_source=pocket_saves
Meta introduces Voicebox
Meta AI introduces Voicebox, a groundbreaking generative AI model for speech that generalizes across tasks with state-of-the-art performance.
- Voicebox can synthesize speech in six languages, perform noise removal, content editing, style conversion, and diverse sample generation.
- The model is based on Flow Matching, outperforming current state-of-the-art models like VALL-E and YourTTS in terms of intelligibility and audio similarity.
- Potential use cases include in-context text-to-speech synthesis, cross-lingual style transfer, speech denoising and editing, and diverse speech sampling.
- Due to potential risks of misuse, Meta AI is not making the Voicebox model or code publicly available at this time.
- The researchers also developed a highly effective classifier to distinguish between authentic speech and audio generated with Voicebox.
ai.facebook.com/blog/voicebox-generative-ai-model-speech
Meta reportedly plans to release LLaMA itself
Meta plans to make the next version of LLaMA, its open-source LLM, commercially available despite lawmaker inquiries and a recent leak to 4chan. The move reaffirms Meta's commitment to open-source AI and its integration into products. And it’s commitment to not letting OpenAI take all the good press.
venturebeat.com/ai/meta-reportedly-making-llama-commercially-available-despite-lawmaker-inquiries
GPT-4 beat humans at making pitch decks
A study found that GPT-4 generated pitch decks were twice as convincing as human-made ones, with investors and business owners 3x more likely to invest after reading an AI-generated pitch deck. The AI outperformed humans across finance, marketing, and tech industries.
clarifycapital.com/the-future-of-investment-pitching
HUMAN NEWS
MDMA helps white supremacist move away from hate
A white supremacist participating in a scientific study took MDMA and subsequently questioned his extreme beliefs. Researchers are exploring the drug's potential to treat mental and physical illnesses, and its ability to influence values and priorities. I cannot wait for MDMA to be combined with Talk Therapy to help with all sorts of things.
www.insider.com/white-supremacist-took-mdma-renounces-beliefs-study-2023-6?utm_source=pocket_saves
Migration to red states
Americans are increasingly moving from blue states to red states, resulting in lower life expectancies due to factors such as cost of living, health conditions, and education levels.
www.nextgov.com/ideas/2023/05/americans-are-increasingly-moving-red-states-where-life-cheaper-people-also-die-younger/386776
Same-sex relations acceptance drop
Fewer Americans find same-sex relations morally acceptable, dropping from 71% to 64%, while support for the death penalty increased slightly. The decline in acceptance is mainly due to fewer Republicans holding that view.
news.gallup.com/poll/507230/fewer-say-sex-relations-morally-acceptable.aspx?utm_source=tagrss&utm_medium=rss&utm_campaign=syndication
IDEAS & ANALYSIS
Google Further Soils the Bed
I’m stunned that Google is getting rid of Google Domains. I seriously cannot understand the strategy with them anymore. I feel like they’ve lost their way and are listening to anyone who claims to have a direction. But even then, I can’t imagine this pitch being compelling. They should have a simple plan for the next couple of years, which is to 1) find everything they’re doing well, that people actually like, and 2) don’t mess those things up! That might not be a strategy, but it’s better than whatever they’re doing now. I’ve never seen Innovator’s Dilemma more live and in color than what Google is currently doing to itself.
NOTES
I just appeared with Joesph Thacker (rez0) on the Critical Thinking podcast, which should be out soon!
I’m going to be reading the new Rick Rubin book on creativity. Could be a recommendation for UL Book Club! MORE
Lucifer is trying to lure me away from Vim with Vim Motions in Visual Studio Code
A guide to using Vim motions in Visual Studio Code for efficient navigation and editing. Learn horizontal and vertical movements, search patterns, and combining counts with motions for greater effect. Not today, Satan.
www.barbarianmeetscoding.com/boost-your-coding-fu-with-vscode-and-vim/moving-blazingly-fast-with-the-core-vim-motions/?utm_source=pocket_saves
As I’m writing this week’s newsletter, I’m loving the expanded and rich sections, but I’m also missing the simplicity and Spartan nature of the original. We live and we grow. Do let me know where you come down on this. I’m betting we’ll end up with some sort of hybrid.
Thanks to all you members who are in the process of migrating your membership to the new Beehiiv platform. I know it’s annoying but I have a ton of inspiration from the cleanliness of the new platform, and it’s absolutely going to be worth it! See you over on the new Member Portal!
DISCOVERY
GreyDGL/PentestGPT
PentestGPT, a GPT-empowered penetration testing tool, now supports installation via pip and has an updated installation video. The tool automates the penetration testing process using ChatGPT and operates interactively to guide testers.
github.com/GreyDGL/PentestGPT
🤖 Native JSON Output From GPT-4
Simon Farshid demonstrated using GPT-4's function calling feature to generate structured JSON data for a recipe app. This simplifies interaction with LLMs, reduces token usage, and lowers cognitive load on GPT, potentially increasing accuracy and enabling LLMs as backends for various applications.
yonom.substack.com/p/native-json-output-from-gpt-4?utm_source=pocket_saves
📊 Hugging Face’s Open LLM Leaderboard
The 🤗 Open LLM Leaderboard tracks, ranks, and evaluates large language models (LLMs) and chatbots, allowing community submissions for automated evaluation. It tests models on Eleuther AI Language Model Evaluation Harness benchmarks and human & GPT-4 evaluations.
huggingface.co/spaces/HuggingFaceH4/open_llm_leaderboard
🔭 Mars Mosaic Masterpiece
The Bruce Murray Laboratory for Planetary Visualization completed a 5.7 terapixel mosaic of Mars' surface, covering 99.5% of the planet with 5.0 m/px resolution. The mosaic, sourced from the Mars Reconnaissance Orbiter's Context Camera, is available for streaming and download.
https://murray-lab.caltech.edu/CTX/?utm_source=pocket_saves
Recurring revenue for engineers MORE
Speed run your favorite podcasts. Quick summaries of the top points. MORE
MVP: Senior Programmers vs. Juniors + GPTs MORE
I don’t trust Signal (I’m not here yet personally, but I like presenting alternative opinions argued decently) MORE
📹I can’t stop thinking like an attacker, and I’m ok with that MORE
In Praise of Blowing Up Your Life MORE
Is everyone becoming a product manager? MORE
🔥 Shuhari MORE
Get it done MORE
The best teams I’ve worked with MORE
RECOMMENDATION OF THE WEEK
Life is So Terrible and Beautiful at the Same Time MORE
APHORISM OF THE WEEK
You can't use up creativity. The more you use, the more you have.
Maya Angelou