- Unsupervised Learning
- Posts
- Unsupervised Learning: No. 228
MEMBER EDITION | EP. 228 | May 11, 2020
THIS WEEK’S TOPICS: Thunderbolt Attack, Celebrity Ransomware, ClearView Government, Blackhat DEFCON Virtual, War Thunder, 5G Bio Attacks, PC Game Cheating, Zoom Keybase, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…
SECURITY NEWS
There's a new physical (evil maid) attack against Windows and Linux systems that lets an attacker bypass the lock screen for a system in under 5 minutes. The research will be shown at this year's BlackHat conference, which—along with DEFCON—is now virtual. More
A major ransomware attack has been launched against a private legal firm that does work for top TV and movie celebrities, including people like DeNiro, The Weekend, and David Letterman. They're threatening to release over a terabyte of dirt on the clients unless the law firm pays the ransom. More
Clearview AI says it's only going to sell its services to government-related customers from now on. No more private sales. Interesting, but I wonder if that'll be enough to stop the deluge of lawsuits that are already inbound. More
Blackhat and DEFCON have gone virtual this year. Don't go to Vegas. It's really canceled this time. More
Officials in Seoul have re-closed their bars indefinitely because somewhere between 27 and 40 new cases of COVID-19 were associated with people gathering there. More
The US Army is using an MMO called War Thunder to train cavalry troops during the quarantine. The game allows soldiers to get familiar with multiple roles in a way that's difficult and expensive to do in real life. More
A cybersecurity company in Israel says a group of hackers called Naikon, which is thought to be associated with the Chinese military, has released a new tool called Aria-body. They say the tool uses multiple techniques to make it easy to gain control over systems and remain undetected. More
A 5G conspiracy theorist spat on a broadband engineer in London, making him very sick shortly after. Meanwhile, 77 5G towers have been attacked throughout the UK by similar ilk. More
PC games are struggling with a rise in cheating related to the pandemic and a massive surge in players. My buddy Jason and I created the OWASP Game Security Framework to start to address this kind of stuff in a structured way, but it's currently on hold while he works at a gaming company. More
Zoom has purchased Keybase, which has confused a lot of people in the industry. Including me. The Grugq thinks it's a signal that they're not going to let someone like China gain access to their data. I've not thought a lot about it, but that seems smart. More
Advisories:
TECHNOLOGY NEWS
Tesla just reopened its Fremont factory, against the orders of the county. And this is after Musk said he's leaving California for Texas or Florida. These types of outbursts seem to be a common downside of having that much creativity and eccentricity. More
Omilia rased $20 million to use AI for customer support. Don't worry, though, all those millions of customer service people can probably just pivot to coding. More
Amazon has just released Kendra, which is kind of like their take on Splunk, only powered on the backend by AI/NLP. So you're supposed to be able to just type what you're looking for and have it magically come back with the answer. All I can say is that I'm happy that companies like Splunk and Amazon and Google are all competing on this. More
Someone created a modular synth, called Synthspace, in virtual reality. More
Over 44 million US adults are supposedly borrowing someone else's streaming account. More
HUMAN NEWS
Finland is abandoning subject-based learning, and is moving to Phenomenal Education. where real-world phenomenon are the foundation of learning. The idea is to have the class explore a real-world situation that crosses multiple disciplines. More
ER visits are down 40-50%, and doctors are concerned. A lot of those are strokes and heart attacks, and the concern is that they're happening and people are just dying at home. More
The New York Times did a great story on job loss in April, which ended up being 20 million jobs. But the highlight was the data visualization they used for the piece. It's a chart showing losses and gains over time, with this massive red line that goes downards on the right side of the page. It looks like a margin, but it's the actual to-scale indicator of how much we've lost relative to previously. More
NASA is making a serious attempt to land a human on the moon by the end of 2024. More
IDEAS, TRENDS, & ANALYSIS
A Three-Tiered Approach to Securing Your Home Network More
Websites are starting to all look the same. More
The VR Winter, by Benedict Evans More
Peloton continues to absolutely crush it. Revenue is up 66% over last quarter. I think it hits all the notes of exercise, social interaction, and status symbol. More
I Was Tricked Into Thinking I Had Grit More
UPDATES
I just saw this article about The Last Unicorn, which massively affected me as a kid. And I just watched The Never Ending Story as well, which I also hadn't done since childhood. The Never Ending Story was particularly powerful for me, and I think it was probably the whole bridge between fantasy and reality that got me. I was devastated when Atreyu lost his horse. And the princess altered my universe long before I knew girls were a thing.
I'll be speaking at DEFCON this year in the Red Team Village. The topic will be automating recon using Linux.
DISCOVERY
A Photographer Who Tinkers With Time More
Encouraging a Culture of Written Communication. More
This guy created a blog that's powered by Google Docs. More
Now is the perfect time to memorize a poem. More
I haven't started listening yet, but I just subscribed to a podcast called War on the Rocks. It's about security, intelligence, national policy, and that sort of thing. More
This guy documents his setup of using Mutt and Vim for email. More
Celebrities are reading Harry Potter for the public. More
Vim as a Markdown editor. More
Using Nmap as a lightweight vuln scanner. More
SSHPrank — An SSH scanner and banner grabber based on Python and Masscan. More
Words Scraper — A Selenium-based web scraper to generate password lists. More
Gf-Patterns — A bunch of content specific patterns for TomNomNom's gf utility, e.g., ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic. More
RECOMMENDATIONS
As many of you know, I normally watch very little TV. But I've used the lockdown as an excuse to binge basically anything of significant reputation. In my travels so far I have three recommendations, in this order:
After Life
DEVS
Upload
The less you know the better. Just trust me. If you like this newsletter, you'll probably love these.
APHORISMS
“Success consists of going from failure to failure without loss of enthusiasm.”
~ Winston Churchill