Unsupervised Learning is my weekly show that provides collection, summarization, and analysis in the realms of Security, Technology, and Humans. It’s Content Curation as a Service… I spend between five and twenty hours a week consuming articles, books, and podcasts—so you don’t have to—and each episode is either a curated summary of what I’ve found in the past…

This is a Member-only episode. Members get the newsletter every week, and have access to the Member Portal with all existing Member content. Non-members get every other episode. Sign in or… Become a member and get immediate access

A sci-fi trilogy called The Three Body Problem included a powerful concept called Dark Forest Theory, which basically says it’s a bad idea for people who don’t know about their surroundings to make noise that might attract attention. Or, taken as a game theory strategy, it’s better to destroy other civilizations before they get the chance to destroy…

I’m a huge fan of Rob Graham and all he’s done for InfoSec. I also enjoy the fact that he seldom avoids a tussle. If he disagrees with you, you’re likely to hear about it. I probably agree with him on 85% of topics, so when he did a post recently, called Your Threat Model is Wrong, I…

Someone released a video recently that seemed to show Nancy Pelosi slurring and mangling her speech. The video spread virally in right-leaning circles, but it soon turned out to be fake. I commented on this in my most recent newsletter, saying: What this shows us is that it’s not the machine learning that makes Deepfakes dangerous; it’s the…

Unsupervised Learning is my weekly show that provides collection, summarization, and analysis in the realms of Security, Technology, and Humans. It’s Content Curation as a Service… I spend between five and twenty hours a week consuming articles, books, and podcasts—so you don’t have to—and each episode is either a curated summary of what I’ve found in the past…

This is a Member-only episode. Members get the newsletter every week, and have access to the Member Portal with all existing Member content. Non-members get every other episode. Sign in or… Become a member and get immediate access

Unsupervised Learning is my weekly show that provides collection, summarization, and analysis in the realms of Security, Technology, and Humans. It’s Content Curation as a Service… I spend between five and twenty hours a week consuming articles, books, and podcasts—so you don’t have to—and each episode is either a curated summary of what I’ve found in the past…

Many years ago, Verizon started a trend by releasing their Data Breaches Investigations Report, and today there are dozens of companies releasing similar offerings. But even with all the competition—some of which are quite good—the original DBIR report is still my favorite. Get the full report Here were my main takeaways from this year’s release. Meta This is…

So I was listening to the Risky Business podcast this week and heard Adam Boileau mention something extremely juicy in passing during the news segment. Patrick asked him about Microsoft removing password expiration in an upcoming version of Windows, and if he thought that was a good or bad thing. His response was super interesting. They also mention…

Unsupervised Learning is my weekly show that provides collection, summarization, and analysis in the realms of Security, Technology, and Humans. It’s Content Curation as a Service… I spend between five and twenty hours a week consuming articles, books, and podcasts—so you don’t have to—and each episode is either a curated summary of what I’ve found in the past…

This is a Member-only episode. Members get the newsletter every week, and have access to the Member Portal with all existing Member content. Non-members get every other episode. Sign in or… Become a member and get immediate access

Unsupervised Learning is my weekly show that provides collection, summarization, and analysis in the realms of Security, Technology, and Humans. It’s Content Curation as a Service… I spend between five and twenty hours a week consuming articles, books, and podcasts—so you don’t have to—and each episode is either a curated summary of what I’ve found in the past…

This is a Member-only episode. Members get the newsletter every week, and have access to the Member Portal with all existing Member content. Non-members get every other episode. Sign in or… Become a member and get immediate access

Unsupervised Learning is my weekly show that provides collection, summarization, and analysis in the realms of Security, Technology, and Humans. It’s Content Curation as a Service… I spend between five and twenty hours a week consuming articles, books, and podcasts—so you don’t have to—and each episode is either a curated summary of what I’ve found in the past…

This is a Member-only episode. Members get the newsletter every week, and have access to the Member Portal with all existing Member content. Non-members get every other episode. Sign in or… Become a member and get immediate access

I just finished listening to an extraordinary episode of Making Sense with Sam Harris, where Roger McNamee was the featured guest. He is a long-time tech analyst and investor, and actually used to be an advisor for Facebook before becoming an outspoken critic. Roger’s points were legion, and covered the now familiar ground regarding the collection of our…

I heard Renée DiResta on the Sam Harris podcast a while back, and was excited to learn that she just appeared on Joe Rogan as well. Her work is focused on misinformation campaigns, and she works at a place that tries to combat the problem. Anyway, I was listening to her and Joe talking, and I somehow started…

Unsupervised Learning is my weekly show that provides collection, summarization, and analysis in the realms of Security, Technology, and Humans. It’s Content Curation as a Service… I spend between five and twenty hours a week consuming articles, books, and podcasts—so you don’t have to—and each episode is either a curated summary of what I’ve found in the past…

This is a Member-only episode. Members get the newsletter every week, and have access to the Member Portal with all existing Member content. Non-members get every other episode. Sign in or… Become a member and get immediate access

RSA was good this year, but I didn’t really notice any major new trends. Nothing on the scale of—say—AI, or blockchain. But there were some disruptions that looked quite interesting. Primary themes The overall themes I saw this year were largely the same as last year, with a few notable changes. AI talk has become a lot more…

Unsupervised Learning is my weekly show that provides collection, summarization, and analysis in the realms of Security, Technology, and Humans. It’s Content Curation as a Service… I spend between five and twenty hours a week consuming articles, books, and podcasts—so you don’t have to—and each episode is either a curated summary of what I’ve found in the past…

Most people have heard that 5G is forthcoming, but few are versed on the key advantages over 4G LTE. Here’s a primer. Speed: Becasue it’ll work at much higher frequencies (many proposals use ranges over 6Ghz) you can move more data per unit of time. More Call Capacity: there will be less congestion and service degradation in busy…

This is a Member-only episode. Members get the newsletter every week, and have access to the Member Portal with all existing Member content. Non-members get every other episode. Sign in or… Become a member and get immediate access

Unsupervised Learning is my weekly show that provides collection, summarization, and analysis in the realms of Security, Technology, and Humans. It’s Content Curation as a Service… I spend between five and twenty hours a week consuming articles, books, and podcasts—so you don’t have to—and each episode is either a curated summary of what I’ve found in the past…

This is a member-only even episode. Members get the newsletter every week, as well as access to all previous episodes, while free subscribers only get odd episodes every other week. Become a member to get access immediately

Unsupervised Learning is my weekly show where I spend 5-20 hours finding the most interesting stories in security, technology, and humans, which I then curate into a 30-minute podcast & companion newsletter. The goal is to catch you up on current events, show you the best content from around the web, and hopefully give you something to think…

I have two favorite conferences of the year: AppSec Cali ENIGMA ENIGMA 2019 ended today, and I wanted to do a quick capture on what I saw and found interesting there. The conference For me conferences are all about the combination of ideas, people, and conversation, and that’s what both of these do really well. First a bit…

This is a member-only even episode. Members get the newsletter every week, as well as access to all previous episodes, while free subscribers only get odd episodes every other week. Become a member to get access immediately

Unsupervised Learning is my weekly show where I spend 5-20 hours finding the most interesting stories in security, technology, and humans, which I then curate into a 30-minute podcast & companion newsletter. The goal is to catch you up on current events, show you the best content from around the web, and hopefully give you something to think…

There’s currently a major backlash in the InfoSec community against so-called “smart” locks. And it’s not just by people who naturally overreact to change, or from people outside of InfoSec: there are plenty of smart people in our field—whom I respect greatly—that are making loud noises against this technology. So I want to make it absolutely clear that…

This is a member-only even episode. Members get the newsletter every week, as well as access to all previous episodes, while free subscribers only get odd episodes every other week. Become a member to get access immediately

The NSA is releasing a free reverse engineering tool this year at the RSA security conference in San Francisco. A lot of people are asking about the motive of the NSA releasing a free reverse engineering tool at RSA this year.Theories include: it’s a backdoor, it’s a tracking mechanism, etc.My opinion? Recruiting.It’s a PR move to attract talent…

Unsupervised Learning is my weekly show where I spend 5-20 hours finding the most interesting stories in security, technology, and humans, which I then curate into a 30-minute podcast & companion newsletter. The goal is to catch you up on current events, show you the best content from around the web, and hopefully give you something to think…

Short answer: it’s a trick question. Privacy is part of security. But just because one is part of the other doesn’t mean they are the same. There’s a nuance there that’s important. The word “security” is shorthand for “information security” or “cybersecurity” in this parlance. Information Security is about controlling access to information. Privacy is about making sure…

I’ve mentioned this in numerous places for the last few years, so I decided it was time to finally put it into a formal piece. It seems obvious at this point that China is building a massive database of information on American individuals and companies, which they can then use for various purposes—including espionage, intellectual property theft, extortion,…

I saw a tweet recently by Robert M. Lee—a highly respected ICS Security professional in the industry. When folks put “ICS” in the category of “IOT” it conflates the systems, purpose, value, and risks of separate communities. There’s important differences between a robot arm in a car manufacturing plant and your internet connected doll even if both have…

January always feels fresh to me—a chance to be better. But at the same time, it’s really just a day after the end of December. This is why I don’t do New Year Resolutions. Basically, if you wanted to do that thing bad enough, you would have done it already. But that’s for things that you can do…

This is a member-only even episode. Members get the newsletter every week, as well as access to all previous episodes, while free subscribers only get odd episodes every other week. Become a member to get access immediately

I was doing the Twitter thing recently, and someone was talking about red teaming and I had an epiphany: Vaccination and Red Teaming are extremely similar. Or at least they should be. Here are some similarities: The main purpose is to strengthen the defenses It’s done by exposing defenses to the bad stuff Its effect weakens over time,…

Unsupervised Learning is my weekly show where I spend 5-20 hours finding the most interesting stories in security, technology, and humans, which I then curate into a 30-minute podcast & companion newsletter. The goal is to catch you up on current events, show you the best content from around the web, and hopefully give you something to think…

Don’t call them cameras or microphones anymore. Those are human-centric names, and humans are about to be the Neandertals of detection. I first heard this idea regarding cameras from Benedict Evans. What we’re moving towards is a world where sensors are everywhere—and of multiple types: Visible light Non-visible light Radio waves Sound Vibration Chemicals Radioactivity Air pressure Etc,…

One of the most frustrating things to me as a security person is having sales and marketing types confuse the different types of security assessment. Similarities And among those types of assessment, the pentest and red team are two of the most commonly mangled. First, let’s start with similarities. They’re both types of security assessment, meaning their goal…

This is a member-only even episode. Members get the newsletter every week, as well as access to all previous episodes, while free subscribers only get odd episodes every other week. Become a member to get access immediately

Brian Krebs ran a story recently about how FICO has a new service for rating the Cybersecurity risk level of various companies. Problem is, in one of their marketing communications about the new offering, they leaked the actual report data for a little company called ExxonMobil. I find this space both strange and fascinating. On one hand I…

Unsupervised Learning is my weekly show where I spend 5-20 hours finding the most interesting stories in security, technology, and humans, which I then curate into a 30 minute podcast & companion newsletter. The goal is to catch you up on current events, show you the best content from around the web, and hopefully give you something to…

This is a member-only even episode. Members get the newsletter every week, as well as access to all previous episodes, while free subscribers only get odd episodes every other week. Become a member to get access immediately

This is a member-only even episode. Members get the newsletter every week, as well as access to all previous episodes, while free subscribers only get odd episodes every other week. Become a member to get access immediately

🛡️ Security News Ukraine has found another nasty piece of malware targetting their government systems. It’s a Windows backdoor called Pterodo. Link China has turned on their social credit system that was basically a Black Mirror episode, and it’s resulted in the blacklisting of millions of Chinese from booking flights. Their scores were too low. Unreal. Link The US…

This is a member-only even episode. Members get the newsletter every week, as well as access to all previous episodes, while free subscribers only get odd episodes every other week. Become a member to get access immediately