Unsupervised Learning No. 258

News & Analysis

I spend my time reading 3-6 books a month on security, technology, and society—and thinking about what might be coming next. Every Monday I send out a list of the best content I've found in the last week to around 50,000 people. It'll save you tons of time.

MEMBER EDITION | EP. 258 | December 7, 2020

MY ESSAYS

An Agile Primer More

Organizing Feedly by Tags More

Joe Rogan vs. Alex Jones More

SECURITY NEWS

Solid is an idea and company started by Tim Berners-Lee, the inventor of the world wide web. The idea is that you put all your data into a Solid Pod, and then you give granular access to that data to others. So rather than your data being owned and controlled by various corporations, you'd have it all yourself and you'd just give access to groups that provide you functionality. More

Jackson, Mississippi is running a pilot program allowing police to access the live feeds from citizens' Ring security cameras. More

California's Senator, Diane Feinstein, who was also Chair of the Senate Intelligence Committee, had a Chinese spy working for her for 20 years. He was evidently mostly a driver and a gofer, but he did serve as the liaison to the Chinese Consulate as well. The FBI concluded that nothing serious was leaked, but, seriously? More

Trump has banned Americans from investing in 31 different Chinese companies due to their ties to the Chinese military. More

There's now a black market for fake COVID test results. Because of course there is. More

Microsoft is saying you should use app-based MFA, and not SMS. This is the debate that doesn't die. My opinion is that you should use app-based for your highest-risk accounts, such as email and anything financial, and that SMS is probably good enough for most others. And SMS is still far better than password alone. More

The US's latest tactic against Russian government APTs is trolling them via embarrassing cartoons. More

Samy Kamkar released new research called NAT Slipstreaming that allows one to bypass NAT for anyone visiting a website. Samy remains my favorite researcher, both personally and technically. More

Shadowmap did some great analysis on how a Chinese company called Zhenhua Data collects and organizes social media data on American targets. More My Essay on This

CISA says the recent US election was the most secure we've ever had. It's good to hear we've made such significant gains in election security since 2016, but it seems clear now that the bigger threat is the influence of populations, not manipulation of the election technology itself. More

The Chinese hacking competition, the Tianfu Cup, yielded vulnerabilities in Chrome, ESXi, Windows, and many other platforms. More

Israeli agents assassinated Al Quaeda's #2 guy along with his daughter via shooting from a motorcycle on the streets of Iran. More

Vulnerabilities:

  • Google has released some updates to Chrome. More

  • Cisco has released updates for its IOS XR software for ASR 9000 series routers. More

  • There's a new attack against the DNS, specifically around cache poisoning, called SAD. More More

  • WordPress has patched 10 security bugs as part of their recent 5.5.2 release. More

Breaches:

  • Luxotica has announced a data breach affecting 820K EyeMed and LensCrafter patients. More

  • Capcom disclosed a breach this week using Ragnar Locker ransomware. The attackers claimed to have stolen more than a terabyte worth of files. More

  • 28 million Texas drivers have had their data stolen. It was leaked by an insurance software company called Vertafore, which left the data in an unsecured location. More

Companies:

  • Menlo security just raised a $100 million Series E to defeat phishing by only showing representations of content, not the actual thing. More

  • Eagle Eye is bringing video surveillance to the cloud, and just raised a $40 million Series E. More

TECHNOLOGY NEWS

Zoom is lifting its 40-minute limit on free meetings for Thanksgiving. More

Amazon is expanding its garage door delivery service to over 4,000 cities. It allows the Amazon driver to open your garage door and put your stuff inside, instead of leaving it on your doorstep. More

Amazon is releasing something called Care Hub, which allows people to care for their aging family members. It allows you to link accounts with elderly family members so you can see things like commands issued, lights turned on, etc. The elderly family member can also say, "Alexa call for help", and it will contact the connected family member. More

Facebook has copied Snap's vanishing message feature on Messenger and Instragram. More

Zoom's stock took a massive hit last week when news was announced that we are getting closer to a COVID vaccine. More

AWS just launched a new service called Glue Databrew, which cleans and normalizes data—supposedly up to 80% faster. More

Companies:

  • Databricks has launched SQL Analytics. More

HUMAN NEWS

McDonald's is doubling down on automation tech, including automation to take and parse orders, as well as a focus on drive-thru. Again, COVID didn't start this trend, but it accelerated it. More

Scientists successfully injected an in-utero monkey with the gene that made human brains larger, which made the brain grow and become more human-like. They didn't let the monkey be delivered though, because they said that would have crossed an ethical line. More

Unemployment claims in the US fell to the lowest level since March, at 709,000. More

The US divorce rate has hit a 50-year low. More

One good sign in the American jobs market is that churn is increasing, meaning there are more people leaving their jobs voluntarily. Over 3 million did so in August, and layoffs declined and openings increased. More

MakAir is an open-source ventilator, and it's now being used to treat human patients. More

The New York Times has hit 7 million digital subscribers and is now making more from online than print. More

US visas for Chinese students are down 99%. More

A very unscientific poll on Hacker News asked, "Are you depressed?", and the results were 53% yes. Again, who knows if that was gamed or how clean it was, but if that's anywhere near accurate that's troubling. More Discussion

78% of Americans say there is more crime in the US in the last year, but far fewer say there is more crime in their area. More

IDEAS, TRENDS, & ANALYSIS

A fascinating video clip of Neil Postman talking about Cyberspace in 1995. His book, Amusing Ourselves to Death, is one of my favorite books of all time. More

Disney+ now has 73 million subscribers. More

UPDATES

Reading:

I just finished:

  • The Uprising, which is the UL Book Club book of the month

  • We, which is the dystopian precursor to 1984 and Brave New World

Currently reading:

  • Prestige, a book about hiring at elite institutions

DISCOVERY

CrowdSec — A modern, crowdsourced replacement for Fail2Ban written in Go. More

Drumbit — an online drum machine. More

Cartography — An asset management tool that does visualizations via Neo4j. More

Linux Command One-liners More

A visualization of American trust in TV news media. More

A CISO Mindmap — What do security professionals really do? More

Making money in bounty is all about being unique, whether that's through new bugs, speed, or finding special targets. More

There's a Twitter hashtag for hacking with automation. #hackwithautomation

A Twitter thread on how bad Google is at UX. Highly entertaining. And true. More

DNSX — A new DNS tool from ProjectDiscovery.io that allows you to perform a high volume of DNS queries using multiple resolvers. More

RECOMMENDATIONS

The Surrender of Culture to Technology (Video) More

APHORISMS

“It is difficult to get a man to understand something when his salary depends upon his not understanding it.”

~ Upton Sinclair