Unsupervised Learning Newsletter No. 268
News & Analysis
I spend my time reading 3-6 books a month on security, technology, and society—and thinking about what might be coming next. Every Monday I send out a list of the best content I've found in the last week to around 50,000 people. It'll save you tons of time.
MEMBER EDITION | Ep. 268 | February 15, 2021
Someone released 100 times the correct amount of lye (sodium hydroxide) into a Florida city's water supply. The SCADA system used to make the change was running on a Windows 7 computer, with no firewall, that was being accessed throughout the plant via Teamviwer using a shared password. Christopher Krebs said it was most likely a disgruntled employee. More
ESET says there were 768% more RDP attacks in 2020 than in 2019, as a result of work-from-home. More
RiskSense researchers found 223 vulnerabilities being used by ransomware attacks in 2020, which is four times as many as were seen in 2019. More
Microsoft is going to start telling people they've been targeted by a state actor via the Defender for Office 365 dashboard. They were already telling select customers about this manually, but now it'll be right in the interface. More
A number of cops in LA are using copyright law as a weapon against being publicly filmed. Because YouTube and other services frequently take down videos that have known and protected music in them, they're blasting famous music when they see someone is pointing a camera at them. This is both fascinating and disturbing. Fascinating because it's using one law against another, and disturbing because people in public service should not being looking for creative ways to evade being recorded. More
TikTok has become a battleground for Russian pollitics. It's being used by protesters to get out their message, and the pro-government propagandists are also paying influencers to make content that counters their message. More
There's been a surge in catalytic converter thefts because they contain precious metals. In St. Louis there were 50 in 2019 and 420 in 2020. Wichita, Kansas jumped from 191 cases to 547, and they had 102 in January of 2021. More
PAN-OS has a number of vulnerabilities, including OS execution, DoS, and XSS. More
The source code for Cyberpunk 2077 and The Witcher 3 appear to have been stolen and sold on a dark web auction. More
SentinelOne has acquired speed logging startup Scalyr for $155 million. More
Another group of researchers has made progress using wireless signals and AI to determine someone's emotions. They have it tuned to identify anger, sadness, joy, and pleasure. They're saying the tech could be used by managers to understand the emotional state of workers. Indeed. Now we just need an AI that can monitor large collections of workers, and automatically adjust stimuli to improve their mood. Like releasing nice smells into the air, or playing soothing music in the background. Does that sound too intrusive? It's not. It was part of your employment agreement, remember? :) Wonderful, spooky stuff is coming. More
The US Army has created a quantum-based sensor that can detect RF frequencies all the way up to 20Ghz. The system uses lasers and a small glass cell of atoms, and although they say it's not ready for the field yet, they are looking at possible uses for communications and Electronic Warfare in the future. More
Researchers at the University of New South Wales were able to identify individuals using AI by taking images of the back of their hands, and they say this works even with bad cameras. Yet another way to de-anonymize someone, or to authenticate to a system. More
Tesla bought $1.5 billion in bitcoin, which appears to have been about 5% of its total cash. Seems pretty smart when your investment can also signal that it's a good investment, which raises the value of the investment. More
AI can tell you what song you're listening to by listening to your brainwaves. For now this requires some strict environmental conditions, but we can see where it's heading. More
Scribe.ai is a company looking to (eventually) capture everything in your life so you never forget anything. They're starting with meetings, via integration with Zoom, that takes everything that happens and makes it intuitively searchable. More
Cloudflare revenue increased 50% year-over-year. More
Carjackings have skyrocketed in 2020, and gig-workers are often the targets. Some cities have reported between a 2-7x increase in incidents. More
Astronomers are getting really excited about what looks like a potentially Earth-like planet orbiting the nearest star to us, Alpha Centauri. They're not sure if it's real yet, but it would be major news if it pans out. For one thing, the Drake equation would seem to be impacted if we found a potentially habitable planet on our closest neighbor, making it far less likely that we're an aberration. More
The US has the world's highest rate of children living in single-parent households. 23%. More
The University of Copenhagen has developed an AI that they say can predict who will die of COVID with accuracy of around 90%. They said BMI, age, males, and people with high blood-pressure were at high risk. Next in line were those with COPD, asthma, diabetes, and heart disease. More
CONTENT, IDEAS & ANALYSIS
A ffuf Primer — My new primer on the ffuf web testing tool. More
My Journey to Beginner Audiophile — I've spent the pandemic learning about audio, both for playback and soon for music creation, and this post is a summary of everything I've learned so far. More
The AI-Powered Workplace — Riffing off of the AI emotion detection story in the tech news section, think about all the different ways AI-powered companies will soon be offering to help in the workplace. The workplace is an optimization problem. We're optimizing for productivity ultimately, but happiness as a second goal. Now, your company has to do a lot of things as part of business, right? You have to send out lots of internal emails. You have to manage your internal Slack channels. You have to have 1:1 meetings. You have send out company-wide emails that talk about changes and direction. Well, as we can see, AI will soon help with all of that. Let me help you write that email. Let me tell you when the best time to start work is. Let me tell you the best times are to interact with this customer to retain them. Let me tell you the best times and tones to use to retain your employees. Let me help you build an incentives package that's customized to your company and maybe even your employees. All of these will start as standalone companies, but they'll eventually unify into companies like Success Factors that offer all of it as a holistic Workforce Management Platform. "We'll tell you why your employees aren't happy, why they're not productive, and what you can do to fix it. But not as a one-time exercise. We'll do it continuously, in real-time, as a service, and on average we see a 37% increase in productivity, happiness, and retention as a result." That's a strong pitch! There will be a lot of snake-oil at first, and many companies will use this type of software to produce an Umbridgian hellscape, but the potential for positive will exist as well. AI is the ultimate example of the double-edged-sword dynamic in tech.
What Do Palantir and Databricks Have in Common? — I think a major trend for successful tech companies is, and will continue to be, bringing difficult tech to organizations who need it. Spark is cool tech, but most companies don't have the resources to manage it. That's Databricks, who just raised a billion dollars in funding. Finding patterns in, and making predictions from, data—using AI—is cool tech. But most companies struggle with being able to do that in-house. Enter Palantir. This is a trend that will continue, and the fun questions are, "What are the awesome technologies that are hard for companies to take advantage of?", and, "What company can I start to make that easy for them?"
Slightly shorter episode this week due to Valentine's Day.
I read my first Carmack McCarthy book like a week ago, The Road. It was quite a powerful experience.
I just finished American Kompromat, and am currently reading The Second Mountain, by David Brooks.
Reminder: the UL Book of the Month is Life 3.0, by Max Tegmark. More
Malwarebytes — This is the main tool I've used for malware protection on Windows and Mac for close to a decade. Happy to have them as a show supporter! [SUP] 25% Off Link
Roon Music Management (1.8 Release) — If you are into music and haven't heard of Roon, you're missing out. It's a complete music management and listening system, and this week I am now using the new version 1.8 and it's fantastic. Video About Version 1.8
Upptime — An open-source uptime monitor and status page, powered entirely by GitHub actions and issues. More
Base64.ai — Extract text, photos, and signatures from all document types. More
An argument for migrating from Medium to Substack, which I think brings up some good points. Unfortunately it's just a step away from migrating away from Substack to an independent stack. More
David Robinson, a principal data scientist at Heap, breaks out the different AI fields as: Data science produces insights, Machine learning produces predictions, Artificial intelligence produces actions. More
A fascinating WSJ piece on how the wealthy can pay to have their online image manicured. They talk about a company who does this called Status Labs, in Austin. More
The Chapelle Show is back. More
Web Scraping 101 With Python More
An extraordinary set of Bash aliases for web hacking with ffuf and nuclei, by a member of our UL community, Rez0. More
It's the start of the year. What's your backup story look like? Do you have local backups, like on a NAS, and then copies somwhere in the cloud? This type of stuff is what should replace New Year's Resolutions—checklists of things that should be done annually.
Anyway, backups. Check em'.
“You will never know if someone is an asshole until they become rich.”
~ Nassim Taleb