Unsupervised Learning Newsletter No. 296

MEMBER EDITION  | Episode 296 | Monday: August 30, 2021

SECURITY NEWS

The Army just put out a massive report on Chinese Tactics, which captures what's taught in Army training, professional education, and leader development. It covers military, cyber, and all sorts of offensive and defensive capabilities. Remarkable paper. Report

CISA is warning users to urgently patch Exchange ProxyShell bugs. More CISA Advisory

UFOs are regularly spotted in restricted US airspace. I'm agnostic on aliens, but probability forces me to find/replace every instance of "UFO" or "UAP" in these stories with "Chinese Drone Technology". To me, these UFO stories are very real; they're just not about aliens. They're about foreign adversaries spying on our military capabilities. I hope we're seriously looking into this as a threat. More

China is looking to propose new rules that will make it difficult for data-heavy Chinese companies to go public (IPO) in the US. More

Vulnerabilities:

• Hundreds of thousands of Realtek-based (SoC) devices are vulnerable to multiple vulnerabilities and are under attack from a botnet. More

• Synology has multiple products affected by an OpenSSL RCE. More

• F5 has a number of serious issues its BIG-IP and BIG-IQ products. More

• VMware has patched high-severity vulnerabilities in vRealize Operations. More

TECHNOLOGY NEWS

TSMC says it is raising prices on its high-end chips by around 10%, and some by around 20%. The price increases are set to hit later this year and next year. More

TikTok has added in-app shopping, powered by Shopify. More

People are hiring out their faces to become deepfake source material. More

This AI can look at objects with a webcam and tell you with 95% accuracy whether it's recyclable. More

Affirm, which helps people pay for things in payments, just landed a major deal with Amazon. More

Unity has purchased AI chat analysis company Oto to help it address toxicity in audio chat. More

Joe Rogan made a lot of money moving to Spotify, but it looks like his influence has dropped off since making the move. I'd be very cautious of moving off of YouTube if you're already a star there. More

Pacaso is a company that buys houses and turns them into LLCs. It's basically like time-shares, except you are more owner somehow. Kind of has an Airbnb vibe, with neighbors not necessarily liking it. More Site

Substack now accepts Bitcoin for a few of its crypto-related publications. More

China now has 1 billion people online. More

 
HUMAN NEWS

There's been a surge in Americans reporting that it's a good time to find a quality job. More

Scientists have used MRI tech to track epigenetic changes to pig brains for the first time, and they expect the findings will translate to humans. In other words, actual changes to DNA based on environmental input. In this case, diet. More

It looks like the future of the gym is hybrid, just like the future of the office. Companies like Peloton and Tonal are bringing gyms to the home, and gyms are starting programs where their trainers give you guidance remotely. So they're meeting in a middle that has both. More

There's a meme going around East Asia called "lying flat", which is basically the idea of unsubscribing from the rat race. So many young people there face extreme pressure to get into the best universities, to get the best jobs, to have the highest incomes and status. And tons of them are just saying, "nope". More

There's a work schedule in China called "996", which is six days of 12-hour shifts. China's government has deemed the schedule to be in violation of labor law. The Chinese government protecting people from being asked to work too much. Surprising. More

For the first time ever, and very briefly, solar power generated more electricity than coal in Australia. More

Mental health professionals are seeing a rise in people behaving as if they have Tourrette's after following TikTok accounts from people who actually have it. More


CONTENT, IDEAS & ANALYSIS

Random Thoughts on China's Model vs. America's — A stream of consciousness flow around what China is doing right and wrong relative to the US. More

"Most security sits on this psychological razor's edge just this side of worthless. If you apply any effort into bypassing it, it's garbage. But because most people don't apply any effort or scrutiny, it ends up doing exactly what it was supposed to do." Share via Tweet


NOTES

Really great Book Club today! We talked all about Dune, and had some spirited debate and discussion around its main themes and relevance. We also selected the new book of the month for September, which is The Mastermind. More

I'm having some sort of weirdness with Memberful (and/or Stripe), so do me a favor and make sure your subscription is updated here. And if you're on the monthly plan, please do us both a favor and migrate over to the annual plan, which is only $8 a month instead of $20. I'm going to be removing the monthly plan altogether and just having the one plan. Sorry for all the logistics weirdness! This should be the last of it for a long while.


DISCOVERY  

85 Books Coming in the Fall That I Can't Wait to Read — I've already added several of these to my wish list on Audible, and several will be candidates for the UL Book Club! More

Hire for the Ability to Get Shit Done More

A Web Hacking Mindmap More

Burning Out and Quitting More

A Tech Interview Handbook More

A Cloud Security Kanban — A collection of must-haves, should-haves, and ought-to-haves for doing cloud security. Organized into a Kanban interface. More

SecurityTrails SQL — A new way to access SecurityTrails data. More

5 Ansible Techniques I Wish I'd Known Earlier More

I did a sponsored lunch interview with CrowdSec where we talked about the current state of their platform and where they're taking it. More

Someone broke GPT-3 by asking it about XinJiang. More

An Introduction to jq. More

Hakluke put together a great list of resources for getting started in hacking. More

Web App Pentesting with Burp Suite Scan Profiles More

"I understand what joy is now." An MDMA trial participant tells his story. More

Ghidra2Frida — The new bridge between Ghidra and Frida. More

SQL vs. NoSQL is a Misnomer — You can actually use SQL to query non-relational databases. So when you talk about something being SQL or not, you need to make the distinction between the query language and the database technology. More

A Collection of OSINT Attack Trees More

API Wordlist — A collection of wordlists created by fuzzing APIs. More

d0nut says you learn the most about how to break web apps by building them. More


RECOMMENDATIONS

If you've not seen or used Wirecutter before, it's a series by the New York Times that evaluates products in various categories and gives you multiple recommendations. For example, it'll give you its top pick, the runner-up, the best value, and then the best one if money isn't a consideration. I've purchased many products based on their recommendations, and they've all been great. I think it's the best "consumer-reports" type website out there. More

Don't use VPN services. They are giant choke points for traffic monitoring, and law enforcement and criminal groups commonly target them for that reason. Build your own instead using something like Algo. More


APHORISMS

“As a rule, adversity reveals genius, and prosperity conceals it.”

~ Horace