Unsupervised Learning Newsletter No 306

News & Analysis

MEMBER EDITION  | Episode 306 | Monday: November 8, 2021

SECURITY NEWS

Attackers are using voice bots to automate 2FA token extraction. The bot calls the victim and at the same time a code is sent to the victim's phone. If the victim gives the bot the code, the hacker is in. More

The US has placed a $10 million bounty on information regarding the DarkSide ransomware operators. More

CISA has relased a list of 306 vulnerabilities that are known to be exploited in the wild by attackers. You'll recognize hits by, Accellion, Adobe, Android, Apache, Microsoft, and many others. More

The US has blacklisted Israel's NSO group, the developer of Pegasus spyware. More

Yahoo has pulled out of China, citing the "increasingly challinging business and legal environement". More

DDoSecrets published 1.8 terrabyes of police helicopter surveillance. The footage comes from the Dallas Police Department and the Georgia State Patrol, and supposedly came from insecure cloud storage. More

Incidents:

  • A drone was used to try to disrupt the power grid in 2020. The unmarked Mavic 2 had a massive copper wire held with ropes, apparently with the goal of producing a short-circuit. It got damaged before hitting anything important. My question is, "Why don't things like this happen much more often?" More

Vulnerabilities:

  • Hardcoded keys in Cisco Policy Suite let hackers gain root access. More

  • Two packages available via NPM were compromised with password-stealing malware: The Coa Parser, and the RC Configuration Loader. More

Companies:

  • Recorded Future has partnered with Swimlane for enrichment of accounts, employment validation, password comparisons, and leak novelty validation. More


TECHNOLOGY NEWS

DJI launched their latest Mavic drone, the Mavic 3. It can take 20MP images with a new Hasselblad camera, and has an adjustable aperature of 2.8-11 with a 24mm focal length. More

Ubisoft has entered the blockchain arena, announcing plans to develop blockchain-based games. More

The Wall Street Journal says Apple is working on car crash detection for the iPhone. More

AI is coming for wedding photographers. Video captured by attendees or stationary cameras capture the footage, and then AI can slice, dice, and arrange it into a final video product. More


HUMAN NEWS

More than 5 million people have now died of COVID worldwide. More

A study in the Journal Science has found that the efficacy of all three major vaccines drops significantly after 6 months. Moderna, Pfizer, and J&J effectiveness was 58%, 45%, and 13% after 6 months. More

Pfizer says their COVID oral antiviral pill cuts the risk of death or hospitalization by 89%. More

The US DOE has a new plan to pull carbon dioxide out of the air. Their goal is to get the cost down to below $100 per ton, and to use that tech to remove gigatons using that technology. More


CONTENT, IDEAS & ANALYSIS

NFT + AR — I think one of the most powerful uses of NFTs and AR will be the overlay of authentic, unique item status on top of reality. So imagine you're out somewhere and you're wearing a $4,000 watch, and a $900 pair of shoes. They'll already look like the real thing, which is definitely useful, but if someone has AR glasses they'll be able to see a green checkmark floating above the items, along with a uniqueness value and its context. For example, "This is a NOMAD Triaga Watch, and it's 112/2000 made." The trick in the tech will be tying the physical object to the NFT that the tech is reporting on. Otherwise you could just buy it for real, but then sell it, and then still have credit for the NFT in the AR glasses. Expect this to happen. The evolutionary biology behind wanting to signal that you have something rare and expensive is too compelling a use case for this to not happen. Incidentally, the most compelling AR module will no-doubt be a "worth/rep module". So, floating above your head you'll have authenticated values for how popular and rich you are. It's sad for us as humans, but this is the type of functionality that will drive AR the most.

Southeast COVID — I'm intruiged by this New York Times COVID map. It's been like this, with the Southeast being super clean, for a while now. What's the cause of this? I mean I think I know the answer, which is that the Southeast ignored vaccination and distancing and masking the most, so the disease basically ran through the population. So everyone is either dead or immune. But damn, that yellow looks pretty nice. Now you're not going to hear me argue that they chose correctly, and that everyone should have done what they did, because this map doesn't show how many more they lost that they could have saved. But you are going to hear me argue for a logical converastion about the tradeoffs of one policy vs. another, backed by data. I mean look at Florida. It's the cleanest state on the map. And you know they're not masking or distancing. So the question is, how long will that yellow last? And how much damage was done when they went all that time being the most red? And given the answers to those questions, going forward, how do we know the right moment to use which controls?


NOTES

Lots of reading going on right now. Just finished our book of the month for UL, Their Eyes Were Watching God, which was fantastic. Reading Forward, by Andrew Yang. Finished Rationality, by Pinker. Starting Move, by Parag Khanna. And starting the 10th book in the Cradle series, Reaper. Also bought The Five Dysfunctions of a Team, Wanting, and San Fransicko. Plus, the new UL book for this month is The Design of Everyday Things! Thanks to Leo for the recommendation!


DISCOVERY  

Learn in Public — A call to teach yourself things by teaching other people via blogs, tutorials, videos, conferences. Good advice; it's exactly how I started in this world. More

Don't Do Interviews; Do Discussions More

A Visualization of the Difference Between Bachelors, Masters, and Ph.D. More

Are Podcasts the New Wikipedia? More

Someone created a massive visual around Threat Recognition. More

CookieMonster — A tool for decoding and modifying session cookies from Laravel, Django, Rack, Express, and raw JWTs. More | by Ian Carroll


RECOMMENDATIONS

If you ever find yourself in need of more friends, make a list of promising associates, and schedule some time to hang out more. When you're with them, open the door to the next level of friendship. Maybe start by being transparent, e.g., "Hey, so I'm thinking I'd like to be closer friends with you." And proceed to increase your level of sharing and/or vulnerability with them. if they reciprocate, great. If they aren't interested, or don't reciprocate, that's fine too. Nothing wrong with associates. But don't live a life with too few friends for lack of trying. You probably know lots of cool "almost friends". Someone has to take that step, and it might as well be you.


APHORISMS

"Science is organized knowledge. Wisdom is organized life."

~ Immanuel Kant