Unsupervised Learning Newsletter NO. 345

News & Analysis

🗞️ NO. 345 | AUG 22 2022

Greetings!

I hope you're doing well. Two requests this week that I fail to mention often enough:

  1. Do me a favor and subscribe to the UL podcast in your preferred client, and…

  2. Follow me on Twitter!

Thank you! :)
 

— Daniel

SECURITY NEWS

⚠️ Apple released two emergency patches for actively exploited zero-day vulnerabilities last week. The issues give an attacker full control of a macOS, iPadOS, or iOS device. The entry point appears to be in Webkit (the browser), followed by the second issue in the kernel that allows for full takeover. Update immediately if you haven't already. More

China's top internet companies, including Alibaba, Tiktok parent ByteDance, and Tencent have shared their platform algorithms with the Chinese government for the first time. These are closely guarded, proprietary secret sauce that companies usually never share, but it's the CCP so what's the alternative? The prevailing analysis is that the government wants to make sure the companies are propagating positivity towards the government and/or not doing anything corrosive to the desired culture. More

An AirTag-protected suitcase was used to track down an airline employee who was stealing bags and items from passengers in Florida. The victim was able to track their bag to a certain neighborhood and went to the Sherrif, who looked up airline employee addresses and made contact. Here's what I'm about to do: feel free to copy me. I'm going to buy a bunch of fake AirTags to put in my bags, and I'll hide the real one somewhere. So they'll remove the obvious one and hopefully get me more time before the anti-stalker bit on the real one makes them suspicious again. More

Sponsor

🔭 Rapid Detection and Response With Panther & Tines


Currently, the threat detection and response process is very time-consuming. Security teams spend hours reviewing false positive alerts or performing mundane tasks to resolve security incidents.

Panther and Tines are modern solutions that work together to rapidly detect and respond to threats, saving time and improving security operations. In this article, Panther outlines three common use cases that many organizations use to automate their detection and response.

It appears VPNs on Apple may not terminate previous connections when establishing VPNs, even if the VPN takes on all DNS and such after it's enabled. This means the VPN itself will be secure once it's up, but if the previous connections are not terminated they will continue insecurely, which could be logged and result in unwanted leakage. I haven't tested this yet myself, but my read of the post and the lack of response indicate to me that it's legit. I hope they fix this soon. More | Researcher Blog Post

NSO Group's CEO is stepping down and 100 employees are being laid off as part of a company reorganization. The company has come under massive scrutiny for making the Pegasus spyware tool and selling it to a number of governments and organizations of questionable morality. The company is currently looking for a buyer while trying to get taken off the US's list of deny-listed companies. More

Sonatype has found 186 malicious packages in the npm JavaScript library registery. The malware is designed to infect Linux hosts with cryptominer appliations. They say the packages were all published by one account and that they use a typo-squatting technique to trick people into pulling the wrong package. More

Vulnerabilities

  • 🪳LOW | Janet Jackson Rythym Nation | Resonant frequencies from a particular Janet Jackson song evidently disrupt 5,400 RPM hard drives from a major hardware manufacturer. And not just for the system the drive is in, but systems around it running the same hard drives as well. And the bug has a CVE: CVE-2022-38392. More


TECHNOLOGY NEWS

Yet another AI Art Generator called Stable Diffusion differentiates itself by being able to copy multiple active and working artists. There are hundreds of artists listed. The discussion in the thread is fascinating and heartbreaking. DALL-E hit me pretty hard, but this surge of new generators has made me far more afraid for artists. Especially as the prompt engineering keeps getting better and more automated. The next big step here is going to be, "Make me a set of 100 creatures for a 3D fantasy game. The creatures should be cartoonish and cute, with expressive eyes and mouths." Same with scenery, dungeon monsters, etc. Like this stuff is going to affect entire art teams and studios. More

Capitol Records has signed an AI artist named FN Meka. They're currently getting a human to sing the lyrics, but who knows how long that will last. The lyrics and much of the music was all written by the AI. More | Video Performance

Nielsen says we just crossed the threshold of more people watching streaming content than cable. About time and good riddance. I'm all stocked up on Mesothelioma Catheters. More


HUMAN NEWS

Japan's National Tax Agency is running a campaign to get people in the country to drink more alcohol. Sales are way down since Covid started, so they're launching campaigns to get people back at it. I'm trying to imagine such a government strategy in the US and just can't. The article also mentions young people, which makes me think of their demographic problems, and I can't shake the feeling that the government is also hoping more drinking leads to more you know what. More

Miami has voted to move its homeless population to a nearby island where they will provide housing, food, showers, and various outreach services. The mayor unhelpfully offered that the location would not be a concentration camp. Good to know. More

In the US, 52% of Millennials and 44% of US Generation X identify as Independents. More


CONTENT, IDEAS & ANALYSIS

✍🏼 Battle of The AI Art Engines: Midjourney vs. DALL-E
I just got into Midjourney, which is the new competitor to DALL-E, and it's not just great but quite different. The short version is that Midjourney is like a Mac, and DALL-E is like the Linux command line. And I love both! Read the Piece | Check out Midjourney

✍🏼 Supporting Sam Harris on Company Autonomy
My latest piece defending Sam Harris' comments on the TriggerNometry podcast regarding company censorship and freedom. Basically, people are saying Sam is supporting censorship, which he is not. Refusing to have Alex Jones on your podcast is not censorship, and neither is kicking him off a private company product for doxing people. Read the Essay | Source Podcast

The End of Public School
This is a gut-punch of a piece about why so many teachers are quitting the profession. It basically comes down to dignity and its proxy which is pay. They get mistreated by students, ignored by the system, and paid next to nothing. "The question is why they haven’t all quit." My take: The future of education is rich kids in strict, disciplinarian private schools, and poor kids in public daycare facilities loosely called "schools" that aren't able to teach anything useful due to fear of angering/offending students, parents, or administrators. More

 

NOTES

I saw a digital license plate on the road in front of me on Saturday, so I followed them and asked them where they got it. Turns out it was an RPlate from reviver.com. It's a super clean look and it's all customized through an app. You can do light or dark mode, report the vehicle stolen, and make other visual tweaks. Already ordered mine and it's on the way! More

There's evidently a competitor to the OURA Ring out there now. It's called the Ultrahuman Ring. I'm happy with my OURA Ring right now, and these things are expensive, so I'll be watching its career very closely. More

We just crossed 800 people in the UL Community Slack channel! Cannot tell you how awesome these folks are. It's truly warming to know there are so many like-minded, kind, curious, and thoughtful people with us on the planet. If that sounds nice, come hang with us. More

Speaking of UL, we have some really exciting Member/Community stuff coming up with one of our very own taking over additional event planning. So in addition to our monthly book club, we're going to be adding more virtual get-togethers (think hang-outs, presentations, etc.), more in-person meetups, and some goodies I'll let them tell you about themselves. More

I like flat wallets, which means I can't fit an AirTag in mine. Which is why I just got me a Chipolo, which is an AirTag, but in a credit card form factor. Love it. More

 

DISCOVERY

⚙️ RECON | Smap (⭐️ 2.2K )
Smap is Nmap, but for Shodan. In other words, it uses Shodan's API to scan a target according to what Shodan has seen of it, rather than going direct. More | by s0md3v

⚙️ APPSEC | Trivy (⭐️ 13.6K )
Trivy is a multi-purpose command-line scanner. It scans containers, filesystems, git repos (remote), and Kubernetes clusters. It can find SBOM dependencies, known issues (CVEs), IaC Misconfigurations, and sensitive information and secrets. More | by AquaSecurity


⚙️ AI | Real-Time Voice Cloning (⭐️ 36.1K )
A repository that will let you use a graphics card and Windows or Linux to deepfake your (or someone's) voice. Notably, it only needs a few seconds of audio, although more is better. More | Video Demo | by Corentin Jemine

⚙️ MISC | Public APIs (⭐️ 206K )
A collective list of free APIs for use in software and web development.

⚙️ MISC | Data Science Interviews (⭐️ 6.1K )
A list of Data Science Interview questions and answers. More | by Alexey Grigorev

🔭 (Sponsor) Rapid Detection and Response With Panther & Tines
In this article, Panther outlines three common use cases that many organizations use to automate their detection and response using Panther and Tines. Learn More

Super Prompts
Buy and sell the best GPT-3 and Midjourney AI Prompts. More

Quantum Polarization?
If you want your mind melted, you should read this thread about quantum physics and polarized sunglasses. Here's the gist: If you rotate two polarized lenses a certain (90 degrees to each other) you stop any light from getting through. The combined lenses are dark. But if you add a third lens it gets brighter. To me that's definitive proof we're in a simulation and someone is a lazy programmer. More

Rewarding Crypto Scam Scam
My favorite kind of scam is one that scams a scammer while they're trying to run a scam scam. This one pretends to be a novice crypto person who accidentally sends their private key to a wallet that has $1,000 in it, but no gas. And when the greedy bastard pays the gas to steal the $1,000, their gas money is stolen. Delicious. More | HT Marcus

Chipolo Credit Card Form Factor AirTag
I like flat wallets, which means I can't fit an AirTag in mine. Which is why I just got me a Chipolo, which is an AirTag, but in a credit card form factor. Love it. More

Ultrahuman Ring
There's evidently a competitor to the OURA Ring out there now. It's called the Ultrahuman Ring. I'm happy with my OURA Ring right now, and these things are expensive, so I'll be watching its career very closely. More

Using GPT-3 to Augment Your Intelligence
A great set of Prompt Engineering tips for GPT-3, specifically around using it to augment your own thinking. My favorite: Ask GPT-3 to argue something in the voices of two prominent thinkers. More


RECOMMENDATION

When people near death are interviewed they tend to regret what they didn't do, not what they did do. Things like, spending time with friends, telling people they love them, or becoming a botanist. When you're thinking about the past and the future, ask yourself if you're living the life you're supposed to be living, or if you're stuck in some sort of waiting mode. Ask if you've told your friends and family that you love them. Ask if you're prioritizing time with them. Plan your future such that you avoid the regret of not being the person that you know you should be. And don't worry about the past.


APHORISM

"History is the discovering of the principles of human nature."

David Hume