Unsupervised Learning Newsletter NO. 362

Dependency Scanner, Citrix Attacks, AI Analysis…


Google released an open-source scanner for vulnerabilities in project dependencies. It's a front-end to the OSV database that links a dependency list to its vulnerabilities. MORE

The latest updates for Apple software fixed a new zero-day that could be used to hack iPhones. Discovered by a Google TAG researcher, Clément Lecigne, the flaw was a type confusion flaw with Webkit. MORE

NSA says Chinese hackers are actively exploiting the new Citrix zero-day. MORE

Github has enabled secret scanning on all public repositories. MORE

NIST is telling everyone to move off of SHA-1 by 2030. MORE

NSA's cyber director says Russia is attacking the global energy sector. MORE

FBI has seized domains for 48 DDOS-for-hire services. MORE

Marco Rubio is pushing a TikTok ban in Congress. MORE

The IRS leaked the data for 112K taxpayers, again. MORE

Samba has released patches for multiple high-severity issues. MORE


Step One to Zero Trust: Cybersecurity Asset Management

As cybersecurity threats, business models, and workforce dynamics evolve, Zero Trust has become a key part of many organizations’ cybersecurity strategies. After all, a Zero Trust strategy—more risk-driven and context-aware—helps organizations strengthen their security posture and limit their attack surface.

Download “The First Step to Zero Trust: Asset Management for Cybersecurity” now to learn:

  • Functional areas associated with Zero Trust and technologies that can help

  • Steps your organization can follow to implement Zero Trust

  • Why cybersecurity asset management is the first step to Zero Trust


China has banned AI-generated content that doesn't have a watermark. MORE

TikTok is adding landscape videos, which will make it even more of a problem for YouTube and other competitors. MORE

Twitter is shutting down its newsletter platform, Revue, as part of its streamlining and lighting things on fire. MORE

Twitter spent the week in absolute turmoil. It's hard to even capture all the things that happened. It's like 18 months of corporate drama in the span of 7 days. First they (he) banned a bunch of journalists. Then let them back in, saying the bans were temporary. But after banning mentions of many competitor networks, such as Mastodon, Instagram, etc., it appears that the journalists could have been targeted for being critical of Musk. Then to cap it off, Musk ran a poll asking if he should step down as CEO, and the internet said yes. I think this man needs 1) sleep, and 2) an adult to take control before he completely destroys the $44 billion dollar platform he just purchased. MORE


A large number of Gen Z workers evidently experience "tech shame" from not being comfortable with new technologies. MORE

San Francisco has the emptiest downtown in America. MORE

The US copyright office has ruled that AI art cannot be copywrited. MORE


AI and Smart Locks
The AI thing reminds me of smart locks. People say smart locks aren't good enough because you can hack them, forgetting that regular locks are trivially bypassed. AI fails a lot, but so do humans. The threshold isn't failure—it's being good enough in enough situations. TWEET

Your Domain is Your Digital Home
Twitter might turn out to be another example of why you should build your personal digital presence off your domain, not a platform. A lot of people have spent tens of thousands of hours getting popular on Twitter. And it can just go away, like Medium or Blogspot. You need to ask yourself: what would happen if platform X went way? If the answer is that you’d be screwed, find ways to make that not true. TWEET

AI Will Have a K-Shaped Impact
I like the concept of "K-shaped" for explaining things. K-shaped economic recoveries, for example, are recoveries where the bottom part of the population suffers or declines, while the top part thrives. This is the answer to the competing narratives about AI. Some say it'll remove millions of jobs and people are super-screwed. Others say it'll augment the creative and help them create even more businesses, and be even more effective in the businesses they have. Yes and yes. Both are true, and neither negates the other. The only question is, "what percentage of people will get left behind by the tech, and what percentage will use it to thrive?" That's the part nobody knows. It's hard to say because 1) we don't know how good the tech will get, and how fast, and 2) we also don't know how well people and society will adapt to finding other work for replaced employees. I'd say that's the part that's guaranteed. Millions, and possibly even billions, will enter what Harari calls the "useless" class, which sounds very judgemental but really just means they won't be able to provide something to the market that an AI or robot can't do better. To the market, not to other humans like family and friends. But not being able to provide something to the market really matters. It's been the source of pride and respect for humans basically forever. This K-shape is something we need to be thinking a lot about. In short, how are we going to help the people on the lower part of the K who can't use AI to thrive?

No, ChatGPT Isn't Just a Stupid Next-Word Completion Machine
As one would expect, there are many people on the internet saying ChatGPT is all—or at least mostly—hype. The argument is that GPT is just a transformer model that haphazardly writes the next word in a sequence, so it's not actually intelligent. This misses the point entirely. Yes, it's technically true that the mechanism used is writing the next word in a sequence, but this completely misses the most impressive advance in the field. Because of the size and quality of the model that ChatGPT uses, it effectively understands what it's completing. Here's an example: "Write a love song from Luke to Leia in the voice of Dylan." And here's the result. Doing this requires that the AI understand 1) forbidden love, 2) that it's forbidden to love your sister that way, 3) that Luke and Leia were from Star Wars (which I never mentioned), 4) the songwriting style of Bob Dylan, and 5) how songs are formed using various pieces to make a whole. So, sure, you can call that "just completing the next word", but you can also say love is "just a bunch of chemicals and hormones". Or that watching a sunrise with your one true love is just "a morning observation of a star appearing over the western horizon". Call it what you want, but anything that can write a Dylan song about Luke's incestuous love for Leia—in 3 seconds—is a goddamn miracle.


I'm extremely pissed at Elon, but I also see that he's struggling, not sleeping, and generally making an ass of himself. Kind of reminds me of Kanye. It doesn't remove my anger at what they've said or done, but it layers it with some degree of compassion for a flailing human. Still thinking through it.

Wonderful book club yesterday. We talked about the book RAM, and had a wonderful member guide us through its teachings through the lens of Indian mythology. That then led to lots of discussion about morality across different cultures. We finished by picking next month's book, which is going to be fantastic!

There won't be a newsletter/podcast next week. It's family and chill time for most people. I hope you have a wonderful holiday break!


⚒️ apk.sh — A Bash script that makes it easier to reverse engineer Android applications. It automates the common tasks of pulling, decoding, rebuilding, and patching an APK. PROJECT | BY AX

🤖 Artificial Intelligence

  • How to Detect AI-generated Text MORE

  • Perplexity.ai — Get a summary of anything. MORE

  • 6 Types of Businesses that will be disrupted by ChatGPT-like technologies. MORE

The more metrics you track, the less you know. MORE

Binance is F*cked MORE

The 2022 Adversary Infrastructure Report MORE

Substack appears to be using tons of code from Ghost. MORE

A Dashboard that shows Covid and MPXV in wastewater in multiple locations. MORE

The Scourge of Job Title Inflation MORE


Take inventory of the platforms you use for your digital identity and "brand"

  1. Realize that all of them can go away, with Twitter as a case in point about volatility

  2. Make sure your core content is all primarily at your domain, with all other platforms being syndication channels

  3. Assume all channels are temporary, and always use your domain as home base


"Everything has been said before, but since nobody listens we have to keep going back and beginning all over again."

Andre Gide