Google released an open-source scanner for vulnerabilities in project dependencies. It's a front-end to the OSV database that links a dependency list to its vulnerabilities. MORE
The latest updates for Apple software fixed a new zero-day that could be used to hack iPhones. Discovered by a Google TAG researcher, Clément Lecigne, the flaw was a type confusion flaw with Webkit. MORE
NSA says Chinese hackers are actively exploiting the new Citrix zero-day. MORE
Github has enabled secret scanning on all public repositories. MORE
NIST is telling everyone to move off of SHA-1 by 2030. MORE
NSA's cyber director says Russia is attacking the global energy sector. MORE
FBI has seized domains for 48 DDOS-for-hire services. MORE
Marco Rubio is pushing a TikTok ban in Congress. MORE
The IRS leaked the data for 112K taxpayers, again. MORE
Samba has released patches for multiple high-severity issues. MORE
Step One to Zero Trust: Cybersecurity Asset Management
As cybersecurity threats, business models, and workforce dynamics evolve, Zero Trust has become a key part of many organizations’ cybersecurity strategies. After all, a Zero Trust strategy—more risk-driven and context-aware—helps organizations strengthen their security posture and limit their attack surface.
Download “The First Step to Zero Trust: Asset Management for Cybersecurity” now to learn:
Functional areas associated with Zero Trust and technologies that can help
Steps your organization can follow to implement Zero Trust
Why cybersecurity asset management is the first step to Zero Trust
China has banned AI-generated content that doesn't have a watermark. MORE
TikTok is adding landscape videos, which will make it even more of a problem for YouTube and other competitors. MORE
Twitter is shutting down its newsletter platform, Revue, as part of its streamlining and lighting things on fire. MORE
Twitter spent the week in absolute turmoil. It's hard to even capture all the things that happened. It's like 18 months of corporate drama in the span of 7 days. First they (he) banned a bunch of journalists. Then let them back in, saying the bans were temporary. But after banning mentions of many competitor networks, such as Mastodon, Instagram, etc., it appears that the journalists could have been targeted for being critical of Musk. Then to cap it off, Musk ran a poll asking if he should step down as CEO, and the internet said yes. I think this man needs 1) sleep, and 2) an adult to take control before he completely destroys the $44 billion dollar platform he just purchased. MORE
A large number of Gen Z workers evidently experience "tech shame" from not being comfortable with new technologies. MORE
San Francisco has the emptiest downtown in America. MORE
The US copyright office has ruled that AI art cannot be copywrited. MORE
IDEAS & ANALYSIS
AI and Smart Locks
The AI thing reminds me of smart locks. People say smart locks aren't good enough because you can hack them, forgetting that regular locks are trivially bypassed. AI fails a lot, but so do humans. The threshold isn't failure—it's being good enough in enough situations. TWEET
Your Domain is Your Digital Home
Twitter might turn out to be another example of why you should build your personal digital presence off your domain, not a platform. A lot of people have spent tens of thousands of hours getting popular on Twitter. And it can just go away, like Medium or Blogspot. You need to ask yourself: what would happen if platform X went way? If the answer is that you’d be screwed, find ways to make that not true. TWEET
AI Will Have a K-Shaped Impact
I like the concept of "K-shaped" for explaining things. K-shaped economic recoveries, for example, are recoveries where the bottom part of the population suffers or declines, while the top part thrives. This is the answer to the competing narratives about AI. Some say it'll remove millions of jobs and people are super-screwed. Others say it'll augment the creative and help them create even more businesses, and be even more effective in the businesses they have. Yes and yes. Both are true, and neither negates the other. The only question is, "what percentage of people will get left behind by the tech, and what percentage will use it to thrive?" That's the part nobody knows. It's hard to say because 1) we don't know how good the tech will get, and how fast, and 2) we also don't know how well people and society will adapt to finding other work for replaced employees. I'd say that's the part that's guaranteed. Millions, and possibly even billions, will enter what Harari calls the "useless" class, which sounds very judgemental but really just means they won't be able to provide something to the market that an AI or robot can't do better. To the market, not to other humans like family and friends. But not being able to provide something to the market really matters. It's been the source of pride and respect for humans basically forever. This K-shape is something we need to be thinking a lot about. In short, how are we going to help the people on the lower part of the K who can't use AI to thrive?
No, ChatGPT Isn't Just a Stupid Next-Word Completion Machine
As one would expect, there are many people on the internet saying ChatGPT is all—or at least mostly—hype. The argument is that GPT is just a transformer model that haphazardly writes the next word in a sequence, so it's not actually intelligent. This misses the point entirely. Yes, it's technically true that the mechanism used is writing the next word in a sequence, but this completely misses the most impressive advance in the field. Because of the size and quality of the model that ChatGPT uses, it effectively understands what it's completing. Here's an example: "Write a love song from Luke to Leia in the voice of Dylan." And here's the result. Doing this requires that the AI understand 1) forbidden love, 2) that it's forbidden to love your sister that way, 3) that Luke and Leia were from Star Wars (which I never mentioned), 4) the songwriting style of Bob Dylan, and 5) how songs are formed using various pieces to make a whole. So, sure, you can call that "just completing the next word", but you can also say love is "just a bunch of chemicals and hormones". Or that watching a sunrise with your one true love is just "a morning observation of a star appearing over the western horizon". Call it what you want, but anything that can write a Dylan song about Luke's incestuous love for Leia—in 3 seconds—is a goddamn miracle.
I'm extremely pissed at Elon, but I also see that he's struggling, not sleeping, and generally making an ass of himself. Kind of reminds me of Kanye. It doesn't remove my anger at what they've said or done, but it layers it with some degree of compassion for a flailing human. Still thinking through it.
Wonderful book club yesterday. We talked about the book RAM, and had a wonderful member guide us through its teachings through the lens of Indian mythology. That then led to lots of discussion about morality across different cultures. We finished by picking next month's book, which is going to be fantastic!
There won't be a newsletter/podcast next week. It's family and chill time for most people. I hope you have a wonderful holiday break!
⚒️ apk.sh — A Bash script that makes it easier to reverse engineer Android applications. It automates the common tasks of pulling, decoding, rebuilding, and patching an APK. PROJECT | BY AX
🤖 Artificial Intelligence
The more metrics you track, the less you know. MORE
Binance is F*cked MORE
The 2022 Adversary Infrastructure Report MORE
Substack appears to be using tons of code from Ghost. MORE
A Dashboard that shows Covid and MPXV in wastewater in multiple locations. MORE
The Scourge of Job Title Inflation MORE
RECOMMENDATION OF THE WEEK
Take inventory of the platforms you use for your digital identity and "brand"
Realize that all of them can go away, with Twitter as a case in point about volatility
Make sure your core content is all primarily at your domain, with all other platforms being syndication channels
Assume all channels are temporary, and always use your domain as home base
APHORISM OF THE WEEK
"Everything has been said before, but since nobody listens we have to keep going back and beginning all over again."