- Unsupervised Learning
- Posts
- UL NO. 406: OpenAI Launches Custom AIs, Okta's New Breach, EFF's Browser Privacy Checker
UL NO. 406: OpenAI Launches Custom AIs, Okta's New Breach, EFF's Browser Privacy Checker
DOJ and Pentagon emails hacked by Russians, OpenAI's DevDay announcements, when DeepMind thinks we'll see AGI, and more…
Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how best to thrive as humans in a post-AI world. It combines original ideas, analysis, and mental models to bring not just the news—but why it matters, and how to respond.
Hey there!
The thing I’m most excited about this week is OpenAI’s DevDay, which is today (Monday, November 6th). Why am I so excited? Because I’m hoping for big announcements. OPENAI ANNOUNCEMENT
My wishlist:
OS-Integrated, Standalone AIs: The ability to create a personal digital assistant like I talked about in my book in 2016. So like my recent TARS and Samantha AI configurations, but way better and more integrated in the OS. I want to provide it tons of context about me, and a personality for it like TARS, a custom voice as well, and a list of tools such as browsing, researching, shopping, communicating with people, etc. A deal with Apple to allow me to call it directly from iOS would be brilliant.
The most visible and significant role that Synthetic Intelligence will play in the near future will be serving as the interface between humans and the world.
To clarify, I don't mean the ever-promised, conscious, and self-improving brand of SI that so much science fiction is based on. The SI I'm referring to I define as:
A computer system that can monitor human context, intentions, and commands, interpret them, and then take action as well as or better than a (human) professional personal assistant.
Whether this comes from extraordinary breakthroughs that result in true SI (however you define that), or a mere combination of clever tricks that can emulate it, matters little.
Tool Use Via API: I don’t want to have to use ChatGPT. I want to have all my APIs have access to browsing, researching, shopping, and a thousand other tasks.
Larger Context Sizes: Ideally like 64-128K, but I’m not holding my breath on this one. They just now starting making 32K available to Plus users. I need more. I need to fit a book in there!
Dependable Output: A better native way to make output more deterministic/dependable.
Updated Training Date: An updated training date across the board would be nice, but I think this is harder than it sounds.
If we get any 3 of these I’ll be SUPER happy.
🚨OMG Sunday Night UPDATE! — I was about to go to sleep when I went to ChatGPT and noticed this!
I’d heard a rumor about something similar, and sure enough!
So they have instructions similar to Custom Instructions, but I no ability to add voices. : (
But look at the capabilities section!
But most exciting is the “Add Actions” button! It looks like you can actually give it specific tools via API definitions!
It doesn’t look like they’re OS-integrated in any way but whatever. I’m sure they’ll keep improving them. Here’s my first one, called Samantha for obvious reasons.
Can’t wait to play with these and see what else they release!
And in the meantime, I hope you’re crushing it, and let’s get into this week’s show…
MY WORK
SECURITY NEWS
Russian attackers breached 632,000 DOJ and Pentagon email addresses via MOVEit, which one of OPM’s vendors was using. MOVEit is rapidly catching up to Solarwinds as the big one in supply chain hacks. MORE
48 countries, including the US, are trying to agree to stop paying ransoms. The idea is like not negotiating with terrorists so they’ll stop taking hostages because nobody will pay. It’s a good idea, but it only works if everyone is doing it. MORE
Some Russian hackers got arrested by the FSB for helping Ukrainian forces by disrupting Russian critical infrastructure targets. These two individuals were taken into custody in different regions of Siberia and are now facing high treason charges that could land them in prison for up to 20 years. MORE | MORE
Sponsor
Drowning in the Sea of Zero Trust Implementation with Okta?
Drowning in the sea of Zero Trust implementation with Okta?
Don't fret, you're not alone.
The shallow device hygiene and telemetry signals often leave users blocked, sending them straight to IT for help. This results in a mountain of support tickets, creating an overwhelming IT bottleneck.
But there's a solution - Kolide Device Trust. It integrates seamlessly with Okta, providing real-time device posture that goes beyond checkbox compliance. And the best part? It empowers users with contextual instructions to resolve issues independently. Say goodbye to the IT bottleneck and hello to Device Trust done right.
Intrigued? Dive into the future of device trust.
Okta has reported another security issue, which brings the total for the year to way too many. Nearly 5,000 employees were alerted to a data breach that exposed their personal information, including full names, Social Security Numbers, and health insurance plan numbers. I'm starting to get LastPassy / Mariotty / T-Mobiley vibes. MORE | COMPANY RESPONSE
MITRE's just dropped the 14th version of ATT&CK. v14 covers 760 pieces of software, 143 activity clusters, and 24 campaigns across enterprise, mobile and industrial control systems (ICS). MORE | ORIGINAL ANNOUNCEMENT
Sponsor
CISOs Are Confidently Incorrect About SaaS Security Maturity
Think your SaaS security is top-notch? We surveyed over 600 global security practitioners and many thought the same.
Yet 79% experienced SaaS security breaches and incidents in the past year.
Learn the latest trends and findings in the AppOmni SSPM 2023 Report.
Vulnerabilities
🪳F5 is warning about active exploitation of a critical security flaw in BIG-IP. | CRITICAL | CVE-2023-46747 | CVSS Score: 9.8 | BLEEPING COMPUTER ANALYSIS | COMPANY RESPONSE | VULNERABILITY DETAILS
TECHNOLOGY NEWS
Ok, well this is interesting. It’s a concept for a new AI-based OS called Dot, kind of. Honestly it’s just like the personal AIs we talked about above, but it’s way more ambitious because it’s at an OS level. I signed up. MORE
DeepMind's co-founder Shane Legg thinks we've got a 50-50 shot at achieving AGI by 2028. I agree. My timeline is faster, actually. I put it at 60% by 2025, and 90% by 2028. MORE | MY ARGUMENT
Toyota is cutting its electric vehicle (EV) sales forecast by nearly 40%, which is insane. I'm starting to worry that only Tesla is doing well in EVs, which either means everyone gets out and the whole EV thing fails, or Tesla becomes a unicorn snowflake juggernaut because they’re the only game in town. MORE
Fusus is a camera feed integration technology that can turn any camera in America into a node in a unified surveillance system, and police departments are actively deploying it. This system not only funnels live feeds from usually siloed cameras into one central location, but also has the ability to scan for people wearing certain clothes, carrying a particular bag, or look for a certain vehicle. MORE | COMPANY
Apple confirmed on their earnings call that they’re going heavy into AI. Very happy to hear it, but it seriously better mean an overhaul of Siri. MORE
HUMAN NEWS
Something is causing banks to abruptly close down people’s accounts, often resulting in them not being able to pay bills. It appears related to increased monitoring and enforcement of suspicious transactions. MORE
Researchers at Northwestern found that after a sleepless night, mice became more aggressive, hyperactive, and hypersexual. I’m listening. It basically counteracted depression. I wonder what the tradeoff is since we already know the lack of sleep is categorically bad. MORE
The US only added 150,000 jobs last month, which is almost half of the 297,000 jobs created in September. MORE
Maersk is cutting around 10,000 jobs because there's too much capacity and not enough demand. That seems bad. MORE
Meanwhile, a number of economic markers are trending positive. So are things getting better or worse? It’s sad that we can’t really ask economists because they don’t know either. MORE
IDEAS & ANALYSIS
To find out who rules over you, simply determine who you’re not allowed to criticize.
This is a powerful concept. So here’s the question: who are we not allowed to criticize?
NOTES
I just bought and finished David Brooks’ new book, How to Know a Person. It won an instant spot on my bookshelf. 10/10. I absolutely love every book he’s ever written, and this one is just as good as the others. THE BOOK
Currently working on a major open-source coding project that I’m doing my best not to tell you about before I release it. It’s going to be unspeakably sick. Wait, did I violate the “telling people” rule if I didn’t tell you what it was?
I’m looking for another developer skilled with React and RAG AI stuff. If you know anyone solid, let me know. PING ME
Gmail keeps cutting off our newsletters, and it’s pissing me off. Sorry about that. It’s worth the click to keep going.
DISCOVERY
⚒️ Cover Your Tracks — The EFF tool for testing your browser to see how easy it is to track you. MORE
⚒️ Arsenal — A quick inventory and launcher for pentest commands, making it easier to remember and execute complex commands. | by Orange-Cyberdefense | MORE
⚒️GSec— A web security scanner and exploitation engine based on custom scanners and Nuclei. TOOL
⚒️ EMBA v1.3.1 — A firmware security analyzer that now includes a firmware diffing mechanism. | by E-M-B-A | MORE | MORE
⚒️ Phind's AI Model — Phind's new AI model is claiming to outperform OpenAI’s GPT-4 at coding, and 5x faster. They're still ironing out some consistency issues, but the speed is evidently impressive. MORE
⚒️PatentPal — PatentPal is an AI tool that helps you create patent documentation. TOOL
💼 LinkedIn's AI Job Hunter — LinkedIn is rolling out an AI-powered "job seeker coach" for premium members, aiming to match job candidates with openings, prep for interviews, and more. MORE
🔍 Docus.ai — This tool allows you to diagnose medical issues quickly with AI and then verify with top human doctors. MORE
🎨 The online creative opposite of TikTok. MORE
📚 Morise AI — This tool reads your videos and generates everything you need for YouTube publishing. MORE
🐦 Postwise — A tool that creates viral Tweets. MORE
Caricatures of Security People MORE
Analyzing Threat Actor Profiles Using Social Media Intelligence MORE
Tesla network traffic. MORE
Washington D.C. is giving out free AirTags to reduce car thefts. MORE
Cloudflare's R2 is an S3 competitor that charges less per gigabyte of storage and doesn't charge for data egress. MORE
A cool visual showing the hierarchy of AI Agent capabilities. MORE
Planting milkweed sends an invitation to butterflies. MORE
Transmitting energy from star to star using gravity lenses. MORE
🔥 Change macOS to always match the destination style when pasting. MORE
A blog is a search query to find interesting people. MORE
Quit Your Job MORE
RECOMMENDATION OF THE WEEK
Try adding dedicated quiet time to your life. LIke an hour or so a week to start. This is a regular habit of many very creative people, and I don’t do it enough either. So like…walking, or sitting, but just with your thoughts.
The shower shouldn’t be the only place where thoughts bubble up uncontrollably, and if it is, that probably means you’re not giving your mind enough quiet time.
APHORISM OF THE WEEK
This is one of my top 10 quotes of all time…
To avoid criticism, do nothing, say nothing, be nothing.
Thank you for reading.
UL is a personal and strange combination of security, tech, AI, and lots of deep and human content. And because it’s so diverse, it’s harder for it to go as viral as something more niche.
So if you know someone weird like us, please share it with them. 🫶
Yours,