UL NO. 406: OpenAI Launches Custom AIs, Okta's New Breach, EFF's Browser Privacy Checker

Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how best to thrive as humans in a post-AI world. It combines original ideas, analysis, and mental models to bring not just the news—but why it matters, and how to respond.

Hey there!

The thing I’m most excited about this week is OpenAI’s DevDay, which is today (Monday, November 6th). Why am I so excited? Because I’m hoping for big announcements. OPENAI ANNOUNCEMENT

My wishlist:

• OS-Integrated, Standalone AIs: The ability to create a personal digital assistant like I talked about in my book in 2016. So like my recent TARS and Samantha AI configurations, but way better and more integrated in the OS. I want to provide it tons of context about me, and a personality for it like TARS, a custom voice as well, and a list of tools such as browsing, researching, shopping, communicating with people, etc. A deal with Apple to allow me to call it directly from iOS would be brilliant.

• Tool Use Via API: I don’t want to have to use ChatGPT. I want to have all my APIs have access to browsing, researching, shopping, and a thousand other tasks.

• Larger Context Sizes: Ideally like 64-128K, but I’m not holding my breath on this one. They just now starting making 32K available to Plus users. I need more. I need to fit a book in there!

• Dependable Output: A better native way to make output more deterministic/dependable.

• Updated Training Date: An updated training date across the board would be nice, but I think this is harder than it sounds.

If we get any 3 of these I’ll be SUPER happy.

🚨OMG Sunday Night UPDATE! — I was about to go to sleep when I went to ChatGPT and noticed this!

They Launched Custom GPTs Early, Before the Conference!

I’d heard a rumor about something similar, and sure enough!

So they have instructions similar to Custom Instructions, but I no ability to add voices. : (

But look at the capabilities section!

But most exciting is the “Add Actions” button! It looks like you can actually give it specific tools via API definitions!

It doesn’t look like they’re OS-integrated in any way but whatever. I’m sure they’ll keep improving them. Here’s my first one, called Samantha for obvious reasons.

Can’t wait to play with these and see what else they release!

And in the meantime, I hope you’re crushing it, and let’s get into this week’s show…

MY WORK

SECURITY NEWS

Russian attackers breached 632,000 DOJ and Pentagon email addresses via MOVEit, which one of OPM’s vendors was using. MOVEit is rapidly catching up to Solarwinds as the big one in supply chain hacks. MORE

48 countries, including the US, are trying to agree to stop paying ransoms. The idea is like not negotiating with terrorists so they’ll stop taking hostages because nobody will pay. It’s a good idea, but it only works if everyone is doing it. MORE

Some Russian hackers got arrested by the FSB for helping Ukrainian forces by disrupting Russian critical infrastructure targets. These two individuals were taken into custody in different regions of Siberia and are now facing high treason charges that could land them in prison for up to 20 years. MORE | MORE

Okta has reported another security issue, which brings the total for the year to way too many. Nearly 5,000 employees were alerted to a data breach that exposed their personal information, including full names, Social Security Numbers, and health insurance plan numbers. I'm starting to get LastPassy / Mariotty / T-Mobiley vibes. MORE | COMPANY RESPONSE

MITRE's just dropped the 14th version of ATT&CK. v14 covers 760 pieces of software, 143 activity clusters, and 24 campaigns across enterprise, mobile and industrial control systems (ICS). MORE | ORIGINAL ANNOUNCEMENT

Vulnerabilities

• 🪳F5 is warning about active exploitation of a critical security flaw in BIG-IP. | CRITICAL | CVE-2023-46747 | CVSS Score: 9.8 | BLEEPING COMPUTER ANALYSIS | COMPANY RESPONSE | VULNERABILITY DETAILS 

TECHNOLOGY NEWS

Ok, well this is interesting. It’s a concept for a new AI-based OS called Dot, kind of. Honestly it’s just like the personal AIs we talked about above, but it’s way more ambitious because it’s at an OS level. I signed up. MORE

DeepMind's co-founder Shane Legg thinks we've got a 50-50 shot at achieving AGI by 2028. I agree. My timeline is faster, actually. I put it at 60% by 2025, and 90% by 2028. MORE | MY ARGUMENT

Toyota is cutting its electric vehicle (EV) sales forecast by nearly 40%, which is insane. I'm starting to worry that only Tesla is doing well in EVs, which either means everyone gets out and the whole EV thing fails, or Tesla becomes a unicorn snowflake juggernaut because they’re the only game in town. MORE 

Fusus is a camera feed integration technology that can turn any camera in America into a node in a unified surveillance system, and police departments are actively deploying it. This system not only funnels live feeds from usually siloed cameras into one central location, but also has the ability to scan for people wearing certain clothes, carrying a particular bag, or look for a certain vehicle. MORE | COMPANY

Apple confirmed on their earnings call that they’re going heavy into AI. Very happy to hear it, but it seriously better mean an overhaul of Siri. MORE

HUMAN NEWS

Something is causing banks to abruptly close down people’s accounts, often resulting in them not being able to pay bills. It appears related to increased monitoring and enforcement of suspicious transactions. MORE

Researchers at Northwestern found that after a sleepless night, mice became more aggressive, hyperactive, and hypersexual. I’m listening. It basically counteracted depression. I wonder what the tradeoff is since we already know the lack of sleep is categorically bad. MORE

The US only added 150,000 jobs last month, which is almost half of the 297,000 jobs created in September. MORE

Maersk is cutting around 10,000 jobs because there's too much capacity and not enough demand. That seems bad. MORE

Meanwhile, a number of economic markers are trending positive. So are things getting better or worse? It’s sad that we can’t really ask economists because they don’t know either. MORE

IDEAS & ANALYSIS

This is a powerful concept. So here’s the question: who are we not allowed to criticize?

NOTES

I just bought and finished David Brooks’ new book, How to Know a Person. It won an instant spot on my bookshelf. 10/10. I absolutely love every book he’s ever written, and this one is just as good as the others. THE BOOK

Currently working on a major open-source coding project that I’m doing my best not to tell you about before I release it. It’s going to be unspeakably sick. Wait, did I violate the “telling people” rule if I didn’t tell you what it was?

I’m looking for another developer skilled with React and RAG AI stuff. If you know anyone solid, let me know. PING ME

Gmail keeps cutting off our newsletters, and it’s pissing me off. Sorry about that. It’s worth the click to keep going.

DISCOVERY

⚒️ Cover Your Tracks — The EFF tool for testing your browser to see how easy it is to track you. MORE

⚒️ Arsenal — A quick inventory and launcher for pentest commands, making it easier to remember and execute complex commands. | by Orange-Cyberdefense | MORE 

⚒️GSec— A web security scanner and exploitation engine based on custom scanners and Nuclei. TOOL

⚒️ EMBA v1.3.1 — A firmware security analyzer that now includes a firmware diffing mechanism. | by E-M-B-A | MORE | MORE

⚒️ Phind's AI Model — Phind's new AI model is claiming to outperform OpenAI’s GPT-4 at coding, and 5x faster. They're still ironing out some consistency issues, but the speed is evidently impressive. MORE

⚒️PatentPal — PatentPal is an AI tool that helps you create patent documentation. TOOL

💼 LinkedIn's AI Job Hunter — LinkedIn is rolling out an AI-powered "job seeker coach" for premium members, aiming to match job candidates with openings, prep for interviews, and more. MORE

🔍 Docus.ai — This tool allows you to diagnose medical issues quickly with AI and then verify with top human doctors. MORE

🎨 The online creative opposite of TikTok. MORE

📚 Morise AI — This tool reads your videos and generates everything you need for YouTube publishing. MORE

🐦 Postwise — A tool that creates viral Tweets. MORE

Caricatures of Security People MORE

Analyzing Threat Actor Profiles Using Social Media Intelligence MORE

Tesla network traffic. MORE 

Washington D.C. is giving out free AirTags to reduce car thefts. MORE

Cloudflare's R2 is an S3 competitor that charges less per gigabyte of storage and doesn't charge for data egress. MORE 

A cool visual showing the hierarchy of AI Agent capabilities. MORE

Planting milkweed sends an invitation to butterflies. MORE

Transmitting energy from star to star using gravity lenses. MORE

🔥 Change macOS to always match the destination style when pasting. MORE

A blog is a search query to find interesting people. MORE

Quit Your Job MORE

RECOMMENDATION OF THE WEEK

Try adding dedicated quiet time to your life. LIke an hour or so a week to start. This is a regular habit of many very creative people, and I don’t do it enough either. So like…walking, or sitting, but just with your thoughts.

The shower shouldn’t be the only place where thoughts bubble up uncontrollably, and if it is, that probably means you’re not giving your mind enough quiet time.

APHORISM OF THE WEEK

This is one of my top 10 quotes of all time…

Thank you for reading.

UL is a personal and strange combination of security, tech, AI, and lots of deep and human content. And because it’s so diverse, it’s harder for it to go as viral as something more niche.

So if you know someone weird like us, please share it with them. 🫶 

Yours,