UL NO. 423: AI is Becoming Like Reading

Google AI Espionage, My macOS UI, Cloudflare AI Firewall, Midnight Blizzard, and more…

Author

Daniel Miessler
March 11, 2024

Unsupervised Learning is a security, AI, and meaning-focused newsletter that looks at how best to thrive as humans in a world that’s changing faster than ever. It combines original ideas and analysis to bring you not just what’s happening—but why it matters, and how to respond.

TOC

Hey there!

So I’m basically a god now because I’m on my whole new tool stack!

  • Kitty replaces Alacritty and iTerm2. MORE

  • zoxide replaces cd. MORE

  • Yabai for macOS window management. MORE

  • SKHD for keyboard shortcuts. MORE

  • sketchybar for a dynamic menu bar. MORE

  • Stow for syncing dotfiles. MORE

I mean this setup is INSANITY. Haven’t felt this hyped for a desktop setup since like 2001. Let’s go!

Also, we updated Fabric with some new goodies:

  • Fabric now supports Claude Opus!
    pbpaste | fabric -p extract_ideas —model claude-3-opus-20240229

  • Added a new Pattern, extract_predictions, which pulls predictions out of content. I’m going to run this against entire bodies of work and then rate people’s predictive skill, similar to Tetlock’s book, Superforecasting.

  • We’re adding model shortcuts soon so you don’t have to put the whole model name.

  • find_hidden_message is now more effective, and gives three different levels of interpretation: cynical, normal, and favorable. MORE

Claude Opus is officially the first thing I’ve seen perform better than GPT-4. I’ve been using it with Fabric’s find_hidden_message Pattern and Opus does significantly better than GPT-4 on nailing nuance in propaganda. I’m still team OpenAI though. Can’t wait for 5!

I’m also just days away from the Threshold product launch! Look out for it!

Ok, let’s do this…

MY WORK

Two new essays this week.

AI is Already Becoming Like Reading

My new short piece on how I’m noticing that AI is becoming just as uninteresting as books, and why that's a problem for the capabilities gap.

danielmiessler.com/p/ai-becoming-reading

AI Is Worse If You Think It's Someone's Fault

I think a lot of stress about AI is caused by framing it as something that we’ve chosen rather than something that’s just naturally happening.

danielmiessler.com/p/ai-second-arrow

SECURITY

A Google engineer was indicted for allegedly stealing AI trade secrets to benefit China. He's accused of taking over 500 files related to Google's AI chips and transferring them to a personal account. MORE

💡This guy lives in my hometown, and that’s where he was arrested. It takes a lot of courage and wisdom to simultaneously realize how bad Chinese Government espionage is without giving in to racism. One answer is really good Insider Threat programs that look at behavior rather than characteristics. But those programs tend to only exist in big companies like Google (which is where he was caught).

🚨 Russian attackers Midnight Blizzard are persistently going after Microsoft, targeting its source code and internal systems. | MORE

🚨 QNAP alerts users to a critical flaw in its NAS devices that could let attackers bypass authentication. | CRITICAL | RESPONSE: Urging immediate updates. | MORE

💡Never, under any circumstances, put a NAS online. Jesus. It’s like the perfect storm of the most critical data with the worst code.

🚨 The US Cybersecurity and Infrastructure Security Agency (CISA) was hacked, forcing two critical systems offline. | HIGH | RESPONSE: Systems taken offline, no operational impact reported. | MORE

Sponsor

🔍Elevate Your Security Game with PlexTrac🔍

Cut pentest reporting time in HALF and go beyond with PlexTrac. Our automated platform empowers you to:

What’s in It for You?

  • ⏱️Faster reporting times.

  • 🤝 Smoother team collaboration.

  • 🎖️Prioritize effectively for high-impact results.

  • 💥Up to 5X ROI - Experience the difference!

Transform Your Security Reporting Today.

Get Your Personalized Demo at:

North Korean spies hacked into South Korean chipmakers, stealing designs to boost their semiconductor industry. They exploited vulnerabilities and used "living off the land" techniques to stay undetected. MORE

A Flipper Zero device was used to break into a Tesla, but it was a bit of a stretch. First, the Flipper Zero didn’t do any special work, and second a lot of things have to go right/wrong for it to work. MORE

Scammers are increasingly using AI to mimic the voices of loved ones in distress, tricking people into sending money. MORE

💡PSA Advice: Let your most vulnerable family and friends know that scammers can now fake voices and everything. And that if something happens they need to stay calm and actually call you, or someone you know, to confirm what’s being said. Scammers do try to do this when they know you can’t reach them, or present other types of urgency, but train them as best you can to resist that.

The U.S. sanctioned individuals and entities behind Predator spyware for targeting Americans. These sanctions freeze their U.S.-based assets and ban transactions with them. MORE

Cloudflare's new "Firewall for AI" aims to protect applications using large language models from security threats. It features Advanced Rate Limiting and Sensitive Data Detection for enterprise customers. MORE

💡Freakin’ Cloudflare. So damn nimble. They seep into all the cracks. I’m telling you they’re slowly becoming the internet. Google gets rid of Gmail and YouTube out of sheer stupidity, Akamai gets bought by Johnson & Johnson and boom! Cloudflare = Internet.

Brian Krebs analyzes Radaris, a data broker that sells American data with ties to Russian services and sanctioned media. MORE

Russia's been caught setting up fake news sites in the U.S., aiming to spread disinformation. These sites, including names like D.C. Weekly and the Miami Chronicle, blend Kremlin propaganda with local news stories. MORE

💡One of the next things I’m going to do with all this AI I’m building is start parsing news sources and rating them for propaganda. I want to find these things early.

China's increasing its defense budget by 7.2% amid economic challenges, signaling a shift from "peaceful reunification" with Taiwan to a more aggressive stance. This more than doubles the military budget under President Xi Jinping's tenure. MORE

TECHNOLOGY

🔥 AIR AI is a cold-calling AI service that you HAVE to hear. Super good. From this demo, 4 sample calls generated over $275,000 in net profit. MORE | NEW VOICE DEMO

Someone has been giving AIs Matrix IQ tests, and Claude-3 just broke 100 (average human level) for the first time. MORE

Apple has quickly shifted from a passive stance to going full speed on AI, making it a core part of their strategy. They have a lot of ground to cover, though, so we’ll see what they release in September. MORE

Apple Podcasts now have auto-generated transcripts. I need to figure out how to pull these programmatically. If anyone knows, let me know. MORE

Research suggests that models can optimize prompts better and faster than humans, making manual prompt engineering potentially obsolete. MORE

💡I think this is likely to be true. But I think people who can think and communicate clearly will maintain a significant advantage.

I don’t see some random person being able to bark idiocy at a model and have it say, “Ah, you were referring to Feynman’s Third Principle…indeed…let us proceed…”

Global trust in AI is waning, with a significant drop from 61% in 2019 to 53% now. In the US, trust has plummeted even more, from 50% to just 35%. MORE

💡This is why I wrote one of this week’s essays. THIS ONE

HUMANS

France just made history by embedding the right to abortion directly into its Constitution. The bill passed with a 780-72 vote during a joint session of Parliament. MORE 

The CFPB has set a new rule capping credit card late fees at $8, which will save consumers around $10 billion annually. MORE

The James Webb Space Telescope just gave us a spectacular deep-field image revealing countless galaxies. This image covers a tiny fraction of the sky, yet it's packed with galaxies. Not stars. Galaxies. MORE | THE BIG RAW IMAGE

💡I have the Hubble version. Now I need to get this one onto a metal print.

A single dose of LSD, MM120, shows promising results in treating generalized anxiety disorder, with a 48% remission rate at 12 weeks. MORE

Sweden officially joined NATO, becoming its 32nd member country. This move integrates Sweden into NATO's collective defense mechanism. MORE

New York has rolled out National Guard troops at key subway stations to curb crime. MORE

SCOTUS ruled unanimously to keep Trump on state ballots, and as much as I dislike him, I think it was the right answer. MORE

💡This attempt was what I call a Brexit Move by the left. You think you want something, and then you get it, and you realize it was a mistake.

You don’t take people you dislike off the ballot. That’s not American. No matter how much you dislike a candidate, if they can legally be elected they deserve to be.

If we don’t like that they can be legally elected, we can fix the country or move. Taking people off the ballot because we don’t like them isn’t a democratic option. And even if you were to get it passed, it would immediately be used against you. See Brexit.

IDEAS & ANALYSIS

I was troubled with Harari’s analysis on Colbert where he basically said we have no idea what to tell people to do in the face of AI right now.

I think we might know better than ever actually. Before we thought we could predict, and we were often wrong. But now we can be sure it involves clear thinking, clear communication, understanding the past, understanding the merits of various arguments, how to disagree, etc.

I don’t fault him too much, though. These things are set up with so little time, and they want sound bites. I just wish he had given more hope instead of saying we have no idea what to teach.

NOTES

I’m feeling myself drawn back to the stoics lately. Got myself a neck light and have been reading Meditations before bed. Such a guaranteed pleaser.

I also have Ryan Holiday’s Stoic calendar (the copy of Meditations is from him too). Highly recommended. RYAN HOLIDAY’S STOIC STORE

We’re doing our mid-month UL meetup on OPTIMIZATION! So I’m going to be talking all about my different desktop and shell stuff I mentioned in the intro. Plus everyone else will share theirs. It’s going to be rad. You should come. SIGN UP FOR UL AND STUFF

This is the fastest and lowest stress newsletter I’ve done in … maybe ever? Ideas and content and flow is just … flowing. Most creative time I’ve ever had in my life, these last few months. AI helps with collection, and that helps a little, but it’s more so that I have so much going on that I have lots to say and lots to share, and I have basically zero creator anxiety. Because I’m not trying to be a creator. I’m making things, and reading things, and enjoying things—and just talking about all of it on Sundays. Huge difference.

DISCOVERY

Obsidian as a graph database for RAG. MORE

Mail-in-the-Middle automates spear phishing by exploiting email typos to intercept sensitive information. | by Felipe Molina | MORE

Junaid Islam outlines a five-step method for cutting cybersecurity budgets without compromising security. MORE

During World War II, America fought against damaging rumors with "rumor clinics" in newspapers and magazines. These clinics debunked lies by fact-checking and publishing the findings, helping to maintain morale and unity. MORE

💡Honestly starting to think we could use something like this.

Julia Evans dives into the surprisingly complex world of Git's HEAD, revealing its multifaceted roles. A Mastodon poll showed only 10% of respondents were 100% confident in their understanding of HEAD. MORE

💡I’m embarrassed by how often I just delete a whole repo and re-download it. I need a git class.

It's getting harder to tell humans from bots, not because bots are getting smarter, but because humans are acting more like bots. MORE

How to start a home lab, by Hayden James. | MORE

Chen's enthusiasm and soft skills landed him a job at Amazon despite technical shortcomings. He says 80% of failures at Amazon are due to soft skill issues, not technical ability. MORE

J.R.R. Tolkien intensely disliked Frank Herbert's Dune, rooted in their fundamentally opposing moral philosophies. Tolkien's deontological stance, emphasizing inherent acts of goodness, starkly contrasts with Herbert's consequentialist view, where the morality of actions is judged by their outcomes. MORE

Someone reminisces about the simpler, less polished writing they used to do. They express a longing for their earlier, unrefined work, feeling it had a charm that their current writing lacks. MORE

Cate Hall shares how anyone can learn to be more agentic, transforming their life by finding and leveraging unique advantages. She emphasizes that traits like agency aren't fixed and can be developed with the right mindset and actions. MORE

RECOMMENDATION OF THE WEEK

Trust your routine. If you spend a lot of time putting together a routine that keeps you feeling good, positive, and energetic, remember that routine when you feel worse.

I always think it must be something else. There’s no way it’s just me not being on my routine, right? Right?

It’s probably not being on your routine.

  • Sleep

  • Sun

  • Exercise

  • Clean food

  • Walking

  • Talk to your friends / family

It’s the basics, and there’s a reason you wrote them down.

APHORISM OF THE WEEK

Choose not to be harmed—and you won’t feel harmed. Don’t feel harmed—and you haven’t been.

Marcus Aurelius

Thank you for reading.

UL is a personal and strange combination of security, tech, AI, and lots of deeply human content. And because it’s so diverse, it’s harder for it to go as viral as something more niche.

So if you know someone weird like us, please share it with them. 🫶 

Yours,