• Unsupervised Learning
  • Posts
  • UL NO. 443: North Korean Co-workers, UBI Failure?, AI-Groupthink, GPS Spoofing…

UL NO. 443: North Korean Co-workers, UBI Failure?, AI-Groupthink, GPS Spoofing…

Switzerland goes open source, Google keeps cookies, DJI not cancelled, Alzheimer's spray, and more…

Author

Daniel Miessler
July 31, 2024

SECURITY | AI | MEANING :: Unsupervised Learning is my continuous stream of original ideas, story analysis, tooling, and mental models designed to help humans lead successful and meaningful lives in a world full of AI.

TOC

NOTES

Hi!

Here’s what’s up:

  • Gearing up for Vegas. 11 days, assuming I don’t get sick after like 4. 😷 

  • If you see me, please know that I’m shy and awkward like 20-60% of the time. Just say hi anyway. I love people and it’s good training for me for being more extraverted.

  • I watched a number of videos last night about people losing their jobs, starting a YouTube channel, and just generally struggling. And of course as soon as I watched two of these, my whole feed was this.

    So I watched 10 more. It’s very sad.

    People are hurting because they’re feeling the ground shifting under their feet and it’s not clear if it’s their fault, what’s going on, or what to do about it.

    This is why I’m doing what I do now. To help people like I saw in those videos. I subscribed to all of them to boost their numbers, and I’m going to try to reach out to them and send them encouragement.

  • Be kind to people. Everyone’s hurting in some kind of way. Especially right now, and hurt people are often more mean than they normally would be. See: politics.

Kindness is a language which the deaf can hear and the blind can see.

Mark Twain

Ok, let’s get to it…

MY WORK

This my absolute best argument for why AI will have an extraordinary effect on the economy and jobs. Send it to your friends who are still skeptical.

We've Been Thinking About AI All Wrong

AI is just a way to execute Intelligence Tasks that only humans can do.

www.danielmiessler.com/p/weve-been-thinking-about-ai-all-wrong

I created a full video going through our new Substrate project. If you prefer videos to long articles, this is the way.

SECURITY

KnowBe4 accidentally hired a North Korean state actor who tried to install info-stealing malware on their devices. They caught it in time, but it shows how good North Korean hackers are at pretending to be IT staff. | Bill Toulas | MORE

GitHub's repository design flaw allows indefinite access to data from deleted and private repositories, known as Cross Fork Object Reference (CFOR). | by @TruffleSecurity | MORE

A plane’s GPS was jammed on a commercial transatlantic route for the first time, raising fears that thousands of other flights could be at risk of deliberate hacking. The incident happened on a flight from Madrid to Toronto and is suspected to be a targeted attack rather than accidental interference. | MORE

Sponsor

Remove Barriers to AI Innovation with Tines

When it comes to implementing AI, privacy and security concerns make things complicated. It doesn’t help that many AI tools demo well but fall short in real-world deployment, complicating vendor due diligence.

AI in Tines was designed to address your security team’s valid concerns around data privacy, security, and usability, and help you overcome the challenges of inflexible technologies.

Tines makes workflow automation and AI accessible to any member of your team, while supporting your AI guardrails. You’re in control - you decide when and how your workflows interact with AI.

The result: a scalable automation program that drives innovation, and frees up resources to spend on mission-critical, strategic work.

There's been a 400% increase in GPS spoofing incidents, affecting around 900 flights daily. This spike is causing major safety concerns, especially with systems like EGPWS becoming unreliable. A new workgroup has been set up to address these issues and find solutions. | MORE

France's high-speed rail traffic got disrupted due to what officials are calling 'malicious acts' just before the Olympic ceremony. | MORE

Sponsor

Discover, secure and govern genAI use

Nudge Security has discovered over 500 unique genAI apps in customer environments to date, without the need for any prior knowledge of an app’s existence.

Within minutes of starting a free trial, you’ll have a full inventory of all genAI apps in use (along with every other SaaS app) and security profiles for each provider to quickly vet new or unfamiliar tools.

Google has decided not to phase out third-party cookies in Chrome and will instead offer users more control over how these cookies are used. This move comes after realizing the significant impact on publishers and advertisers. | by Lawrence Abrams | MORE

💡I’m shocked that this company that makes most of its money on advertising—and is bad at rolling out products—cancelled a thing that’s 1) really difficult to do, and 2) would negatively affect advertisers.

An evaluation of Amazon GuardDuty reveals limited coverage and high costs, with significant latency in detecting attacks like S3 ransomware. | by Tracebit | MORE

Google's reCAPTCHA is showing its age and is harvesting user information and labor worth billions while being almost universally disliked and vulnerable to bots. Cloudflare has an alternative, but I’m not sure it’s good enough to fully replace. MORE

The Senate unanimously passed the DEFIANCE Act, letting victims of nonconsensual intimate images created by AI sue their creators for damages. Victims can get up to $150,000, or $250,000 if linked to sexual assault, stalking, or harassment. | by Lauren Feiner | MORE

The U.S. Commerce Department says shipments of high-performance processors from China and Hong Kong to Russia have dropped by 20%, but Hong Kong is still a key hub for smuggling critical components. Despite the decrease, nearly $2 billion worth of goods were shipped from Hong Kong to Russia in late 2023. MORE

AI / TECH

Wiz turned down a $23 billion acquisition offer from Alphabet and is instead aiming for an IPO. Completely baller move. My thoughts are that they knew they could get more money and they knew that going to Google was basically a move to The Graveyard. MORE

AI is replacing jobs in the video game industry, with major companies like Activision using generative AI tools for concept art. This has led to significant layoffs, with an estimated 10,500 people losing their jobs in 2023 and even more this year. | by Brian Merchant | MORE

A new study shows that while generative AI like ChatGPT makes individual stories more creative and engaging, it also makes them more similar to each other. | by Ben Dickson | MORE

💡I’ve heard a lot of supposed risks from AI, but this one sounds pretty realistic. We’ll need to engineer in mechanisms for exposure to alternative frames, models, and viewpoints to avoid people consolidating and following an AI-powered groupthink on various topics.

And avoiding sentences that are too long.

Switzerland has passed a law requiring all public sector agencies to use open-source software and open-source any code they develop. This move aims to reduce vendor lock-in, foster innovation, and save taxpayer money. | by Dr. Matthias Stürmer | MORE

💡I generally love this. But two things:

  1. Open doesn’t mean secure by itself, without other effort. We’ve seen that multiple times now.

  2. Support has always been an issue for OSS, so they’ll still need to train staff and/or hire companies to maintain the stuff.

Gumloop is a super-slick platform for automating AI workflows. They raised a $3.1M Seed round led by First Round Capital with participation from YC and co-founders at Instacart, Dropbox, and Airtable. MORE

Alphabet is putting another $5 billion into Waymo to push forward its self-driving tech. This investment aims to solidify Waymo's position as a leader in autonomous driving. | by Jonathan M. Gitlin | MORE

💡It’s looking a lot like Waymo vs. Tesla for self-driving taxis. But the approaches are very different. Waymo needs a LOT of time in a city before it’s ready to go, and Tesla is taking the Elon approach of shooting for the moon (Mars?) with tech that may or may not be possible yet.

For example: Elon said full self-driving was pretty easy and would be solved years ago, but it’s 2024 and it’s just now getting good.

Joe Procopio argues that tech companies are struggling to find good employees because they focus too much on credentials and not enough on skills. He suggests that companies should prioritize practical experience and problem-solving abilities over degrees and certifications. | by Joe Procopio | MORE

💡It’ll take a while, but this is precisely the shift that’s happening. And yeah—AI will force the issue.

ASTRA Scores: AI-Powered Assessment and Rating Systems

With AI, hiring, dating, and learning is about to get very strange

danielmiessler.com/p/astra-scores-aipowered-assessment-rating-systems

Apple just launched a beta version of Apple Maps for the web. This means you can now use Apple Maps directly from your browser without needing an iPhone or Mac. | MORE

HUMANS

The Wall Street Journal explores why the U.S. birthrate is declining, citing economic uncertainty, career priorities, and lifestyle choices as key factors. MORE

The idea that Universal Basic Income (UBI) reduces the need to work isn't new, but recent studies show it doesn't lead to better jobs or more education. Instead, people just work less. | by Alex Howlett | MORE

💡I think the issue is that certain people will spend free time and money to better themselves, and certain people won’t. And it’s not clear what that distinction is or how to nurture it.

But the way forward starts with trying to isolate the behavior and its cause, rather than believing in fairytales like “giving away free money will make everyone ambitious”.

This reminds me of a very similar lesson I learned when hiring in cybersecurity over 20 years: exposing people to training and encouragement makes the stars stand out, but it doesn’t turn everyone into stars.

Southwest is ditching its open seating policy after 50 years to boost profits and meet customer preferences. They found that 80% of their fliers prefer assigned seats, and they plan to charge more for premium options like extra legroom. | by Cassandra Cassidy | MORE

The Senate's version of the 2025 NDAA doesn't include the 'Countering CCP Drones Act,' which would have banned DJI drone sales in the U.S. This decision came after opposition from over 6,000 public safety agencies and hundreds of thousands of drone pilots. | MORE

💡I’m happy-sad about this. I love DJI drones, but I feel like we need to go without them to instill enough hurt to inspire a friendly competitor.

Nearly 40% of Americans are stressed about making ends meet, up from 28% in 2021. This is similar to Great Recession numbers. | by Matt Egan | MORE

US Economic Growth Hits 2.8% — The U.S. economy grew at a 2.8% annual rate last quarter, driven by consumer and business spending despite high interest rates. MORE

Weight-loss drugs like Ozempic, Mounjaro, and Wegovy are causing people to spend less on groceries and choose healthier options. A new study shows that users buy 52% less snacks and confectionery, 47% less baked goods, and 28% less sugary drinks. | by NY Post | MORE

A new antibiotic from the University of Illinois Chicago disrupts two different cellular targets, making it 100 million times harder for bacteria to evolve resistance. | by University of Illinois Chicago | MORE

One dose of a new nasal spray treatment clears toxic tau proteins from brain cells, improving memory. | by UTMB | MORE

Remember: the bigger the finding the more you should wait for supporting studies. In my mind this stuff isn’t completely real until the drug is available to normal people after being tested rigorously. 

Still, very exciting.

Liberals and conservatives are both prone to conspiracy theories; they just prefer different ones. That’s the conclusion of a recent paper by Adam Enders and colleagues, looking at the relationship between conspiracy theories and political orientation. | by Steve Stewart-Williams | MORE

Henrik Karlsson talks about how generating interesting ideas is like building a muscle. He says that the more you write and think deeply, the better you get at coming up with new and meaningful thoughts. | by Henrik Karlsson | MORE

IDEAS

Zuckerberg is arguing that China is going to steal weights anyway, and there’s no way to stop that, so we might as well develop advanced AI as open-source.🧵

DISCOVERY

SearchGPT — OpenAI just announced SearchGPT, a new tool that integrates search capabilities directly into ChatGPT. It’s still wait-listed tho. | by OpenAI | MORE

I Use Obsidian — Jason Heppler shares how he uses Obsidian for note-taking and knowledge management. He dives into his workflow, plugins, and tips for getting the most out of the tool. | by Jason Heppler | MORE

In the Beginning Was the Command Line — Neal Stephenson's classic essay on operating systems and the cultural implications of technology. It's a deep dive into how we interact with computers and why it matters. | MORE

My Obsidian Note-Taking Workflow — This article dives into the author's detailed workflow for using Obsidian for note-taking, including why they chose Obsidian, how they use Markdown and Vim motions, and the essential plugins that enhance their productivity. | by Simon Späti | MORE

Bash-Oneliners — A collection of terminal tricks for Linux. | by Bonnie I-Man Ng | MORE

DataChain: Unstructured data management for AI projects, reimagined — Iterative's new open-source tool lets you simplify AI projects and scale unstructured data management. | by Iterative | MORE

Llama agent stack — Meta has released an example system for using its Llama models as agents to perform a variety of tasks. | by Meta | MORE

Open-World Exploration in Minecraft — Odyssey is a new framework that equips large language model-based agents with advanced skills for exploring Minecraft. | by ZJU VIPA Lab | MORE

Claude Engineer — An advanced CLI that uses Anthropic's Claude 3 and 3.5 models to assist with software development tasks. | by Pietro Schirano | MORE

Lakera — A low-latency AI application firewall that secures traffic into and out of generative AI applications. | by Lakera | MORE

GPT4-Captcha-bypass — A CLI tool using OpenAI GPT-4 to solve various types of captchas including puzzle, text, and reCAPTCHA. | by Yunus Aydin  | MORE

FlowAnalyzer — A tool for understanding OAuth 2.0 Grants/Flows with support for OIDC and JWTs. | by Manuel Berrueta | MORE

Bash Simple Curses — A simple Bash library to create terminal interfaces. | by metal3d | MORE

RECOMMENDATION OF THE WEEK

I’m going to try to do something for the next several months. I kind of do this all the time already, but I’m going to emphasize it going into election time.

  • When someone labels me as super-liberal, I’m going to say something nice about their conservative views. I’m going to humanize them.

  • When someone labels me as super-conservative, I’m going to say something nice about their liberal views. I’m going to humanize them.

Try it, and see if it opens the conversation at all.

I learned how to do this years ago from Jonathan Haidt’s book, The Righteous Mind.

APHORISM OF THE WEEK

The highest form of knowledge is empathy.

Bill Bullard