UL NO. 453: A Deep-dive on Cyber Jobs

Poll results and discussion around InfoSec hiring, how my projects fit together, Tesla robotaxi already?

SECURITY | AI | PURPOSE
UNSUPERVISED LEARNING is a newsletter about upgrading to thrive in a world full of AI. It’s original ideas, analysis, mental models, frameworks, and tooling to prepare you for the world that’s coming.

TOC

Hey! Hope you’re starting the week off well…

  • Had a really interesting poll / discussion around InfoSec Hiring, and learned a lot from it. CYBER JOBS GAP: POLL / DISCUSSION

  • Wrote a beast of a post explaining how all my various projects fit and work together under a common theme. Now show me yours. HOW MY PROJECTS FIT TOGETHER

  • I was wrong about QR codes, and I’ve captured the mistake in my Telos file. MORE

  • I’m starting to publish formal-ish deductive arguments in the Arguments section of the Substrate project. Here’s the first one: AR-12934—AIs_Are_Capable_of_Understanding MORE

  • I don’t know if it’s the iPhone 16 or iOS18, but this has been the buggiest phone/software update I’ve seen from Apple in at least 5 years. Super sketch. Anyone else?

  • Currently deep-diving on Naval and Charlie Munger. I’m going to put a lot of their stuff in my Telos file under the Beliefs / Models sections so that my AI knows how to think about things when helping me solve problems. NAVALMANAC

Sponsor

Is Foreign Software Running in Your Environment? 

ThreatLocker® is offering a free I.T. security health report to mitigate the risks of shadow I.T., nation-state attacks, and unpatched vulnerabilities.

The free report identifies all network activity, which countries your software is communicating with, and information about all executables.

SECURITY

Attackers are exploiting a critical RCE vulnerability in Zimbra email servers by sending emails that execute commands via the CC field. The attack lets you install a web shell on the server, granting a foothold for future access / pivoting. MORE

Cloudflare just stopped the largest DDoS ever, at 3.8 Tbps. The attack, leveraging a botnet of compromised ASUS routers, worked by overwhelming network bandwidth and CPU cycles, making services inaccessible. MORE

Over 700,000 DrayTek routers are at risk from 14 newly discovered vulnerabilities. MORE

CISA's Vulnerability Disclosure Policy (VDP) platform is getting way more activity, with over 1,000 valid bug disclosures last year, nearly half of which were severe or critical. So much positive comes from this type of relationship with researchers. Great to see. MORE

AI / TECH

Waymo is opening its robotaxi service in Austin, marking its second city after Phoenix to offer rides via the Uber app. This expansion is part of Waymo's partnership with Uber, and the service will cover 37 square miles of the city. And Elon announces robotaxi for Tesla on Thursday! MORE

💡I’m a massive fan of Tesla FSD, but I do have to intervene at least once per hour of driving. I mean it’s REALLY good, but nowhere near as good as a Waymo yet. But maybe that’s what the announcement is—that they’ve updated the software to be way better. If not, I don’t see how they can possibly run a taxi service on it yet.

Waymo and Hyundai have partnered to integrate Waymo's autonomous tech into Hyundai's IONIQ 5 electric SUVs, which will join the Waymo One fleet. MORE

Nvidia just released NVLM 1.0, an open-source AI model that supposedly rivals GPT-4. The NVLM-D-72B model, with its 72 billion parameters, excels in both visual and language tasks, even improving text-only performance after multimodal training. MORE

A Twitter user, Rameerez, shares their experience of moving away from cloud services to save money. MORE

Gmail has new 'summary cards' to help people manage their inbox more efficiently. The cards enable quick actions like tracking packages and checking into flights. MORE

A new HBO documentary is claiming to have identified the elusive creator of Bitcoin. But we’ve heard this before. Multiple times. MORE

Two Harvard students have hacked Meta's Ray-Ban Smart Glasses to include AI-based facial recognition, allowing them to identify strangers in realtime. The demo is completely nuts. They use a camera to scan faces and pull up personal information like names, addresses, and phone numbers from public databases, all within minutes. MORE

John Gruber listened to a 15-minute podcast generated by NotebookLM and found it surprisingly effective, though he said it’s still a bit in the uncanny valley. Similar to the one I released last week. MORE

A teacher talks about why they’re leaving teaching because of the impact of AI tools like ChatGPT. Instead of rating papers, all they’re doing now is seeing if the student even wrote the paper themselves. MORE

HUMANS

Private equity firms have taken over a significant portion of ERs, cutting doctor hours, increasing patient costs, and replacing physicians with less expensive nurse practitioners, all while pushing for faster patient turnover. MORE

💡I’m of two minds on PE. On the one hand, the companies they come into are often already broken, but I’ve also seen them break things that were better before they got there. Either way, this is something you need to be ready for. Basically the two Bobs, but way worse.

Researchers have unveiled the most detailed brain map of a fruit fly, mapping nearly 140,000 neurons and over 54.5 million synapses. Insane to me that 1) we have a full map of an insect’s brain, and 2) that it’s that many neurons and synapses. MORE

The sun just fired off its most powerful solar flare since 2017, an X9.05-class eruption, causing shortwave radio blackouts over Africa and Europe. MORE

There's a new nasal spray under development that could fend off respiratory infections without using drugs. The spray works by creating a protective barrier in the nasal cavity, which could help prevent illnesses like the cold and flu, as well as Covid. It's still in the preclinical stage, but it’s exciting. Not sure how it compares to the Israeli version I use already, which I think is zinc-based. MORE

A new study says money actually does increase happiness, even at higher income levels. MORE

Robin Hanson looks at the deep-rooted influence of status in our society, arguing that it's the primary heuristic we use to determine who to emulate and trust. MORE

Someone looked at Seinfeld’s meditation practice and built their own twice-a-day routine. MORE

IDEAS

The DA / API Data Gap
Super minor AI prediction. In the near future, people will be able to get certified to use (and pay more money for) models that are less nerfed. To remove _______ filter, it’ll require a certain subscription level. To remove __________ filter will require a clearance and a higher level (more expensive) subscription. The difference between a regular person talking to their AI in 2029 while walking down the street, and what they can see and learn and understand about their surroundings…vs. someone paying $38K / month in API access for their DA—will be massive. MORE

Me is a Disease
“Thinking about yourself is the source of all unhappiness.” I love this framing from Naval, and I think it captures well why too much therapy becomes the problem rather than the cure. At some point, therapy becomes rumination rather than looking to solve something and move forward. MORE

DISCOVERY

A really cool CoT “thinking” prompt format designed to emulate what Chain of Thought is doing in o1-preview. GIST

A new service called SoBrief offers a massive collection of 73,530 book summaries in 40 different languages. MORE

The PlugBug is a USB-C charger with Apple's Find My tech built-in. MORE

A platform for buying and selling micro-startups with zero commission fees. MORE

Riley Walz has set up a solar-powered "Bop Spotter" using an old Android phone and Shazam to identify and upload the names of songs playing in the area. MORE

MITRE enhanced their EMB3D Threat Model with new mitigations aimed at helping organizations tackle threats to embedded devices. MORE

Ask HN: Who wants to be hired? (October 2024) — Hacker News’ monthly thread for job seekers. MORE

Diff Text — A straightforward tool for comparing text differences, making it easy to spot changes and edits. MORE

The post looks at the Maker-Taker issue in open source, where "Makers" create software and "Takers" profit without contributing back. MORE

Bellingcat launched a new Online Investigations Toolkit to help open-source researchers find and learn how to use tools for satellite imagery, social media, and more. MORE

Robin Hanson argues that academics often focus on complex methods to impress peers rather than the core task of matching theory to data. MORE

"Nobody Cares About Security" MORE

“I don’t get it. We had all those meetings.” <— Devastating. MORE

RECOMMENDATION OF THE WEEK

Create a 15-word sentence that captures what you’re trying to do with your life.

Just you. Not being a parent or a good husband/wife. Those are all givens.

What are YOU trying to give to the world?

Try to capture that in 15 words.

APHORISM OF THE WEEK

If you think someone has ruined your life, you’re right.
It’s you.

Nietzsche