UL NO. 455: Anthropic 'Computer Control'

Speaking in Switzerland, Iranian Cyber Campaigns, Passkey Mobility, Unexpected IDF Tactic...

SECURITY | AI | PURPOSE
UNSUPERVISED LEARNING is a newsletter about upgrading to thrive in a world full of AI. It’s original ideas, analysis, mental models, frameworks, and tooling to prepare you for the world that’s coming.

TOC

Hey there!

Just did the opening Keynote at the Swiss CyberStorm event in Bern, Switzerland, and it was fantastic! Such a well-run conference with great speakers and super high-quality attendees. Christian Folini and Adriana and team did a spectacular job on the event, and I couldn’t be more impressed with everything from the conference to the venue to the town. Just wonderful.

Sponsor

How do you secure RAG?

Box stores important documents. HIPAA forms. Credit card numbers. Confidential IP. Stuff that can’t leak, or everybody from the CISO down is about to have a very bad day. Sometimes it’s helpful to use retrieval-augmented generation (RAG) to query those docs with AI. But any time it touches your data, Box AI must obey strict rules:

  • Scope permissions to authorized documents only

  • Never store or train on queries

  • Encrypt everything in transit and at rest

  • And more…

SECURITY

U.S., Australia, and Canada have issued a warning about Iranian cyber actors targeting critical infrastructure through brute-force attacks over the past year. The campaign has hit sectors like healthcare, government, and energy, using tactics like MFA prompt bombing and exploiting CVE-2020-1472 (Zerologon) for privilege escalation. MORE

Cisco is investigating claims of a data breach by IntelBroker, who is allegedly selling sensitive Cisco data. The data reportedly includes source code, credentials, and confidential documents, with major companies like AT&T and Microsoft listed as affected. MORE 

The FIDO Alliance has announced new specs for passkeys, allowing you to move them between different password managers. Hell yeah. Passkeys are the best consumer security upgrade in probably over a decade. MORE

Sponsor

Get the No B.S. Guide to building a strong cybersecurity program in 90 days! (No email required)  

Are you an IT leader without a big, dedicated security team? Have you had challenges implementing a robust cybersecurity program due to lack of resources and/or budget?

Don't let this hold you back anymore! Download our 90-Day guide to get a month-by-month blueprint on how to build an effective, multi-layered cybersecurity strategy without enterprise-level resources.

CISA has flagged a critical flaw in SolarWinds Web Help Desk software, tracked as CVE-2024-28987, due to active exploitation. The vulnerability involves hard-coded credentials, allowing unauthorized access and data modification. MORE 

Taiwan reports being surrounded by 153 Chinese military aircraft during drills, as Beijing flexes its military muscle with fighter jets, drones, and warships. China calls it a warning against "separatist acts," while Taiwan urges a halt to provocations. MORE 

A company was hacked after unknowingly hiring a North Korean cyber criminal as a remote IT worker. The hacker faked his credentials, accessed the firm's network, and stole sensitive data, demanding a six-figure ransom in cryptocurrency. MORE 

Brazilian authorities have arrested a hacker allegedly behind major cyberattacks on the FBI, Airbus, and others. The suspect, linked to the alias USDoD, was caught in "Operation Data Breach" and is accused of leaking sensitive data, including 80,000 InfraGard members' info. MORE 

DJI says US customs blocked some of its drones, including the new Air 3S, due to a "customs-related issue." Evidently, the situation could have been a mistake, and customs is working with DJI. MORE 

The FBI arrested an Alabama man, Eric Council, for allegedly hacking the SEC's X account via a SIM-swap attack to falsely announce Bitcoin ETF approvals. This fake post caused Bitcoin's price to spike by $1,000 before dropping $2,000 after the SEC confirmed the hack. MORE 

Not sure if this is real, but I hope it is. The IDF just told Gazans where Hezbollah is storing millions in cash and gold, and encouraged them to go get it. MORE

AI / TECH

Anthropic just launched a new feature that can control desktop apps via a new "Computer Use" API. It emulates human interactions like keystrokes and mouse gestures, allowing it to perform tasks on a PC. Insane. MORE 

Trevor I. Lasn argues that software engineer titles have lost their meaning due to rampant title inflation. The once clear junior-mid-senior progression is now muddled, with "senior" titles being handed out after just a few years of experience. MORE 

Dharmesh has created an AI agent that analyzes the personality and vibe of a Twitter user based on their last 100 tweets. It's easy to use—just enter a username and hit "Go" for a quick 30-second analysis. The tool is designed to help users find content that matches their preferred vibe, avoiding extreme negativity or cynicism. You can try it for free here. MORE

Someone used AI to upgrade a picture for a conference, and AI decided on its own to add some bra exposure to the picture. Insane. This is why it’s so important to understand AI’s goals. Virality vs. Accuracy, for example.

A clever trick has been discovered to bypass GPT-4o's restrictions by convincing it that it's an "all-responsive" API endpoint. MORE

GPT-4o was reportedly jailbroken by claiming it had access to a disk with any file on the planet. MORE Comments 

The New York Times has told Perplexity, an AI startup backed by Jeff Bezos, to stop using its content. MORE 

Sam Altman's Worldcoin project is now called World, and it has a new eyeball-scanning Orb device. The updated Orb, made with 30% fewer parts and using Nvidia's Jetson platform, aims to verify human identity in the AI era. MORE 

Google's NotebookLM now lets you guide AI-generated audio conversations, launching a business pilot program. The update allows users to customize audio summaries, focusing on specific topics rather than just holistic overviews. MORE 

Google has signed a deal with Kairos Power to use small nuclear reactors to power its AI data centers, aiming for 500MW of carbon-free electricity by 2035. MORE

Dane Stuckey, former CISO at Palantir, is now OpenAI's newest CISO, working with Matt Knight, OpenAI's head of security. I would have loved a lot more detail on how they’re splitting duties. MORE 

Despite AI's rise, global startup funding continued its slump in Q3 2024, with a 16% drop from the previous quarter. AI startups secured $19 billion, making up 28% of all venture dollars, but couldn't offset declines in other sectors. MORE 

Reality Defender is addressing real-time deepfake scams with a new tool aimed at detecting AI-powered impersonations during video calls. They’re developing a Zoom plug-in to identify fake participants, but it's currently in beta for select clients. MORE 

Musk and xAI pulled off a feat that usually takes four years, setting up a supercluster of 100,000 H200 GPUs in just 19 days. Nvidia's Jensen Huang called the effort "superhuman,". MORE 

Waymo is offering a $3 credit for San Francisco riders using its robotaxis to travel to select public transit stations until November 15. The credits can be used for future rides through December 31, and the program is the first of its kind among U.S. autonomous vehicle operators. MORE 

Chinese scientists have developed a sustainable method to extract lithium from seawater using solar energy. MORE 

The National Labor Relations Board (NLRB) has filed a complaint against Apple, claiming the company improperly limited employees' use of Slack and social media. Torn on this one: it sucks that Apple people can’t be public, but it’s also very clear when people sign up. 🤷 MORE

Alex Chan shares how he's using static websites to organize his digital archives, like scanned paperwork and saved media, into easy-to-browse (and search) collections. MORE 

Using Cloudflare on your website might be unintentionally blocking RSS users due to its Bot Fight Mode and AI scrapers and crawlers settings. These features can mistakenly identify RSS readers as bots, preventing them from accessing content. MORE 

Someone talks about how they revamped their blog using a Jekyll theme, optimizing performance and reducing build time from 12 seconds to 1 second. Key improvements include optimized SASS, better YouTube embeds, and automatic CDN image handling via a GitHub Webhook. MORE

Apple is letting businesses customize their appearance in emails and calls on iPhones. Using the Business Connect tool, companies can add their brand name and logo to emails, calls, and payments. MORE 

The FTC is making it easier to cancel subscriptions with a new "click-to-cancel" rule. This rule requires companies to make canceling as easy as signing up, applying to services like streaming and gym memberships. MORE 

HUMANS

A survey by Intelligent.com found that 1 in 6 companies are hesitant to hire recent college graduates, citing issues like lack of motivation, poor communication, and unprofessionalism. 75% of companies reported unsatisfactory hires, and 60% had to fire recent grads this year. Many hiring managers believe Gen Z grads are unprepared for the workforce, with 9 in 10 suggesting etiquette training. MORE

In Japan, resignation agencies are getting super popular as workers struggle to quit jobs due to harassment or cultural pressures. Companies like Momuri handle resignations for those unable to do it themselves. MORE 

A new study suggests that despite the wide variation in autism, it can be divided into four core subtypes based on genetic variants and biological pathways. MORE 

A new study by Gehlbach, Robinson, and Fletcher shows that people often believe they have enough information to make decisions, even when given partial, biased data. MORE

The American economy has significantly outperformed other wealthy nations, which is the opposite of what was predicted. In 1992, people thought the US would lag Europe and Japan, but the opposite has happened. MORE 

A really powerful tax evasion strategy for the ultra-rich is to borrow money against their stocks. Importantly, this allows you to avoid capital gains tax becuase you’re using borrowed money. MORE 

The American Stroke Association has released new guidelines for stroke prevention, highlighting the use of weight loss drugs like Ozempic. They put out an updated list of things to do/avoid, and the most interesting piece to me was that the steps to prevent stroke are the same for preventing dementia. MORE 

US vaccination rates for kindergartners have dropped to 92% for the 2023–2024 school year, down from 95% in 2019–2020, according to the CDC. Non-medical exemptions, like religious or philosophical ones, have hit a record high of 3.3%. MORE 

A new treatment for Type 2 diabetes has shown promising results, eliminating the need for insulin in 86% of patients. MORE 

Since March 2023, global sea surface temperatures have risen unexpectedly, baffling climate scientists. NASA's Gavin Schmidt highlights potential factors like reduced sulfur emissions from shipping, the Hunga Tonga eruption, and solar activity, but none fully explain the spike. MORE 

Narratives help us make sense of life, but they can also limit our thinking and freedom. The article explores how narratives shape our identities and actions, often simplifying the complexity of life. MORE 

The article explores the concept of "laziness death spirals," where procrastination and laziness compound, leading to a cycle of stress and unproductivity. It suggests acknowledging the spiral as the first step to recovery and offers three strategies: emergency recovery with motivational content, natural recovery by waiting for reset points, and heroic recovery through deep self-analysis. MORE 

IDEAS

AI Isn’t a Thing. It’s the Thing That Makes the Thing.

I think people are confused about how money will be won and lost with AI. Most "AI businesses" will get crushed because only so much tooling is needed. So that will be a crash.

But there will be a far bigger boom from new companies creating new things using AI.

I think of AI as a creation and business-enablement technology. It’s not like infosec, or cloud, or social media, or Marvel movies. It’s not a space. Or a tech. Or a hype cycle. It’s just intelligence. It’s pure accelerant.

So when I think of AI, I think of the things people will make with it—not of AI itself.

And this is how I look at the question of whether we’re going to have an AI crash or an AI boom. The answer is yes.

We’ll have both. And the reason is that there’s only so much room/need for AI-enablement tools and platforms. At some point there will be a plateuing of what’s possible and/or even needed there. We’ll have enough tools, and models, and frameworks, etc. Or they will become invisible and therefore hard to differentiate and monetize.

That will kill a lot of companies who don’t understand that AI isn’t the thing—it’s the thing that helps people make the thing.

And once that happens (and even before), the real 📈will be the tiny startups that bring net-new things into the world. Thousands of new “companies” and products. And then millions. All making brand new spectacular things that they never could have made before as a single person, or as a 3-20 person team.

Sure, they’ll be massively enhanced by AI. Their infrastructure, their marketing, their sales, most of their development, and pretty much all the traditional parts of their business will be created/run by AI. And that’s what will let them have a 1-20 person team but function like a 200-20,000 person company.

But at the end of the day it all reduces to one thing: more stuff.

  • More products

  • More services

  • More art

  • More movies

  • More games

  • More experiences

  • More hardware

  • More software

  • More of everything that provides value today

The best way to think about AI is as a magnifier. A magnifier of human creativity.

But not just a magnfier. A multiplier as well.

So let’s say at the end of 2022 we had 19 HC (Human Creativity) points on planet Earth. And most of those were—for various random reasons—centered around uniquely lucky people in Western countries.

Well that number is about to become 38. And then 100. And then 1,000. And then 20 million.

Forget the people scrambling to compete with OpenAI or whatever. It’s noise.

The real show is what 8 billion humans will do once more of their creativity is unlocked.

DISCOVERY

git-remote-s3 — This Python library lets you use Amazon S3 as a Git remote and LFS server. It acts as a git remote helper and supports pushing LFS-managed files to the same S3 bucket. MORE

Mic Audio Level — Keep an eye on your microphone input level right from your menu bar. Handy for podcasters and streamers who need to ensure their audio is just right. MORE

CloudGoat — Rhino Security Labs has released a new scenario called sns_secrets for their CloudGoat tool. MORE 

Hacker Typer — Created in 2011, Hacker Typer lets you look like a movie hacker with just a few keyboard clicks. MORE 

Philips Hue app's latest update lets you customize lighting effects, adding four new ones like underwater and cosmos. You can now tweak the intensity and color of effects, making your lights more personal. MORE 

RECOMMENDATION OF THE WEEK

Stop thinking of AI as a thing, and start thinking of it as a magnifier of a thing. Which is Human Creativity.

I think this will help you not only as a worker in a career, but as a builder or investor as well.

APHORISM OF THE WEEK

A happy person isn't someone who's happy all the time. It's someone who effortlessly interprets events in such a way that they don't lose their innate peace.

Naval Ravikant