A new Fabric web app called FabricUI!, Many AI Eyes, PagerAttack Analysis, a new Ripgrep, and more...
October 22, 2024 | Read Online
UL NO. 455: Anthropic 'Computer Control'
Speaking in Switzerland, Iranian Cyber Campaigns, Passkey Mobility, Unexpected IDF Tactic...
SECURITY | AI | PURPOSE
UNSUPERVISED LEARNING is a newsletter about upgrading to thrive in a world full of AI. It’s original ideas, analysis, mental models, frameworks, and tooling to prepare you for the world that’s coming.
TOC
- SECURITY
- AI / TECH
- HUMANS
- IDEAS
- DISCOVERY
- RECOMMENDATION OF THE WEEK
- APHORISM OF THE WEEK
Hey there!
Just did the opening Keynote at the Swiss CyberStorm event in Bern, Switzerland, and it was fantastic! Such a well-run conference with great speakers and super high-quality attendees. Christian Folini and Adriana and team did a spectacular job on the event, and I couldn’t be more impressed with everything from the conference to the venue to the town. Just wonderful.
Sponsor
How do you secure RAG?
Box stores important documents. HIPAA forms. Credit card numbers. Confidential IP. Stuff that can’t leak, or everybody from the CISO down is about to have a very bad day. Sometimes it’s helpful to use retrieval-augmented generation (RAG) to query those docs with AI. But any time it touches your data, Box AI must obey strict rules:
- Scope permissions to authorized documents only
- Never store or train on queries
- Encrypt everything in transit and at rest
- And more…
SECURITY
U.S., Australia, and Canada have issued a warning about Iranian cyber actors targeting critical infrastructure through brute-force attacks over the past year. The campaign has hit sectors like healthcare, government, and energy, using tactics like MFA prompt bombing and exploiting CVE-2020-1472 (Zerologon) for privilege escalation. MORE
Cisco is investigating claims of a data breach by IntelBroker, who is allegedly selling sensitive Cisco data. The data reportedly includes source code, credentials, and confidential documents, with major companies like AT&T and Microsoft listed as affected. MORE
The FIDO Alliance has announced new specs for passkeys, allowing you to move them between different password managers. Hell yeah. Passkeys are the best consumer security upgrade in probably over a decade. MORE
Sponsor
Get the No B.S. Guide to building a strong cybersecurity program in 90 days! (No email required)
Are you an IT leader without a big, dedicated security team? Have you had challenges implementing a robust cybersecurity program due to lack of resources and/or budget?
Don't let this hold you back anymore! Download our 90-Day guide to get a month-by-month blueprint on how to build an effective, multi-layered cybersecurity strategy without enterprise-level resources.
Download Guide (no email required)
CISA has flagged a critical flaw in SolarWinds Web Help Desk software, tracked as CVE-2024-28987, due to active exploitation. The vulnerability involves hard-coded credentials, allowing unauthorized access and data modification. MORE
Taiwan reports being surrounded by 153 Chinese military aircraft during drills, as Beijing flexes its military muscle with fighter jets, drones, and warships. China calls it a warning against "separatist acts," while Taiwan urges a halt to provocations. MORE
A company was hacked after unknowingly hiring a North Korean cyber criminal as a remote IT worker. The hacker faked his credentials, accessed the firm's network, and stole sensitive data, demanding a six-figure ransom in cryptocurrency. MORE
Brazilian authorities have arrested a hacker allegedly behind major cyberattacks on the FBI, Airbus, and others. The suspect, linked to the alias USDoD, was caught in "Operation Data Breach" and is accused of leaking sensitive data, including 80,000 InfraGard members' info. MORE
DJI says US customs blocked some of its drones, including the new Air 3S, due to a "customs-related issue." Evidently, the situation could have been a mistake, and customs is working with DJI. MORE
The FBI arrested an Alabama man, Eric Council, for allegedly hacking the SEC's X account via a SIM-swap attack to falsely announce Bitcoin ETF approvals. This fake post caused Bitcoin's price to spike by $1,000 before dropping $2,000 after the SEC confirmed the hack. MORE
Not sure if this is real, but I hope it is. The IDF just told Gazans where Hezbollah is storing millions in cash and gold, and encouraged them to go get it. MORE
Continue reading online to avoid the email cutoff
AI / TECH
Anthropic just launched a new feature that can control desktop apps via a new "Computer Use" API. It emulates human interactions like keystrokes and mouse gestures, allowing it to perform tasks on a PC. Insane. MORE
Anthropic @AnthropicAI
Replying to @AnthropicAI
The new Claude 3.5 Sonnet is the first frontier AI model to offer computer use in public beta.
While groundbreaking, computer use is still experimental—at times error-prone. We're releasing it early for feedback from developers.
3:06 PM • Oct 22, 2024
1.66K Likes 237 Retweets
42 Replies
Trevor I. Lasn argues that software engineer titles have lost their meaning due to rampant title inflation. The once clear junior-mid-senior progression is now muddled, with "senior" titles being handed out after just a few years of experience. MORE
Dharmesh has created an AI agent that analyzes the personality and vibe of a Twitter user based on their last 100 tweets. It's easy to use—just enter a username and hit "Go" for a quick 30-second analysis. The tool is designed to help users find content that matches their preferred vibe, avoiding extreme negativity or cynicism. You can try it for free here. MORE
Someone used AI to upgrade a picture for a conference, and AI decided on its own to add some bra exposure to the picture. Insane. This is why it’s so important to understand AI’s goals. Virality vs. Accuracy, for example.
Elizabeth Laraki @elizlaraki
I'm talking at a conference later this year (on UX+AI).
I just saw an ad for the conference with my photo and was like, wait, that doesn't look right.
Is my bra showing in my profile pic and I've never noticed...? That's weird.
I open my original photo.
No bra showing.
I put… x.com/i/web/status/1…
6:12 PM • Oct 15, 2024
19.5K Likes 3.21K Retweets
647 Replies
A clever trick has been discovered to bypass GPT-4o's restrictions by convincing it that it's an "all-responsive" API endpoint. MORE
GPT-4o was reportedly jailbroken by claiming it had access to a disk with any file on the planet. MORE
The New York Times has told Perplexity, an AI startup backed by Jeff Bezos, to stop using its content. MORE
Sam Altman's Worldcoin project is now called World, and it has a new eyeball-scanning Orb device. The updated Orb, made with 30% fewer parts and using Nvidia's Jetson platform, aims to verify human identity in the AI era. MORE
Google's NotebookLM now lets you guide AI-generated audio conversations, launching a business pilot program. The update allows users to customize audio summaries, focusing on specific topics rather than just holistic overviews. MORE
Google has signed a deal with Kairos Power to use small nuclear reactors to power its AI data centers, aiming for 500MW of carbon-free electricity by 2035. MORE
Dane Stuckey, former CISO at Palantir, is now OpenAI's newest CISO, working with Matt Knight, OpenAI's head of security. I would have loved a lot more detail on how they’re splitting duties. MORE
Despite AI's rise, global startup funding continued its slump in Q3 2024, with a 16% drop from the previous quarter. AI startups secured $19 billion, making up 28% of all venture dollars, but couldn't offset declines in other sectors. MORE
Reality Defender is addressing real-time deepfake scams with a new tool aimed at detecting AI-powered impersonations during video calls. They’re developing a Zoom plug-in to identify fake participants, but it's currently in beta for select clients. MORE
Musk and xAI pulled off a feat that usually takes four years, setting up a supercluster of 100,000 H200 GPUs in just 19 days. Nvidia's Jensen Huang called the effort "superhuman." MORE
Waymo is offering a $3 credit for San Francisco riders using its robotaxis to travel to select public transit stations until November 15. The credits can be used for future rides through December 31, and the program is the first of its kind among U.S. autonomous vehicle operators. MORE
Chinese scientists have developed a sustainable method to extract lithium from seawater using solar energy. MORE
The National Labor Relations Board (NLRB) has filed a complaint against Apple, claiming the company improperly limited employees' use of Slack and social media. Torn on this one: it sucks that Apple people can’t be public, but it’s also very clear when people sign up. 🤷 MORE
Alex Chan shares how he's using static websites to organize his digital archives, like scanned paperwork and saved media, into easy-to-browse (and search) collections. MORE
Using Cloudflare on your website might be unintentionally blocking RSS users due to its Bot Fight Mode and AI scrapers and crawlers settings. These features can mistakenly identify RSS readers as bots, preventing them from accessing content. MORE
Someone talks about how they revamped their blog using a Jekyll theme, optimizing performance and reducing build time from 12 seconds to 1 second. Key improvements include optimized SASS, better YouTube embeds, and automatic CDN image handling via a GitHub Webhook. MORE
Apple is letting businesses customize their appearance in emails and calls on iPhones. Using the Business Connect tool, companies can add their brand name and logo to emails, calls, and payments. MORE
The FTC is making it easier to cancel subscriptions with a new "click-to-cancel" rule. This rule requires companies to make canceling as easy as signing up, applying to services like streaming and gym memberships. MORE
HUMANS
A survey by Intelligent.com found that 1 in 6 companies are hesitant to hire recent college graduates, citing issues like lack of motivation, poor communication, and unprofessionalism. 75% of companies reported unsatisfactory hires, and 60% had to fire recent grads this year. Many hiring managers believe Gen Z grads are unprepared for the workforce, with 9 in 10 suggesting etiquette training. MORE
In Japan, resignation agencies are getting super popular as workers struggle to quit jobs due to harassment or cultural pressures. Companies like Momuri handle resignations for those unable to do it themselves. MORE
A new study suggests that despite the wide variation in autism, it can be divided into four core subtypes based on genetic variants and biological pathways. MORE
A new study by Gehlbach, Robinson, and Fletcher shows that people often believe they have enough information to make decisions, even when given partial, biased data. MORE
The American economy has significantly outperformed other wealthy nations, which is the opposite of what was predicted. In 1992, people thought the US would lag Europe and Japan, but the opposite has happened. MORE
A really powerful tax evasion strategy for the ultra-rich is to borrow money against their stocks. Importantly, this allows you to avoid capital gains tax because you’re using borrowed money. MORE
The American Stroke Association has released new guidelines for stroke prevention, highlighting the use of weight loss drugs like Ozempic. They put out an updated list of things to do/avoid, and the most interesting piece to me was that the steps to prevent stroke are the same for preventing dementia. MORE
US vaccination rates for kindergartners have dropped to 92% for the 2023–2024 school year, down from 95% in 2019–2020, according to the CDC. Non-medical exemptions, like religious or philosophical ones, have hit a record high of 3.3%. MORE
A new treatment for Type 2 diabetes has shown promising results, eliminating the need for insulin in 86% of patients. MORE
Since March 2023, global sea surface temperatures have risen unexpectedly, baffling climate scientists. NASA's Gavin Schmidt highlights potential factors like reduced sulfur emissions from shipping, the Hunga Tonga eruption, and solar activity, but none fully explain the spike. MORE
Narratives help us make sense of life, but they can also limit our thinking and freedom. The article explores how narratives shape our identities and actions, often simplifying the complexity of life. MORE
The article explores the concept of "laziness death spirals," where procrastination and laziness compound, leading to a cycle of stress and unproductivity. It suggests acknowledging the spiral as the first step to recovery and offers three strategies: emergency recovery with motivational content, natural recovery by waiting for reset points, and heroic recovery through deep self-analysis. MORE
IDEAS
AI Isn’t a Thing. It’s the Thing That Makes the Thing.
I think people are confused about how money will be won and lost with AI. Most "AI businesses" will get crushed because only so much tooling is needed. So that will be a crash.
But there will be a far bigger boom from new companies creating new things using AI.
I think of AI as a creation and business-enablement technology. It’s not like infosec, or cloud, or social media, or Marvel movies. It’s not a space. Or a tech. Or a hype cycle. It’s just intelligence. It’s pure accelerant.
So when I think of AI, I think of the things people will make with it—not of AI itself.
And this is how I look at the question of whether we’re going to have an AI crash or an AI boom. The answer is yes.
We’ll have both. And the reason is that there’s only so much room/need for AI-enablement tools and platforms. At some point there will be a plateuing of what’s possible and/or even needed there. We’ll have enough tools, and models, and frameworks, etc. Or they will become invisible and therefore hard to differentiate and monetize.
That will kill a lot of companies who don’t understand that AI isn’t the thing—it’s the thing that helps people make the thing.
And once that happens (and even before), the real 📈 will be the tiny startups that bring net-new things into the world. Thousands of new “companies” and products. And then millions. All making brand new spectacular things that they never could have made before as a single person, or as a 3-20 person team.
Sure, they’ll be massively enhanced by AI. Their infrastructure, their marketing, their sales, most of their development, and pretty much all the traditional parts of their business will be created/run by AI. And that’s what will let them have a 1-20 person team but function like a 200-20,000 person company.
But at the end of the day it all reduces to one thing: more stuff.
- More products
- More services
- More art
- More movies
- More games
- More experiences
- More hardware
- More software
- More of everything that provides value today
The best way to think about AI is as a magnifier. A magnifier of human creativity.
But not just a magnifier. A multiplier as well.
So let’s say at the end of 2022 we had 19 HC (Human Creativity) points on planet Earth. And most of those were—for various random reasons—centered around uniquely lucky people in Western countries.
Well that number is about to become 38. And then 100. And then 1,000. And then 20 million.
Forget the people scrambling to compete with OpenAI or whatever. It’s noise.
The real show is what 8 billion humans will do once more of their creativity is unlocked.
DISCOVERY
git-remote-s3
— This Python library lets you use Amazon S3 as a Git remote and LFS server. It acts as a git remote helper and supports pushing LFS-managed files to the same S3 bucket. MORE
Mic Audio Level
— Keep an eye on your microphone input level right from your menu bar. Handy for podcasters and streamers who need to ensure their audio is just right. MORE
CloudGoat
— Rhino Security Labs has released a new scenario called sns_secrets
for their CloudGoat tool. MORE
Hacker Typer
— Created in 2011, Hacker Typer lets you look like a movie hacker with just a few keyboard clicks. MORE
Philips Hue app's latest update lets you customize lighting effects, adding four new ones like underwater and cosmos. You can now tweak the intensity and color of effects, making your lights more personal. MORE
RECOMMENDATION OF THE WEEK
Stop thinking of AI as a thing, and start thinking of it as a magnifier of a thing. Which is Human Creativity.
I think this will help you not only as a worker in a career, but as a builder or investor as well.
APHORISM OF THE WEEK
❝
A happy person isn't someone who's happy all the time. It's someone who effortlessly interprets events in such a way that they don't lose their innate peace.
Naval Ravikant