• Unsupervised Learning
  • Posts
  • UL NO. 401: Sony hit again?, Taiwan Disinformation, Corporations Demand Hardcore Workers, and GPTVision Examples…

UL NO. 401: Sony hit again?, Taiwan Disinformation, Corporations Demand Hardcore Workers, and GPTVision Examples…

We also look at Lex's first meaningful conversation in the metaverse, fixing Science, and TikTok's impact on reading

Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how best to thrive as humans in a post-AI world. It combines original ideas, analysis, and mental models to bring not just the news, but why it matters and how to respond.

Hey there!

Welcome to the week.

These days I get most AI-excited about Agents and Multi-modal, which is where AI can do its karate on more than just text.

The latest example of this is OpenAI adding vision support, meaning you can upload photos and ask AI questions about them or ask it to do something from them. I’ve seen a bunch of these threads, but this one is 🔥.

  • Code a SaaS dashboard based on a mockup

  • Write a product spec from a diagram

  • AI teaches a 9th grader how human cells work from a picture

  • Stacked parking signs translated into when you can park

  • Deep analysis of a complex comic strip

  • Analysis of the busiest Pentagon PowerPoint slide you’ve ever seen

  • See examples…

I can’t wait to see all the full applications people build based on this once it’s available as an API!

Meanwhile, I want you to slay the week, starting with this week’s show. Let’s go.

MY WORK

Companies Only Want Hardcore Workers
My new piece on how managers are finding creative ways to filter out all but the most dedicated and least likely to complain. READ THE ESSAY

⏰ If you’re on TikTok, add me and click buttons and stuff.

🎙️ Subscribe to the Podcast
I’ve moved podcast ads to the front of the podcast so that you’ll no longer be interrupted once the content starts! ADD UL TO YOUR CLIENT

SECURITY NEWS

Sony Hit Again?
Ransomware group RansomedVC claims to have compromised “all” of Sony's computer systems and plans to sell (rather than ransom) the stolen data. Sony says, “We are currently investigating the situation, and we have no further comment at this time.” Sounds bad. Curious why they want to sell vs. ransom the data. Why not all of the above? MALWAREBYTES 

Chrome Zero-Day Upgrade 
Turns out, the Chrome zero-day that Google patched recently isn't in Chrome at all, but in the libwebp library used for encoding/decoding WebP images. And it’s now a CVE and a 10 on the Richter scale. Think log4j, and patch. OODALOOP 

Taiwan's Disinformation Crisis 
China is flooding Taiwan with disinformation, creating a "US skepticism" narrative ahead of the upcoming presidential election. A recent study by the Information Environment Research Centre found that Chinese actors were helping to spread most of these narratives, but more than half appeared to have Taiwanese origins. ECONOMIST

Vulnerabilities:

  • Exim Zero-Day Vulnerabilities 
    A critical zero-day vulnerability in Exim mail transfer agent software could let attackers gain remote code execution on exposed servers. There are multiple issues, actaully. Patch for sure. BLEEPINGCOMPUTER 

  • Apache NiFi Vulnerability 
    The vulnerability, tracked as CVE-2023-34468 with a CVSS score of 8.8, impacts NiFi versions 0.0.2 through 1.21.0 and was addressed in NiFi version 1.22.0. SECURITYWEEK

Sponsor

Don’t Let Emails Lead To Blackmail

📰You might be one click away from making headlines. And not for the right reasons.

🐟From phishing and ransomware to credential theft and zero-day attacks, hackers have many tools in their arsenal to launch attacks. A lack of cybersecurity could put your employees and business at risk.

Mimecast has the industry’s best threat detection. We use AI to scan over a billion emails daily, with built-in prompts to catch the most common threats. It also has the ability to identify newer threats and stop them from doing any damage.

Bard's AI Cross-pollination
What’s the worst thing that can come from having an AI bot with the same company as a search engine? Yeah, your queries in search results. And that’s exactly what’s happening with Bard → Google. MALWAREBYTES 

Chinese Firmware Replacement 
A Chinese state-linked group, BlackTech, has been replacing Cisco device firmware with a malicious version, allowing them to move from smaller international subsidiaries to the headquarters of the targeted organizations. OODALOOP 

NSA's AI Security Center 
The National Security Agency (NSA) is launching an artificial intelligence (AI) security center to protect and integrate AI capabilities into U.S. defense and intelligence systems. The mission is to safeguard the U.S. defense-industrial base against (mostly) China and Russia. SECURITYWEEK 

Sponsor

Revolutionize Your Security Program with Vanta’s Top-Tier Compliance Automation

💸 Save not just time, but up to a whopping 85% of costs!

⌛ Join Vanta's global network of 5,000+ customers who have slashed over 300 hours of manual work for SOC 2, ISO 27001, HIPAA, GDPR, and more.

🕸️ Vanta's 200+ integrations let you effortlessly monitor and secure your essential business tools. From hot-ticket frameworks to third-party risk management and security questionnaires, we offer a one-stop solution for SaaS businesses to manage risk and demonstrate security in real-time.

Exclusive for the Unsupervised Learning community: Claim your $1000 discount at Vanta.com/Unsupervised. Act now, secure your business, and save big!

Deepfake Threats Rising 
The NSA, FBI, and CISA have released a Cybersecurity Information Sheet highlighting the growing threat of synthetic media, like deepfakes. Between 2021 and 2022, these agencies collaborated to establish best practices in response to the increasing threat. CISA 

Dual Ransomware Attacks 
The FBI is warning about a new trend of dual ransomware attacks, where cybercriminals deploy two different ransomware variants against the same victim. THEHACKERNEWS 

GPTBot Blockade 
Many popular websites are blocking OpenAI’s web crawler, with at least 26 of the top 100 and 242 of the top 1,000 now doing so. SEARCHENGINELAND 

TECHNOLOGY NEWS

Lex + Mark Insane Virtual Podcast
Lex had Mark Zuckerberg on the podcast last week and they did the entire session remotely with lifelike video. It was completely insane. Lex was freaking out the whole time over how real it was. Super exciting, but the downside is that they needed to spend hours in a specialized lab to get that accurate of a scan. But the headsets were current-generation gear. THE PODCAST | MY TWEET ABOUT IT

Hardcore or Leave 
Grindr and Zoom are now insisting on in-person work. Grindr has already let go of 82 out of its 178 employees for refusing to comply with its return-to-office mandate. Repeat after me: companies are realizing they only want hardcore workers, not casuals. They consider this level of attrition to be a good thing, because the people that stay are the all-in types. BBC

Meta's Smart Glasses 
Zuckerberg has stopped saying “Metaverse’, but he’s not given up on the vision. His latest attempt are Smart Raybans which can discreetly take photos and capture videos, and they’ve been upgraded to 12-megapixel ultrawide cameras. THEVERGE

AI Training Controversy 
Meta, Bloomberg, and others have been using a data set of over 191,000 pirated books, known as "Books3", to train their generative AI systems without permission. THEATLANTIC 

AI vs. Hollywood 
The Writers Guild of America (WGA) has established regulations for the use of artificial intelligence (AI) in their projects. AI can't write or rewrite literary material, and AI-generated material can't be used to undermine a writer's credit or separated rights. WGACONTRACT2023 

Musk's Brain Bandwidth 
Elon Musk's Neuralink is looking for its first volunteer to receive the "N1", an implant with 1,024 electrodes that can listen in on brain neurons. Super exciting, but a major risk to Musk’s brand if it goes sideways (injury/death). MITTECHREVIEW

Tech Layoffs Decline 
We seem to be at an inflection point for layoffs vs. hiring again. But expect new hiring to over-index on in-person roles and filter for “hardcore” work ethic. Which means less work-life balance, perks, etc. In other words, less “we’re a family”, and more Alaskan Fishing Boat. TECHCRUNCH 

AI Job Hotspots 
San Francisco, San Jose, New York, Los Angeles, Boston, and Seattle are the top U.S. cities for AI job hunters, accounting for nearly half of all generative AI job postings in the past year. VENTUREBEAT

AI iPhone Concept 
Jony Ive is working with OpenAI CEO Sam Altman to create some sort of "iPhone of artificial intelligence", backed by over $1 billion from Softbank CEO Masayoshi Son. I hope this thing has some measure of success. I just love the idea of design + AI in a new piece of hardware. Mostly becasue I want the MANGA companies to tremble with fear and do something innovative themselves. THEVERGE 

HUMAN NEWS

📚️ TikTok's Literary Influence 
BookTok is indeed one of the best parts of TikTok, but look at these stats. Last year, one in four book buyers in Britain used TikTok, and videos with the BookTok tag have been viewed 179 billion times. Wow! ECONOMIST 

Teens Overwhelmed by Notifications 
Teens are being bombarded with hundreds of phone notifications daily, according to a new report by Common Sense Media. The study found that about half of 11- to 17-year-olds receive at least 237 notifications every day, with some even reaching nearly 5,000 notifications in 24 hours. NBCNEWS

Asteroid Dust Unveiled 
NASA flew a thing to a freakin’ astroid and grabbed a sample and brought it back to Earth. Scientists are now analyzing the content like a bunch of excited kids, which is 1000% justified. ARSTECHNICA

Anti-social Phones
A new study shows that when people have their phones they’re less likely to interact with others and enjoy being around new people less. SCIENCEDIRECT

Military Intervention 
Sweden is dealing with a massive surge in shootings and bombings linked to criminal gangs. They’re now calling in the military to help police address the issues. Meanwhile, far-right parties are ascending in the polls. FT 

Reading Crisis in America 
Two-thirds of American kids can't read fluently, with 40% being essentially nonreaders. Many blame the Phonics method of teaching English, which arguably isn’t complex enough for English. SCIENTIFICAMERICAN 

Unaffordable Housing 
The average American can't afford a home in 99% of US counties, according to a new report from ATTOM. The report found that the typical home priced today would require 35% of someone's annual wages. Completely unsustainable. CBSNEWS 

Fast Food Wages = AI Acceleration 
California's fast food workers are getting a pay raise to $20 per hour next year. The law applies to restaurants with at least 60 locations nationwide, and will make California's fast food workers the highest paid in the industry. My predication? This will just increase investment in worker-replacement technologies like AI and robots. It’s like, “Hey, we were looking for a reason to invest millions in those technologies, and California just gave us that reason.” APNEWS

IDEAS & ANALYSIS

You Fix Good Things by Doing Them Better
Liberal Democracies and Science share something important. When they aren't as good as they should be, the solution isn't to try something else—like communism or anarchy or tarot cards. The solution is to improve our Liberal Democracies and Science. Have a bad democracy? Do better democracy. Have a problem with bad science? Do better science. They aren’t the problem. Not doing them well is the problem.

NOTES

I have the music bug stronger than ever. I have set up my keyboard and all my software (KOMPLETE + Native Instruments + Logic for anyone interested), and I even had a preliminary session with my buddy Marc. He’s the one talking about whale song research in UL Chat. Super fun! If I don’t have at least one shitty song released within 6 months you are hereby required to give me major shit.

Here’s an amazing Jungle set: CloZee’s set from Envision 2023. This is the type of stuff I’ll be making for sure. But think more hacking, UL themes. I’m psyched. Just need to figure out where to find all the right samples, and get down and dirty with Logic. If you are into making EDM, let me know the best database for finding high-quality and legit samples I can buy or use.

DISCOVERY

⚒️ CertGraph — An open-source tool that crawls SSL certificates to create a directed graph, where each domain is a node and the certificate alternative names for that domain's certificate are the edges to other domain nodes. GITHUB

⚒️ Aftermath IR Framework — A Swift-based open-source incident response framework, is designed to help defenders collect and analyze data from compromised hosts. It can be deployed from an MDM or run independently from the user's command line, and provides a parsed view of locally collected databases, file timelines, and browser information to potentially track down the infection vector. GITHUB

⚒️ Magentic: Python LLM Integration — A new tool that lets you integrate Large Language Models (LLMs) into your Python code. It allows you to create functions that return structured output from the LLM, and mix LLM queries and function calling with regular Python code to create complex logic. GITHUB

⚒️ Shinobi Unveiled — A new AI analyst tool, is designed to help cloud professionals quickly search, monitor, and understand complex environments. It's like having a personal AI analyst to help you uncloud the cloud. SHINOBI 

Apple’s going to fix hot iPhone 15’s with a software update. MACRUMORS

Top 1% Earnings by State VISUALCAPITALIST

Here’s an article on how to scrape websites using ChatGPT. Pretty decent, but in my experience it’s best to get the entire page and do stuff with it later. I use a combination of Browserless, Feedly, and Zapier to do this. Ping me in UL Chat if you want details. PROXIESAPI

Cloudflare is deploying AI models like LLAMA2 as Cloud Workers TECHCRUNCH

Don't Ever Write Your Own Database HACKERNEWS

Elderly people can’t resist answering the phone BOGLEHEADS

Reddit is all about “personal LLMs”, which is something I talked about in my book in 2016. I called them “DA’s”, though, which I regret. REDDIT

Letting Go of Self-Optimization NYTIMES

Is Robots.txt Really Effective? JIM-NIELSEN

Astronomers have coined a new term, "noctalgia", to describe the collective grief over the loss of our night sky due to light pollution. SPACE

The Prophetic Perfect Tense is a fascinating literary technique used in the Bible, where future events are described in the past tense, as if they've already happened. WIKIPEDIA

Chomsky says moral relativists don’t exist OPENCULTURE

First-Ever Photographed Black Hole is Spinning PETAPIXEL

Qualify your yes’s ASMARTBEAR

Google People Mystery Remember Google People? It was a bizarre social network that existed for a brief moment between Orkut and Google+, with strange features like forcing your profile image to smile and guessing your birth and death dates. The platform, which was never officially "alive" according to Google, was shut down after about six months for reasons unknown. QNTM Discovery: "Google's Forgotten Social Network" QNTM

The Ashley Book of Knots, often referred to as the knot bible, is a comprehensive guide to tying practical knots, complete with 7000 drawings representing 3800 knots. ARCHIVE

RECOMMENDATION OF THE WEEK

Gulag Archipelago is a book I think everyone should read in their life, and it’s my recommendation of the week.

You don’t need to read it today, or tomorrow. But maybe commit to reading it within a year. I can basically guarantee that you’ll wish you read it earlier.

APHORISM OF THE WEEK

Creativity is 70% knowing what came before you, 25% seeing the connections and patterns between them, and 5% adding something new on top.

Daniel Miessler