Unsupervised Learning: No. 173


Unsupervised Learning is my weekly show that provides collection, summarization, and analysis in the realms of Security, Technology, and Humans.

I spend between five and twenty hours a week consuming articles, books, and podcasts—so you don’t have to—and each episode is either a curated summary of what I’ve found in the past week, or a standalone essay that hopefully gives you something to think about.

?️ Security NewsAmazon has many thousands of people doing quality control on Alexa, meaning that they’re listening to incoming audio captured on Echo devices. This shouldn’t be surprising. The question is how they’re doing it, and what policies they have around privacy when doing so. I don’t personally see a major problem here. But at the same time I’d never put a Facebook device in my home. To me it’s more about the company and its incentives than anything else. LinkA number of FBI-affiliated websites were hacked, and information on thousands of federal agents and law enforcement officers are now being sold online. LinkChinese schools are using facial recognition on students, and using ML to determine whether or not they’re currently paying attention, distracted, etc. LinkSift is a service that builds a risk profile on you so merchants can determine whether you’re a benign actor or someone about to commit fraud. I think people need to accept that continuous risk scoring for people and situations is both inevitable and actually already happening. The moment you try to block bad actors by looking at their behavior, you quickly end up with a score that determines action based on various thresholds. And the moment you do it for bad actors, you’re kind of implicitly doing it for good actors as well. There are better and worse ways to approach this, but profile scoring is not something we’re going to be able to avoid going forward. Let’s accept this reality and start having the conversations about how to make (and keep) this functionality as benign as possible. LinkA Dutch F-16 was damaged by rounds from its own 20MM cannon. So it fired bullets, and then flew into them. Life is awesome. LinkAdvisories: SAP Crystal Reports, Adobe, Juniper Switches⚙️ Technology News? The biggest news from Google’s cloud conference last week was the launch of Google Anthos, which unifies your on-prem and cloud container management into a single platform. LinkDisney is launching Disney+ in November, which will cost $6.99/month. At the time of writing, the stock is up 11% on the news. LinkWalmart is adding around 4,000 new robots to stores across the US. They are meant to do “repeatable, predictable” tasks, including: shelf scanners, floor cleaners, picking things up, unloading things, and sorting things. LinkYou can now edit Microsoft Office files using Google Apps, e.g., docs, sheets, and slides. Link??  Human NewsPeter Temin, an economist at MIT, says the US has slipped into developing nation status because 80% of the population is burdened with debt and anxious about job security. LinkGum bacteria is being called out repeatedly for potentially causing Alzheimer’s and other diseases. LinkBank of America is raising its minimum wage for employees to $20/hour. LinkWhat qualifies as middle income in each state. Link? Ideas, Trends, & AnalysisAbusability Testing — My favorite talk at ENIGMA 2019. It’s about how we have to think about large-scale systems can be abused, not just about technical vulnerabilities within those systems. So, more like Adversarial Economics than Penetration Testing. LinkPitching your product will kill fundraising, because they need to know WHY you exist more than anything. LinkThe future of news is conversation with small groups that have trusted voices. Link? DiscoveryThe world’s 7.5 billion people in one chart. LinkA maturity model for use of the MITRE ATT&CK Framework. LinkTwo new fonts! Public SANS, Helvetica NOWUnclassified U-2 spy plane photographs are revealing some extraordinary archaeological findings. Link Bloodhound password analysis. LinkProvable Security at AWS — One of my two favorite talks at ENIGMA this year. Link? NotesIt’s crazy that I’ve been doing this show for 4 years now, and podcasting is now entering the mainstream. I love how much content is out there now. I continue to tweak the pitch for this show in the podcast description, to differentiate it from the other stuff out there. Risky Business is the best security news show, I think. I like my mix of stories better, but I like that Patrick has the format to go a bit deeper on each one. And Darknet Diaries is a must for anyone who likes story-based podcasts—like Serial was. This show is quite different, as it’s a curation lens to what’s happening in the world of security, technology, and people. It’s a way to pass on what I find and learn from all the reading I do. I think that harvesting feature is key, and I want to find a way to make it more obvious. If you have any ideas I’d love to hear them. Thoughts?I’ve changed the subscription option here to just be the $50/year option, since that seems to be the most popular one anyway, and I think it’s cleaner to offer the best plan instead of outsourcing the choice. You can sign up here. SubscribeI’m also considering doing a member version of the free newsletter—which would not have any call to subscribe at the bottom. Not sure if that would matter, but I think it’d be a nice minor perk for membership. Thoughts?These are the books that I’ve just finished or am about to start (within the last month or two): WhiteShift, The Vanishing Middle Class, Loonshots, From Cold War to Hot Peace, Discrimination and Disparities, The Tyranny of Metrics, The Demon-Haunted World, Bowling Alone, The Right Side of History, The Age of Surveillance. I’ve been reading like crazy, and the book that’s had the most impact has been Bowling Alone, which, combined with reading to conservative books (Sowell and Shapiro), has got me thinking a lot about the lack of meaning in peoples’ lives. I have much to say about this, and even a forming plan for addressing it. Ping me if you want to exchange ideas about it.I’m considering trying to get each section down to around 5 items (except security, which sometimes goes longer). The idea is to curate even more, and reduce the load on you. What are your thoughts? Would that be helpful? ?️ RecommendationsLoonshots: How to Nurture the Crazy Ideas that Win Wars, Cure Diseases, and Transform Industries Link? Aphorism“The more we do, the more we can do”.~ William Hazlitt

No related posts.