Unsupervised Learning No. 251

I spend 5-20 hours a week consuming books, articles, and podcasts that explore the intersection of security, technology, and society. Then every Monday morning I send out the best of what I found.  

STANDARD EDITION | EP. 251 | October 19, 2020

MY ESSAYS

The Content Value Hierarchy (CVH) — How to protect your podcast or newsletter from being cut when people hit content overload More

The Relationship Between Hardship, Struggle, and Meaning More

A CrowdSec Primer — A modern replacement for Fail2Ban More

SECURITY NEWS

Multiple law enforcement groups are preparing for election-related unrest by limiting the ability to take time off in the weeks before and after the election. More

China is working on swarms of so-called "suicide drones", which are relatively inexpensive and can be launched from mobile platforms including trucks and helicopters. More

Projecting objects, such as stop signs, cars, and other obstacles, can make Teslas see those object as real, causing them to swerve or apply the brakes. More

Sweden is growing its military spending by 40% due to tensions with Russia. More

Atlanta police used a drone to make an arrest in the murder investigation of Thomas Jefferson Byrd, and they released the video. More Video

Vulnerabilities:

• CVE-2020-16898 — There's an RCE in the Windows TCP/IP stack related to the handling of ICMPv6 Router Advertisements More 

• 800,000 SonicWall VPNs are vulnerable to an RCE. More

• There's a bad NULL Pointer Dereference error in Flash. By the way, dereference just means "read", i.e., trying to read something that isn't there. More My Primer

• Someone found an RCE in the desktop app for Discord. More

• Multiple vulnerabilities have been found in Magento. More

Breaches:

• Barnes & Noble warns customers of a breach that may have resulted in data loss. More

TECHNOLOGY NEWS

The 2021 Tesla Model 3's are getting some major upgrades, including longer range, a bit more speed, and double-paned glass. More

You can now hum or sing songs to search for them using Google. More

Google Analytics is rolling out a new upgrade—Google Analytics 4—which is nicer looking, gives more data, and uses AI to provide insights—but as per Google the rollout doesn't seem well-documented or complete. There's supposed to be an "Upgrade to GA4" button in existing properties, but many are reporting it's not there for them. More

Companies:

• Clear, the company that helps air travelers get through line faster, looks to be pivoting into a larger identify verification play. More

• 98point6 raises $118M to do remote healthcare, including text-based interactions with doctors and automatic prescription sending to your local pharmacy. More Video

• Balto raises $10 million to analyze call center conversations using AI. More

• BlackSwan (who just raised $28 million) is an Israeli company that's looking to enable any company to leverage AI for operational efficiency and data-driven decision making. More

• Augury is a company that uses AI to predict machine faults based on vibration and sound, and they just raised another $55 million. Evidently they're about to have competition from Amazon as well. More

• Danon is a company that scans construction sites using AI and can tell you if they are behind schedule or if errors have been made. More

• Alkira is a multi-cloud networking startup that helps people get their services onto multiple cloud services very quickly. More

HUMAN NEWS

China's economy grew 4.9% in the third quarter of 2020. The surge is partly due to its lead at containing COVID. Construction and consumer spending are both up. Caveat: These are China-reported numbers. More More

China has rolled out pilot of its new, digital version of the Yuan in Shenzhen. It's not a cryptocurrency, just a digital version of the official, state currency. More

Nearly 900,000 people applied for unemployment in the US last week. More

Amazon has launched a payday loan program for its warehouse workers. This seems gross. It's like they're creating both the supply and the demand for a new business that shouldn't have to exist. More

California has a $54 billion dollar budget deficit and over 340,000 government employees drawing more than $100K in salary. That seems, well…unsustainable. More

Rents in San Francisco have crashed the most in the country: up to 31%. More

IDEAS, TRENDS, & ANALYSIS

How to Reverse 50 Years of Social Decline and Actually Make America Great More

I'm starting to worry, as are others, that there is a big COVID shoe that still needs to drop regarding COVID and the economy. There's a very real chance that we've just sort of been going on fumes for the last few months, i.e., stimulus, strong tech performance, etc., but that at some point the millions of unemployed people and all the unpaid loans are going to have an impact. Then there's the election of course. We could see some strange times in the next several months. Maybe things stabilize and a Biden presidency brings a big optimism push for years. Or maybe he gets elected and all the Trump-fueled distractions get reduced, and people realize there are actually problems with the economy. Or maybe Trump wins and the cocaine-fueled optimism continues (but for how long), or maybe his crazy optimism carries things through to a longer-term recovery. I don't know, and nobody else does either. But the one thing to say is that it might not be a good bet to assume that the recovery will continue the way it has for the last few months, because it could be that the real impact of the bad economy simply hasn't landed yet.

Is Maslow's Hierarchy the Only Pyramid Scheme That Works? More

How Substack Became Milquetoast More

A Unified Theory for Coming Up With New Ideas More

UPDATES

As you probably noticed, I changed and shortened the intro to the podcast a bit, and I also trimmed the outro. David, who's one of our original UL members, noticed that the outro was quite long and it prevented a quick transition into the next podcast. So I took that feedback and cut the intro/outro time by around 70% to make it easier to get into and out of UL content.

Just a reminder on product shoutouts, this show is very anti-ad, yet I am also very pro-product-discovery, and I'm trying to forge a new path that balances these two things. I'm still investigating ways to find and recommend more products on the site in the discovery section (if anyone knows a service I can use for that let me know!) Like I talked about here, my goal there is to bring extremely cool products to your attention that I find on Facebook, get recommended from friends, etc. One example is the RESOLUTE TOOLS everyday carry blade, which is actually the only knife I carry now. I'm also starting to reach out to some of those product companies that I find and want to recommend, to ask if they want to support the show. To date I've only found two products that have been 1) good enough to bring to your attention, 2) that I actually use, and 3) that I reached out to and asked to support the show. Those two products are Thinkst Canary Tokens, and now CrowdSec, which is in today's show. I've recommended the RESOLUTE TOOLS blade multiple times but they've never been a show supporter, for example. More

I think I've been neglecting a certain type of writing on the site, which is essentially short-form ideas. In the past Google really hated seeing short posts, and in the past that mattered to me. But now I think 1) I care less, and 2) Google probably values people who post more often more than long posts. Either way, I'm looking to do more short essays on the site, and some of those I'll also turn into short podcast episodes as well. The lesson here is to never impose limits on your own writing. If you have an idea, do it. Google—or whoever—will come around eventually.

DISCOVERY

CrowdSec — A Go-based, modern replacement for Fail2ban that leverages crowdsourcing to manage ban lists. I run this on all my public-facing servers, and I'm super happy to finally have a replacement for Fail2ban after all these years. If you run a web or SSH server, you should definitely check it out. Download My Tutorial My Metrics 

I just ordered a new microphone arm from Gator Frameworks, which I recently saw on the Joe Rogan show and also saw my friend Phillip Wylie talk about as well. I currently have the one from Blue, which replaced my old one from Rode, and I'm hoping this will be even better since it's Joe's new preferred arm in his new Austin studio. I'll let you know how much I like it. More

I'm trying a mechanical keyboard for the first time in over a decade, and I went with the Keychron K2 based on seeing it in an MKHD video. Not sure if it'll stick or not. Very different from what I've been using. More

I went on Ashish Rajan's Cloud Security Podcast this weekend and really enjoyed the conversation! Thanks to Ashish for having me on. Podcast Video

The Next World | Dark Techno / Cyberpunk / Dark Electro Playlist — A cyber-ish EDM playlist I love to hack/create to. More
 
How to Invent Everything — A new book that shows you how to invent everything if you get sent backward in time. More

An interesting set of metrics for gauging the health of your team. More

Lobsters' Q4 Hiring Thread More

How to Read and Why — A new book recommended by a member the UL Slack channel. More

A collection of Tech Landscape maps. More

Among-sus — A text-based multiplayer version of Among Us. More

The Hedonometer — A project that takes a 10% sampling of the daily Twitter firehose, and does bag-of-words analysis on the English words it sees. It then maps that as an indication of happiness/pleasure in the world. More

JWT Heartbreaker — A Burp extension that finds weak secrets automatically. More

VulnHub — Prebuilt vulnerable environments built on Docker. More

RECOMMENDATIONS

How to Read and Why — A new book on reading that I am so excited to get to. Yes, I haven't read it yet, so it's a weird recommendation. But it's a highly-rated book about why you should read, so I'm recommending it sight unread. More

APHORISMS

“To avoid criticism, do nothing, say nothing, be nothing.”

~ Elbert Hubbard