Unsupervised Learning Newsletter No. 272

News & Analysis

I spend my time reading 3-6 books a month on security, technology, and society—and thinking about what might be coming next. Every Monday I send out a list of the best content I've found in the last week to around 50,000 people. It'll save you tons of time. 
 

MEMBER EDITION | Ep. 272 | March 15, 2021

SECURITY NEWS

The FBI has warned that malicious actors in Russia and China are likely to start using deepfakes in their influence campaigns in the coming weeks. Many predicted this years ago, and it seems the tech has finally hit a point that's making it a real threat. More

The Hafnium (and other actors) attacks on Exchange continue to play out, with more victims being reported regularly. Remember, this started at the beginning of January, so the game now is figuring out what else these actors did while they were in these networks for two and a half months. And now there are actors using the flaw to launch ransomware. More

At least six major Chinese universities that are known to have connections to government-backed hacking groups are partnering to work on integrating AI into offensive and defensive cybersecurity. Like automatic detection of vulnerabilities, attacks, etc. More

Microsoft is taking fire for removing Exchange exploit code out of a researcher's Github. They now own Github, so many see this as overstepping, but others argue that patches are already available and it's just a public safety issue. I'm probably more in that camp, but I have to admit it's disturbing for Microsoft to just delete something because they can. More

China and Russia are partnering to build a space station on the moon. They say other nations will be able to use it as well. More

Vulnerabilities:

  • Microsoft's patch Tuesday had 82 fixes, 2 zero-days. More

  • Microsoft Windows DNS Server RCE, CVE-2021-26897 9.8/8.5 More

  • SAP has 9 security notes for March, including 2 criticals. More

  • F5 has released patches for vulnerabilities in their BIG-IP and BIG-IQ systems. More

  • Schneider Electric has some issues with their PowerLogic line of smart meters. More

  • QNAP RCE vulns are being used to mine cryptocurrency. More

Incidents:

  • More victims of Accellion attacks continue to surface. It's not just the vulnerability, but the crime ecosystem around it, with various groups launching extortion campaigns based on the files they got access to. More

  • Buffalo public schools have been hit by a ransomware attack bad enough to possibly require multiple days of missed school. More

Companies:

  • Cyberinsurance firm Cowbell has raised $20 million. They cover companies with revenue up to $1 billion dollars, and claim to be the first offering to use AI to do risk selection and pricing. More


TECHNOLOGY NEWS

Facebook has 10,000 engineers working on AR/VR. More

What you need to know about Roblox, and why kids are obsessed. More

Deepfakes can be detected by using AI to analyze reflections (or the lack thereof) in the subject's eyes. More

Substack is going Pro by giving writers money up front and taking most of their subscription revenue for the first year, after which it flips. More

Netflix is doing limited testing of a tool that can prompt users who appear to be sharing a password to buy the service themselves. More

Companies:

  • Stripe is now worth $95 billion. More


HUMAN NEWS

A new study says sugar is the key problem in Americans' diets, and that it can cause diabetes even without obesity. More

People are starting to get vaccinated due to their BMI. People with a BMI of 45 or higher were 61% more likely to die of COVID than those with less than 25. More More

Scientists just found a fossilized dinosaur sitting on a clutch of eggs. More


CONTENT, IDEAS & ANALYSIS

How Raising Minimum Wage Can Accelerate Human Job Loss to Automation — My recent essay on the tradeoff between humans and automation for business owners. More

Chart Scale Types — My recent article on different scale types within charts, and when to use them. More


NOTES

Countering Audiophile Snake Oil — So I've been diving into the audiophile world and, me being me, I'm a bit obsessed with finding out what is snake oil in the industry and what isn't. Like, how much does high-res audio matter? Do speaker or power cables matter? How much? So there are two worlds here: Subjectivists and Objectivists. Subjectivists think that their experience is everything, and more important than measurement. Objectivists think if the difference can't be measured, then it's by definition all in your head. Well this guy Amir at Audio Science Review is a badass Objectivist. And he's just moved to YouTube and has been doing a ton of great videos where he tests claims of high-end cables, etc. It's wonderful stuff. If you're an audiophile or are into audio in any significant way, you should check out his channel. YouTube Channel 

I recently learned there's a movement to have the US rejoin with the UK. Don't google it; you'll be disappointed.

I just finished reading This Is How They Tell Me The World Ends, Nicole Perlroth's book on the cybersecurity exploit market. It was a great history of a lot of cybersecurity events of the last couple of decades. 9/10. More

I also just finished Think Again, by Adam Grant. It was great, but more of a collection of content from other places than anything super new to me. But done really well. 8/10. More


DISCOVERY  

Feedly — Feedly is my preferred RSS reader, and it's the primary mechanism for me managing my inputs that lead to Unsupervised Learning. More

Vimgifs — Short Vim tutorials as gifs. More

12ft — A website that claims to be able to bypass any paywall, and you can use it by just appending 12ft.io/ to any URL. I'm not advocating this be used as a matter of course, btw. More

Drift Car Air Fresheners — I've low-key been hunting the perfect air freshener for my car for years. Trying this one now that works via subscription service. More

Brookings Institute data on China's economy. More

I'm trying one of these Fellow's Stagg EKG coffee kettles. More

The author of Lolita, Vladamir Nabokov, wrote an essay that's just now being released about how Superman was sad that he couldn't have kids with Lois Lane. More

Dynamic analysis of how the New York Times A/B tests their headlines. More

Running shoes appear to be causing multiple new track records. More


RECOMMENDATIONS

Order a bag of this coffee. Whole bean. Prepare with a good grinder and your favorite preparation technique, preferably Aeropress. It's my go-to coffee after trying like 20 of the best in the world. More


APHORISMS

“The stock market is a device for transferring money from the impatient to the patient.”