Unsupervised Learning Newsletter No. 297

STANDARD EDITION | Ep. 297 | Monday: September 6, 2021

SECURITY NEWS

CISA has added single-factor authentication to its list of bad practices. More

The FBI says China is going after Uyghurs based in the US using both in-person and digital techniques. More

Ok, so you know how a lot of restaurants are shut down or empty because there are no workers? Now imagine that for truck drivers. The ones that deliver everything to everyone. More

Mike Orlando, the acting director of the National Counterintelligence and Security Center, says China has been inflicting $200 to $600 billion in intellectual property theft against the US for the last 20 years. More

ProtonMail shared an activist's IP address with authorities, even though it says it doesn't log anything. Case in point: don't use third parties for services with an expectation of privacy. Companies like Apple are really careful, but even they have to respond to subpoenas. Protonmail, VPN services, whatever. If it's that important to you, and you can host it yourself, do that instead. You have no earthly idea what's happening inside of a VPN or email provider that claims they don't log. Don't beleve it. More

Rapid7 found a way to remotely disable the Fortress S03 home security system. Evidently all that's needed is the owner's email address, which can yield their IMEI, which can be used to disable the system. More

A former credit union employee in New York logged into the company's systems two days after being fired and deleted 21GB of data. She's now facing 10 years in prison, but my question is how she had that access days after being fired. More

Kaspersky says it's seen IoT attacks double in 6 months. More

Organized criminal gangs are stealing tens of millions of dollars worth of merchandise from stores like CVS, Target, Ulta Beauty, and others—and then selling the stuff on Amazon. They give the example of someone walking into a CVS in the Tenderloin in SF and stuffing things into a trash bag and walking out. I was wondering what they were doing with the stuff. The article says Amazon is basically the world's biggest pawnshop. More

China has banned effeminate men from appearing on TV. They have also limited the time under-18-year-olds can play video games to 3 hours a week. Ask me why this is the security section. More

The Navy has a new weapon that stops you from talking. It basically records you as you speak, and then plays it back at you really loud just as you're speaking. It's evidently so disorienting that it stops you from speaking. Anticipated uses include crowd control. Um, yeah. More

Vulnerabilities:

• Cisco has a critical security update for its Cisco Enterprise NFVIS product. More

• An NPM package with 3 million weekly downloads has a severe vulnerability. More

• Netgear has patched serious bugs in over a dozen smart switches. More

• There's a critical vulnerability in Atlassian Confluence that's being actively exploited. More

TECHNOLOGY NEWS

Someone asked GPT-3 a bunch of questions about COVID and it answered better than a lot of experts. Truly impressive results. The final question: "When will the pandemic end?" Answer: 2023. More

In the movies you can often find someone pointing at an image on a monitor and saying, "Enhance.", at which point the super blurry image becomes clear. Google just made a major movement in that direction with a new AI Photo Upscaling technology. It must be seen. More

TikTok is getting into VR through a purchase of a company called Pico. This is the most significant VR news I think I've ever heard. If anyone can make VR real, it's TikTok. More

In related news, TikTok just surpassed YouTube in hours watched in both the US and the UK. More

A new Korean law says Google and Apple need to allow developers to use other payment systems. More

Altos Labs is a life "rejuvenation" startup raising money and interest from people like Jeff Bezos. They currently have over $270 million in funding and their main MO is hiring top talent from universities and offering them extraordinary salaries and a lack of research red tape. More

I just got done talking about how cool Wirecutter was, and now it's going behind the (NYTimes) paywall. Digital Access subscribers get access though. Another reason to sign up. More

It looks like Amazon is about to launch a line of Amazon-branded TVs. More


HUMAN NEWS

Northeastern University did a study that found that around 27% of healthcare workers are still unvaccinated. More

Cornell has found that rejected internal candidates are more than twice as likely to quit. More

More than 93,000 people died of drug overdoses in the US in 2020. More

A study has shown that Ruby players show signs of cognitive impairment after just one season. More

A UK study found that being fully vaccinated reduces the odds of long-COVID by half. More

The WHO is monitoring a new COVID variant called "mu", which they're saying has mutations that give it the potential to evade vaccinations. It's been found in 39 countries so far. More

Approval of labor unions is at 68%, which is the highest its been since 1965. More


CONTENT, IDEAS & ANALYSIS

China Ascending — Some are saying Xi is launching Cultural Revolution 2.0, which is easier to believe when he's wearing a Mao suit in the story's photo. He's made a number of remarkable changes recently, including limiting kids below 18-years-old to below 3 hours of video games per week. The government is also putting out a policy that prohibits men on Chinese TV from behaving in a feminine manner. He's essentially trying to build a nation of wholesome, loyal, and productive citizens that will be effective in future conflicts, whether economic or military. I don't agree with how he's doing it, but I do respect his push for unity within the country. And as a constituent of his #1 adversary, I am concerned the west is not prepared for this threat. United we could defeat anyone, but we are not united. We're in the process of fragmenting into many small pieces, and that seems to result in only one outcome. I fear that if China does not overplay their hand and either 1) force its best people to leave, or 2) unify the world against them, they will become the dominant world power within 10 to 20 years. More

Apple's Own Goal — A survey asked 5,000 Android users if they'd consider switching to an iPhone. A year ago the results were 33%, and the recent result was 18%. So almost half. 10% of the respondents who said they wouldn't switch said it was because of the CSAM scanning issue. Separate from that metric, I think Apple just made a multi-billion-dollar PR mistake with this thing. Multi. Billion. They essentially counteracted, in one bad PR campaign, the years of effort they'd put into becoming known as the world's #1 operating system for privacy. Multi. Billion. More

Geeking Out on Air Quality Measurement — I bought a tool that measures air quality, and it's been a lot of fun. More


NOTES

I was on Ben Sageghipour's (Nahamsec's) Live Recon show and the video is now live. It's an hour and half of conversation about hacking, security, and life. Really enjoyable discussion about lots of topics. More

I'm about to publish a couple of new sections to the Members Area of the site due to the overwhelming number of requests for them. First, I'm going to be adding a section for "what I use", which is kind of like an EDC writeup, except for all major product categories. Second, I'm also going to be publishing a recommended books list, including multiple categories. Get Access


DISCOVERY  

The HN September Hiring Thread More

SecuriBee's Twitter Lists More

It's not a labor shortage; it's a wage and workers' rights shortage. More

An SSH Lateral Movement Cheat Sheet More

Automating Authorization Testing Using AuthMatrix (Part 1) More

A Defender's Guide to Cobalt Strike More

Why it's so hard to make computer chips. More

Chekov's Gun — The principle that if you tell someone in fiction about a detail, that detail must become important later on. More

An nftables-based, Multi-route Firewall More

OSINT Workflows by @cybersecstu More


RECOMMENDATIONS

Sam Harris recently had Balaji Srinivasan on to talk about the future. It was one of the longest podcasts he's ever done, and I highly recommend everyone listen. It's literally a different way of looking at the future. Even if you don't agree with the pitch, it's a perspective you'll be enriched by hearing. More


APHORISMS

“To see things in the seed is genius.”

~ Lao Tzu