Unsupervised Learning is my weekly show where I spend 5-20 hours finding the most interesting stories in security, technology, and humans, which I then curate into a 30-minute podcast & companion newsletter.
The goal is to catch you up on current events, show you the best content from around the web, and hopefully give you something to think about as well.
?️ Security News
Hundreds of German officials and politicians have had their personal information leaked to the public. It also appears that the far-right party was spared from the leak, indicating that it could be something like the Wikileaks operation that targetted democrats in the US. It’s early, but this looks like another part of the same strategic campaign being carried out by Russia to destabilize the West. Too many people in the InfoSec community are still in denial about this, for this reason, and it’s hurting us. Link
The NSA is looking to release a free reverse engineering framework called GHIDRA at RSA in March. I hope it’s good: IDA is expensive as hell. Link
The Weather Channel mobile app has been called out for selling the data it gathers about peoples’ locations. Link
Record numbers of TSA agents, who are working without pay during the shutdown, are calling in sick. Link
Facebook is looking to track the images you specifically take by noting the unique dust placement (and other aberrations) on your camera’s lens. Link
This is the best concise overview I’ve ever seen of the Russia-based Information Warfare campaign we’ve been facing over the last few years. A must-listen. Link
This AI can spot a forged painting by looking at just one brushstroke. And for legit paintings it can tell you who painted them. Next step? Create fake ones using those same techniques. Lots of tools are dual-use as weapons, but for AI/ML this particularly true. Link
Those sonic weapons in Cuba might have been cricket songs. Link
Advisories: Adobe
Breaches and Leaks: Blur Password Manager (2.4M), Town of Salem Game (7.6M), Marriott Passwords Lost (5.5M), BevMo
⚙️ Technology News
Windows 10 has just passed Windows y in marketshare. Link
Plan S is an effort to mandate that scientific research be made available free of charge. Link
2019 predictions from a number of AI experts. Link
?? Human News
People in Arizona are violently attacking Waymo’s self-driving cars with sticks, rocks, and knives. Link
Gaming is worth more than video and music combined. Link
Finland is going to train its population in AI. I think they should expand that to include everything Data Science, but yeah—great move in my mind. I think this will massively pay off in 10 to 20 years. Link
? Ideas, Trends, & Analysis
It Appears China is Building a Massive Espionage Database on America Link
How Nassim Taleb is Both Right and Wrong About IQ Link
The Differences and Similarities Between ICS and IoT Security Link
Inflammation Keeps Getting Tied to Depression Link
Marc Andreessen’s comments on upcoming tech trends. Link
The Difference Between Security and Privacy Link
Brace yourself for smart-home fitness. Basically, giant displays where personal trainers can guide you and others in workouts from anywhere in the world. So you get the advantage of experts in fitness linking with you personally, combined with the social aspect of working out in groups and sharing progress. Powerful. Link
My favorite InfoSec prediction was that a DNA database would get compromised. I expanded that to say a DNA dabase or a Data Broker, which are specifically designed to unify multiple data sources into a single record for an individual. Can you think of any higher priority target for China? I can’t.
This AI can spot a forged painting by looking at just one brushstroke. It can also do attribution on who created the piece, if it’s real. That’s cool, but as with so many of these AI projects you have to be aware of how it can—and will—be abused. In the case of an algorithm that’s great at detecting forgeries, bad actors will use it to create forgeries that look really authentic. Or, in the initial phases, they’ll use such an algorithm to check their forgeries for how bad they are. What we’re increasingly heading for is a world where you win if you have two things: all the information about what’s happening in the world, combined with the algorithms to extract value and insight from that data. Link
We need to build activity into our daily lives, not just go to the gym. Link
? Discovery
How to Monitor a Website’s Availability for $0.75 a month on Amazon. Link
A 54 million-year-old Gecko trapped in amber. Link
This California councilman swore in on a Captain America shield. Link
People are starting to use IoT to security their nativity scenes. Link
Resources for getting into Reverse Engineering Link
One Year in SF as a Software Developer Link
Algorithms, by Jeff Erickson Link
? Notes
Currently Reading: Altered Traits, Finite and Infinite Games
Recently Finished: Strangers to Ourselves, This Idea is Brilliant, The Four, Uncle Vanya , Hello World
Just Purchased: Elements of a Life, Astrophysics For People in a Hurry, Alibaba—The House That Jack Built
I am absolutely loving The Orville, which is basically a new version of Star Trek the Next Generation. Link
My personal technical foci for 2019 are 1) Machine Learning, and 2) Reverse Engineering. I’ve already got my main ML project picked out, and I cannot wait to get started!
?️ Recommendations
Things I Like to Do in January Link
? Aphorism
“To live is the rarest thing in the world. Most people exist, that is all.”
~ Oscar Wilde
