Unsupervised Learning No. 238

News & Analysis

MEMBER EDITION | EP. 238 | July 20, 2020

SECURITY NEWS

Twitter had its most serious breach in its 14-year history, which was the result of social engineering against employees. That social engineering lead to access to internal admin tools that in turn granted access to accounts. For 130 accounts they just got access, but for 8 they also downloaded all the data for the accounts. This list supposedly included people like Biden, Kim Kardashian, Obama, Bill Gates, Elon Musk, and Warren Buffet, but I'm not sure how solid that is. There's also still a lot of speculation about who did it, but I'm not sure that matters so much beyond being a state actor or not. The key takeaway for me is that social engineering and god-level admin tools are a lethal combination. Twitter claims the admin tool had two-factor auth on it, but as we see—two-factor doesn't stop social engineering attacks because you're attacking people who have the second factor. What this means is that we have to rethink how we protect crown jewels in the digital space. It's likely that we'll have to move to a model more like that of national security, where you protect nukes by having multiple people turn multiple keys, and other such mechanisms. Maybe having a pool of people who are able to help unlock the god-tool, and picking the second person at random. That kind of thing. That would make it far more difficult to target specific people for an attack. But yeah, the main lesson here is that Twitter is global security infrastructure, and it needs to be protected as such. Twitter's Response

The US supposedly authorized an attack by the US.S. Cyber Command against Russia's IRA information warfare group in 2018 to prevent attacks against our mid-term elections. More

Bloomberg says the FBI is using Sabre as a travel surveillance tool. Makes sense. It's the same reason China is going after similar systems. More

Iran has had a number of mishaps/attacks in the last few weeks, and many believe this to be the work of Israel and/or the west. There's a theory that Israel is going to become increasingly brazen, even up to the point of prompting a confrontation because they'd rather do so under Trump than his potential successor. Mor

Russia's Cozy Bear APT group is targeting vaccine researchers with phishing campaigns. I'm curious what the possible desired actions might be once they gain access. Stealing research to make their own vaccine? Using what they find in disinformation campaigns? Potentially all of the above. More

Vulnerabilities:

  • ZDI's Patch Tuesday analysis. More

  • Microsoft DNS vulnerability. More

  • RECON bug lets people create admin accounts on SAP servers. More

Incidents:

  • Someone is selling the personal details and SSNs of 40,000 Americans. More

  • The MGM data breach was much larger than thought, and a hacker is now selling access to 142 million guests' data for around $3,000. More

Companies:

  • Auth0 raises a $120 million Series F. More

TECHNOLOGY NEWS

OpenAI's new GPT-3 language generator is stunning people with how advanced it is. Someone's used it to auto-generate code, and others have fed it a single word, and had it produce a full article that many people can't tell wasn't written by a human. Someone else had it build them a presentation. This technology is becoming awesome in the original sense of that word, i.e., both amazing and scary. More

Cloudflare went down last week, and there was much gnashing of teeth. It also took down a number of services designed to monitor whether things went down or not. So there were frowns and laughs all around. They said it was a misconfiguration. More

There's now a Peloton for boxing. More

Google has invested $4.5 billion in India's largest mobile network. More

UIPath just raised $225 million dollars to automate repetitive back-office tasks—which is a euphemism for millions of human jobs. I'm not saying I'm against this, because I'm not against oceanic tides either, but people need to seriously absorb that there are billions being spent on the "problem" of companies having human workers. We're approaching a future where there are extremely high-end jobs, extremely low-end jobs (which must be done in person), and not much in-between. We need to prepare for that future. More

Verizon is signing up to use Google's AI customer service offering to automate its customer service and chatbot offerings. Again, just like the article above, just about every major company and industry is thinking about how to replace their massive pools of low-medium skilled workers. This is the customer service space, which employs around 3 million people just in the US. If you keep wondering why there's so much focus on improving AI, this is the main reason. The better it gets, the fewer humans companies will have to employ. More

Gamers are spending more in 2020 than they have in a decade. More

HUMAN NEWS

The world is currently undergoing a massive crash in births. 23 nations are expected to see their populations halve by 2100. Because of this, the planet's population is predicted to peak at 9.7 billion around 2064, and start dropping after that. That's super interesting, but in 2020 I see any discussion about 2064 as pure optimism. The article points out that this isn't a new thing from the pandemic (although that's another angle), but rather a larger trend around women and education. More

In many cities and towns, we're seeing private schools re-open where the public schools stay closed due to COVID. It's hard to imagine a more tangible example of the rich kids pulling ahead of the poor kids when you literally have them going to school while the poor kids aren't. Nearly everything about COVID that public schools struggle with is done better in private schools. They have fewer students. They have more money. They have more space per student. This is another example of how having more money is not a single advantage, but a constellation of advantages that fractal into additional ones as they interact with challenges. More

Microsoft did a study on productivity during the pandemic and found some interesting stuff. Weekly meeting times increased by 10% overall, and they had 22% more meetings of 30 minutes or less and 11% fewer meetings of an hour or more. IM traffic after 6PM increased by 52%. Scheduled 1:1's increased by 18%. More

A recent report says an average full-time minimum wage employee can't afford a 2-bedroom rental anywhere in the US, and can't afford a 1-bedroom in 95% of counties. More

The new Ford Bronco has arrived, and people are going fairly crazy. What I see is an American Exceptionalism-shaped hole in people's hearts, and they're willing to grasp onto anything that might fill the void. I think Tesla's stock price is very similar. More

Coronavirus has caused smokers in the UK to quit at the highest rate in a decade (7.6%), which is over a third more than average. More

A new study improved the cognitive performance of old, sedentary mice by giving them the blood plasma from mice that exercise, and it worked even if the mice that exercised were older as well. More

IDEAS, TRENDS, & ANALYSIS

Reverse Threat Modeling for Pursuing Attribution — A recent thought on trying to reverse engineer who could have initiated an attack. More

Our Lighted Path to Totalitarianism — My recent essay that looks at 5 trends that inevitably lead civilizations to a bad place. More

Lifecasting — A piece I wrote way back in 2002 about how society would change when everyone was broadcasting their lives using technology. I got so much wrong, but it's still an interesting read! More 

How the abolition of mandatory retirement changed America. More

Why companies lose their best innovators. More

Tech firms hire Red Teams, and scientists should too. More

A fascinating thread on the sad state of civil discourse at major media outlets (Note: Deals with a political topic but isn't partisan in any direction). In my opinion, this is why people are moving towards getting their news from trusted people, and perhaps very small groups, rather than media companies. Once you're a large company there are so many forces on you that force everyone within to align with a particular narrative More Bari Weiss' Resignation Letter

UPDATES

I told you I was trying the YES PLZ coffee that John Gruber was advertising on his site. Well, I didn't like it. I tried it twice and threw the rest away and canceled my subscription. Too sour for me. I prefer coffees like my beers: lagers over IPAs. My favorite coffee, by the way, is Philz' Tesora and Philtered Soul. I know this because I just tried like 15 different coffees from around the world and arrived back on this local roaster. They're out of Oakland, CA.

I'm rather obsessed right now with the idea of writing fiction. Well, I have been for years now, but the urge is growing. I have an idea for how I want to approach it, which is like a cross-section of sedimentary rock where you can see the layers from over millions of years. So imagine like 7 layers, from top to bottom. With say the bottom layer being mystery, the next layer up being character development, the next layer being setting, etc. So the idea is that I'd map out a beginning and end of the story, and then would fill in milestones throughout the layers. The purpose would be to ensure that I am hitting all the key elements I want in the story, and not forgetting to include them throughout the text. So the plan is to do this scaffold mapping for an idea, and then just do it. Has anyone heard of a similar approach to laying out an idea before writing?

I got my data report back from Acxiom, and I'm going to write a piece about it soon.

DISCOVERY

Team Improvement Techniques More

A breakdown of how unemployment is hitting different demographics. More

The Atlas of Surveillance More

How to Run a Live Coding Stream on Twitch using OBS More

5 Types of Dashboard More

Forbes takes a look at MITRE, and puts it in a not-so-positive light regarding secret projects tied to the government. More

Explain Why You're Asking Your Team to do Something More

Notable is a Markdown-based notes application. More

50 Ideas That Changed My Life More

Daniel Miessler's Concepts Page More

GetJSWords — Find unique words in JS files in order to populate wordlists. More

RECOMMENDATIONS

If you're up for some low-stress, super-fun sci-fi, I highly recommend The Murderbot Series. More

APHORISMS

“The only way to predict the future is to have power to shape the future..”

~ Eric Hoffer

Thank you for being a supporter. Come join us in the Slack channel!

ul-community.slack.com