This is episode No. 99 of Unsupervised Learning—a weekly show where I curate 3-5 hours of reading in infosec, technology, and humans into a 30 minute summary. The goal is to catch you up on current events, tell you about the best content from the week, and hopefully give you something to think about as well…
This week’s topics: Information Warfare, AI vs. CAPTCHA, Google Bug Bug, DARPA Drone Swarms, USB Fail, Medical Extortion, tech news, human news, ideas, discovery, recommendations, aphorism, and more…
Listen and subscribe via…
Read below for this episode’s show notes & newsletter, and get previous editions…
Security news
Russia's information warfare campaign seems to have been far more effective than first thought. They evidently reached 126 million users on Facebook, published more than 131,000 tweets, and uploaded over 1,000 videos to YouTube. Link
A new AI based on the brain's visual cortex has massively wrecked CAPTCHA security, giving over 2 in 3 success in many runs, including against re-CAPTCHA. Link
A major bug was found in Google's bug database software that allowed a researcher to look at all bugs in the system. There's some controversy because he only received $15,500 for his findings, and many are saying its worth far more than that. He points out at the end of the post, however, that it makes sense to have a lower payout since the bugs are ephemeral. Great bug and great writeup. Link
ISIS has been putting bombs on drones for a while now, and now Mexican drug cartels are doing the same thing. They're putting potato bombs on quadcopters. Link
DARPA wants US ground troops to be accompanied by swarms of small, flying or crawling robots in a project called OFFSET (Offensive Swarm-enabled Tactics Initiative). Well, we knew it was coming of course, but it's still surreal to read about it happening in realtime. Link
Someone found a USB drive full of details about London Heathrow's airport security, as well as travel details and protection plans for Queen Elizabeth II and other VIPs. Link
Twitter is banning ads from RT and Sputnik due to evidence that they are part of a concerted effort to increase social strife in the United States, especially related to Russia and the 2016 election. They will also begin labeling political ads. Link
It appears more and more companies are looking at AI for infosec help not necessarily because they think it'll work, but because there aren't enough trained humans to do the work. Link
Hackers broke into a high-profile plastic surgery clinic and stole tons of extremely sensitive images of VIP clients, including celebrities, royals, etc. Link
Technology news
Twitch seems to be winning the gaming streaming battle against Google. Their concurrent streamers grew 67% in Q3, as YouTube gaming declined. This is expected for me because platforms like this are very similar to social media platforms, and Google seems utterly incapable of making a good interface / community. Link
Uber now lets you make multiple stops on the way to your destination, both before you start and while enroute. This is great news for many who realize they need to pick up something before they get where they're going. Link
Amazon now has over 540,000 employees, and net sales increased in Q3 from $32.7 billion to $43.7 billion. What a force. Link
Google's ad business is now larger than that of Facebook, Alibaba, Baidu, Twitter, Amazon, and Snap combined. Link
91% of payments in Australia are contactless, compared to 45% in the UK, and only 5% in the US. 5%? How embarrassing. Apple Pay seems to account for around 90% of the transactions in the markets its available. Link
IBM has simulated a 56 qbit quantum computer in a traditional architecture, and using only 4.5 terabytes of memory. Link
Human news
Millennials may be choosing brands that make them feel safe. Link
PayPal is now worth more than American Express. Link
AI has been used to find suicidal tendencies in brain scan data. Link
A new study has again indicated that high IQ is associated with various psychological disorders. Link
Walmart is expanding its in-store robot program, but is quick to assure people that they won't replace humans. Hilarious. Link
The top 20% of incomes pay 95% of taxes. Link
GE is moving away from the forced annual performance review model that it helped pioneer, and many other companies are doing the same. Link
Ideas
InfoSec Needs to Embrace Tech Instead of Ridiculing It Link
The New Luxury of Good Information Link
An Idea on How to Build a Conscious Machine Link
Maybe the Current Trend for Society is Fragmentation Link
On the Luxury of Abandoning a Nice Corporate Job for the Freedom of Freelancing Link
Do all predictions of the future collapse into these four themes? 1) Growth that keeps going, 2) Transformation upending the past, 3) Collapse of the present order, and 4) Discipline imposed. Link
Patreon continues to improve its tools for helping content creators grow and monetize their audiences. Another interesting player in that space is Memberful, which I use myself. I think we're basically witnessing a peer-to-peering of value creation and consumption. Link
Dungeons & Dragons is making a major comeback, and I think it's because role-playing games provide alternate meaning loops. As a life-long gamer myself I see the allure, but can't help but see it as a problem as well. It's possible to role-play as a creative outlet, which I think is good, but it's also possible to do as a substitute for succeeding in real life, and that's not good. Link
Discovery
? The Atlas — A search engine for charts. Just type anything in. Amazon. Mobile Phone. Whatever. Truly spectacular. Link
A Masscan Tutorial and Primer — The latest addition to my tutorial and primer collection, this time on Masscan, the internet scanner capable of scanning the entire internet in 6 minutes. Link
28 of the most powerful lines of poetry ever written. Link
Medium has a stellar engineer growth framework, which sets up the framework, describes tracks, shows you how they assess progress, etc. I wish more companies put this much effort into technical career tracks. Link
AirBnB created a system that can create code for an interface based on seeing a sketch. Link
Why you need more than one AWS account. Link
Visualization of which types of application most use Okta. Link
Open Source Pentesting — A phenomenal presentation by Rob Fuller (@mubix) on standardizing penetration testing using open methodologies and templates. Link
InfoCon Rainbow Tables Link
In Praise of Tactical Exploitation Link
TrevorC2 — Mask C2 traffic through a normally browsable website. Link
Uncaptcha — Defeat Google's audio reCaptcha with 85% accuracy. Link
Notes
I have rolled out the new Idea Series on the podcast, which has me reading individual essays on various topics. The idea is to expose you to a new idea or a new perspective on that idea in a way that gives you something to think about. Here's one of the first episodes. Link
After a lot of continued requests for me to re-enable comments on the site, I've restored them to the bottom of each page. I'm using Facebook comments, for a few reasons. First, Facebook is the most popular social media site, and it will allow most to post a comment without logging in. Second, a big part of why I removed comments before is because of spam, and I'm hoping that Facebook requiring an actual account—combined with them being really good at taking input from users—will mean there will be more real comments and less junk. We'll see how it goes. If we get good comments and not much debris I think we'll keep them.
Recommendations
Instead of doing 11 projects at 37% each, instead pick one or two, and do them 100%. Learn to say no to new projects. Do fewer things, better.
Aphorism
“Simplicity is the most difficult thing to secure in this world; it is the last limit of experience and last effort of genius.” — George Sand
You can also sign up below to receive this newsletter—which is the podcast’s show notes—every week as an email, and click here to get previous editions.
And if you enjoy this content, please consider supporting the site, the podcast, and/or the newsletter below.
Thanks for listening. I’ll see you next week.
