Unsupervised Learning
is a Security, AI, and Meaning-focused podcast that looks at how best to
thrive as humans in a post-AI world. It combines original ideas, analysis,
and mental models to bring not just the news—but why it matters, and how
to respond.
Hey there!
The thing I’m most excited about this week is
OpenAI’s DevDay, which is today (Monday, November 6th). Why am I so excited? Because I’m
hoping for big announcements.
OPENAI ANNOUNCEMENT
My wishlist:
-
OS-Integrated, Standalone AIs: The ability to create a personal
digital assistant like I talked about in
my book in 2016. So like
my recent TARS and Samantha AI configurations, but way better and more integrated in the OS. I want to provide it
tons of context about me, and a personality for it
like TARS, a custom voice as well, and a list of tools such as browsing,
researching, shopping, communicating with people, etc. A deal with Apple
to allow me to call it directly from iOS would be brilliant.
The most visible and significant role that Synthetic Intelligence will play
in the near future will be serving as the interface between humans and the
world.
To clarify, I don’t mean the ever-promised, conscious, and self-improving
brand of SI that so much science fiction is based on. The SI I’m referring
to I define as:
A computer system that can monitor human context, intentions, and
commands, interpret them, and then take action as well as or better
than a (human) professional personal assistant.
Whether this comes from extraordinary breakthroughs that result in true SI
(however you define that), or a mere combination of clever tricks that can
emulate it, matters little.
The Real Internet of Things, 2016, Daniel Miessler
-
Tool Use Via API: I don’t want to have to use ChatGPT. I want to
have all my APIs have access to browsing, researching, shopping, and a
thousand other tasks. -
Larger Context Sizes: Ideally like 64-128K, but I’m not holding
my breath on this one.
They just now starting making 32K available
to Plus users. I need more. I need to fit a book in there! -
Dependable Output: A better native way to make output more
deterministic/dependable. -
Updated Training Date: An updated training date across the board
would be nice, but I think this is harder than it sounds.
If we get any 3 of these I’ll be SUPER happy.
?OMG Sunday Night UPDATE! — I was about to go to sleep when I went to
ChatGPT and noticed this!
They’re calling them GPTs
They Launched Custom GPTs Early, Before the Conference!
I’d heard a rumor about something similar, and sure enough!
So they have instructions similar to Custom Instructions, but I no ability
to add voices. : (
But look at the capabilities section!
They can browse and create images and help you code
But most exciting is the “Add Actions” button! It looks like you can
actually give it specific tools via API definitions!
The interface for adding Actions in CustomGPTs
It doesn’t look like they’re OS-integrated in any way but whatever. I’m sure
they’ll keep improving them. Here’s my first one, called Samantha for
obvious reasons.
My new custom AI based on the movie Her
Can’t wait to play with these and see what else they release!
And in the meantime, I hope you’re crushing it, and let’s get into this
week’s show…
MY WORK
Our Personal AI Assistants Will Soon be Our Interfaces to the World
My new short piece on personal AIs and manipulation. When our AIs know
everything about us, they’ll be the easiest way to get things done but also
the easiest way to manipulate us…
danielmiessler.com/p/personal-ai-assistants-will-soon-interfaces-world
How to Lower Your Heart Rate Before Public Speaking
My short tutorial on how to lower your heart rate before speaking. There are
many types of stress around public speaking, but if you have the
over-excitement kind I have a fix…
danielmiessler.com/p/lower-heart-rate-public-speaking
SECURITY NEWS
Russian attackers breached 632,000 DOJ and Pentagon email addresses via
MOVEit, which one of OPM’s vendors was using. MOVEit is rapidly catching up
to Solarwinds as the big one in supply chain hacks.
MORE
48 countries, including the US, are trying to agree to stop paying ransoms.
The idea is like not negotiating with terrorists so they’ll stop taking
hostages because nobody will pay. It’s a good idea, but it only works if
everyone is doing it.
MORE
Some Russian hackers got arrested by the FSB for helping Ukrainian forces by
disrupting Russian critical infrastructure targets. These two individuals
were taken into custody in different regions of Siberia and are now facing
high treason charges that could land them in prison for up to 20 years.
MORE
|
MORE
Sponsor
Drowning in the Sea of Zero Trust Implementation with Okta?
Drowning in the sea of Zero Trust implementation with Okta?
Don’t fret, you’re not alone.
The shallow device hygiene and telemetry signals often leave users
blocked, sending them straight to IT for help. This results in a mountain
of support tickets, creating an overwhelming IT bottleneck.
But there’s a solution – Kolide Device Trust. It integrates seamlessly with Okta, providing real-time device posture
that goes beyond checkbox compliance. And the best part? It empowers users
with contextual instructions to resolve issues independently. Say goodbye to the IT bottleneck and hello to Device Trust done right.
Intrigued? Dive into the future of device trust.
Okta has reported another security issue, which brings the total for the
year to way too many. Nearly 5,000 employees were alerted to a data
breach that exposed their personal information, including full names, Social
Security Numbers, and health insurance plan numbers. I’m starting to get
LastPassy / Mariotty / T-Mobiley vibes.
MORE
|
COMPANY RESPONSE
MITRE’s just dropped the 14th version of ATT&CK. v14 covers 760 pieces
of software, 143 activity clusters, and 24 campaigns across enterprise,
mobile and industrial control systems (ICS).
MORE
|
ORIGINAL ANNOUNCEMENT
Sponsor
CISOs Are Confidently Incorrect About SaaS Security Maturity
Think your SaaS security
is top-notch? We surveyed over 600 global security practitioners and many
thought the same.
Yet 79% experienced SaaS security breaches and incidents in the past year.
Learn the latest trends and findings in the AppOmni SSPM 2023 Report.
?appomni.com/saas-security-report-2023?
Vulnerabilities
-
?F5 is warning about active exploitation of a critical security flaw in
BIG-IP. | CRITICAL | CVE-2023-46747 | CVSS Score: 9.8 |
BLEEPING COMPUTER ANALYSIS
|
COMPANY RESPONSE
|
VULNERABILITY DETAILS
TECHNOLOGY NEWS
Ok, well
this
is interesting. It’s a concept for a new AI-based OS called Dot, kind of.
Honestly it’s just like the personal AIs we talked about above, but it’s way
more ambitious because it’s at an OS level. I signed up.
MORE
DeepMind’s co-founder Shane Legg thinks we’ve got a 50-50 shot at achieving
AGI by 2028. I agree. My timeline is faster, actually. I put it at 60% by
2025, and 90% by 2028.
MORE
|
MY ARGUMENT
Toyota is cutting its electric vehicle (EV) sales forecast by nearly 40%,
which is insane. I’m starting to worry that only Tesla is doing well in EVs,
which either means everyone gets out and the whole EV thing fails, or Tesla
becomes a unicorn snowflake juggernaut because they’re the only game in
town.
MORE
Fusus
is a camera feed integration technology that can turn any camera in America
into a node in a unified surveillance system, and police departments are
actively deploying it. This system not only funnels live feeds from usually
siloed cameras into one central location, but also has the ability to scan
for people wearing certain clothes, carrying a particular bag, or look for a
certain vehicle.
MORE
|
COMPANY
Apple confirmed on their earnings call that they’re going heavy into AI.
Very happy to hear it, but it seriously better mean an overhaul of Siri.
MORE
HUMAN NEWS
Something is causing banks to abruptly close down people’s accounts, often
resulting in them not being able to pay bills. It appears related to
increased monitoring and enforcement of suspicious transactions.
MORE
Researchers at Northwestern found that after a sleepless night, mice became
more aggressive, hyperactive, and hypersexual. I’m listening. It basically
counteracted depression. I wonder what the tradeoff is since we already know
the lack of sleep is categorically bad.
MORE
The US only added 150,000 jobs last month, which is almost half of the
297,000 jobs created in September. MORE
Maersk is cutting around 10,000 jobs because there’s too much capacity
and not enough demand. That seems bad. MORE
Meanwhile, a number of economic markers
are trending positive. So are things getting better or worse? It’s sad that we can’t really ask
economists because they don’t know either.
MORE
IDEAS & ANALYSIS
❝
To find out who rules over you, simply determine who you’re not allowed to
criticize.
Voltaire
This is a powerful concept. So here’s the question: who are we not allowed
to criticize?
NOTES
I just bought and finished David Brooks’ new book,
How to Know a Person. It won an instant spot on my bookshelf. 10/10. I absolutely love every
book he’s ever written, and this one is just as good as the others.
THE BOOK
Currently working on a major open-source coding project that I’m doing my
best not to tell you about before I release it. It’s going to be unspeakably
sick. Wait, did I violate the “telling people” rule if I didn’t tell you
what it was?
I’m looking for another developer skilled with React and RAG AI stuff. If
you know anyone solid, let me know.
PING ME
Gmail keeps cutting off our newsletters, and it’s pissing me off. Sorry
about that. It’s worth the click to keep going.
DISCOVERY
⚒️ Cover Your Tracks — The EFF tool for testing your browser to see how easy
it is to track you.
MORE
⚒️ Arsenal — A quick inventory and launcher for pentest commands, making it
easier to remember and execute complex commands. |
by Orange-Cyberdefense
|
MORE
⚒️GSec— A web security scanner and exploitation engine based on custom
scanners and Nuclei. TOOL
⚒️ EMBA v1.3.1 — A firmware security analyzer that now includes a firmware
diffing mechanism. |
by E-M-B-A
|
MORE
|
MORE
⚒️ Phind’s AI Model — Phind’s new AI model is claiming to outperform
OpenAI’s GPT-4 at coding, and 5x faster. They’re still ironing out some
consistency issues, but the speed is evidently impressive.
MORE
⚒️PatentPal — PatentPal is an AI tool that helps you create patent
documentation.
TOOL
? LinkedIn’s AI Job Hunter — LinkedIn is rolling out an AI-powered “job
seeker coach” for premium members, aiming to match job candidates with
openings, prep for interviews, and more.
MORE
? Docus.ai — This tool allows you to diagnose medical issues quickly with
AI and then verify with top human doctors.
MORE
? The online creative opposite of TikTok.
MORE
? Morise AI — This tool reads your videos and generates everything you need
for YouTube publishing.
MORE
? Postwise — A tool that creates viral Tweets.
MORE
Caricatures of Security People
MORE
Analyzing Threat Actor Profiles Using Social Media Intelligence
MORE
Tesla network traffic.
MORE
Washington D.C. is giving out free AirTags to reduce car thefts.
MORE
Cloudflare’s R2 is an S3 competitor that charges less per gigabyte of
storage and doesn’t charge for data egress.
MORE
A cool visual showing the hierarchy of AI Agent capabilities.
MORE
Planting milkweed sends an invitation to butterflies.
MORE
Transmitting energy from star to star using gravity lenses.
MORE
? Change macOS to always match the destination style when pasting.
MORE
A blog is a search query to find interesting people.
MORE
Quit Your Job
MORE
RECOMMENDATION OF THE WEEK
Try adding dedicated quiet time to your life. LIke an hour or so a week to
start. This is a regular habit of many very creative people, and I don’t do
it enough either. So like…walking, or sitting, but just with your thoughts.
The shower shouldn’t be the only place where thoughts bubble up
uncontrollably, and if it is, that probably means you’re not giving your
mind enough quiet time.
APHORISM OF THE WEEK
This is one of my top 10 quotes of all time…
❝
To avoid criticism, do nothing, say nothing, be nothing.
Elbert Hubbard
Thank you for reading.
UL is a personal and strange combination of security, tech, AI, and lots of
deep and human content. And because it’s so diverse, it’s harder for it to
go as viral as something more niche.
So if you know someone weird like us, please share it with them. ?
Share UL with someone smart and curious…
Yours,
0 responses on "UL NO. 406: OpenAI Launches Custom AIs, Okta's New Breach, EFF's Browser Privacy Checker"