? Continue reading online to avoid the email cutoff issue ?
Unsupervised Learning
is a Security, AI, and Meaning-focused podcast that looks at how best to
thrive as humans in a post-AI world. It combines original ideas, analysis,
and mental models to bring not just the news—but why it matters, and how
to respond.
TOC
INTRO
Welcome to 2024!
This year is going to be insane, and I’m choosing to frame that as a good
thing.
Between international security, politics, and AI, I think there is going
to be so much chaos that it’d be easy to despair from all the
uncertainty.
Let’s not do that. Let’s do the opposite. Let’s take that chaos and
uncertainty and choose to become excited rather than anxious.
Amidst all this craziness,
there’s never been a better time to become who you were meant to be.
I’m honored and grateful to be grinding here alongside you.
Yours,
Wrote a ton during the break.
MY WORK
AI’s Predictable Path: 7 Things to Expect From AI in 2024+
This first one is the longest and most in-depth thing I’ve written since I
started writing online in 1999. It’s a nearly 9,000-word, illustrated
deep-dive of what I think we’ll demand as humans from AI.
danielmiessler.com/p/ai-predictable-path-7-components-2024
Cory Doctorow is Not Even Wrong About the So-called “AI Bubble”
Doctorow got it so wrong with this one, and I make a full argument showing
how.
danielmiessler.com/p/cory-doctorow-not-even-wrong-socalled-ai-bubble
LFTM: ‘Looking Forward to Monday’ is the Metric for 2024
This is the metric I recommend you use going into 2024, and consider making
changes if it’s not where you want it to be.
danielmiessler.com/p/lftm-looking-forward-monday-metric-2024
This is the last week to register for my
live AI Course, which will take place on January 13th.
Reserve a limited slot
?I am running a space-limited 3-hour AI course called AUGMENTED on January 13th and 12PM PST. Here’s what it covers:
My Approach
-
What I want from AI (the problems I’m solving)
-
My framework / approach for solving them
-
A live demo of multiple workflows
Architecture Overview
-
The tech stack that I’ve built
-
My prompt/templates approach and lessons-learned
Guides
-
A step-by-step for building the server-side infra
-
A step-by-step for building the client-side infra
-
Hosting recommendations
Outputs
-
The full guide to building my stack for yourself
-
Multiple full-text copies of my actual modules
-
A set of ideas you can use for different professions and areas of focus, e.g.,
security, writing, copywriting.
Basically, by the end of the 3 hours, you’ll be able to build a copy of
my AI ecosystem for yourself.
The course will be limited in attendance, and early access prices start
at $495. The date will be announced soon for the middle of January
2024.
Super excited to share my full
philosophy, ecosystem, and workflows, and now I have the avenue to do
that!
-
UL Subscribers can get early subscriber access for $445. GET YOUR SPOT
-
UL Members get a full $200 off the course, bringing it to $295! BECOME A MEMBER
SECURITY
SSH is vulnerable to a novel data corruption attack called Terrapin. It’s
basically a way to force SSH to behave in an insecure way, so you need to
patch or adjust your configs to fix it.
I was going to just recommend a specific set of ciphers, but it’s more
complex than that. Look at your specific stack and get your vendor patches installed as
quickly/safely as possible.
MORE
Julian Hazel at the University of Oxford showed that LLMs can iterate
rapidly to produce realistic spearphishing emails at minimal cost.
MORE
People are freaking out about Clear doing facial recognition for sign-ins.
It’s crazy to me how many infosec people don’t realize the difference
between having some random vendor-specific image of your face, vs. having
your actual face.
Someone can’t break into third-party B’s systems using third-party A’s
picture of your face. And especially not with a third-party A’s digital
hash of third-party A’s picture of your face.
MORE
|
WHY BIOMETRIC DATA BREACHES WON’T REQUIRE YOU TO CHANGE YOUR BODY
?It’s the same with fingerprints, by the way. And voice. Where it gets
weird is when it’s a human doing the authentication, such as when someone
tricks your mom into sending money because she thought it was you calling.
But for machines, they’re going off of mathematical representations of a picture
of you, not the actual you. This is why stealing “biometric authentication
data” isn’t nearly as bad as most people think it is.
Verizon’s been caught again sharing customer data with anyone who asks,
without any real checks in place. This is an overall problem at all these
operators, not just Verizon, btw. A stalker recently obtained a victim’s
address and call history by posing as a police officer with a fake email.
MORE
Scammers on Telegram are using doctors’ identities to sell
fake vaccination documents. A disinformation detection firm found
about 60 channels on Telegram pushing bogus Covid-19 vaccine certificates,
reaching over 3 million people and netting $286,000 in cryptocurrency. Cool
article, but I feel like it’s a little confused about who’s getting scammed.
MORE
Rite Aid got a five-year ban on facial recognition tech by the FTC for
mishandling consumer data and causing harm. The FTC found that Rite Aid’s
surveillance program was full of errors and biases, leading to
false accusations against customers, including an 11-year-old girl.
They’re being forced to delete the collected biometric data and implement a
robust data security program to prevent future violations.
I honestly love how aggressive the government is getting in cases like
these.
MORE
Xi Jinping’s regime is reportedly executing a Stalin-esque purge, targeting
even his closest allies. High-profile disappearances include China’s foreign
and defense ministers and top military officials, some of whom reportedly
died in custody or vanished without explanation.
MORE
Lt. Gen. Timothy Haugh has the green light to lead the NSA and Cyber
Command.
MORE
Vulnerabilities
?pfSense Vulnerabilities Found — Multiple flaws in pfSense firewall
software could let attackers run commands. | HIGH | CVE-2023-42326 | CVSS
Score: 8.8
MORE
? Terrapin SSH Vulnerability — A new attack called Terrapin can compromise
SSH channel integrity by manipulating protocol operation. | CRITICAL |
CVE-2023-48795, CVE-2023-46445, CVE-2023-46446 |
MORE
Incidents
⚠️ Xfinity Data Breach — Comcast confirms a CitrixBleed hack compromised
data of nearly 36 million Xfinity customers. | SEVERITY: HIGH | RESPONSE:
Customers must reset passwords, and two-factor authentication is
recommended.
MORE
⚠️ Nissan Cyberattack — Nissan got hit by a ransomware group claiming
they’ve snatched 100 Gb of data. | SEVERITY: HIGH | RESPONSE: Working to
identify impacted information and has notified authorities. MORE
⚠️ Ubisoft Security Alert — Ubisoft is probing a potential breach after
internal data leaks surfaced online. | SEVERITY: HIGH | RESPONSE: The
company is currently investigating the incident and has not shared further
details.
MORE
⚠️ GTA 5 Code Leaked — GTA 5’s source code got leaked online right around
Christmas. | SEVERITY: HIGH | RESPONSE: No official response from Rockstar
yet.
MORE
? Continue reading online to avoid the email cutoff issue ?
TECHNOLOGY
Waymo’s latest safety data reveals its driverless cars are significantly
less likely to be involved in injury-causing crashes compared to human
drivers. Such a massive win for autonomous driving, while we constantly hear
of fails from Tesla and Cruise. Over 7.1 million miles of autonomous
driving, Waymo reported only three minor injuries, while humans are
estimated to have a three to nine times higher chance of injury crashes in
the same conditions.
MORE
The UK Supreme Court has ruled that AI systems cannot be recognized as
inventors of patents. In other words, only a natural person can be an
inventor, which is fine, except it won’t stop inventors from using armies of
inventor/documentation agents from not only coming up with ideas but writing
and submitting all the paperwork. In the name of the human.
MORE
?How are we going to tell the difference between a human having X output
vs. having an army of AI Agents working for them behind the scenes
producing that output for them? We won’t.
I mean if someone writes 300 book reports over the weekend they probably
used their agent farm to do so. But the more interesting bit is that we
won’t care. It’ll just be the norm. Everyone operating at the top tiers of
any game will be a(I)ugmented with their own fleet of aigents behind them.
The API economy, now valued in the trillions, and faces complex regulatory
challenges with the integration of AI. Just in time for my API-ification of
everything take. If you think it’s a big market now, wait until it’s the
fabric for all business.
MORE | THE API-IFICATION OF EVERYTHING
|
A THRIVING ECOSYSTEM OF DA MODULES
China’s coming down even more on the gaming industry, setting new rules
against daily login rewards and pay-to-play incentives. It’s extraordinary
and frightening to me that China has this much control over their
population. And I can’t help but feel like we’re at a massive disadvantage
against them because of it.
MORE
New research from Apple shows how they plan to bring (hopefully way better
than Siri) AI features to the next OS and iPhone hardware, including
creating lifelike animated avatars and running complex language models
directly on the device. Cannot f-ing wait for the iOS 18
announcements and betas this year!
MORE
Sam Altman is backing Retro Biosciences with $180 million. The startup’s
ambitious goal is to extend human healthspan (Peter Attia’s term) by a
decade. MORE
Google’s AI tool, Performance Max, has reduced the need for specialized ad
sales roles by automating ad creation and scaling. Various articles are
saying up to 30,000 jobs are being cut at Google as a result.
MORE
Tesla released its Optimus Gen 2 robot, which has improvements in speed,
weight, and agility over the previous gen. This new model is 22 lbs lighter
and 30% faster, with enhanced movement capabilities across its 35 degrees of
freedom.
MORE
HUMANS
Japan’s western coast was on high alert after a 7.6 magnitude earthquake
triggered tsunami warnings and calls for immediate evacuation. The Japan
Meteorological Agency issued a major tsunami warning for Ishikawa, with
potential waves up to 5 meters high, and lower-level advisories for other
western coastal areas. MORE
Biden just pardoned every American who’s used marijuana, even those never
charged. The pardon covers federal and D.C. offenses for personal use but
excludes sales and DUIs.
MORE
Nearly half of young Americans are living with their parents, which are
numbers we haven’t seen since the Depression. Last summer, the Pew
Research Center reported that 52% of 18 to 29-year-olds (around 27
million) were living at home, the highest since the 1930s. MORE
The latest PISA report suggests a strong link between phone use and
plummeting student test scores. Students spending less than an hour on
phones at school scored significantly higher in math, with a 50-point
difference compared to those on screens for over five hours.
MORE
AI now spots childhood autism with 100% accuracy just by scanning kids’
eyes. The study involved 958 children and used deep learning to analyze
1,890 retinal images, half from kids already diagnosed with autism.
MORE
High doses of Vitamin D might help your body use extra calories for muscle
growth instead of storing them as fat. The study suggests that increased
Vitamin D intake can influence how the body allocates calories, potentially
favoring muscle over fat storage.
They put normal at 2,000 IU a day, and high at 10,000 IUs. I was at
10K a day and went back down to 5K. Maybe I’ll go back up.
MORE
Volkswagen is bringing back physical buttons due to customer pushback on
touch controls.
MORE
Apple’s next-gen CarPlay is starting with Porsche and Aston Martin, offering
a more immersive experience that extends to the entire dashboard. The new
system allows for vehicle-specific themes and integrates with car features
like radio and temperature control. Really wish I could get this on a Tesla,
or that BMW made something as good as Model Y.
MORE
The EU has agreed on significant migration reforms, including streamlined
deportations and detention centers at borders. The pact is trying to balance
migration pressures across member states, but faces criticism from refugee
rights groups.
MORE
US homelessness has spiked to its highest level since 2007, with a 12%
increase from last year.
MORE
? Continue reading online to avoid the email cutoff issue ?
IDEAS & ANALYSIS
I happily put them all in essays during the break!
NOTES
My favorite vim tip of 2024:
change your file editing alias to “v” or “e”. One character. I have
been using “vi” for years, thinking I was smart. If you’re going to use two
characters instead of “nvim” (4), why not 1 instead of 2?
MORE
DISCOVERY
⚙️ My Dot Files — I posted a repo of my nvim configs which are customized
Lazy, plus a slightly customized zsh theme.
MORE
? Therm — A stripped-down iTerm2 fork that prioritizes minimalism and
improved defaults. I want to use it but I’m a bit scared, honestly. Somebody
convince me. | by pancake |
MORE
? The Primal Hunter Series — This is the LitRPG series I’m currently
reading.
MORE
? Ollama.ai
— Ollama is a super easy way to play with local models. Just go get
Ollama
and pick this model dolphin-mixtral. Quite strong. | by Eric
Hartford |
MORE
? ngocok — A free alternative to Burp Collaborator using ngrok for security
testing. | by
dwisiswant0 |
MORE
? Talk2Arxiv — Chat with academic papers using this open-source tool that
parses and understands PDFs. | by evanhu1 |
MORE
Anders Borch shares experiences from interviewing hundreds of software
engineering candidates. | by
Anders Borch |
MORE
Butterfly Ideas: Protecting Fragile Thoughts MORE
Hacker News Activity Analysis with a GPT-4 Agent
MORE
SQL as an API Strategy
MORE
How to get Stable Diffusion to generate consistent characters | by
Chase Lean
|
MORE
?The iPhone’s Notes App Is the Purest Reflection of Our Messy Existence
MORE
Writing Code Is the Same Thing as Writing Prose
MORE
? FigJam’s Self-Evaluation Template — As the year wraps up, FigJam offers a
free self-evaluation template to help you reflect on your accomplishments
and areas for improvement, setting you up for success in the coming year.
MORE
?️ Oliver Burkeman brings a refreshing perspective on productivity,
reminding us that a fulfilling life isn’t about squeezing productivity out
of every moment.
MORE
You Don’t Need Analytics on Your Blog
MORE
Life’s Little Upgrades
MORE
How I Work
MORE
Google Podcasts is Shutting Down
MORE
I Just Need a Programmer
MORE
Keep a “brag document” to track and share your work accomplishments. | by Julia Evans | MORE
RECOMMENDATION OF THE WEEK
-
Think about what you were supposed to become as a person.
-
Ask yourself, going into 2024, if you are that.
-
Realize it’s 100% ok if you aren’t. Hardly anyone is. I’m definitely
not. -
But most importantly, ask yourself if you’re on the path!
-
If you aren’t, and you don’t have a plan to get there, or you’ve
convinced yourself to settle for something lesser, reject that. Don’t
give in. Don’t settle. Resist. Battle. Fight. -
Recommit to becoming who you were meant to be.
As a heuristic,
ask yourself if you look forward to Mondays. If you don’t, it might be because you’re not working towards becoming
that person, or because the way you’re spending your time isn’t a good path
for doing so.
This is the perfect moment to think about how to change that.
APHORISM OF THE WEEK
❝
Do not wait until the conditions are perfect to begin. Beginning makes the
conditions perfect.
—
Alan Cohen
Thank you for reading.
UL is a personal and strange combination of security, tech, AI, and lots of
deeply human content. And because it’s so diverse, it’s harder for it to go
as viral as something more niche.
So if you know someone weird like us, please share it with them. ?
Share UL with someone like us…
Yours,
0 responses on "UL NO. 413: 7 Things to Expect from AI in 2024+, Xi Going Stalin, SSH's Terrapin…"