UL NO. 418: DEFCON Moves, AnyCloudDesk, Ransomware Learnings, My Top AI Projects

👉 Continue reading online to avoid the email cutoff issue 👈

Unsupervised Learning is a security, AI, and meaning-focused newsletter that looks at how best to
thrive as humans in a world that’s changing faster than ever. It combines
original ideas and analysis to bring you not just what’s happening—but why it matters, and how to respond.

TOC

• MY WORK

• MY WORK

• TECHNOLOGY

• HUMANS

• IDEAS & ANALYSIS

• NOTES

• DISCOVERY

• RECOMMENDATION OF THE WEEK

• APHORISM OF THE WEEK

Hey there,

Big things I’m thinking about this week:

• Getting to hang with my friends and plan career and life trajectories
  this week! Cannot wait!

• More time with Apple Vision Pro

• I’m creating a second product (more to come on that)

• The first big product is coming along REALLY well

• Fabric is going crazy. Lots of interest.

I hope you have a great week!

Let’s get into it…

MY WORK

🥽My First Impressions of the Apple Vision Pro MORE

How (Specifically) AI Will 100x Human Creativity and Output MORE

The demo movie on the Fabric README.md

👉The
Fabric
Project on Github is blowing up! I put a couple of hours of work this
weekend into the quality of the
README.md
and documentation (and a demo video), and I’d love it if you could
head over and give us a ⭐️.
STAR US

SECURITY

DEFCON is moving to the Las Vegas Convention Center this year.
Caesers canceled their contract together, with speculation being that it had
to do with the MGM hack. Can’t wait to see what they do with the bigger
space!
MORE

Anydesk got hacked real bad. Another piece of tech I’d not heard much about
until I find out everyone uses it.
MORE

Sponsor

Enhance Enterprise Security: Trust Every Device with Kolide!

When you go through airport security, there’s one line where the TSA
agent checks your ID, and another line where a machine scans your bag. The
same thing happens in enterprise security, but instead of passengers and
luggage, it’s end users and their devices.

These days, most companies are pretty good at the first part of the
equation, where they check user identity. But user devices can roll right
through authentication without getting inspected at all. In fact, 47% of
companies allow unmanaged, untrusted devices to access their data. That
means an employee can log in from a laptop that has its firewall turned
off and hasn’t been updated in six months. Or worse, that laptop might
belong to a bad actor using employee credentials.

Kolide
finally solves the device trust problem. Kolide ensures that no device can
log into your Okta-protected apps unless it passes your security checks.
Plus, you can use Kolide on devices without MDM, like your Linux fleet, contractor devices, and every BYOD phone and
laptop in your company.

Visit kolide.com/unsupervisedlearning to watch a demo and see how it works.

 kolide.com/unsupervisedlearning

Watch a Demo

   

Someone in finance paid out $25 million in a BEC scam because a deepfake
video convinced them they were talking to real people. This is about
to seriously make it more difficult to validate the person on the other end
of the call.
MORE

Cloudflare got hit by a suspected state-sponsored actor. The attackers
exploited credentials stolen from the October 2023 Okta hack to infiltrate
Cloudflare’s internal systems on November 14, revealing the incident nine
days later. MORE

The FBI says scammers are using couriers to swipe seniors’ life savings by
convincing them to buy precious metals. From May to December last year,
victims lost over $55 million to these scams, with seniors being the prime
targets.
MORE

We’re learning from ransomware attacks. Only 29% of victims decided to pay
in the last quarter of 2023, which is the lowest rate ever. It appears the
big decrease from 85% in 2019 is mainly because people are more informed and
ready, like having decent backups.
MORE

💡I’ve always seen ransomware as a continuous global red team with dire consequences. It’s good to hear some good news on this front, with fewer people
paying. That means the operation is working.

The Shadowserver Foundation found 45,000 Jenkins instances exposed online,
which are vulnerable to a critical flaw that’s being exploited in the wild.
MORE

Bruce Schneier warns that AI could enable mass spying by analyzing the vast
data that governments and companies already collect. He argues that while
traditional spying requires human effort to interpret conversations, AI’s
ability to understand and process language will allow for spying on a scale
previously unimaginable. This is exactly what
this week’s essay
is about.
MORE

Nightshade has exploded with 250,000 downloads in just five days. It’s a
tool to stop AI from copying art. I personally don’t get it. This type of
thing won’t stop AI from happening, or AI from incorporating human art. It’s
a flash-reaction, sourced in fear, to something inevitable. There are bad
parts of that inevitability, but our time is better spent trying to address
those rather than looking for ways to stop this from happening.
MORE

The FCC is looking to outlaw AI-generated robocalls, especially those using
voice cloning tech like the recent incident where a deepfake was used to
attempt voter suppression in New Hampshire.
MORE

Vulnerabilities

⚠️ SCHNEIDER RANSOMWARE — Schneider Electric’s Sustainability Business hit
by Cactus ransomware, terabytes of data stolen. | SEVERITY: HIGH | RESPONSE:
Company is performing remediation and containment, with no other divisions
affected.
MORE

🪳GITLAB FILE FLAW — GitLab patched a critical flaw allowing file overwrite
during workspace creation. | CRITICAL | 9.9 |
MORE

🪳 GLIBC FLAW ALERT — A new glibc flaw allows root access on major Linux
distros. | CRITICAL | CVE-2023-6246.
MORE

👉 Continue reading online to avoid the email cutoff issue 👈

TECHNOLOGY

Neuralink has successfully implanted its first brain chip in a human. The
device, aimed at enabling control of external devices through thought, was
placed in a patient who is part of clinical trials targeting individuals
with severe mobility impairments. I seriously hope it goes well.
MORE

Meta is making tons of money again, and crushed tech stocks with a 25%
revenue jump to over $40 billion. This growth outshone its projections and
even hinted at a potential acceleration to 29% in the next quarter. He’s got
so many great properties (FB, IG, etc.), and he’s off the metaverse thing
and now onto AGI. They’re on fire right now. The good kind.
MORE

China has approved over 40 AI models for public use in just six months. It’s
part of a broader effort to compete with the U.S. in AI. It’s crazy how many
advantages and disadvantages they have when it comes to tech. On the one
hand, they can make immediate policy changes, but on the other hand, they’re
afraid of their people becoming too free.
MORE

The New York Times is looking to blend AI with traditional journalism.
They’re assembling a team led by Zach Seward to prototype AI and machine
learning for reporting and presentation enhancements. Makes sense to me.
Like, how could they not?
MORE

John Deere is working with SpaceX to bring satellite internet to farmers.
MORE

YouTube Music and YouTube Premium now have over 100 million subscribers
worldwide. I am using YouTube more and more myself, and music is one of
the main use cases. I mean, it’s getting so good that I wonder when Google
will kill the project. MORE

Starlink is turning its satellites into mobile phone towers. They’re testing
it now, and it’s working. Pretty impressive. I love this version of Elon.
MORE

Zoom has an Apple Vision Pro app, and it lets people join as their Persona,
which is like a cartoon avatar of themselves. Mine looks pretty bad, but
unfortunately, it is pretty realistic.
MORE

HUMANS

Andrew D. Huberman, Ph.D.
@hubermanlab

I am convinced that the 8 pillars of Mental & Physical Health are:

1) Sleep
2) (Sun)light
3) Exercise
4) Stress
Management  
5) Relationships (Incl. To Self)
6)
Nutrients (Amt., Timing, Content)
7) Oral Health & Gut
Microbiome
8) Spiritual Grounding
Additions? Subtractions?

 

11:45 PM • Feb 1, 2024

  

20.9K Likes  
3.02K Retweets  

1.52K Replies

A recent Ipsos poll shows that 63% of employees making over $100,000 can
work from home, compared to only 32% of those making under $50,000. I’d
expect that gap to widen as you move up and down the scale. So, people
making more than $250K, vs. people making $30K. The sad part is that freedom
and luxury are what make people freer to be worth more.
MORE

New data shows the bottom 80% of US households consistently spend more
than they earn. The data comes from the Bureau Economic Analysis’ newly
released Distribution of Personal Income Accounts, which for the first
time provides a clear view into the spending habits of different income
groupings over the past two decades. It turns out, only the top 20% of
households are consistently putting money away. MORE

95% of container ships are now going around Africa’s southern tip due to
avoid Houthi attacks in the Red Sea. The route change adds 10-14 days of
travel, which has all sorts of implications. MORE

Conservative social media is circulating conspiracies that the NFL is
rigging games to favor Taylor Swift and her boyfriend’s team, all to boost
President Biden’s image before the election. MORE

👉 Continue reading online to avoid the email cutoff issue 👈

IDEAS & ANALYSIS

Punished for Good Behavior
Not fully confirmed, but I heard a
friend say that the reason Goldman Sachs got crushed by the Apple Card deal,
and had to pull out, is because the Apple Card customers were paying on
time! Which is horrible for banks. They make all their money on people being
overburdened, overstretched, and paying late. Assuming it’s true, I’m so
happy about this.

Apple is LifeOS
I write about this every few years, but with
Vision Pro I think it’s time to mention it again.
Apple is winning because they’re slowly and methodically building
LifeOS. They’re building a massive ecosystem for enhancing everything in your
life. And when they think about products, they think about how they work
together. If you think about what tech will look like in 25 years, where
your house works with your car, and your mobile device, and your contact
lenses for AR/VR, and all your finances are integrated with everything. You
can pay with a gesture. You can talk to your AI assistant and they can do
everything for you. It’ll all be part of your basic tech ecosystem. Now
imagine that being GMail and Fitbit. You can’t, really, because Google is
throwing random stuff at a wall to see if it makes a lot of revenue. And if
it doesn’t, they kill it. Apple is the only one thinking properly about, and
executing on, the concept of a unified LifeOS. And that’s why they’re
winning. And because of that, the government’s about to step in and ask them
why everyone likes their stuff, and demand they get broken up. I wish they’d
just tell the truth in court. “People are only using us because the
alternatives are so bad. We’re the only people building LifeOS, so it’s no
wonder that people come to us.”

NOTES

Much love to Jonathan Dunn (@xssdoctor) for creating the client for the Fabric project. We’ve got it in a pretty
good state now, and the client and documentation are now live!
MORE

ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ ☕️
@DanielMiessler

I demand a show like Black MIrror, but for the POSITIVE possibilities.

 

1:55 AM • Feb 5, 2024

  

44 Likes  
4 Retweets  

6 Replies

DISCOVERY

Ok, here are the two of the best projects in AI right now, along with
Fabric, if I may say so myself… 😃 

1. CrewAI — In my opinion, this is the best
   AI Agent framework out there. In other words, this, or something
   like it, is how we’re going to get to AGI. It just gets more powerful
   when you add better models. by
   João Moura
   |
   MORE

2. Wishful Search — This project lets you throw random data of any
   kind into a bin, and then you can ask questions as if you spent days
   writing perfect SQL. It’s actual magic, and it’s not getting near enough
   attention. | by
   Hrishi Olickel
   |
   MORE

If you’re not watching these two projects, go fix that!

🧵 fabric — My open-source framework for augmenting humans with AI. The idea
is to have granular AI solutions for all the different use cases we need to
solve in real life. | by
Daniel Miessler |
MORE

🖥️ Plock — Stream outputs from an LLM or any script directly into your text
editor, all in real-time and locally. | by
jasonjmcghee |
MORE

🔍 SigFinder — Quickly spot binaries signed to internal CAs/domains.
MORE

🔧
Ruff v0.2.0 — A super-fast Python linter and formatter, now better. | by astral | MORE

🔬
MLX — A machine learning array framework optimized for Apple silicon. | by ml-explore | MORE

🔉Insanely Fast Whisper — It can transcribe 2.5 hours of audio in under 98
seconds using OpenAI’s Whisper Large v3. | by
Vaibhav Srivastav
|
MORE

🤖Attabit — An AI-powered news site. This is the future, folks. If you
provide news rather than analysis/opinion that is much harder to copy,
this is what you’re up against. | MORE

🤖Signals — Signals is a curated collection of links to major stories from
around the web, enhanced by an AI tool named MISO (“multilingual insight
search optimizer”) that helps reporters efficiently find diverse stories
in various languages. MORE

If you’re not using Perplexity yet, it’s worth playing with. Think: AI
Google.
MORE

I need one of these neck lamps for reading in bed without waking her up.
MORE

Even intelligence agencies are overwhelmed by too much data.
MORE

Apple’s machine learning team introduced MLX, a new way to use AI apps, but
optimized for Apple silicon.
MORE

Your Security Program is Sh*t — A rant on how many security programs are
shams where external consultants are valued over internal expertise. Talks
about how cybersecurity is often sidelined until corporate mandates force
action, leading to a superficial compliance process that prioritizes appearances over actual security. Pretty good piece. MORE

Vantage has launched a standalone Kubernetes cost-monitoring agent, slashing
resource usage significantly. The new agent consumes up to 99% less vCPU and
97.9% less memory than previous solutions, streamlining Kubernetes cost
monitoring by adhering to the Unix Philosophy of simplicity and efficiency.
| by
Vantage
|
MORE

Current Software Engineers Have No Deep Knowledge MORE

The Seven Laws of Pessimism
MORE

One-shot Prompting Magic
MORE

What if Christensen’s disruption theory is outdated? The piece explores how
recent examples like the iPhone and Tesla challenge Clayton Christensen’s
classic theory that cheaper, “good enough” products disrupt markets. | by
Anshu Sharma
|
MORE

RECOMMENDATION OF THE WEEK

Schedule dedicated time to hang with your closest friends. It won’t always
happen otherwise, and you need “belly showing time” to stay close.

It’s not real if it’s not on the calendar.

APHORISM OF THE WEEK

❝  

The world is changed by your example, not by your opinion.

—

  Paulo Coelho  

Thank you for reading.

UL is a personal and strange combination of security, tech, AI, and lots of
deeply human content. And because it’s so diverse, it’s harder for it to go
as viral as something more niche.

So if you know someone weird like us, please share it with them. 🫶 

Share UL with someone like us…

Yours,