UL NO. 443: North Korean Co-workers, UBI Failure?, AI-Groupthink, GPS Spoofing… 1

UL NO. 443: North Korean Co-workers, UBI Failure?, AI-Groupthink, GPS Spoofing… 2

SECURITY | AI | MEANING
:: Unsupervised Learning is my continuous stream of original ideas,
story analysis, tooling, and mental models designed to
help humans lead successful and meaningful lives in a world full of
AI.

NOTES

Hi!

Here’s what’s up:

Gearing up for Vegas. 11 days, assuming I don’t get sick after like 4.
?
If you see me, please know that I’m shy and awkward like 20-60% of the
time. Just say hi anyway. I love people and it’s good training
for me for being more extraverted.
I watched a number of videos last night about people losing their jobs,
starting a YouTube channel, and just generally struggling. And of course
as soon as I watched two of these, my whole feed was this.

So I watched 10 more. It’s very sad.

People are
hurting because they’re feeling the ground shifting under their feet and
it’s not clear if it’s their fault, what’s going on, or what to do about
it.

This is why I’m doing what I do now. To help people like
I saw in those videos. I subscribed to all of them to boost their
numbers, and I’m going to try to reach out to them and send them
encouragement.
Be kind to people. Everyone’s hurting in some kind of way. Especially
right now, and hurt people are often more mean than they normally would
be. See: politics.

Kindness is a language which the deaf can hear and the blind can see.

Mark Twain

Ok, let’s get to it…

MY WORK

This my absolute best argument for why AI will have an extraordinary
effect on the economy and jobs. Send it to your friends who are still
skeptical.

We’ve Been Thinking About AI All Wrong

AI is just a way to execute Intelligence Tasks that only humans can do.

www.danielmiessler.com/p/weve-been-thinking-about-ai-all-wrong

—

I created a full video going through our new
Substrate
project. If you prefer videos to long articles, this is the way.

Introducing Substrate—An Open-source Framework for Human Understanding,
Meaning, and Progress

SECURITY

KnowBe4 accidentally hired a North Korean state actor who tried to install
info-stealing malware on their devices. They caught it in time, but it shows
how good North Korean hackers are at pretending to be IT staff. |
Bill Toulas |
MORE

GitHub’s repository design flaw allows indefinite access to data from
deleted and private repositories, known as Cross Fork Object Reference
(CFOR). | by
@TruffleSecurity |
MORE

A plane’s GPS was jammed on a commercial transatlantic route for the first
time, raising fears that thousands of other flights could be at risk of
deliberate hacking. The incident happened on a flight from Madrid to Toronto
and is suspected to be a targeted attack rather than accidental
interference. |
MORE

Sponsor

Remove Barriers to AI Innovation with Tines

When it comes to implementing AI, privacy and security concerns make
things complicated. It doesn’t help that many AI tools demo well but fall
short in real-world deployment, complicating vendor due diligence.

AI in Tines
was designed to address your security team’s valid concerns around data
privacy, security, and usability, and help you overcome the challenges of inflexible technologies.

Tines makes workflow automation
and AI accessible to any member of your team, while supporting your AI
guardrails. You’re in control – you decide when and how your workflows
interact with AI.

The result: a scalable automation program that drives innovation, and frees up resources to spend on mission-critical, strategic
work.

tines.com/community-edition

TRY IT FREE

There’s been a 400% increase in GPS spoofing incidents, affecting around 900
flights daily. This spike is causing major safety concerns, especially with
systems like EGPWS becoming unreliable. A new workgroup has been set up to
address these issues and find solutions. |
MORE

France’s high-speed rail traffic got disrupted due to what officials are
calling ‘malicious acts’ just before the Olympic ceremony. |
MORE

Sponsor

Discover, secure and govern genAI use

Nudge Security has discovered over 500 unique genAI apps in customer
environments to date, without the need for any prior knowledge of an app’s
existence.

Within minutes of starting a free trial, you’ll have a full inventory of all genAI apps in use (along with every
other SaaS app) and security profiles for each provider to quickly vet new or unfamiliar tools.

Get your free genAI inventory today.

nudgesecurity.com/use-cases/mitigate-ai-risks

Free Trial

Google has decided not to phase out third-party cookies in Chrome and will
instead offer users more control over how these cookies are used. This move
comes after realizing the significant impact on publishers and advertisers.
| by
Lawrence Abrams |
MORE

?I’m shocked
that this company that makes most of its money on advertising—and is bad
at rolling out products—cancelled a thing that’s 1) really difficult to
do, and 2) would negatively affect advertisers.

An evaluation of Amazon GuardDuty reveals limited coverage and high costs,
with significant latency in detecting attacks like S3 ransomware. | by
Tracebit |
MORE

Google’s reCAPTCHA is showing its age and is harvesting user information and
labor worth billions while being almost universally disliked and vulnerable
to bots. Cloudflare has an alternative, but I’m not sure it’s good enough to
fully replace.
MORE

The Senate unanimously passed the DEFIANCE Act, letting victims of
nonconsensual intimate images created by AI sue their creators for damages.
Victims can get up to $150,000, or $250,000 if linked to sexual assault,
stalking, or harassment. | by
Lauren Feiner |
MORE

The U.S. Commerce Department says shipments of high-performance processors
from China and Hong Kong to Russia have dropped by 20%, but Hong Kong is
still a key hub for smuggling critical components. Despite the decrease,
nearly $2 billion worth of goods were shipped from Hong Kong to Russia in
late 2023.
MORE

AI / TECH

Wiz turned down a $23 billion acquisition offer from Alphabet and is instead
aiming for an IPO. Completely baller move. My thoughts are that they knew
they could get more money and they knew that going to Google was basically a
move to The Graveyard.
MORE

AI is replacing jobs in the video game industry, with major companies like
Activision using generative AI tools for concept art. This has led to
significant layoffs, with an estimated 10,500 people losing their jobs in
2023 and even more this year. | by
Brian Merchant |
MORE

A new study shows that while generative AI like ChatGPT makes individual
stories more creative and engaging, it also makes them more similar to each
other. | by
Ben Dickson |
MORE

?I’ve heard a lot of supposed risks from AI, but this one sounds pretty
realistic. We’ll need to engineer in mechanisms for exposure to
alternative frames, models, and viewpoints to avoid people consolidating
and following an AI-powered groupthink on various topics.

And avoiding sentences that are too long.

Switzerland has passed a law requiring all public sector agencies to use
open-source software and open-source any code they develop. This move aims
to reduce vendor lock-in, foster innovation, and save taxpayer money. | by
Dr. Matthias Stürmer |
MORE

?I generally love this. But two things:

Open doesn’t mean secure by itself, without other effort. We’ve seen
that multiple times now.
Support has always been an issue for OSS, so they’ll still need to
train staff and/or hire companies to maintain the stuff.

Gumloop is a super-slick platform for automating AI workflows. They raised a
$3.1M Seed round led by First Round Capital with participation from YC and
co-founders at Instacart, Dropbox, and Airtable.
MORE

Alphabet is putting another $5 billion into Waymo to push forward its
self-driving tech. This investment aims to solidify Waymo’s position as a
leader in autonomous driving. | by
Jonathan M. Gitlin |
MORE

?It’s looking a lot like Waymo vs. Tesla for self-driving taxis. But the
approaches are very different. Waymo needs a LOT of time in a city before
it’s ready to go, and Tesla is taking the Elon approach of shooting for
the moon (Mars?) with tech that may or may not be possible yet.

For example: Elon said full self-driving was pretty easy and would be
solved years ago, but it’s 2024 and it’s just now getting good.

Joe Procopio argues that tech companies are struggling to find good
employees because they focus too much on credentials and not enough on
skills. He suggests that companies should prioritize practical experience
and problem-solving abilities over degrees and certifications. | by
Joe Procopio |
MORE

?It’ll take a while, but this is precisely the shift that’s happening. And
yeah—AI will force the issue.

ASTRA Scores: AI-Powered Assessment and Rating Systems

With AI, hiring, dating, and learning is about to get very strange

danielmiessler.com/p/astra-scores-aipowered-assessment-rating-systems

Apple just launched a beta version of Apple Maps for the web. This means you
can now use Apple Maps directly from your browser without needing an iPhone
or Mac. |
MORE

HUMANS

The Wall Street Journal explores why the U.S. birthrate is declining, citing
economic uncertainty, career priorities, and lifestyle choices as key
factors.
MORE

The idea that Universal Basic Income (UBI) reduces the need to work isn’t
new, but recent studies show it doesn’t lead to better jobs or more
education. Instead, people just work less. | by
Alex Howlett |
MORE

?I think the issue is that certain people will spend free time and money
to better themselves, and certain people won’t. And it’s not clear what
that distinction is or how to nurture it.

But the way forward starts with trying to isolate the behavior and its
cause, rather than believing in fairytales like “giving away free money
will make everyone ambitious”.

This reminds me of a very similar lesson I learned when hiring in
cybersecurity over 20 years: exposing people to training and encouragement makes the stars stand
out, but it doesn’t turn everyone into stars.

Southwest is ditching its open seating policy after 50 years to boost
profits and meet customer preferences. They found that 80% of their fliers
prefer assigned seats, and they plan to charge more for premium options like
extra legroom. | by
Cassandra Cassidy |
MORE

Continue reading online to avoid the email cutoff…

The Senate’s version of the 2025 NDAA doesn’t include the ‘Countering CCP
Drones Act,’ which would have banned DJI drone sales in the U.S. This
decision came after opposition from over 6,000 public safety agencies and
hundreds of thousands of drone pilots. |
MORE

?I’m happy-sad about this. I love DJI drones, but I feel like we need to
go without them to instill enough hurt to inspire a friendly
competitor.

Nearly 40% of Americans are stressed about making ends meet, up from 28% in
2021. This is similar to Great Recession numbers. | by
Matt Egan |
MORE

US Economic Growth Hits 2.8% — The U.S. economy grew at a 2.8% annual rate
last quarter, driven by consumer and business spending despite high interest
rates.
MORE

Weight-loss drugs like Ozempic, Mounjaro, and Wegovy are causing people to
spend less on groceries and choose healthier options. A new study shows that
users buy 52% less snacks and confectionery, 47% less baked goods, and 28%
less sugary drinks. | by
NY Post |
MORE

A new antibiotic from the University of Illinois Chicago disrupts two
different cellular targets, making it 100 million times harder for bacteria
to evolve resistance. | by
University of Illinois Chicago
|
MORE

One dose of a new nasal spray treatment clears toxic tau proteins from brain
cells, improving memory. | by
UTMB |
MORE

Remember: the bigger the finding the more you should wait for supporting
studies. In my mind this stuff isn’t completely real until the drug is available
to normal people after being tested rigorously.

Still, very exciting.

Liberals and conservatives are both prone to conspiracy theories; they just
prefer different ones. That’s the conclusion of a recent paper by Adam
Enders and colleagues, looking at the relationship between conspiracy
theories and political orientation. | by
Steve Stewart-Williams |
MORE

Henrik Karlsson talks about how generating interesting ideas is like
building a muscle.
He says that the more you write and think deeply, the better you get at
coming up with new and meaningful thoughts. | by
Henrik Karlsson |
MORE

IDEAS

Zuckerberg is arguing that China is going to steal weights anyway, and
there’s no way to stop that, so we might as well develop advanced AI as
open-source.?

ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ ?☕️?️
@DanielMiessler

This is extraordinary.

Here, Zuckerberg argues that we might as well YOLO out advanced AI as
open-source since none of the closed-source companies have good enough
cybersecurity to keep ?? from stealing their weights anyway.

11:02 AM • Jul 25, 2024

57 Likes
14 Retweets

11 Replies

DISCOVERY

SearchGPT — OpenAI just announced SearchGPT, a new tool that integrates
search capabilities directly into ChatGPT. It’s still wait-listed tho. | by
OpenAI |
MORE

I Use Obsidian — Jason Heppler shares how he uses Obsidian for note-taking
and knowledge management. He dives into his workflow, plugins, and tips for
getting the most out of the tool. | by
Jason Heppler |
MORE

In the Beginning Was the Command Line — Neal Stephenson’s classic essay on
operating systems and the cultural implications of technology. It’s a deep
dive into how we interact with computers and why it matters. |
MORE

My Obsidian Note-Taking Workflow — This article dives into the author’s
detailed workflow for using Obsidian for note-taking, including why they
chose Obsidian, how they use Markdown and Vim motions, and the essential
plugins that enhance their productivity. | by
Simon Späti |
MORE

Bash-Oneliners — A collection of terminal tricks for Linux. |
by Bonnie I-Man Ng |
MORE

DataChain: Unstructured data management for AI projects, reimagined —
Iterative’s new open-source tool lets you simplify AI projects and scale
unstructured data management. | by
Iterative |
MORE

Llama agent stack — Meta has released an example system for using its Llama
models as agents to perform a variety of tasks. | by
Meta |
MORE

Open-World Exploration in Minecraft — Odyssey is a new framework that equips
large language model-based agents with advanced skills for exploring
Minecraft. | by
ZJU VIPA Lab |
MORE

Claude Engineer — An advanced CLI that uses Anthropic’s Claude 3 and 3.5
models to assist with software development tasks. | by
Pietro Schirano |
MORE

Lakera — A low-latency AI application firewall that secures traffic into and
out of generative AI applications. | by
Lakera |
MORE

GPT4-Captcha-bypass — A CLI tool using OpenAI GPT-4 to solve various types
of captchas including puzzle, text, and reCAPTCHA. | by
Yunus Aydin |
MORE

FlowAnalyzer — A tool for understanding OAuth 2.0 Grants/Flows with support
for OIDC and JWTs. | by
Manuel Berrueta |
MORE

Bash Simple Curses — A simple Bash library to create terminal interfaces. |
by
metal3d |
MORE

RECOMMENDATION OF THE WEEK

I’m going to try to do something for the next several months. I kind of do
this all the time already, but I’m going to emphasize it going into election
time.

When someone labels me as super-liberal, I’m going to say something nice
about their conservative views. I’m going to humanize them.
When someone labels me as super-conservative, I’m going to say something
nice about their liberal views. I’m going to humanize them.

Try it, and see if it opens the conversation at all.

I learned how to do this years ago from Jonathan Haidt’s book,
The Righteous Mind.