UL NO. 453: A Deep-dive on Cyber Jobs

SECURITY |
AI |
PURPOSE
UNSUPERVISED LEARNING
is a newsletter about upgrading to thrive in a world full of AI.
It’s original ideas, analysis, mental models, frameworks, and tooling to
prepare you for the world that’s coming.

TOC

• SECURITY

• AI / TECH

• HUMANS

• IDEAS

• DISCOVERY

• RECOMMENDATION OF THE WEEK

• APHORISM OF THE WEEK

Hey! Hope you’re starting the week off well…

• Had a really interesting poll / discussion around InfoSec Hiring, and
  learned a lot from it.
  CYBER JOBS GAP: POLL / DISCUSSION

• Wrote a beast of a post explaining how all my various projects
  fit and work together under a common theme. Now show me yours.
  HOW MY PROJECTS FIT TOGETHER

• I was wrong about QR codes, and I’ve captured the mistake in my Telos
  file.
  MORE

• I’m starting to publish formal-ish deductive arguments in the Arguments
  section of the Substrate project. Here’s the first one:
  AR-12934—AIs_Are_Capable_of_Understanding MORE

• I don’t know if it’s the iPhone 16 or iOS18, but this has been the
  buggiest phone/software update I’ve seen from Apple in at least 5 years.
  Super sketch. Anyone else?

• Currently deep-diving on Naval and Charlie Munger. I’m going to put a
  lot of their stuff in my Telos file under the Beliefs / Models sections
  so that my AI knows how to think about things when helping me solve
  problems.
  NAVALMANAC

Sponsor

Is Foreign Software Running in Your Environment? 

ThreatLocker® is offering a free I.T. security health report
to mitigate the risks of shadow I.T., nation-state attacks, and unpatched vulnerabilities.

The free report identifies all network activity, which countries your software is communicating with, and information
about all executables.

threatlocker.com/pages/software-audit

Start Monitoring Your Devices Now

   

SECURITY

Attackers are exploiting a critical RCE vulnerability in Zimbra email
servers by sending emails that execute commands via the CC field. The attack
lets you install a web shell on the server, granting a foothold for future
access / pivoting.
MORE

Cloudflare just stopped the largest DDoS ever, at 3.8 Tbps. The attack,
leveraging a botnet of compromised ASUS routers, worked by overwhelming
network bandwidth and CPU cycles, making services inaccessible.
MORE

Over 700,000 DrayTek routers are at risk from 14 newly discovered
vulnerabilities.
MORE

CISA’s Vulnerability Disclosure Policy (VDP) platform is getting way more
activity, with over 1,000 valid bug disclosures last year, nearly half of
which were severe or critical. So much positive comes from this type of
relationship with researchers. Great to see.
MORE

Continue reading online to avoid the email cutoff…

AI / TECH

Waymo is opening its robotaxi service in Austin, marking its second city
after Phoenix to offer rides via the Uber app. This expansion is part of
Waymo’s partnership with Uber, and the service will cover 37 square miles of
the city. And Elon announces robotaxi for Tesla on Thursday!
MORE

💡I’m a massive fan of Tesla FSD, but I do have to intervene at least once
per hour of driving. I mean it’s REALLY good, but nowhere near as good as
a Waymo yet. But maybe that’s what the announcement is—that they’ve
updated the software to be way better. If not, I don’t see how they can
possibly run a taxi service on it yet.

Waymo and Hyundai have partnered to integrate Waymo’s autonomous tech into
Hyundai’s IONIQ 5 electric SUVs, which will join the Waymo One fleet.
MORE

Nvidia just released NVLM 1.0, an open-source AI model that supposedly
rivals GPT-4. The NVLM-D-72B model, with its 72 billion parameters, excels
in both visual and language tasks, even improving text-only performance
after multimodal training.
MORE

A Twitter user, Rameerez, shares their experience of moving away from cloud
services to save money.
MORE

Gmail has new ‘summary cards’ to help people manage their inbox more
efficiently. The cards enable quick actions like tracking packages and
checking into flights.
MORE

A new HBO documentary is claiming to have identified the elusive creator of
Bitcoin. But we’ve heard this before. Multiple times.
MORE

Two Harvard students have hacked Meta’s Ray-Ban Smart Glasses to include
AI-based facial recognition, allowing them to identify strangers in
realtime. The demo is completely nuts. They use a camera to scan faces and
pull up personal information like names, addresses, and phone numbers from
public databases, all within minutes.
MORE

John Gruber listened to a 15-minute podcast generated by NotebookLM and
found it surprisingly effective, though he said it’s still a bit in the
uncanny valley. Similar to the one I released last week.
MORE

A teacher talks about why they’re leaving teaching because of the impact of
AI tools like ChatGPT. Instead of rating papers, all they’re doing now is
seeing if the student even wrote the paper themselves.
MORE

HUMANS

Private equity firms have taken over a significant portion of ERs, cutting
doctor hours, increasing patient costs, and replacing physicians with less
expensive nurse practitioners, all while pushing for faster patient
turnover.
MORE

💡I’m of two minds on PE. On the one hand, the companies they come into are
often already broken, but I’ve also seen them break things that were
better before they got there. Either way, this is something you need to be
ready for. Basically the two Bobs, but way worse.

Researchers have unveiled the most detailed brain map of a fruit fly,
mapping nearly 140,000 neurons and over 54.5 million synapses. Insane to me
that 1) we have a full map of an insect’s brain, and 2) that it’s that many
neurons and synapses.
MORE

The sun just fired off its most powerful solar flare since 2017, an
X9.05-class eruption, causing shortwave radio blackouts over Africa and
Europe.
MORE

There’s a new nasal spray under development that could fend off respiratory
infections without using drugs. The spray works by creating a protective
barrier in the nasal cavity, which could help prevent illnesses like the
cold and flu, as well as Covid. It’s still in the preclinical stage, but
it’s exciting. Not sure how it compares to the Israeli version I use
already, which I think is zinc-based.
MORE

A new study says money actually does increase happiness, even at higher
income levels.
MORE

Robin Hanson looks at the deep-rooted influence of status in our society,
arguing that it’s the primary heuristic we use to determine who to emulate
and trust.
MORE

Someone looked at Seinfeld’s meditation practice and built their own
twice-a-day routine.
MORE

IDEAS

The DA / API Data Gap
Super minor AI prediction. In the near
future, people will be able to get certified to use (and pay more money for)
models that are less nerfed. To remove _______ filter, it’ll require a
certain subscription level. To remove __________ filter will require a
clearance and a higher level (more expensive) subscription. The difference
between a regular person talking to their AI in 2029 while walking down the
street, and what they can see and learn and understand about their
surroundings…vs. someone paying $38K / month in API access for their DA—will
be massive.
MORE

Me is a Disease
“Thinking about yourself is the source of all
unhappiness.” I love this framing from Naval, and I think it captures well
why too much therapy becomes the problem rather than the cure. At some
point, therapy becomes rumination rather than looking to solve something and
move forward.
MORE

DISCOVERY

A really cool CoT “thinking” prompt format designed to emulate what Chain of
Thought is doing in o1-preview.
GIST

A new service called SoBrief offers a massive collection of
73,530 book summaries in 40 different languages.
MORE

The PlugBug is a USB-C charger with Apple’s Find My tech
built-in.
MORE

A platform for buying and selling micro-startups with zero commission fees.
MORE

Riley Walz has set up a solar-powered “Bop Spotter” using an old Android
phone and Shazam to identify and upload the names of songs playing in the
area.
MORE

MITRE enhanced their EMB3D Threat Model with new mitigations aimed at
helping organizations tackle threats to embedded devices.
MORE

Ask HN: Who wants to be hired? (October 2024) — Hacker News’
monthly thread for job seekers.
MORE

Diff Text — A straightforward tool for comparing text
differences, making it easy to spot changes and edits.
MORE

The post looks at the Maker-Taker issue in open source, where “Makers”
create software and “Takers” profit without contributing back.
MORE

Bellingcat launched a new Online Investigations Toolkit to help open-source
researchers find and learn how to use tools for satellite imagery, social
media, and more.
MORE

Robin Hanson argues that academics often focus on complex methods to impress
peers rather than the core task of matching theory to data.
MORE

“Nobody Cares About Security”
MORE

“I don’t get it. We had all those meetings.” <— Devastating.
MORE

RECOMMENDATION OF THE WEEK

Create a 15-word sentence that captures what you’re trying to do with your
life.

Just you. Not being a parent or a good husband/wife. Those are all givens.

What are YOU trying to give to the world?

Try to capture that in 15 words.

APHORISM OF THE WEEK

❝  

If you think someone has ruined your life, you’re right.
It’s you.

  Nietzsche

Become a Member to Gain 1.4cm in Height