Unsupervised Learning NO. 387

Unsupervised Learning is a Security, AI, and Meaning-focused podcast
that looks at how best to thrive as humans in a post-AI world. It combines
original ideas, analysis, and mental models to bring not just the news, but
why it matters and how to respond.

Greetings,

Busy is good, right? I’ve been productively scrambling in the last few
weeks and now HackerCamp is within striking distance. Lots of podcast
appearances, our migration to Beehiiv, customer engagements to keep the
skills sharp, a new talk that I’m excited about. It’s all splendid.
Wouldn’t want it else-wise!

I’m also trying out a new style of content links this week, with rich
HTML embeddings for the stories, but with
my own custom summaries like usual! Added benefit: you get to see the link! Let me know how you like
it.

I hope you’re busy as well, and that it’s the good kind.

In this episode:

Is modern parenting creating narcissists?
Top cybersecurity
official warns of Chinese hackers
New Russian hacking unit
identified
NVIDIA’s AI red team philosophy
McKinsey says AI
will massively boost productivity
MDMA helps white supremacist move
away from hate
Google further soils the bed

MY WORK

Is Modern Parenting Creating Narcissists?

What if modern parenting’s focus on vulnerability and trauma is creating
people who only think about themselves?

danielmiessler.com/p/modern-parenting-narcissists

SECURITY NEWS

Top cybersecurity official warns of sabotage from Chinese hackers

CISA director Jen Easterly warned that Chinese hackers are likely to target
and disrupt US critical infrastructure, including pipelines and railways,
amid rising tensions between the two nations. I love how plainly our
government just calls them on their shit now. Refreshing.

thehill.com/policy/cybersecurity/4047488-top-cybersecurity-official-warn-of-sabotage-from-chinese-hackers/?utm_source=pocket_saves

New Russian Hacking Unit Identified

– Microsoft researchers have discovered a distinct hacking group within the
Russian Main Intelligence Directorate (GRU) called “Cadet Blizzard”
–
Cadet Blizzard has been active since at least 2020, focusing on government
services, law enforcement, nonprofits, IT service providers, and emergency
services
– The group uses a hacktivist front called “Free Civilian” to
publish and share stolen data, including data from Ukrainian government
agencies

Microsoft identifies new hacking unit within Russian military intelligence

Chinese Hackers Exploit VMware Zero-Day

Chinese state-sponsored group UNC3886 exploited a zero-day flaw in VMware
ESXi hosts to backdoor Windows and Linux systems. The vulnerability,
CVE-2023-20867, enabled privileged command execution without authentication
and no default logging on guest VMs.

thehackernews.com/2023/06/chinese-hackers-exploit-vmware-zero-day.html?utm_source=pocket_saves

U.S. spy agencies buy tons of US citizens’ data
This isn’t really surprising, but it’s a bit disturbing to think
about. U.S. spy agencies have been purchasing vast quantities of Americans’
personal data, raising privacy concerns as commercially available
information (CAI) replicates results of intrusive surveillance techniques.
The report commissioned by the Director of National Intelligence highlights
the need for better policies, procedures, and safeguards around the
acquisition of such data. I’ve been saying for a long time that
data brokers
are the biggest threat to US citizen privacy, not hackers.
MORE

Sponsor

Skyrocket Your Business with SOC 2 Compliance

Show your customers you mean business by securing their data! Achieving
SOC 2 compliance not only boosts trust but also helps raise capital,
attract larger clients, and outshine competitors.

Simplify your journey with Vanta’s SOC 2 Compliance Checklist!

Download now
and unlock the secrets to a smooth compliance process.

Join 5000+ global customers who trust Vanta, the market-leading platform
for managing compliance. Automate up to 90% of SOC 2, ISO 27001, GDPR,
HIPAA, and more!

Get audit-ready in weeks, not months, and save up to 85% on costs!

 Download the Checklist Now!

Don’t miss this opportunity to elevate your business and protect your
customers’ data!

vanta.com/downloads/the-soc-2-compliance-checklist

Get SOC 2 Compliant Today

A Look at NVIDIA’s Red Team

NVIDIA introduces its AI red team philosophy and framework for assessing
machine learning (ML) systems from an information security perspective. The
cross-functional team combines offensive security professionals and data
scientists to identify and mitigate risks in ML systems. The framework aims
to provide a foundation for continuous security improvement throughout the
ML development lifecycle.

developer.nvidia.com/blog/nvidia-ai-red-team-an-introduction/?utm_source=pocket_saves

Chinese spies stole data through Barracuda flaws

Chinese espionage group UNC4841 exploited a critical bug in Barracuda’s
Email Security Gateway devices, stealing data from government and academic
accounts since October 2022. Mandiant identified the China-based threat
group and confirmed that Barracuda has patched the vulnerability and
replaced infected devices.

www.theregister.com/2023/06/15/chinese_spies_behind_barracuda_esg/?utm_source=pocket_saves

Shell hit by Clop again

Shell confirmed on Thursday it had been impacted by the Clop ransomware
gang’s breach of the MOVEit file transfer tool after the group listed the
British oil and gas multinational on its extortion site. This Clop/MOVEit
situation is starting to look more and more like Solarwinds, but it’s not
clear yet HOW much that’s true.

therecord.media/shell-impacted-in-clop-ransomware-attack?utm_source=pocket_saves

US DMV data hit by MOVEit

Over 6.5 million Americans’ personal data exposed in a massive MOVEit hack,
affecting residents of Louisiana and Oregon. The cyberattack targeted
government agencies and global organizations, with potential links to
Russian ransomware group Clop.

arstechnica.com/information-technology/2023/06/millions-of-americans-personal-dmv-data-exposed-in-massive-moveit-hack/?utm_source=pocket_saves

New Player in Internet Mapping Offerings

Detection-focused threat intelligence startup Silent Push launched with $10
million in seed funding, aiming to provide a comprehensive view of
internet-facing infrastructure by mapping the entire web daily. Curious what
opening they see in that market with Shodan, Expanse, and Censys already
there.

www.securityweek.com/threat-intelligence-firm-silent-push-launches-with-10-million-in-seed-funding/?utm_source=pocket_saves

TECHNOLOGY NEWS

McKinsey Says AI Will Massively Boost Productivity

Generative AI could unlock trillions of dollars in value and transform the
nature of work, but it also presents new challenges that need to be
addressed.

– Generative AI could add $2.6 trillion to $4.4
trillion annually across 63 use cases, increasing the impact of all
artificial intelligence by 15 to 40 percent.
– About 75 percent of the value from generative AI use cases falls across
four areas: Customer operations, marketing and sales, software engineering,
and R&D.
– Industries like banking, high tech, and life sciences could see the
biggest impact as a percentage of their revenues from generative AI.
– Generative AI has the potential to change the anatomy of work, automating
work activities that absorb 60 to 70 percent of employees’ time today.
– The pace of workforce transformation is likely to accelerate, with half of
today’s work activities potentially automated between 2030 and 2060.

www.mckinsey.com/capabilities/mckinsey-digital/our-insights/the-economic-potential-of-generative-ai-the-next-productivity-frontier

Accenture Jumps Big into AI

Global consulting firm Accenture commits $3 billion to its AI and data
practice, focusing on new hires, training, and acquisitions. This move
highlights the growing importance of AI in various industries and raises
questions about its impact on the job market.

news.crunchbase.com/ai-robotics/accenture-artificial-intelligence-investment/?utm_source=pocket_saves

Meta introduces Voicebox

Meta AI introduces Voicebox, a groundbreaking generative AI model for speech
that generalizes across tasks with state-of-the-art performance.

–
Voicebox can synthesize speech in six languages, perform noise removal,
content editing, style conversion, and diverse sample generation.
– The model is based on Flow Matching, outperforming current
state-of-the-art models like VALL-E and YourTTS in terms of intelligibility
and audio similarity.
– Potential use cases include in-context text-to-speech synthesis,
cross-lingual style transfer, speech denoising and editing, and diverse
speech sampling.
– Due to potential risks of misuse, Meta AI is not making the Voicebox model
or code publicly available at this time.
– The researchers also developed a highly effective classifier to
distinguish between authentic speech and audio generated with Voicebox.

ai.facebook.com/blog/voicebox-generative-ai-model-speech

Meta reportedly plans to release LLaMA itself

Meta plans to make the next version of LLaMA, its open-source LLM,
commercially available despite lawmaker inquiries and a recent leak to
4chan. The move reaffirms Meta’s commitment to open-source AI and its
integration into products. And it’s commitment to not letting OpenAI take
all the good press.

venturebeat.com/ai/meta-reportedly-making-llama-commercially-available-despite-lawmaker-inquiries

GPT-4 beat humans at making pitch decks

A study found that GPT-4 generated pitch decks were twice as convincing as
human-made ones, with investors and business owners 3x more likely to invest
after reading an AI-generated pitch deck. The AI outperformed humans across
finance, marketing, and tech industries.

clarifycapital.com/the-future-of-investment-pitching

HUMAN NEWS

MDMA helps white supremacist move away from hate

A white supremacist participating in a scientific study took MDMA and
subsequently questioned his extreme beliefs. Researchers are exploring the
drug’s potential to treat mental and physical illnesses, and its ability to
influence values and priorities. I cannot wait for MDMA to be combined with
Talk Therapy to help with all sorts of things.

www.insider.com/white-supremacist-took-mdma-renounces-beliefs-study-2023-6?utm_source=pocket_saves

Migration to red states

Americans are increasingly moving from blue states to red states, resulting
in lower life expectancies due to factors such as cost of living, health
conditions, and education levels.

www.nextgov.com/ideas/2023/05/americans-are-increasingly-moving-red-states-where-life-cheaper-people-also-die-younger/386776

Same-sex relations acceptance drop

Fewer Americans find same-sex relations morally acceptable, dropping from
71% to 64%, while support for the death penalty increased slightly. The
decline in acceptance is mainly due to fewer Republicans holding that view.

news.gallup.com/poll/507230/fewer-say-sex-relations-morally-acceptable.aspx?utm_source=tagrss&utm_medium=rss&utm_campaign=syndication

IDEAS & ANALYSIS

Google Further Soils the Bed
I’m stunned that Google is
getting rid of Google Domains. I seriously cannot understand the strategy with them anymore. I feel like
they’ve lost their way and are listening to anyone who claims to have a
direction. But even then, I can’t imagine this pitch being compelling. They
should have a simple plan for the next couple of years, which is to 1) find
everything they’re doing well, that people actually like, and 2)
don’t mess those things up! That might not be a strategy, but it’s
better than whatever they’re doing now. I’ve never seen Innovator’s Dilemma
more live and in color than what Google is currently doing to itself.

NOTES

I just appeared with Joesph Thacker (rez0) on
the Critical Thinking podcast, which should be out soon!

I’m going to be reading the new Rick Rubin book on creativity. Could be a
recommendation for UL Book Club!
MORE

Lucifer is trying to lure me away from Vim with Vim Motions in Visual Studio
Code

A guide to using Vim motions in Visual Studio Code for efficient navigation
and editing. Learn horizontal and vertical movements, search patterns, and
combining counts with motions for greater effect. Not today, Satan.

www.barbarianmeetscoding.com/boost-your-coding-fu-with-vscode-and-vim/moving-blazingly-fast-with-the-core-vim-motions/?utm_source=pocket_saves

As I’m writing this week’s newsletter, I’m loving the expanded and rich
sections, but I’m also missing the simplicity and Spartan nature of the
original. We live and we grow. Do let me know where you come down on this.
I’m betting we’ll end up with some sort of hybrid.

Thanks to all you members who are in the process of migrating your
membership to the new Beehiiv platform. I know it’s annoying but I have a
ton of inspiration from the cleanliness of the new platform, and it’s
absolutely going to be worth it! See you over on the new
Member Portal!

DISCOVERY

GreyDGL/PentestGPT

PentestGPT, a GPT-empowered penetration testing tool, now supports
installation via pip and has an updated installation video. The tool
automates the penetration testing process using ChatGPT and operates
interactively to guide testers.

github.com/GreyDGL/PentestGPT

Native JSON Output From GPT-4

Simon Farshid demonstrated using GPT-4’s function calling feature to
generate structured JSON data for a recipe app. This simplifies interaction
with LLMs, reduces token usage, and lowers cognitive load on GPT,
potentially increasing accuracy and enabling LLMs as backends for various
applications.

yonom.substack.com/p/native-json-output-from-gpt-4?utm_source=pocket_saves

Hugging Face’s Open LLM Leaderboard

The Open LLM Leaderboard tracks, ranks, and evaluates large language
models (LLMs) and chatbots, allowing community submissions for automated
evaluation. It tests models on Eleuther AI Language Model Evaluation Harness
benchmarks and human & GPT-4 evaluations.

huggingface.co/spaces/HuggingFaceH4/open_llm_leaderboard

Mars Mosaic Masterpiece

The Bruce Murray Laboratory for Planetary Visualization completed a 5.7
terapixel mosaic of Mars’ surface, covering 99.5% of the planet with 5.0
m/px resolution. The mosaic, sourced from the Mars Reconnaissance Orbiter’s
Context Camera, is available for streaming and download.

https://murray-lab.caltech.edu/CTX/?utm_source=pocket_saves

Recurring revenue for engineers
MORE

Speed run your favorite podcasts. Quick summaries of the top points.
MORE

MVP: Senior Programmers vs. Juniors + GPTs
MORE

I don’t trust Signal (I’m not here yet personally, but I like presenting
alternative opinions argued decently)
MORE

I can’t stop thinking like an attacker, and I’m ok with that
MORE

In Praise of Blowing Up Your Life
MORE

Is everyone becoming a product manager?
MORE

Shuhari
MORE

Get it done
MORE

The best teams I’ve worked with
MORE

RECOMMENDATION OF THE WEEK

Life is So Terrible and Beautiful at the Same Time
MORE

 
APHORISM OF THE WEEK

❝  

You can’t use up creativity. The more you use, the more you have.

  Maya Angelou