Unsupervised Learning NO. 391

Unsupervised Learning is a Security, AI, and Meaning-focused podcast
that looks at how best to thrive as humans in a post-AI world. It combines
original ideas, analysis, and mental models to bring not just the news, but
why it matters and how to respond.

Hey there,

Hope you’re having a good start to the week. I’m mostly prepping for
Vegas at this point and this will be my first year there as a business
owner instead of an employee. I’m mostly looking forward to seeing
friends, though. That’s what Vegas has always been about for me.

If you see me around come get a handshake/hug/fist bump!

Until then, let’s get into the week.

In this episode:

🤖 How AI Will Defenders Protect Us
📈 AI’s Role in K-Shaped
Recovery
📧 Military Email Leak
🔐 VirusTotal Data Leak
🇨🇳
Great Firewall Expansion
🍏 Apple vs UK Surveillance
🚗 TikTok
Theft Tutorials
👁️ AI Surveillance Expansion
🔧 Tech Scam
Evolution
🤖 OpenAI’s Persistent Context
🍏 Apple’s AI Chatbot
📰
AI Journalism
🔭 Tool & Article Discovery
➡️ The
Recommendation of the Week
🗣️ The Aphorism of the Week

MY WORK

🤖How AI Defenders Will Protect Us From Manipulation
My new piece on how we’ll use AI Assistants to defend ourselves
against marketing, propaganda, and personal con jobs.
READ IT

📈
AI Will Produce the Biggest K-Shaped Recovery We’ve Ever Seen
My new piece on how the top 10% smartest, richest, and most creative
will thrive in an unprecedented economy, leaving everyone else behind.
READ IT 

SECURITY NEWS

🪳New OpenSSH Vulnerability
There’s a new (now patched) vulnerability in OpenSSH’s forwarding
agent that has the potential for RCE. Patch up!
HACKERNEWS
|
NVD (CVE-2023-38408)

Military Email Leak
A simple typo (typing .ML instead of .MIL) has been redirecting
millions of sensitive US military emails to Mali for over a decade. Despite
warnings, the issue persists, with nearly 117,000 misdirected messages
collected since January alone.
VERGE 

VirusTotal Data Leak
VirusTotal inadvertently exposed customer data due to an employee
error. The leak included 5,600 names and email addresses.
HACKERNEWS

Sponsor

🔐 Unleash Your Cloud Security Potential 🔐

The digital landscape is shifting, and your security strategy needs to
keep pace. Don’t get left in the dust—become a cloud security superstar
with our Cloud Security Model Cheat Sheet!

➡️ Discover the 4-step process
that’s keeping top security organizations ahead of the curve. Learn how to
prioritize your team’s focus for maximum impact. Get your hands on
data-backed research that validates this winning approach.

📌
This isn’t just a cheat sheet – it’s your roadmap to cloud security
success. Pin it up in your workspace, or share the wisdom with your team
on Slack! 📌

➡️ Ready to level up your cloud security game? Click the link below and let the transformation begin!

👉wiz.io/lp/the-cloud-security-model-cheat-sheet👈

Get Your Cloud Security Model Cheat Sheet

   

Great Firewall Expansion
In a recent directive, President Xi Jinping of China has called for
the construction of a more robust “security barrier” around the country’s
internet, aiming to further control and regulate online activities. This is
one way I think the West has a massive advantage; people want free access to
the internet, and I think they will ultimately see it as weakness that China
doesn’t want them to have it.
REGISTER 

Apple vs UK Surveillance
Apple is threatening to pull its iMessage and FaceTime services
rather than comply with demands that could weaken encryption in messaging
apps. The proposed Online Safety Bill would require companies to install
technology to scan for child exploitation and terrorism content in encrypted
messaging apps, a move that Apple and other companies argue would
effectively render encryption protections ineffective. You can either have
end-to-end encryption or you can have filtering. Not an easy choice for
everyone.
HACKERNEWS

TikTok Theft Tutorials
Car thefts are massively up and one theory suggests it’s because
TikTok has great tutorials on hot-wiring Kias and Hyundais. The number of
car thefts in the first six months of the year was 104.3% higher than the
same period in 2019 according to a CCJ study.
AXIOS
|
NYTIMES

AI Surveillance Expansion
Artificial Intelligence is now being utilized by American law
enforcement to identify potentially “suspicious” patterns of movement,
analyzing vast license plate databases. In a recent drug trafficking case in
New York, the AI system sifted through a staggering 1.6 billion license
plate records collected over two years, leading to the identification and
arrest of a suspect.
FORBES 

Tech Scam Evolution
The FBI has issued a warning about a surge in tech support scams that
are specifically targeting the elderly in the United States, with a new
twist: the scammers are now urging their victims to send cash hidden in
magazines or similar items through shipping companies.
BLEEPINGCOMPUTER 

TECHNOLOGY NEWS

Sam Altman’s Worldcoin Launches
Altman’s new crypto startup, Worldcoin, has launched, which uses
eyeball-scanning technology to distinguish humans from AI online. The
company has been in development for over three years and has raised about
$250 million from backers, including Andreessen Horowitz, Khosla Ventures
and Reid Hoffman.

• Worldcoin aims to put a crypto wallet on every human’s smartphone.

• It works by scanning your eyeball on a device called
  an Orb.

• Over 2 million individuals have verified their World IDs at an Orb.

• They’re capping the total supply to 10 billion “WLD” tokens for the
  first 15 years.

This whole thing is exciting, strange, and a bit weird to me. It just has a
secretive feel to it, but perhaps that’s just me. It honestly feels like a
crypto play combined with a UBI play, since he’s also trying to build AGI
that will replace most human knowledge work that exists today. I’m not
trying to be negative; it does sound very cool, but it’s hitting me wrong
right now.
INSIDER
|
TECHCRUNCH 

Sponsor

🔐 Opal, scalable identity security 🔐

🧍🏼Opal is designed to give teams the building blocks for identity-first
security: view authorization paths, manage risk, and seamlessly apply intelligent policies built to grow with your organization.

🛡️Opal is used by best-in-class security teams today, such as Blend,
Databricks, Drata, Figma, Scale AI, and more. There is no
one-size-fits-all when it comes to access, but they provide the foundation to scale least privilege the right way.

👉opal.dev/demo👈

Watch the Demo

   

OpenAI Adds “Custom Instructions” for Persistent Context
OpenAI’s ChatGPT now has a “custom instructions” feature, letting you
input information it’ll remember to tailor future conversations. The feature
is in beta and available to ChatGPT Plus subscribers, excluding the UK and
EU.
VERGE

Apple’s Enters Chatbot Arena
Apple is in the process of creating an AI-powered chatbot, internally
referred to as “Apple GPT”, but it’s not clear what they plan to do with it
yet. The chatbot is built on a large language model framework named “Ajax”,
which runs on Google Cloud and is developed with Google JAX. My only hope is
that this is true, and that it happens fast, and that it largely replaces
Siri.
VERGE 

Twitter Trainwreck
Twitter’s ad revenue and
traffic is way down, and Musk has decided the best solution is to ruin the only good thing it
has left: its name and logo. He just changed them to X. MaX-level fail.
REUTERS

AI Journalism
Google is experimenting with an AI tool, codenamed “Genesis”, that
can generate news articles. The tool has been pitched to major publications,
including The New York Times, The Washington Post, and News Corp. Wish I
could have been in the room to hear that pitch. I assume no writers were
invited.
TECHCRUNCH

TikTok Adding Text Posts
TikTok is adding text posts, putting it in much closer competition
with X (gag), Instagram, and Threads. The only thing I love about all this
is the fierce competition leading to (hopefully) innovation in some way.
VERGE

HUMAN NEWS

Israel in Crisis
Israel’s democracy is being seriously tested right now, and the vote
that’s about to happen on Netanyahu’s judicial restrictions will be pivotal
to the outcome. My unsophisticated read on the matter is that the extreme
right is looking to take over and turn the country a hardcore religious
state, effectively turning Israeli Arabs into third-class citizens, among
other things. Remarkable that this can happen so quickly in a country that’s
come so far.
NYTIMES

US Mental Strain
23% of U.S. adults visited a mental health professional in 2022, up
from 13% in 2004. Only 31% described their mental health as “excellent” —
the lowest share ever. Among younger adults, those between the ages of 18
and 24, just 20% said their mental health was excellent.
AXIOS

Safety Net End
Several pandemic-era safety net programs that have been a lifeline
for millions of families are coming to an end this fall, creating a
significant economic squeeze. As these programs roll off, Americans will
start facing bigger bills for student loan payments, child care, health
care, and food, deepening the impact of years of inflation.
AXIOS 

Chip Factory Delay
TSMC’s Arizona chip factory opening is delayed until 2025 due to a
shortage of skilled technical workers in the US. TSMC is going to send more
Taiwanese workers to the US to help speed things up.
ARSTECHNICA 

IDEAS & ANALYSIS

The NPC Phenomenon
There’s a fascinating new trend on TikTok that you have to experience
to understand. Well, you still won’t understand, but you’ll at least know
what that type of confusion feels like. I’ve not done a deep dive on it yet
but I’ve seen a few examples and I have thoughts. 1) It’s mostly women. If
it wasn’t somehow sexualized I feel like there’d be roughly equal numbers of
men putting up the numbers. There aren’t. 2) It seems extremely demeaning.
There’s something really disgusting to me about the NPC concept being
applied to women. The whole point an NPC it is that they’re not the main
thing. They’re the sideshow for the real heroes. But that’s what blows up on
TikTok? Watching young women explicitly act like they’re not important? It’s
too on the nose for me. Our culture seems bent on isolating and exaggerating
the worst parts of human nature and forcing people to pretend it’s art. The
song WAP, for example, even though I love Cardi B. 3) The main business
model is that the influencer is stuck in a loop, doing their own NPC thing,
varying it as they see fit. Then they change their behavior based on
donations. That’s when they’ll speak to you, or at least acknowledge you in
some way. So once again we have men paying to feel in control of women.
Gross. Keep in mind, I could be missing something here. Something artistic
and deep. But this is my first read and I hope someone can tell me why I’m
wrong.
PINKYDOLL EXAMPLE ON TWITTER
|
INSIDER

NOTES

I’ve been playing with LLAMA2 quite a bit and it’s been hit or miss. I asked
it to “use the lessons learned about humanity from Russian Literature and
apply them to the existential crisis of AI taking jobs”, and it did pretty
well. But I’ve had a lot of failures on easier stuff. For some reason it
just doesn’t give me a “solid” feeling the way GPT-4 does (yes, even after
all
the articles
saying it’s worse). I’m even running the 13 billion parameter version, and
I’m about to mess with a quantized version of 70b. Will report back in UL
Chat.

We have a member meetup scheduled for Vegas! Can’t wait to see you there!

We tried something different this week where we used the name of the link
source as the link name. A number of people have requested this feature and
I’ve been looking for a great way to do it. Let me know how you like the
implementation.

DISCOVERY

⚒️Promptmap
— A tool that automatically tests prompt injection attacks on ChatGPT
instances. It generates creative attack prompts tailored for the target,
sends them to a ChatGPT instance, and checks the response to determine if
the attack was successful. | by
Utkusen
|
GITHUB 

⚒️Pop
— Send email from your Terminal. | by
CharmBracelet
|
GITHUB

⚒️AutoChain
— A LangChain competitor with less complexity and abstraction. Focused
especially on easier building of Agents, which is rather kludgy in
LangChain. | by
Forethought Technologies
|
GITHUB 

📋Person of Interest Investigations Primer
— How to use OSINT and Maltego to investigate people of interest.
MALTEGO

Wix has a new tool that can create an entire site from a prompt.
TECHCRUNCH 

The past is not true
MORE

If Zuckerberg hides his kids’ faces in photos, why don’t you?
PETAPIXEL

Great article on TTP analysis on security teams, by Carlos Fragoso of
Maltego.
MALTEGO

Solve Your Big Problems by Solving Your Real Problem
MORE

Become Ungoogleable
MORE

Training video for Bell Labs’ Holmdel Computer Center. What a trip.
YOUTUBE

Someone spent time in the Matrix Awakens game explaining to the NPCs that
they’re in a simulation.
TWITTER

Tech Trophy Jobs
MORE

Illusory Superiority
WIKIPEDIA

YouTube is testing a feature where you can long-press the video and it’ll
start playing at 2X. Yes please!
VERGE

Let’s Encrypt issues 35 certs every second.
TWITTER

RECOMMENDATION OF THE WEEK

If you’re new to BH/DC here’s my advice.

1. Don’t stress the burner phone thing. It’s not really a problem for
   99.99% of people. There are plenty of shenanigans going on with the
   airwaves there but the normal phone carriers and hotel wifi at most
   places is pretty normal during the conferences (perhaps excepting the
   actual DC hotel during the con).

2. Stay on trusted WiFi at big hotels (see above) if you use WiFi at all.

3. Don’t plug into public kiosks for power. Those attacks aren’t super
   common outside of DEFCON either, but you can avoid the risk by just not
   doing it. Generally good advice all the time actually.

4. Things are further than they appear for walking.

5. Make sure you drink plenty of water.

APHORISM OF THE WEEK

❝  

There is nothing so useless as doing efficiently that which should not be
done at all.

  Peter Drucker

We’ll see you next time!