Unsupervised Learning NO. 391

Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how best to thrive as humans in a post-AI world. It combines original ideas, analysis, and mental models to bring not just the news, but why it matters and how to respond.

Hey there,

Hope you’re having a good start to the week. I’m mostly prepping for Vegas at this point and this will be my first year there as a business owner instead of an employee. I’m mostly looking forward to seeing friends, though. That’s what Vegas has always been about for me.

If you see me around come get a handshake/hug/fist bump!

Until then, let’s get into the week.

In this episode:

🤖 How AI Will Defenders Protect Us
📈 AI's Role in K-Shaped Recovery
📧 Military Email Leak
🔐 VirusTotal Data Leak
🇨🇳 Great Firewall Expansion
🍏 Apple vs UK Surveillance
🚗 TikTok Theft Tutorials
👁️ AI Surveillance Expansion
🔧 Tech Scam Evolution
🤖 OpenAI's Persistent Context
🍏 Apple's AI Chatbot
📰 AI Journalism
🔭 Tool & Article Discovery
➡️ The Recommendation of the Week
🗣️ The Aphorism of the Week

MY WORK

🤖How AI Defenders Will Protect Us From Manipulation
My new piece on how we’ll use AI Assistants to defend ourselves against marketing, propaganda, and personal con jobs. READ IT

📈 AI Will Produce the Biggest K-Shaped Recovery We’ve Ever Seen
My new piece on how the top 10% smartest, richest, and most creative will thrive in an unprecedented economy, leaving everyone else behind. READ IT 

SECURITY NEWS

🪳New OpenSSH Vulnerability
There’s a new (now patched) vulnerability in OpenSSH’s forwarding agent that has the potential for RCE. Patch up! HACKERNEWS | NVD (CVE-2023-38408)

Military Email Leak
A simple typo (typing .ML instead of .MIL) has been redirecting millions of sensitive US military emails to Mali for over a decade. Despite warnings, the issue persists, with nearly 117,000 misdirected messages collected since January alone. VERGE 

VirusTotal Data Leak
VirusTotal inadvertently exposed customer data due to an employee error. The leak included 5,600 names and email addresses. HACKERNEWS

Great Firewall Expansion
In a recent directive, President Xi Jinping of China has called for the construction of a more robust "security barrier" around the country's internet, aiming to further control and regulate online activities. This is one way I think the West has a massive advantage; people want free access to the internet, and I think they will ultimately see it as weakness that China doesn’t want them to have it. REGISTER 

Apple vs UK Surveillance
Apple is threatening to pull its iMessage and FaceTime services rather than comply with demands that could weaken encryption in messaging apps. The proposed Online Safety Bill would require companies to install technology to scan for child exploitation and terrorism content in encrypted messaging apps, a move that Apple and other companies argue would effectively render encryption protections ineffective. You can either have end-to-end encryption or you can have filtering. Not an easy choice for everyone. HACKERNEWS

TikTok Theft Tutorials
Car thefts are massively up and one theory suggests it’s because TikTok has great tutorials on hot-wiring Kias and Hyundais. The number of car thefts in the first six months of the year was 104.3% higher than the same period in 2019 according to a CCJ study. AXIOS | NYTIMES

AI Surveillance Expansion
Artificial Intelligence is now being utilized by American law enforcement to identify potentially "suspicious" patterns of movement, analyzing vast license plate databases. In a recent drug trafficking case in New York, the AI system sifted through a staggering 1.6 billion license plate records collected over two years, leading to the identification and arrest of a suspect. FORBES 

Tech Scam Evolution
The FBI has issued a warning about a surge in tech support scams that are specifically targeting the elderly in the United States, with a new twist: the scammers are now urging their victims to send cash hidden in magazines or similar items through shipping companies. BLEEPINGCOMPUTER 

TECHNOLOGY NEWS

Sam Altman’s Worldcoin Launches
Altman's new crypto startup, Worldcoin, has launched, which uses eyeball-scanning technology to distinguish humans from AI online. The company has been in development for over three years and has raised about $250 million from backers, including Andreessen Horowitz, Khosla Ventures and Reid Hoffman.

• Worldcoin aims to put a crypto wallet on every human's smartphone.

• It works by scanning your eyeball on a device called an Orb.

• Over 2 million individuals have verified their World IDs at an Orb.

• They’re capping the total supply to 10 billion "WLD" tokens for the first 15 years.

This whole thing is exciting, strange, and a bit weird to me. It just has a secretive feel to it, but perhaps that’s just me. It honestly feels like a crypto play combined with a UBI play, since he’s also trying to build AGI that will replace most human knowledge work that exists today. I’m not trying to be negative; it does sound very cool, but it’s hitting me wrong right now. INSIDER | TECHCRUNCH 

OpenAI Adds “Custom Instructions” for Persistent Context
OpenAI's ChatGPT now has a "custom instructions" feature, letting you input information it'll remember to tailor future conversations. The feature is in beta and available to ChatGPT Plus subscribers, excluding the UK and EU. VERGE

Apple's Enters Chatbot Arena
Apple is in the process of creating an AI-powered chatbot, internally referred to as "Apple GPT", but it’s not clear what they plan to do with it yet. The chatbot is built on a large language model framework named "Ajax", which runs on Google Cloud and is developed with Google JAX. My only hope is that this is true, and that it happens fast, and that it largely replaces Siri. VERGE 

Twitter Trainwreck
Twitter’s ad revenue and traffic is way down, and Musk has decided the best solution is to ruin the only good thing it has left: its name and logo. He just changed them to X. MaX-level fail. REUTERS

AI Journalism
Google is experimenting with an AI tool, codenamed "Genesis", that can generate news articles. The tool has been pitched to major publications, including The New York Times, The Washington Post, and News Corp. Wish I could have been in the room to hear that pitch. I assume no writers were invited. TECHCRUNCH

TikTok Adding Text Posts
TikTok is adding text posts, putting it in much closer competition with X (gag), Instagram, and Threads. The only thing I love about all this is the fierce competition leading to (hopefully) innovation in some way. VERGE

HUMAN NEWS

Israel in Crisis
Israel’s democracy is being seriously tested right now, and the vote that’s about to happen on Netanyahu’s judicial restrictions will be pivotal to the outcome. My unsophisticated read on the matter is that the extreme right is looking to take over and turn the country a hardcore religious state, effectively turning Israeli Arabs into third-class citizens, among other things. Remarkable that this can happen so quickly in a country that’s come so far. NYTIMES

US Mental Strain
23% of U.S. adults visited a mental health professional in 2022, up from 13% in 2004. Only 31% described their mental health as “excellent” — the lowest share ever. Among younger adults, those between the ages of 18 and 24, just 20% said their mental health was excellent. AXIOS

Safety Net End
Several pandemic-era safety net programs that have been a lifeline for millions of families are coming to an end this fall, creating a significant economic squeeze. As these programs roll off, Americans will start facing bigger bills for student loan payments, child care, health care, and food, deepening the impact of years of inflation. AXIOS 

Chip Factory Delay
TSMC's Arizona chip factory opening is delayed until 2025 due to a shortage of skilled technical workers in the US. TSMC is going to send more Taiwanese workers to the US to help speed things up. ARSTECHNICA 

IDEAS & ANALYSIS

The NPC Phenomenon
There’s a fascinating new trend on TikTok that you have to experience to understand. Well, you still won’t understand, but you’ll at least know what that type of confusion feels like. I’ve not done a deep dive on it yet but I’ve seen a few examples and I have thoughts. 1) It’s mostly women. If it wasn’t somehow sexualized I feel like there’d be roughly equal numbers of men putting up the numbers. There aren’t. 2) It seems extremely demeaning. There’s something really disgusting to me about the NPC concept being applied to women. The whole point an NPC it is that they’re not the main thing. They’re the sideshow for the real heroes. But that’s what blows up on TikTok? Watching young women explicitly act like they’re not important? It’s too on the nose for me. Our culture seems bent on isolating and exaggerating the worst parts of human nature and forcing people to pretend it’s art. The song WAP, for example, even though I love Cardi B. 3) The main business model is that the influencer is stuck in a loop, doing their own NPC thing, varying it as they see fit. Then they change their behavior based on donations. That’s when they’ll speak to you, or at least acknowledge you in some way. So once again we have men paying to feel in control of women. Gross. Keep in mind, I could be missing something here. Something artistic and deep. But this is my first read and I hope someone can tell me why I’m wrong. PINKYDOLL EXAMPLE ON TWITTER | INSIDER

NOTES

I’ve been playing with LLAMA2 quite a bit and it’s been hit or miss. I asked it to “use the lessons learned about humanity from Russian Literature and apply them to the existential crisis of AI taking jobs”, and it did pretty well. But I’ve had a lot of failures on easier stuff. For some reason it just doesn’t give me a “solid” feeling the way GPT-4 does (yes, even after all the articles saying it’s worse). I’m even running the 13 billion parameter version, and I’m about to mess with a quantized version of 70b. Will report back in UL Chat.

We have a member meetup scheduled for Vegas! Can’t wait to see you there!

We tried something different this week where we used the name of the link source as the link name. A number of people have requested this feature and I’ve been looking for a great way to do it. Let me know how you like the implementation.

DISCOVERY

⚒️Promptmap — A tool that automatically tests prompt injection attacks on ChatGPT instances. It generates creative attack prompts tailored for the target, sends them to a ChatGPT instance, and checks the response to determine if the attack was successful. | by Utkusen | GITHUB 

⚒️Pop — Send email from your Terminal. | by CharmBracelet | GITHUB

⚒️AutoChain — A LangChain competitor with less complexity and abstraction. Focused especially on easier building of Agents, which is rather kludgy in LangChain. | by Forethought Technologies | GITHUB 

📋Person of Interest Investigations Primer — How to use OSINT and Maltego to investigate people of interest. MALTEGO

Wix has a new tool that can create an entire site from a prompt. TECHCRUNCH 

The past is not true MORE

If Zuckerberg hides his kids’ faces in photos, why don’t you? PETAPIXEL

Great article on TTP analysis on security teams, by Carlos Fragoso of Maltego. MALTEGO

Solve Your Big Problems by Solving Your Real Problem MORE

Become Ungoogleable MORE

Training video for Bell Labs’ Holmdel Computer Center. What a trip. YOUTUBE

Someone spent time in the Matrix Awakens game explaining to the NPCs that they’re in a simulation. TWITTER

Tech Trophy Jobs MORE

Illusory Superiority WIKIPEDIA

YouTube is testing a feature where you can long-press the video and it’ll start playing at 2X. Yes please! VERGE

Let’s Encrypt issues 35 certs every second. TWITTER

RECOMMENDATION OF THE WEEK

If you’re new to BH/DC here’s my advice.

1. Don’t stress the burner phone thing. It’s not really a problem for 99.99% of people. There are plenty of shenanigans going on with the airwaves there but the normal phone carriers and hotel wifi at most places is pretty normal during the conferences (perhaps excepting the actual DC hotel during the con).

2. Stay on trusted WiFi at big hotels (see above) if you use WiFi at all.

3. Don’t plug into public kiosks for power. Those attacks aren’t super common outside of DEFCON either, but you can avoid the risk by just not doing it. Generally good advice all the time actually.

4. Things are further than they appear for walking.

5. Make sure you drink plenty of water.

APHORISM OF THE WEEK

We’ll see you next time!