Unsupervised Learning: No. 181

Unsupervised Learning is my weekly show that provides collection, summarization, and analysis in the realms of Security, Technology, and Humans.

It’s Content Curation as a Service…

I spend between five and twenty hours a week consuming articles, books, and podcasts—so you don’t have to—and each episode is either a curated summary of what I’ve found in the past week, or a standalone essay that hopefully gives you something to think about.

Subscribe to the Newsletter or Podcast

Become a member to get every episode



?️ Security News

Some absolutely fascinating research has just come out on what percentages and types of vulnerabilities are actually exploited in the wild. It found that only 5.5% of vulnerabilities discovered between 2009 and 2018 were actually exploited, with most of those being issues with a CVSS score of 9 or 10. The best part of the paper, however, was a discussion of optimal patching strategies, where they looked at different methodologies for what to patch and measured them against each other based on coverage (no misses) and efficiency (not patching what you don’t have to). Options included patching by CVSS, whether or not there are public exploits, by vulnerability tags, etc. The ML model performed best, but it seemed that patching the CVSS 7 and above was decent as well, and for more efficiency but less coverage—CVSS 9 and above. Super interesting paper. More

The US is going to start requiring 5 years of social media account history from Visa applicants, as part of the filtering process. I’m genuinely curious as to how effective this is going to be. On the one hand, there will now be a market for creating and maintaining fake social media accounts that people can use for this purpose. But on the other hand, there will be many who don’t want to go to that effort and either won’t try to come, or will get caught in the filter. As with most things, the efficacy will come down to execution. More

A team at Stanford has made it possible to edit video using a text editor. So, editing the things that were said by the actual subject, to say something else entirely, but having it seamlessly injected into the video so it looks completely natural. More

A new version of Sysmon is coming soon that logs DNS queries and responses. More

Some European network traffic was routed through China again due to a BGP problem, and this time the issue lasted 2 hours. More

Many Israeli companies are far too willing to sell and use their technologies for malicious purposes. I respect the technical prowess and the ambition, but those are of limited use in a friend if you can’t trust their morals. More

Data breaches supposedly cost $ 654 billion in 2018. More

Hardware.io is in the SF Bay Area this weekend on June 13-14. See you there! More

Breaches: LabCorp (7.7 Million), Quest Diagnostics (12 Million)

Advisories: Exim, BlueKeep, Android

Companies: Palo Alto buys Twistlock, Palo Alto buys PureSec, SentinelOne Raises $ 120MM, Sophos Acquires Rook Security, AttackIQ raises $ 17.6MM

⚙️ Technology News

DARPA is spending millions on brain-machine interface technology for the military. More

Salesforce is buying Tableau for $ 15.7 billion. More

Someone created an AI-generated face using a neural network, and then systematically destroyed that neural network one neuron at a time. The result was the disturbing deterioration of the face. More

Blizzard is focusing on Overwatch 2 and Diablo 4. More

There’s an app now for linking people with mental illness to counselors or clinicians. I think there’s a market there. More

??  Human News

There is increasing evidence that inflammation is linked to depression. This is fascinating stuff because it (the broader research) links the evidence that diet and exercise are good for mood, motivation, etc. This is one of the most promising areas of study in all of medicine in my opinion. More

Book subtitles are getting really long because it helps with SEO. More

I am positively thrilled that magic mushrooms are about to become part of legitimate medical treatment. More

Netflix is working on an anime series based on Magic The Gathering. More

Homelessness in California is growing significantly. More

NASA plans on opening the ISS to tourism. More

? Ideas, Trends, & Analysis

The Intellectual Dark Web and Dark Forest Theory More

People are starting to see major cracks in higher education, and I think it’s going to lead to a new type of schooling that’s more customized, lower overhead, with better teachers, and different types of credentials. Think about custom curriculums created by top experts, which are made up of multiple professors who are the best in the world, and where tuition is a fraction of current university. As we become more data-focused, people are going to start figuring out what parts of education are most useful, and what is wasteful. Imagine giant festivals where you go, do these courses with other people who’ve also paid to be there, and then you do massive group projects, kind of like Disrupt or something. So it’s the combination of the top teaching with the best social experiences, but without the overhead of bloated universities that are mostly there to benefit themselves at this point. More

PERSON 1: “I think software is at an acceptable level of security.”
PERSON 2: “That’s ridiculous. Why would you say that?”
PERSON 1: ”Because we accept it.”

I’m reading a fantastic book right now called Moonwalking With Einstein, and it had a remarkable idea in it. It said that the reason time speeds up one’s later years is that people have fewer meaningful experiences when they’re older. Things become static and repetitive, so there are fewer markers for time. But when you’re young, almost every moment is some sort of monumental experience. And the result is that, as a kid, time is in slow motion, and as an adult, time speeds up. The solution then, if you want to have more time, is to do more novel and interesting things with your life. 

I created an audio version of my Grit is the Ultimate Privilege essay. More

? Discovery

LeakLooker — Find open servers and source code. More

Medium-to-Own-Blog —A tool for automatically migrating away from Medium to your own blog. More

What we regret most, and why. More

I created a new tutorial, this time for Ngrok. More

Cats in heaven. More

Data validation for machine learning. More

A treehouse in Sweden camouflaged by mirrors. More

Credder — A service that rates the quality of news sources. More

ish.app — The Linux shell on iOS More

One of the coolest anti-smoking ad images I’ve ever seen. More

Pockint — Portable DFIR/OSINT tools. More

? Notes

If you’re at all into astronomy, you should take some binoculars out to see Jupiter this week (especially Monday), as it’s both in opposition and very close to the Earth. Even with just binoculars you can see multiple Galilean moons around it. I saw them this weekend, and they were spectacular! More 

I’m in the second book of the Mistborn series. Enjoying it. 

I think my next TV is going to be an 85″ Sony OLED. Just waiting for some big updates to the tech combined with the prices falling. I’m loving my 65″ LG OLED, but a larger display would be nice, and from what I’ve read, Sony is still on top in terms of quality.

? If anyone is an audio specialist—especially in the realm of podcasting—I’d love to hear ideas on how to make my podcast audio louder and clearer. I’m pretty happy with the tone, but if you listen to something like Joe Rogan or Sam Harris, their audio is much louder than mine. Not sure what I should do to increase gain/output without clipping, etc. Any ideas welcome!

If you know anyone who is under-represented in Information Security, have them reach out to me at first@firstlast.com. I want to help people enter the security field, and will assist with required reading, interviewing help, salary negotiation tips, etc. More

The UL Member Slack channel is going really well. I’m pleased with how casual yet substantive it is. It’s exactly the community that I’d like to be a part of, and I am looking forward to some of the events we’re planning. If you’re interested, and were close to subscribing anyway, this is a great reason to go ahead. Subscribe

?️ Recommendations

If you’ve been in a solid stream of non-fiction books, and like fantasy, give the MIstborn series a try. It’s solid fun. More

Aphorism

“Elegance is refusal”.

~ Coco Chanel


Become a direct supporter of my content for less than a latte a month ($ 50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.

Daniel Miessler


Are you looking for products for hacking, cybersecurity, and penetration testing? Do you need to cleanse your smartphone, PC, or website from viruses and malware? Do you need to track down a person or recover urgent information? Do you need to regain control of an account, email, or password that has been stolen from you? Interested in purchasing pre-configured devices to easily and quickly experiment with hacking techniques? Do you have specific requirements in software or hardware? We can assist you!

Contact us immediately for immediate assistance: provide us with details via email or WhatsApp about the type of support you need, and we will respond you promptly!

Fill out and submit the form below to send us an immediate support request

Write your email address here

Write here how we can help you - we provide immediate support for all your needs!

chevron_left
chevron_right