Unsupervised Learning is my weekly show that provides collection, summarization, and analysis in the realms of Security, Technology, and Humans.
I spend between five and twenty hours a week consuming articles, books, and podcasts—so you don’t have to—and each episode is either a curated summary of what I’ve found in the past week, or a standalone essay that hopefully gives you something to think about.
?️ Security News
Some absolutely fascinating research has just come out on what percentages and types of vulnerabilities are actually exploited in the wild. It found that only 5.5% of vulnerabilities discovered between 2009 and 2018 were actually exploited, with most of those being issues with a CVSS score of 9 or 10. The best part of the paper, however, was a discussion of optimal patching strategies, where they looked at different methodologies for what to patch and measured them against each other based on coverage (no misses) and efficiency (not patching what you don’t have to). Options included patching by CVSS, whether or not there are public exploits, by vulnerability tags, etc. The ML model performed best, but it seemed that patching the CVSS 7 and above was decent as well, and for more efficiency but less coverage—CVSS 9 and above. Super interesting paper. More
The US is going to start requiring 5 years of social media account history from Visa applicants, as part of the filtering process. I’m genuinely curious as to how effective this is going to be. On the one hand, there will now be a market for creating and maintaining fake social media accounts that people can use for this purpose. But on the other hand, there will be many who don’t want to go to that effort and either won’t try to come, or will get caught in the filter. As with most things, the efficacy will come down to execution. More
A team at Stanford has made it possible to edit video using a text editor. So, editing the things that were said by the actual subject, to say something else entirely, but having it seamlessly injected into the video so it looks completely natural. More
A new version of Sysmon is coming soon that logs DNS queries and responses. More
Some European network traffic was routed through China again due to a BGP problem, and this time the issue lasted 2 hours. More
Many Israeli companies are far too willing to sell and use their technologies for malicious purposes. I respect the technical prowess and the ambition, but those are of limited use in a friend if you can’t trust their morals. More
Data breaches supposedly cost $ 654 billion in 2018. More
Hardware.io is in the SF Bay Area this weekend on June 13-14. See you there! More
Breaches: LabCorp (7.7 Million), Quest Diagnostics (12 Million)
Advisories: Exim, BlueKeep, Android
Companies: Palo Alto buys Twistlock, Palo Alto buys PureSec, SentinelOne Raises $ 120MM, Sophos Acquires Rook Security, AttackIQ raises $ 17.6MM
⚙️ Technology News
DARPA is spending millions on brain-machine interface technology for the military. More
Salesforce is buying Tableau for $ 15.7 billion. More
Someone created an AI-generated face using a neural network, and then systematically destroyed that neural network one neuron at a time. The result was the disturbing deterioration of the face. More
Blizzard is focusing on Overwatch 2 and Diablo 4. More
There’s an app now for linking people with mental illness to counselors or clinicians. I think there’s a market there. More
?? Human News
There is increasing evidence that inflammation is linked to depression. This is fascinating stuff because it (the broader research) links the evidence that diet and exercise are good for mood, motivation, etc. This is one of the most promising areas of study in all of medicine in my opinion. More
Book subtitles are getting really long because it helps with SEO. More
I am positively thrilled that magic mushrooms are about to become part of legitimate medical treatment. More
Netflix is working on an anime series based on Magic The Gathering. More
Homelessness in California is growing significantly. More
NASA plans on opening the ISS to tourism. More
? Ideas, Trends, & Analysis
The Intellectual Dark Web and Dark Forest Theory More
People are starting to see major cracks in higher education, and I think it’s going to lead to a new type of schooling that’s more customized, lower overhead, with better teachers, and different types of credentials. Think about custom curriculums created by top experts, which are made up of multiple professors who are the best in the world, and where tuition is a fraction of current university. As we become more data-focused, people are going to start figuring out what parts of education are most useful, and what is wasteful. Imagine giant festivals where you go, do these courses with other people who’ve also paid to be there, and then you do massive group projects, kind of like Disrupt or something. So it’s the combination of the top teaching with the best social experiences, but without the overhead of bloated universities that are mostly there to benefit themselves at this point. More
PERSON 1: “I think software is at an acceptable level of security.”
PERSON 2: “That’s ridiculous. Why would you say that?”
PERSON 1: ”Because we accept it.”
I’m reading a fantastic book right now called Moonwalking With Einstein, and it had a remarkable idea in it. It said that the reason time speeds up one’s later years is that people have fewer meaningful experiences when they’re older. Things become static and repetitive, so there are fewer markers for time. But when you’re young, almost every moment is some sort of monumental experience. And the result is that, as a kid, time is in slow motion, and as an adult, time speeds up. The solution then, if you want to have more time, is to do more novel and interesting things with your life.
I created an audio version of my Grit is the Ultimate Privilege essay. More
LeakLooker — Find open servers and source code. More
Medium-to-Own-Blog —A tool for automatically migrating away from Medium to your own blog. More
What we regret most, and why. More
I created a new tutorial, this time for Ngrok. More
Cats in heaven. More
Data validation for machine learning. More
A treehouse in Sweden camouflaged by mirrors. More
Credder — A service that rates the quality of news sources. More
ish.app — The Linux shell on iOS More
One of the coolest anti-smoking ad images I’ve ever seen. More
Pockint — Portable DFIR/OSINT tools. More
If you’re at all into astronomy, you should take some binoculars out to see Jupiter this week (especially Monday), as it’s both in opposition and very close to the Earth. Even with just binoculars you can see multiple Galilean moons around it. I saw them this weekend, and they were spectacular! More
I’m in the second book of the Mistborn series. Enjoying it.
I think my next TV is going to be an 85″ Sony OLED. Just waiting for some big updates to the tech combined with the prices falling. I’m loving my 65″ LG OLED, but a larger display would be nice, and from what I’ve read, Sony is still on top in terms of quality.
? If anyone is an audio specialist—especially in the realm of podcasting—I’d love to hear ideas on how to make my podcast audio louder and clearer. I’m pretty happy with the tone, but if you listen to something like Joe Rogan or Sam Harris, their audio is much louder than mine. Not sure what I should do to increase gain/output without clipping, etc. Any ideas welcome!
If you know anyone who is under-represented in Information Security, have them reach out to me at email@example.com. I want to help people enter the security field, and will assist with required reading, interviewing help, salary negotiation tips, etc. More
The UL Member Slack channel is going really well. I’m pleased with how casual yet substantive it is. It’s exactly the community that I’d like to be a part of, and I am looking forward to some of the events we’re planning. If you’re interested, and were close to subscribing anyway, this is a great reason to go ahead. Subscribe
If you’ve been in a solid stream of non-fiction books, and like fantasy, give the MIstborn series a try. It’s solid fun. More
“Elegance is refusal”.
~ Coco Chanel
Become a direct supporter of my content for less than a latte a month ($ 50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.