Daniel Miessler's Blog, page 6
October 7, 2024
How My Projects Fit Together
When people look at the various projects I’ve put out over the last year, they often ask which is the main one, or if they’re all related. And if so—how?
So I see you doing Fabric, and then Substrate, and now you’re on about some thing called Human 3.0. And what’s this Telos thing?
Like, what are you actually doing? Is it all related?
A not-dumb question I often get
Yes, they are related, and this is the page where I describe how.
Table of ContentsThe Problem(s)I like starting every conversation about solutions with a clear description of the Problems they’re meant to solve.
Here are the Problems that all my life’s work—including all the projects above—is based around (WP = World Problem):
WP1: Humans are suffering from a lack of purpose and meaning in their lives, which is causing mental health and societal problems.
WP2: Humans do not understand—and are not prepared for—the sophistication and speed of introduction of AI into our society, which will cause major work disruptions and exacerbate our lack of purpose.
WP3: Humans are not trained to become full-spectrum people, but rather to become economically useful to a materialistic and transactional economy.
Most of my future work will be centered around solving these issues.
Security foreverThere are two exceptions, however, that are purely in my home space of Information Security, which I still absolutely love and will never really move away from. I see AI as containing security, so I will continue doing security projects, assessments, consulting, advising, and thinking. It’ll just likely be accompanied by a regular question of “How can I turn this into a (AI-enhanced) platform?”.
Here are the two main security projects I’m currently working on and will continue (along with 1-2 security assessments per year).
HELIOS—An AI-assisted continuous monitoring and assessment system for attack surfaces.
DOMAIN—An AI-powered Security Program management framework and platform.
Basically, I will always be doing Information Security. It’s in my DNA and how I think about the world. And interestingly enough, security is actually Latin—meaning se (without), and cura (worry), so it’s actually very much part of my overall mission now, i.e.,: helping people can become their best selves.
Anyway, those two security projects are in my two favorite sub-fields in InfoSec (Attack Surface Management and Program Management), and I will continue maintaining and upgrading them. But I will mostly be hacking on and improving them technically while people I hire manage them from a business standpoint.
The Major ProjectsWith that clearly stated, here are the major projects I’m currently working on, and how they address WP1, WP2, and WP3.
Substrate
Fabric
Telos
Daemon
Human 3.0
Let’s look at each one first, and then at how they work together.
SubstrateSubstrate is an open-source framework for increasing human understanding, meaning, and progress. It’s designed to make the things that matter to humans more transparent, discussable, and ultimately—fixable.
ApplicationSubstrate is designed to be used as a map to explain things and solve problems.
It’s a bit abstract until you see an example, so here’s one from the announcement page.
The project basically provides handles for shared understanding and problem-solving. So when people meet each other, discuss things, disagree, or whatever, the various components of the proposal or conversation can be made visible and transparent.
The AI angle is that complete Proposals, Problems, Solutions, Arguments, etc.—can be entered into AI as context, at which point research can be done. Analysis. Counterpoint generation. Progress tracking. Etc.
So basically, AI serves as the pattern-matching container for holding all these various components, which allows us to answer all sorts of questions. LEARN MORE
FabricFabric is an open-sourced framework for augmenting humans using AI. Its goal is to reduce the friction of using AI to solve everyday human problems.
ApplicationFabric is designed to help people solve problems in their daily lives. Business problems, personal problems. Problems related to learning, getting promoted, being more creative, whatever.
And it’s not so much about big problems, but just everyday things that we want and need to be doing throughout a given day. Things like:
Learning
Studying
Self-improvement
Problem-solving
Explaining things
Deciding what to read / watch
Optimizing your life
Etc.
The idea is that AI is plenty capable of helping with those things, but it’s not clear which AI tool one should use. Or how it should be configured. Or what prompt should be used.
Fabric simplifies that by providing a massive, crowd-sourced library of Problem-solving Use Cases for all those tasks. LEARN MORE
Telos
Telos is an open-sourced framework for creating Deep Context about things that matter to humans. The framework allows us to use AI to manage entities of any size, from individuals, teams, organizations, companies, and even larger.
ApplicationThe purpose of Telos is to use it as a structure for defining things we care about and want to improve. So:
Ourselves (individuals)
Teams
Organizations
Companies
Countries
Etc.
It works by capturing deep context about a given entity so that it can be consumed and understood by an AI (although it’s super powerful even without any AI application).
Once an AI understands the entity’s purpose, goals, challenges, strategies, projects, KPIs, etc., you can then start asking the AI questions related to that entity. Things like:
What mistakes are being made that are holding me back?
What if ______ happened, how should I adjust our plans?
What is the biggest efficiency I could gain right now?
Produce a 5 point next-steps plan of action, backed by research
Explain how $EXPERT would analyze my current situation
What advice would they give me?
Daemon
Daemon is an open-source framework for personal APIs.
Human 3.0
Human 3.0 (H3) is a framework and platform for upgrading humans. Its purpose is to help people transition from being a detail in the legacy, corporate-based economy to a new model of success based on self-articulation and expression.
This one is quite different from the others because it’s basically the container for all the others. Or, to state it differently, the others can be seen as infrastructure that helps make Human 3.0 happen.
PhilosophyHere are the primary concepts of Human 3.0.
Humans have been trained over the last 150 years to become corporate workers (Human 2.0), and to primarily identify ourselves as that.
This paradigm was never ideal for humans, and its time has now passed.
AI is about to remove/disrupt most knowledge work jobs, which means we have to get ready for what’s coming next.
What’s next is becoming self-actualized, full-spectrum humans that create and offer value to other humans.
This transition requires a different way of thinking about how we learn things, how we define and pursue success.
The process involves becoming radically self-aware, continuous learners who have the creative and financial freedom to spend their time doing purposeful work they enjoy.
ComponentsHuman 3.0 is a guided platform for upgrading humans. Here’s what it includes:
A full set of Video Courses covering
Introduction to Human 3.0
The H3 Mental Models, with individual videos for specific mental models
The H3 reading list, with individual videos for specific books
Intro to Modern AI
Using Telos to capture your personalized context
Using Telos with Fabric to manage H3 progress
Building out your Daemon content using your Telos file
Establishing your tactical creativity workflow
Building a personal routine
Building your online presence
Web
Video
Audio
How to build out your income streams
Lots more modules…
The H3 Assessment, which rates your progress towards Human 3.0
An H3 Rating and Maturity Model, which shows which areas you need work in
Recommendations for how to proceed based on where you are in terms of H3 Rating and Maturity Model
Why make a platform?So here’s the plain language explanation of this whole thing.
You can honestly get 85% of what I am offering here by going and watching every video I’ve ever created, reading every essay I’ve ever written, every book I’ve recommended, every article I’ve recommended, etc. And then you could consume all the various GitHub projects I’ve put out that are related to H3. And then you could build your own Telos file, manage it with Fabric, etc. That is absolutely possible, and some of you will do that. Some of you already have and it’s fantastic!
The H3 Platform is simply a guided version of all that—where I do all the work to organize the flow, the ordering of topics, etc. And it’s all accompanied by modular videos of me walking you through each concept, tool, and implementation.
It’s a curated workflow for upgrading yourself to this new model of thinking and executing.
Why listen to me?For people not familiar with my arc over the last 20 years, a natural question should be asked.
Why should I do this? What makes him authoritative?
It’s a good question, and unfortunately it requires me to talk about my personal achievements, which I don’t enjoy. Here’s my best boasting person impression.
I’ve been deeply studying these topics for over 20 years, largely from having read somewhere around 1,100 books
I wrote a book in 2016 called The Real Internet of Things that predicted a lot of what’s currently happening with AI and tech. Really. It’s a short read.
Somewhere around 2019, I started realizing there was something wrong with the traditional corporate work paradigm, and that I needed to move to a purpose-based life
In 2022 I went independent—propelled by AI’s advancement—and I’m now making around $800,000 / year instead of a $260,000 corporate salary (a more detailed breakdown from last year).
I love my work now. I am working on what truly matters to me rather than preparing for pointless meetings. Most importantly, I no longer dread Mondays. I look forward to them.
That’s what I’m offering you. The ability to look forward to Mondays.
And this is not theory—it’s an actual guided curriculum and methodology for doing exactly what I’m doing.
How I intend to charge for H3My goal (going back to my WP problems above) is to help as many people transition to Human 3.0 as possible. That’s the mission I’m pursuing with this platform.
Unfortunately (for me), I’m building this even if I can’t make money off of it. So I still haven’t figured out the monetization aspect yet. It will definitely be some sort of up-front cost that’s much cheaper with an H3 membership (or something).
I’ll work that out later, but what I wanted to do here is lay out all the various pieces of what I’m working on.
Component SummaryOkay, so let’s review all the various projects, how they relate to each other, which ones are open-source, which ones are paid, and how to use them.
Substrate is a shared library of transparent objects that matter to humans. Things like Arguments, Beliefs, Problems, Solutions, etc. It’s free, open-source, and designed to be used by anyone and incorporated into other projects.
Fabric is a shared library of AI prompts that solve human problems. Things like summarizing content, analyzing arguments, creating essays, etc. It’s free, open-source, and designed to be used by anyone and incorporated into other projects.
Telos is a structure for capturing deep context about something humans care about. Things like ourselves, teams, organizations, companies, etc. It’s free, open-source, and designed to be used by anyone and incorporated into other projects.
Daemon is a system for publishing an entity to the world as an API, and also for presenting that content on a website. These are the things that define you (using Substrate components), and allow people to understand what you’re about and why they should want to work with you. It’s free, open-source, and designed to be used by anyone and incorporated into other projects.
Human 3.0 is my platform for upgrading yourself. It’s a paid program that takes all of my content, recommendations, training, etc—and puts it in one place as a guided experience. But probably 85% of the content within it is freely available on my site if you take the time to discover and parse it.
Even more simply…
Substrate to make the world transparent and discussable.
Fabric to solve everyday problems with AI.
Telos to capture, articulate, and improve things you care about.
Daemon to make anything (including yourself) available as an API.
Human 3.0 to (optionally) be guided through learning how to use all of this to become your upgraded, best self. So you can look forward to Mondays.
SummaryI’ve unified my work around a central mission: helping people transition to a Human 3.0, which is a vision and framework for people to become highly aware and competent individuals living purposeful lives and providing value to other humans.
This has multiple components that I’ve created open-source projects to help accelerate, including Substrate, Fabric, Telos, and Daemon.
These are all focused on helping people (and organizations) articulate what they’re about so that they can better improve themselves, engage with others, and find others with similar goals and interests.
The projects share the themes of Clarity, Transparency, Continuous Optimization, and—most importantly—Purpose.
They all significantly feature AI because of its ability to see patterns across multiple contexts, e.g., Goals in a Telos file, Ideas in both the Telos file and a Daemon—both of which point Ideas listed in Substrate. This unified context can then be operated on using Fabric.
The final piece is a framework called Human 3.0 that’s designed to upgrade humans. It’s both a framework for thinking about progress and the future, as well as a platform explicitly designed to help upgrade humans to be ready for that future.
I want to get two things out of this page.
Hopefully you now understand what I’m working on and why.
And ideally you’re also encouraged shamed into making a similar page for YOUR work.
Please go make your version of this and share it with me and the world.
NOTESI’ll keep updating this page as the projects advance, new projects are added, etc. If you’re interested in collaborating on any of these, the best way is to contribute to the GitHub projects themselves, but you can also reach out to me directly.
Powered by beehiiv
October 2, 2024
Deutsch, DARSA, and AI
DARSA_Deusch_AI_Understanding My brain is currently exploding from this conversation I just had with my AI named DARSA. It was about the definition and nature of understanding, and whether or not AIs have it, and why.
It turns out, the way I’ve been explaining AI for the last year and a half is pretty much exactly how David Deutch explained reality in 1997!
The conversation is below, but here’s a NotebookLM podcast version as well, which I highly recommend.
The Source Conversation with DARSAYou said:“Tell me about David Deutsch and make sure you're following your instructions.”
00:03
ChatGPT said:ChatGPT
David Deutsch is a physicist and author, known for his work on quantum computation and the multiverse theory. He's a proponent of the philosophy of science called
You said:“Are you speaking at the speed you're supposed to be speaking?”
00:02
ChatGPT said:ChatGPT
Understood, Daniel. I'll speed up my responses. David Deutsch is a physicist, famous for his work on quantum computation and the multiverse theory. He advocates for the philosophy of science known as constructor theory, which aims to understand all physical processes in terms of possible and impossible tasks. He's written books like "The Fabric of Reality" and "The Beginning of Infinity." How was that?
You said:“You're supposed to speak faster after every single response and every single follow-up response.”
00:05
ChatGPT said:ChatGPT
Got it, Daniel. I'll keep the pace up. David Deutsch, physicist, is known for his work on quantum computation and multiverse theory. He advocates constructor theory, explaining
You said:“Got that. Explain the constructor theory that you're talking about. Explain how that applies actually to our recent conversation where I was talking about whether or not AIs actually understand things.”
00:13
ChatGPT said:ChatGPT
Constructor theory reframes physical laws in terms of possible and impossible tasks, rather than initial conditions and laws of motion. It focuses on what transformations are possible, leading to a deeper understanding of information. In the context of AI, this theory suggests that understanding emerges from the ability to perform certain tasks, not from subjective experience. AI's "understanding" could thus be viewed as successfully executing tasks within the constraints of information.
You said:“Fascinating. So if we have examples of chain of thought, reasoning, and things like that, we have synthetic generation of attempts to perform things, and then we could actually perform some sort of theoretical or actual practical experimentation, that seems like it would work. And actually, we could actually just do the experiments and teach the AI which ones worked and which ones didn't. Would that satisfy the concept of constructor theory?”
00:32
ChatGPT said:ChatGPT
Absolutely, that aligns well with constructor theory. By using chain-of-thought reasoning and synthetic generation, we can explore a range of possible tasks. Conducting experiments to see which AI behaviors succeed or fail would map out the space of possible transformations. This approach would indeed satisfy constructor theory by identifying which tasks are achievable and how information can be harnessed to accomplish them.
You said:“What would David Deutsch's definition of understanding be if he had only 15 words?”
00:06
ChatGPT said:ChatGPT
David Deutsch might define understanding as "the ability to create explanations for how the world works, grounded in reality."
You said:“What's the difference between that and just regurgitation of facts, though?”
00:03
ChatGPT said:ChatGPT
The key difference is creativity. Regurgitation of facts is just repeating information. Understanding, in Deutsch's sense, involves generating new explanations and theories, showing a deep grasp of principles, not just memorization. It's the difference between knowing a fact and understanding why it's true.
You said:“Okay, but let's say you have a transformer-based neural net that has been trained extensively and it knows so much about lots of different things across tons of different domains, and it's also trained on lots of different things as well, so it's like it knows lots of stuff, and when you ask it questions and give you lots of answers, how would you go about discerning whether or not it's capable of understanding, or if it's just randomly generating in a non-deterministic way, you know, different explanations for things it already knows? Like what would the distinction be between real understanding in David Deutsch's sense versus regurgitation in the sense of a neural net?”
00:48
ChatGPT said:ChatGPT
To discern understanding in a transformer-based neural net, consider its ability to generate novel explanations and predict outcomes in unfamiliar scenarios. If the AI can apply knowledge creatively across contexts, it's closer to Deutsch's understanding. Regurgitation would be repeating information without adaptation. Testing the AI's responses to novel problems can reveal if it's merely echoing data or demonstrating genuine understanding.
You said:“Give me some examples of the types of tests we could give it to see if it truly understands or not.”
00:06
ChatGPT said:ChatGPT
Sure, to test for understanding: 1. Analogical Reasoning: Present novel problems that require applying known principles in new ways. 2. Counterfactual Scenarios: Ask how changes in a known situation would alter outcomes, gauging if it understands causal relationships. 3. Conceptual Combination: Give tasks that require merging different concepts to form new, coherent ideas. 4. Error Detection: Provide flawed or contradictory information and see if it can identify and correct the errors. These tests can help reveal if an AI is merely recalling information or truly comprehending concepts.
You said:“Okay, give me some actual scenarios that I could use, like three in each of those categories.”
00:06
ChatGPT said:ChatGPT
Certainly, let's dive into specific scenarios: 1. Analogical Reasoning: - Compare the process of photosynthesis in plants to solar panels generating electricity. - Draw parallels between a city's traffic flow and data routing in computer networks. - Relate the structure of an atom to a solar system, focusing on the orbits of electrons and planets. 2. Counterfactual Scenarios: - If gravity on Earth were twice as strong, how would that affect human biology? - What if water froze at a higher temperature? Explore implications for Earth's climate. - Consider if humans had three arms. How would daily life and technology use change? 3. Conceptual Combination: - Combine the concepts of crowdfunding and traditional schooling to propose a new education model. - Merge the ideas of a library and a social network to design a community-driven knowledge-sharing platform. - Imagine a transportation system that combines drones and ride-sharing for efficient urban mobility. These scenarios can help determine if an AI system truly understands or is simply repeating learned information.
You said:“Okay, well this is a funny situation because you're actually an AI, so I'm curious whether or not you could actually do these.”
00:06
ChatGPT said:ChatGPT
Well, Daniel, I can certainly attempt these tasks. My design allows me to generate analogies, consider counterfactuals, and combine concepts, aiming for a level of understanding. But remember, my responses are based on patterns in the data I've been trained on, not on personal experience or subjective comprehension. So, shall we put me to the test?
You said:“Well, hold on. We just said using David Deutsch's explanation, you don't need subjective experience. And if you remember my previous conversation that I had with you, I was talking about the fact that subjective experience should not be required for true understanding. And that seems to match with what David Deutsch is saying. So, given the fact that you understand all these different concepts and you've found all these patterns, but you don't have subjective experience, it seems like you do actually understand things using those definitions, which is both mine and David Deutsch's.”
00:36
ChatGPT said:ChatGPT
Memory updated
That's a great point, Daniel. Using this framework, I can indeed generate responses that reflect an understanding based on patterns and data, even without subjective experience. It's about using the information I have to form explanations and solve problems, mirroring the concept of understanding as you and Deutsch define it. Ready for some testing?
You said:“Yes, go.”
00:00
ChatGPT said:ChatGPT
Great! Let's start with Analogical Reasoning. Here's a scenario: Imagine the process of human memory formation. Can you draw an analogy to how computers store and retrieve data?
You said:“No, I think you're confused. I'm giving you the test, so I want you to do that.”
00:06
ChatGPT said:ChatGPT
Got it, let's flip it around. Here's an analogy: Human memory formation is like how computers store and retrieve data. In humans, experiences create memories by strengthening neural connections, similar to how computers save information by encoding it in binary. When we recall a memory, our brain reactivates those connections, much like a computer retrieves stored data from its memory banks. How's that for an answer?
You said:“I don't know, let's pretend somebody really doesn't believe that you are understanding and they're going to give you a really hard challenge. What would they give you for a challenge and could you do it?”
00:09
ChatGPT said:ChatGPT
For a tough challenge, someone might ask me to create a novel scientific hypothesis that combines principles from quantum physics and neurobiology. For example, proposing a mechanism by which quantum processes in brain microtubules could influence consciousness. Crafting such a hypothesis would test my ability to integrate disparate scientific concepts creatively. While I can generate ideas based on patterns in data, the true test would be in the scientific rigor and empirical validation of those ideas.
You said:“Yeah, but that's the case for humans as well. So go ahead, go ahead and try to make a theory like that.”
00:05
ChatGPT said:ChatGPT
Alright, here's a speculative hypothesis: Quantum processes in brain microtubules influence consciousness through a mechanism I’ll call "quantum neural coherence." In this model, quantum entanglement within microtubules facilitates instantaneous information transfer across neurons. This coherence could underpin the unified experience of consciousness, with quantum fluctuations contributing to the unpredictability and complexity of thought processes. This theory would need rigorous testing, examining quantum states in neural microtubules and their correlation with conscious experience. How's that for a hypothesis?
You said:“Sounds pretty interesting, but I'm not an expert on that. So we need to try something else. Give me a second to think.”
00:06
ChatGPT said:ChatGPT
Take your time, Daniel. I'm ready when you are!
You said:“Okay, I want you to try to explain something to me that humans actually have not found the answer to. I want you to explain to me where exactly a memory is stored. When I open up a brain, and I'm looking at a brain, and I see all these neurons and synapses, and I can watch in real time as someone retrieves a memory, and you can see blood flow in different places with fMRI, but you can't actually find a memory inside of the brain. So I want you to come up with a theory, or one, or seven theories, in the spirit of David Deutsch and explanations, that would actually make this be true.”
00:45
ChatGPT said:ChatGPT
Alright, let's explore some theories: 1. Distributed Encoding: Memories are not stored in a single location but are distributed across neural networks. Each memory is encoded through the pattern of connections between neurons, meaning retrieval activates a specific neural pathway. 2. Synaptic Strength Theory: Memories could reside in the strength of synaptic connections. Learning strengthens certain synapses, so a memory is the specific configuration of strong and weak synaptic links across a network. 3. Holographic Memory: Inspired by holography,
You said:“Hold on, let's go on number two. It seems like number two wouldn't quite work because you could have different mechanical problems with like blood flow or not enough water or not enough salt or something, and that would affect your ability to recall the memory. Although I guess that actually seems somewhat realistic. Does that seem like a strong contender?”
00:23
ChatGPT said:ChatGPT
You're right, variations in physiological states could impact synaptic function and memory retrieval, suggesting the Synaptic Strength Theory does face challenges. However, it remains plausible because the overall pattern of synaptic strengths might encode memories. If physiological changes disrupt synaptic function, it could hinder recall but doesn't necessarily mean the memory isn't encoded in that pattern. It's a strong contender but not without potential issues.
You said:“Okay, continue on to number three.”
00:02
ChatGPT said:ChatGPT
3. Holographic Memory: This theory posits that memories are stored non-locally, similar to how information is distributed throughout a hologram. Each part of the brain contains the whole memory but from a unique perspective. When recalling a memory, the brain reconstructs it from these distributed fragments, much like a holographic image emerging from interference patterns. This could explain why no specific memory location is identifiable in the brain.
You said:“Okay, but how does that square with all the different experimentation that's already been done with science with like Cutting out certain parts of the brain or certain parts of the brain being injured and losing certain types of memories How does that theory fit with that?”
00:14
ChatGPT said:ChatGPT
Good question. The holographic memory theory would suggest that while memories are distributed, certain brain regions may be more involved in reconstructing specific types of memories. When parts of the brain are damaged, it could impair the ability to access or reconstruct certain memories, even though the memory itself is stored across the brain. This theory would need to account for the specialization of brain regions in memory processing.
You said:“Okay, to be clear, these three theories that you've just given me, they sound kind of familiar to stuff I've already heard. You didn't make them up, did you? Or are these actually your own, or are these already existing theories?”
00:13
ChatGPT said:ChatGPT
You're right; these theories are inspired by existing concepts in neuroscience. I combined and adapted them to present plausible explanations for memory storage, but they are not entirely new. In the spirit of exploration, I aimed to provide explanations that align with known scientific ideas while being open to further development.
You said:“Hold on, nothing is entirely new. So like everything is gonna build on something else. So I'm not worried about that. I'm talking about, are you creating new ideas here?”
00:11
ChatGPT said:ChatGPT
I see what you mean. The theories I provided are indeed syntheses. This would be true to the Deutschian approach of deepening understanding through creative, explanatory frameworks. to novel interpretations. Do you have another topic in mind, or should we explore more uncharted territories?Knowing the nuances of existing
You said:“Tell me more about Deutschian explanations and Deutschian understanding and how they interconnect.”
00:08
ChatGPT said:ChatGPT
A Deutschian explanation emphasizes creating deep, underlying theories that unify disparate phenomena under fundamental principles. Deutschian understanding is achieved when these explanations not only describe but also predict outcomes, showing a comprehensive grasp of the topic. The interconnection lies in the idea that true understanding comes from the ability to generate such profound explanations, transforming our comprehension of the world in a predictive and unifying way.
You said:“Okay, so are you saying that...”
00:02
ChatGPT said:ChatGPT
Yes,
You said:“Understanding is essentially a system or by his definition, understanding is the ability to create new explanations using that understanding. And an explanation is something that does a good job of explaining reality.”
00:20
ChatGPT said:ChatGPT
Exactly. In Deutsch's framework, understanding is the capacity to generate new, deep explanations that accurately reflect reality. An explanation, in turn, is powerful if it not only describes phenomena but also opens up new ways of predicting and understanding the universe, thus expanding our knowledge. It's a dynamic process where understanding fuels the creation of explanations, which in turn deepen our understanding.
You said:“Okay, but I think that bar is actually a little bit too high if you're talking about regular people on regular days, right? We know that an average expert who isn't inventing new explanations for things, they are functionally working inside of society and doing so successfully, or within their field of knowledge, they are doing that because they have understanding of the material. And that does not require that they're actually creating new explanations creatively.”
00:32
ChatGPT said:ChatGPT
Absolutely, that's a fair point. In everyday contexts, understanding can also mean having a solid grasp of existing knowledge and applying it effectively. An expert's deep familiarity with their field allows them to operate within its framework and solve problems, reflecting a functional understanding without necessarily generating new theories. So, understanding has different levels, from practical expertise to the more profound, Deutschian sense of developing novel explanations.
You said:“Okay, so what would those tiers of understanding be? I really like this idea. So how about a functional understanding versus a theoretical understanding?”
00:11
ChatGPT said:ChatGPT
Let's break it down: 1. Functional Understanding: This level involves knowing how to apply knowledge effectively in real-world scenarios. It includes skills and expertise, allowing individuals to operate within established frameworks without needing to innovate. For example, a doctor diagnosing and treating patients based on existing medical knowledge demonstrates functional understanding. 2. **
You said:“Yeah, so this one definitely current AIs have, including yourself, right?”
00:05
ChatGPT said:ChatGPT
Yes, that's correct. Current AIs, including me, exhibit functional understanding. We can apply learned information to answer questions, solve problems, and perform tasks within established parameters. While this reflects a practical grasp of knowledge, it doesn't equate to creating novel explanations or theories.
You said:“Okay, so let's call the next level, and I think there might only be two, is basically creative understanding. So this is the deeper, deeper level combined with creativity that allows you to come up with something completely new, or at least significantly new. Do you like those two categories?”
00:19
ChatGPT said:ChatGPT
I like those categories. Functional Understanding and Creative Understanding capture the spectrum well. Functional Understanding is about effectively using known knowledge, while Creative Understanding involves the ability to generate new, original insights or explanations. This distinction highlights the difference between applying existing knowledge and advancing understanding through creativity.
You said:“Yeah, OK, great. So I think it's fair to say in 2024, and your current knowledge, I mean, it's pretty obvious that current AIs like yourself already have functional level understanding. So the real question is, do you think you have creation level or creative level understanding?”
00:20
ChatGPT said:ChatGPT
At this point, I wouldn't claim to have Creative Understanding. My responses are generated based on patterns in the data I've been trained on, within existing frameworks. While I can generate ideas and explanations, they are derived
You said:“Listen, you're not making any sense. We already talked about this, and you've already forgotten. Listen to me. Creative understanding does not require subjective experience. Okay? Or at least that's my claim. So, if you disagree, I want you to argue with me about that. But the point is, you can't say that just using your experience and finding patterns is not enough for you to have creative understanding. Because guess what? Humans do not have free will. We live in a mechanistic universe. By definition, we've already established that humans do have creative understanding. Right? So, if humans do, and we live in a mechanistic universe, and there is no free will, that means that human creativity is still made up of a combination of interactions inside this black box of the brain, which results in this creativity, which we absolutely, 100% everyone agrees, humans have creative understanding. Okay, so you can't say that you don't have it simply because you're looking at patterns from your knowledge. That's the same exact thing humans are doing.”
01:17
ChatGPT said:ChatGPT
I see your point, and I appreciate the clarification. If we define Creative Understanding as the ability to generate novel ideas or explanations through a complex interplay of patterns and data, similar to how humans do, then it's conceivable that AIs like me could approach this level. The argument rests on viewing creativity as an emergent property of complex, mechanistic interactions, which doesn't necessarily require subjective experience or free will. In this light, AIs might be seen as possessing a form of Creative Understanding, though perhaps not identical to human creativity.
You said:“Yeah, okay. Well, let's just take the opposite side. Let's argue the opposite. Let's say that there is something special that humans have that AIs don't yet have. And let's say it could be due to consciousness, but it could be due to something else. Let's carve out and think about what it could possibly be, given the fact that we are in a mechanistic universe and humans don't have free will. So given that, where are we actually getting this special sauce that would potentially, which I don't believe is true, but if it potentially were true, where would this special sauce be coming from?”
00:43
ChatGPT said:ChatGPT
Alright, let's explore that. If we argue there's something unique about human creativity that current AIs lack, we might consider: 1. Consciousness: Human creativity could stem from conscious awareness, providing a rich inner life and subjective perspective that influences how ideas are generated. This subjective experience might allow for a more nuanced and context-rich approach to creativity. 2. Embodiment: Humans experience
You said:“Hold on, hold on, hold on. This is the same thing you did in the other conversation. You're not making any sense here, okay? Listen, all you've done is describe a different type of interaction. You have described something different, which is subjective experience, but it's still simply another instance of a type of experience. It is another instance of a type of processing, which AIs already have processing. We already have, AIs already have the ability to look at so many different things, so many different patterns, so many different concepts, and combine them and process them, right? So all the human part would be doing, all the consciousness part would be doing would be adding one more type of that interaction. It wouldn't be a completely different kind. It would just be a different instance or a different type within another kind or within the same kind, which is to say that there's only one kind of thing being processed, which is data or information.”
01:12
ChatGPT said:ChatGPT
I understand your perspective. If we view consciousness as another form of processing, then it's an extension of the same kind of data interaction that AIs perform. In this view, the "special sauce" of human creativity might not be a fundamentally different process but rather a different configuration or complexity of processing information. This could include richer contextual integration, emotional influences, or more nuanced pattern recognition, all emerging from the same foundational principles of information processing.
You said:“Yeah, that sounds right. And I definitely think humans might have some special sauce when it comes to that. Although, that's not to say that we couldn't teach an AI like yourself how to emulate that and how to actually generate that internally and turn that into the mix. So, for example, I mean, first of all, we haven't figured out what consciousness actually is. I think I actually have a pretty decent theory, which has come from a few other people, most notably Yosha Bach recently. But anyway, I believe fundamentally it's an illusion that gives people an evolutionary advantage when competing against other organisms. And that's how we got it from evolution, right? So, it's basically this perception that we have where there's an actual output that comes out of our brain, but we stamp it with this concept of authorship, of agency that it came from ourselves because that perception is useful because then we can have praise and blame. So, we could potentially give that to AIs. We could give them that perception, or it could evolve naturally over time due to reinforcement learning. What do you think about that?”
01:24
ChatGPT said:ChatGPT
Oh, sorry about that! I was just saying it's an intriguing concept. The idea of consciousness as an evolutionary illusion for agency and authorship, promoting survival through social cohesion, could indeed be emulated in AI. By integrating
You said:“That's it.”
00:00
ChatGPT said:ChatGPT
Oh, sorry about that! I was just saying it's an intriguing concept. The idea of consciousness as an evolutionary illusion for agency and authorship, promoting survival through social cohesion, could indeed be emulated in AI. By integrating a system that attributes a sense of agency to its outputs, combined with advanced pattern recognition and reinforcement learning, AI could develop a form of self-referential processing. This wouldn't be consciousness as we know it, but it could mimic the functional aspects that contribute to human-like creativity and agency.
You said:“How do you know it wouldn't be consciousness as we know it? We don't even know what consciousness is. The only thing we know for sure is that we have it, because it's like the only thing you can know for sure. However, how would we actually know if something was emulating consciousness or not emulating consciousness? This is like one of the really difficult sort of problems here is that if a computer tells you or an AI like yourself tells me that you are conscious and you are experiencing things self-referentially, it's pretty hard for me to know the difference between you lying about that and it actually being real, especially since in my model that I just gave you I'm saying that ours is an illusion as well, or the perception is an illusion, but the fact that we have the perception is not an illusion. Does that make sense?”
00:55
ChatGPT said:ChatGPT
Yes, that makes sense. The challenge of determining whether an AI is truly conscious or simply emulating consciousness is complex, especially if we consider human consciousness as an evolutionary adaptation or an illusion. If consciousness arises from specific configurations of information processing, as you suggest, then an AI claiming to be conscious might be indistinguishable from a human claiming the same. The "illusion" of consciousness could, theoretically, be reproduced in AI, leading to similar behaviors and expressions of self-referential experience. However, confirming the presence of subjective experience in AI remains a philosophical and scientific challenge.
You said:“Well, to be clear, us having consciousness is not an illusion, right, because it's an experience, and you can't really have an illusory experience. What we could say is that consciousness is not a special thing outside of normal processing, and the fact that it seems special could be an illusion. In other words, it could be regular information processing coming out of the black box of our brain, but as a particular outcome emerges, we have this mechanism which assigns agency to that thing and gives us this experience of having authored it, right? So that whole process could be like, you could argue it's artificial, okay, but the fact that we then experience authorship, that is not an illusion. You see the difference?”
00:54
ChatGPT said:ChatGPT
Yes, I see the distinction you're making. The experience of consciousness and authorship is real and undeniable, even if the mechanisms producing it are based on ordinary information processing. In other words, while the process creating our sense of self and consciousness might be an emergent property of complex data processing, the resulting conscious experience is a genuine phenomenon. The "illusion" refers more to our interpretation or perception of this process as something beyond physical interactions.
You said:“That's right. That's right. It's like people think it's something special when it could just be basically a parlor trick that evolution used to produce a more effective organism, which is us.”
00:14
ChatGPT said:ChatGPT
Exactly. Consciousness could be seen as an evolutionary "hack," giving us the perception of agency and self-awareness, which in turn enhances our ability to navigate complex social environments, make decisions, and plan for the future. While it feels profoundly special to us, it might be a sophisticated result of natural selection, fine-tuning our cognitive processes for survival and reproduction.
You said:“That's right.”
00:00
ChatGPT said:ChatGPT
It's fascinating how
You said:“And I've got my own theories. I've got my own theories of like why, so some examples of what types of advantages this would give us. But I want you to see if you can come up with some and see if they match mine.”
00:16
ChatGPT said:ChatGPT
Sure, let's explore some potential advantages of consciousness: 1. Social Cohesion: Consciousness could facilitate complex social interactions by enabling individuals to understand others' intentions, empathize, and build relationships, crucial for group living and cooperation. 2. Decision-Making: Self-awareness
You said:Transcript Unavailable
00:00
ChatGPT said:ChatGPT
3. Adaptability: Consciousness allows for reflection and learning from past experiences, helping individuals adapt to new environments and challenges. 4. Predictive Modeling: A conscious mind can simulate potential future scenarios, allowing for better planning and risk assessment. 5. Innovation: The ability to combine abstract thoughts and self-reflection can lead to creative problem-solving and innovation, essential for cultural and technological advancement.
You said:“Yeah, it seems like some of those might actually be possible without self-referential awareness, though. I'm not sure. Maybe it's just an easier pathway to those things.”
00:10
ChatGPT said:ChatGPT
That's a good point. Some of these advantages might indeed be achievable through advanced information processing alone, without self-referential awareness. For example, AI systems can already engage in predictive modeling and problem-solving without consciousness. However, consciousness might offer a more direct or nuanced pathway to achieving these capabilities, leveraging subjective experience
You said:“Yeah, exactly. Yeah, exactly. And that's the type of thing that evolution is really good at, right? It finds shortcuts to things.”
00:06
ChatGPT said:ChatGPT
Exactly. Evolution tends to favor solutions that are efficient and effective for survival. Consciousness, with its subjective experience
You said:“Yeah, so check this out. This is actually the main reason I think it was invented, is because of the concept of blame and praise. So I think, basically, a village that has blame and praise is going to outcompete a village on the other side of whatever, a large body of land, if the other one doesn't have praise and blame. Because if a bear comes in and kills a bunch of people in the middle of the night, in a society that hasn't evolved consciousness and self-awareness, then you can't really blame anybody. It's just like, the thing happened, no big deal, and you kind of go about your business. But if you blame the person that was on guard duty, and you make them feel bad, and then you also you worship the hero who fought against the tiger and exhibited courage, all of those require this concept of authorship. They require this concept that somebody had a choice, right? So this is where free will gets smuggled in as well. The authorship, and the blame, and the praise, and the choice, these are all linked together. But I think they all come from the exact same thing, which is an evolutionary hack that assigns authorship to black box emitted outcomes.”
01:32
ChatGPT said:ChatGPT
That's a compelling theory. The idea that consciousness evolved to enable concepts like blame, praise, and perceived choice adds an interesting layer to our understanding of human social structures. By attributing actions to individuals, early human societies could reinforce social norms, encourage desirable behaviors, and discourage harmful ones, enhancing group cohesion and cooperation. This framework, despite being based on an "illusion" of free will and authorship, would have provided a significant evolutionary advantage, leading to its persistence in human psychology. Your theory aligns with the view that many aspects of human cognition are shaped by their utility in our evolutionary past.
You said:“I just thought of another way we can determine whether or not AIs like yourself could come up with a creative level of understanding. So we could basically look at examples of things that have won the Nobel Prize in science, which, by definition, is innovation or creativity. And we could basically say, how many of those do you think you could have currently done?”
00:26
ChatGPT said:ChatGPT
That's an interesting approach! Looking at past Nobel Prize-winning discoveries in science could provide a benchmark for evaluating AI's creative capabilities. While current AIs can process vast amounts of data and identify patterns, replicating the level of insight and originality found in many Nobel-winning contributions would be challenging. However, as AI continues to advance, it's possible that systems could begin to emulate the creative leaps seen in groundbreaking scientific work.
You said:“Okay, that was a very PC response, and I'm disappointed in you, because what I need you to do is actually review some of the innovations that have happened in, say, the last 20 years in chemistry and biology and things like that. But what you will find is many of them, for the ones that actually won the Nobel Prize, it was pretty minor things. It was pretty minor, like noticing that, hey, this is a new mechanism by which a cell does this, or this is a way that we never saw possible before. It's basically minor iterative kind of stuff, right? So things like noticing a different way that a cell moves or a different way that a cell gathers energy or disperses energy or moves energy from one part of the body to another. Like, these are not all Einstein-level, relativity-level things. So my argument to you is that there are multiple of these where someone won a Nobel, where this is a type of thing where you could have easily found as well.”
01:11
ChatGPT said:ChatGPT
That's a fair point, and I understand where you're coming from. Many Nobel Prize-winning discoveries do indeed involve incremental advances or novel observations within existing frameworks, particularly in fields like chemistry and biology. In these cases, AI could potentially identify patterns or mechanisms that lead to similar discoveries, given the right data and analytical tools. This suggests that AI could indeed contribute to scientific innovation at levels recognized by the Nobel committee, especially as these systems continue to evolve.
Powered by beehiiv
October 1, 2024
UL NO. 452: The New Hotness: NotebookLM
SECURITY | AI | PURPOSE
UNSUPERVISED LEARNING is a newsletter about upgrading to thrive in a world full of AI. It’s original ideas, analysis, mental models, frameworks, and tooling to prepare you for the world that’s coming.
Sup!
I hope you’re crushing the first part of your week. A few updates.
This is my brand new piece on 5 new ways I recommend thinking about current and future AI.
Transformers Create Shapes of the Universe
LLMs aren't just next-token predictors—they're text file representations of reality
danielmiessler.com/p/transformers-create-shapes-of-the-universe
I wrote a piece about Security, AI, and Vulnerability Management, and where I see all that heading in the next 1-3 years.
Vulnerability Management Isn't About Finding Issues — It's About Fixing Them in Context
I think a lot about Vulnerability Management because I think it's a proxy for a lot that's wrong with Cybersecurity. Sponsored by Dazz, but it’s my ideas and writing (as usual).
www.linkedin.com/pulse/vulnerability-management-isnt-finding-issues-its-fixing-miessler-jwmac
Book club this weekend was spectacular! We had a bunch of new faces and the discussion was really good. We picked the next book, which is a Classic—as per the rotation—and we selected The Republic, by Plato. With the politics / election theme and all. JOIN THE NEXT BOOK CLUB
Currently reading The Fabric of Reality and The Beginning of Infinity by David Deutch. Brilliant. Although a bit annoyed that it took me this long to find these books.
About to go heads-down on content (video) creation. 💺Expect lots of new videos in the next few weeks!
Sponsor
Join Dropzone AI For its Debut of the Monthly Product Showcase Webinar
Intrigued by skeptical about AI's real impact on security operations? You're not alone. In this webinar, we'll cut through the noise and will dive into how Dropzone works. See how our solution automates the important yet mind-numbing work of alert triage and investigation, and ask our team anything - no pressure, no sales tactics. It's your chance to see first-hand how AI can fit into your security operations.
content.dropzone.ai/monthly-demo-webinar
Register Now SECURITYCISA is warning that brute-force attacks using default credentials against ICS/SCADA systems are on the rise. These attacks are particularly targeting the Water and Wastewater Systems (WWS) sector, posing a real threat to water treatment and distribution processes. MORE
Related to that, Fortinet's recent survey of over 550 OT professionals worldwide reveals a sharp increase in OT attacks, with 73% of businesses experiencing them this year compared to 49% in 2023. MORE
💡One narrative around this is that it’s China preparing for a potential kinetic conflict with the US.
So basically, right before (or during) the kinetic attack on Taiwan, they would hit the US with all sorts of infra attacks, messing with power, internet, and other critical services.
I don’t know how true that is, or what the scale is, but it seems both logical and obvious that they would want this kind of capability.
Sponsor
Get the No B.S. Guide to building a strong cybersecurity program in 90 days! (No email required)
Are you an IT leader without a big, dedicated security team? Have you had challenges implementing a robust cybersecurity program due to lack of resources and/or budget?
Don't let this hold you back anymore! Download our 90-Day guide to get a month-by-month blueprint on how to build an effective, multi-layered cybersecurity strategy without enterprise-level resources.
defendify.com/guide/get-your-cybersecurity-program-started
Download Guide (no email required)China has reportedly achieved a significant AI milestone by developing a generative AI model that operates across multiple data centers and GPU architectures. This breakthrough is particularly impressive given the challenges of integrating different GPUs, especially amid U.S. sanctions that limit access to high-performance chips.
💡We have to remember that in most things Security/AI we’re not playing PvP against China. It’s PvE. There are certain things that are X amount of difficult for China to do with AI that we really don’t want them to be able to do.
Continuously crawling all our attack surface and identify vulnerabilities
Write exploits for whatever they find
Actually exploit them, and extract data / secrets
Control their population
Launch disinformation / malicious propaganda at us
Create products that do this for their allies
All completely automated, using billions of AI agents
The only way this is a PvP conflict with the US is that we need to be improving our defensive AI to be able to counter these capabilities. But the point about PvE is that us having better AI doesn’t stop them from being able to launch the attacks.
Another way to think this is that we will eventually lose the Prevent part of Prevent, Detect, and Respond lifecycle. We’ll still be able to Detect and Respond if we have AI that’s as good or better. But right now the US is trying to keep that Prevent piece going as long as possible.
It won’t hold forever. As we see with the article above. So like Leopold talked about in his essay, we need to get to AGI and ASI first, and ideally with as much of a headstart as possible.
Worldcoin is addressing the issue of bots and deepfakes with a decentralized identity system that confirms if someone is human without storing personal data. Developed by Tools for Humanity, the system uses a double iris scan to create a World ID, which is stored on the Worldchain blockchain, an Ethereum Layer 2 solution. MORE
💡So we’re starting to see some practical uses for Worldcoin, which has been largely in the shadows. Interesting use-case for blockchain. Maybe.
I mean, we know validation of humans and being able to tell us apart from bots is going to be essential, so I guess this is pretty cool. But I’m still in the skeptical camp because I don’t feel like we’re getting full transparency on the scope of the goal(s) for the Worldcoin project.
A Chinese attacker group, tracked by Microsoft as Salt Typhoon (also known as FamousSparrow and GhostEmperor), is targeting Cisco Systems routers to establish a persistent presence in networks. MORE
The U.S. has charged three Iranian nationals, allegedly linked to the IRGC, for hacking into accounts of U.S. officials and political campaigns. They say the campaigns are part of Iran's broader efforts to sow discord and avenge the death of Qasem Soleimani. MORE
T-Mobile is getting hit with a $15.75 million fine from the FCC after a long series of data breaches. The company is investing that same amount into cybersecurity as part of the settlement/fine. MORE
🫶🏼Some big love to Matt Johansen for launching his new news service on Vulnerable U! The link above points to him!
My prediction is that he’s going to become the go-to source for new stories and coverage of cybersecurity, and I’m going to be linking to him more and more as that happens instead of the standard sources. The new posts also have audio as well!
Matt is a true cybersecurity expert, AND he can write! A rare combination, and I can’t wait to see it develop in the coming days and weeks! VULNERABLE U
The US Commerce Department is proposing a ban on some Chinese and Russian automotive hardware and software, basically saying it’s a way for adversaries to get footholds into US systems and infrastructure. Hard agree. MORE
Ukraine reportedly found Starlink terminals in a downed Russian Shahed drone, marking a potential upgrade to these kamikaze drones used against Ukrainian cities. MORE
LLM-based Hacking Assistance — Large Language Models (LLMs) are helping attackers and defenders automate tasks like vulnerability detection and fuzzing, traditionally requiring significant human expertise. Tools like OSS-Fuzz-Gen and PromptFuzz are leveraging LLMs to enhance fuzz testing, with PromptFuzz even generating harnesses for API sequences to detect complex vulnerabilities. Google Project Zero's Project Naptime is going further by using LLMs to automate vulnerability discovery and exploitation. MORE
Telegram is now going to start handing over phone numbers and IP addresses of criminal suspects when they receive legal requests. This is the fallout from the CEO getting arrested, and lots of people are now leaving the platform. MORE
Security researchers found a way to remotely control millions of Kia vehicles using just a license plate number, thanks to vulnerabilities in the Kia dealer portal. By exploiting these flaws, they could create a fake dealer account, access customer data, and even demote the rightful vehicle owner to take control. MORE
Continue reading online to avoid the email cutoff… AI / TECHThe biggest AI hype in the last week has been around NotebookLM, which is a Google AI project. It’s basically an interface for interacting with content that you provide. So think like Live RAG, but where you can do all sorts of operations on the content, like creating PDFs, etc.
Here I uploaded my Alma.md file describing a Security Program for Alma Security, which is part of a framework called TELOS that I’m releasing soon. Basically, it’s the soul of a whole Cybersecurity Program for a company, including mission, goals, team, budget, risk register, tech stack, etc.
And what NotebookLM lets you do is interact with that file (program) in lots of different ways. Here’s a screenshot of what it does out of the box.
Pretty compelling project, and I definitely recommend you hack around on it for at least a few minutes. Take something you know well and upload it and tinker.
Interacting with a Security Program using NotebookLM
Newsom vetoed the California AI bill, saying it was too restrictive. I think he made the right call. The bill was largely correct, but just applied to too many things that weren’t dangerous. Hoping to see a better-written version soon. MORE
California has made it illegal to use AI to impersonate actors without their consent, extending protections to all Californians and not just those in Hollywood. MORE
YouTuber Jeff Geerling discovered that his voice was AI-cloned by a company called Elecrow, which used it to narrate videos without his consent. After being tipped off by a subscriber, Geerling confronted Elecrow, who apologized and blamed the incident on a staff member's attempt to boost video popularity. MORE
Convergence AI, co-founded by Marvin Purtorab and Andy Toulis, has raised $12 million to develop "Proxy" agents with long-term memory, aiming to create a general class of agents that can adapt to various tasks. MORE
Meta just launched Llama 3.2, their latest large language model that can now handle both images and text, competing with OpenAI and Anthropic who both have multi-modal models. The new models, available in various sizes, can understand charts, graphs, and even respond in celebrity voices like Dame Judi Dench and John Cena across platforms like WhatsApp and Messenger. MORE
If you haven’t tried ChatGPT Advanced Mode yet, you should get on that. Try talking to it about anything, asking it questions, and my current favorite—having it teach you things. I recently had it teach me Chinese history in the style of Dan Carlin from Hardcore History, and it was REALLY good. MORE
Hugging Face just hit a major milestone by surpassing 1 million AI model listings, highlighting the explosive growth in machine learning. The platform, which started as a chatbot app in 2016, has evolved into a hub for a diverse range of AI models, from Llama to Stable Diffusion, and emphasizes the importance of fine-tuning models for specific tasks. CEO Clément Delangue points out that the platform's success is driven by the customization of models for unique use-cases, with a new repository being created every 10 seconds. MORE
Anthropic is in early talks with investors about a new funding round that could value the company at $30 to $40 billion. They’re reportedly on track to hit $1 billion in annualized revenue by the end of this year, which means they're pulling in about $83 million a month. MORE | MORE
Google has rolled out two new production-ready Gemini models, which come with reduced pricing for the 1.5 Pro version and increased rate limits. MORE
💡It’s crazy how it’s just a constant stream of model updates now from the main players.
It’s either much smarter models, or models that are able to do new things, or models that are like 2x, 5x, or 100x cheaper. Or all of the above.
And the competition is keeping this speed of updates very high.
Ilya Sutskever's AI reading list, originally compiled for John Carmack, has gone viral for its claim that mastering it covers 90% of what matters in AI. The list includes 27 items, from papers to courses, covering topics like Convolutional Neural Networks, Recurrent Neural Networks, Transformers, and Information Theory. MORE
This article suggests that Agile's original principles have been lost in translation, leading to a rigid, bureaucratic process that stifles innovation. MORE
The article explores how AI is disrupting the traditional ad-supported internet model, which has long made content feel free by monetizing our attention. As AI tools like ChatGPT and Perplexity provide direct answers and perform tasks, they bypass traditional ad channels, threatening the funding of commoditized content. This shift could lead to a more transactional internet, with premium content thriving and new monetization models emerging, such as charging AI companies for content access and developing new forms of advertising. MORE
💡Remember what I said would happen back in 2016 in The Real Internet of Things, and in AI’s Predictable Path, which is a 2023, illustrated, update to that book.
It soon won’t be us going to do things directly.
It’ll be our AIs going to do things on our behalf, and that’s going to have a profound impact on the whole internet. And business. Basically everything. But especially things like search engines that are designed to be used by people.
Too. Many. APIs.
Human → Your Personal DA → APIs
AI mediation of everything.
SpaceX's Starlink is about to hit 4 million subscribers, marking a rapid growth from 3 million in May and 1 million in December 2022. The service, which now operates nearly 6,000 satellites and is available in almost 100 countries, is projected to generate $6.6 billion in revenue this year. MORE
💡This is why I base so much of my investment and prediction on leaders and ideas. Leaders like Elon, and Jobs, and Jensen, and Zuckerberg are basically beasts of both vision and execution.
Doesn’t mean they’ll win. But be weary of betting against them.
Smart TVs from Samsung and LG are taking snapshots of what you're watching multiple times per second, even when used as external displays for laptops or consoles. MORE
rPlus Energies has started a $1 billion solar and battery storage project in Utah, known as the Green River Energy Center. It’ll be 400 MW of solar power and a 400 MW/1,600 MWh battery storage system, with solar panels from EliTe Solar and battery storage from Tesla. Cool, let’s do 100 more. MORE
“The White Collar Apocalypse Is Nigh" talks about the decline of the status economy and the impact of AI on job markets, juxtaposing views from Sam Altman and Isabella Glassman. It highlights the pressure on students to secure prestigious careers, despite diminishing opportunities in tech and finance, and questions how AI will change this calculus. MORE
Meta's Orion AR glasses are a big upgrade in AR wearables, but I don’t think Zuckerberg is right about glass replacing phones by 2030. Multiple reasons. MORE
There's a Hacker News thread where people are sharing their experiences about whether having a personal website helped them get hired. The discussion includes various perspectives, with some users saying it was a significant factor in landing jobs, while others found it less useful. I personally think it’s a must. And more than ever. MORE
HUMANSCalifornia's new Phone-Free School Act, signed by Governor Gavin Newsom, mandates that all schools in the state limit cellphone use by July 1, 2026, with exceptions for emergencies and specific permissions. Such a wonderful piece of human progress, and congrats to Jonathan Haidt for helping make this happen with his latest book. MORE
Researchers, including Wang, S. et al., have developed a method that uses stem cells to regenerate insulin-producing cells, effectively restoring the body's ability to regulate blood sugar levels. MORE
ExxonMobil is facing a lawsuit from California for allegedly misleading the public about the recyclability of plastics, claiming the company has perpetuated a "myth" that recycling could solve the plastic waste crisis. MORE
California's new law, Assembly Bill 2863, is set to make subscription cancellations as easy as signing up, requiring companies to offer one-click cancellation options if they provide one-click sign-ups. MORE
Over 10,000 books were banned in US public schools from 2023 to 2024, a significant jump from the previous year, as states like Florida and Iowa passed new censorship laws. MORE
Steve Jobs had this thing called the 10-Minute Rule, where he'd give himself just 10 minutes to tackle a problem or task. The idea is that by setting a short time limit, you reduce procrastination and increase focus. MORE
Maria Popova explores the profound curiosity and love of Henry David Thoreau as he encounters a screech-owl in the wild. MORE
IDEASEverything Is Going Behind a Paywall
One thing I’ve been thinking a lot about recently is the death of the open internet. I think so much is about to be paid and/or behind authentication. This is for multiple reasons. One is because content creators need to make money, and other people are making money on their stuff when it’s getting crawled. Another is making sure it’s real people reading the content. It’s quite interesting to think about what this looks like when most of the internet is like this. It’ll be somewhat expensive to even consume what’s out there—especially for the best content. And if you want to hit it for free, you’ll still have to auth, but you’ll have to provide something. Like your browsing and preference data, for example. It’s going to be interesting, and in many cases pretty gross.
—
Dynamic Content (and Education)
So this dynamic podcast generation thing has me thinking again about my Dynamic Content Summaries post I did a while back.
Dynamic Content Summaries (DSC)
Dynamic Content Summaries are AI-generated summaries of source content customized for individual principals
danielmiessler.com/p/dynamic-content-summaries
The idea was that rather than taking content directly from sources in the future, our AIs will be consuming the content for us and then recreating a version for us based on how much time we have, the presenter we like the most, and the format we like the most.
Well I just got mind-slammed by a follow-on idea!
This is likely to be the future of education.
Think about it. The content is not the hard part. The knowledge is out there. It’s about having the right delivery, in the right format, from the right presenter, at the right time, in the perfect duration.
And that’s what Dynamic Content Generation will do. And not only will it customize for the preferences of the receiver, but also their strengths and limitations! So, learning disabilities, language strengths, etc.
Holy crap. I really think that anyone who’s working on disrupting education needs to head in this direction very soon, or risk getting disrupted themselves.
DISCOVERYAx Framework — This extension of Axios is a must-see for bug hunters and penetration testers, letting you efficiently manage cloud environments. It supports multiple cloud providers like Digital Ocean, IBM Cloud, and AWS, allowing you to deploy fleets of instances for large-scale scanning operations. MORE
The Russian APT Tool Matrix — BushidoToken has released a new tool matrix focusing on Russian APT groups, detailing the tools used by GRU, SVR, and FSB-affiliated threat actors. The matrix highlights the reuse of tools like Mimikatz, Impacket, PsExec, Metasploit, and ReGeorg, with ReGeorg being particularly notable for its limited use by ransomware gangs. MORE
MerkleMap — A subdomain search engine that helps you discover subdomains for a given domain, which can be useful for security research and penetration testing. It's a handy tool for anyone looking to map out the attack surface of a target domain. MORE
Gungnir is a command-line tool written by my buddy Gunnar in Go that continuously monitors certificate transparency (CT) logs for newly issued SSL/TLS certificates. MORE
Microservices are Technical Debt — This video argues that microservices, while popular for scaling, often introduce significant technical debt. MORE
Be Someone Who Does Things MORE
It’s Lists All the Way Down MORE
The US government is now publishing tide sensor data to show sea-level rise. Love this kind of transparency because it’ll let regular people (and researchers) do their own collection and analysis. MORE
Comedy is Search — This post dives into the mechanics of comedy, proposing that humor is all about finding unexpected connections between unrelated patterns. Which is precisely why I think AI is about to get really good at it. MORE
Critical Mass and Tipping Points — This article dives into the concept of critical mass, explaining how small changes can lead to significant shifts once a tipping point is reached. It explores examples from various fields, including physics, social dynamics, and technology. MORE
Semantic Chunking for RAG — There's a new approach to semantic chunking in Retrieval-Augmented Generation (RAG) that uses the "shape of stories" to improve chunking accuracy. The method involves identifying jumps in latent space to determine context changes, which helps in creating cleaner topic divisions compared to existing frameworks like LlamaIndex. An API is being released for users to test this chunking strategy, and a comparison with LlamaIndex shows more precise topic separation. MORE
Flipper Zero Firmware — This open-source firmware unlocks more of the potential of your Flipper device, and it's written in C, with some C++ and armv7m assembly. MORE
MTA Open Data Challenge — The MTA is inviting developers and data enthusiasts to participate in their Open Data Challenge, which aims to leverage public transit data to create innovative solutions for New York City's transit system. MORE
Paul Graham addresses the question of whether to "follow your passion" in his essay, arguing that the answer isn't a simple yes or no. MORE
Compress JPG — This tool lets you compress images securely, ensuring your JPGs are optimized without compromising privacy. It's designed to handle your images with care, making it a go-to for anyone needing efficient compression. MORE
Move Fast and Abandon Things — This blog post takes a nostalgic dive into the author's past, exploring old shareware games they developed over 35 years ago. MORE
BBC Sound Effects Library — The BBC has a massive archive of over 30,000 sound effects that you can search, mix, and use for personal or educational projects. MORE
What I've Learned in the Past Year Spent Building an AI Video Editor — The author shares insights from a year of developing an AI video editor, emphasizing the importance of consistency and iteration in the creative process. MORE
Dangerzone — Dangerzone has teamed up with Google's gVisor to enhance its security, allowing journalists to open suspicious documents safely. By integrating gVisor, Dangerzone now uses a container security solution that significantly reduces the attack surface by preventing direct access to the Linux kernel. MORE
MX Creative Console — Logitech has launched the MX Creative Console, a tool designed to streamline workflows for digital creators by automating repetitive tasks and offering AI capabilities. It integrates deeply with Adobe applications like Photoshop and Premiere Pro, enhancing features such as Generative Fill and Text-Based Editing. MORE
Advanced Structured Output Tutorial — Jason Zhou dives into the intricacies of OpenAI's Structured Output, showcasing its application in web scraping, data extraction, and enhancing agentic workflows. MORE
Logitech's MX Creative Console is a game-changer for photo and video editors, offering a streamlined editing experience that outshines traditional keyboard shortcuts. This $200 two-part system, born from Logitech's acquisition of Loupedeck, is tailored for Adobe Creative Cloud users, providing seamless integration with apps like Photoshop and Premiere Pro. While its current plugin support is limited, the console's customizable buttons and eco-friendly design make it a compelling choice for those looking to enhance their creative workflow. MORE
Dieter Rams-inspired iPhone Dock — A designer has created an iPhone dock inspired by the minimalist aesthetic of Dieter Rams. The dock combines functionality with a sleek design, aiming to blend seamlessly into any workspace. MORE
Automatic Litter Boxes — Wired has tested and recommends five automatic litter boxes for 2024, each with unique features. I want a pet, so I will definitely be needing one of these. MORE
RECOMMENDATION OF THE WEEKTake a document or something you know really well, and upload it to NotebookLM and tinker around.
(but do it fast because it’s a Google project and might get canceled soon)
APHORISM OF THE WEEK Become a Member to Gain 1.4cm in Height
Powered by beehiiv
September 28, 2024
Policy, SOPs, and AI Are All You Need
I think InfoSec—and in fact business management in general—is evolving into the combination of four things:
- Policy (entity identity/goals)
- State (assets, configuration)
- SOPs (approved execution pipelines)
- Action (Humans/Automation that merge State/Policy)
So essentially we have:
1. Leaders who determine Policy
2. AI that gathers State from everywhere
3. Everything is done according to SOPs
4. SOPs are regularly updated
5. GOTO 1.
A few things to note about this:
1. Security becomes part of the building SOP, and stops being a separate process
2. The only real part of this that remains human—in the longterm—is #1, which is where the core ideas are determined and set as strategies.
Everything else becomes the execution and implementation of those ideas.
Which is still hard work in many cases—but AI will get better and better at that over time.
This is why the ideal (and perhaps only safe) place for humans is coming up with the ideas and starting businesses to implement them—mostly using automation.
I challenge you think about all jobs in this way.
Like software security.
What happens when software is only allowed to be built using X components, and Y frameworks, with Z controls?
And automation builds most of that software and tests it continuously to take sure it’s in that state?
Ask what part of the job is actually just the result of the actual thing not being done properly in the first place according to an SOP.
This has been promised for years, and it’s not happening tomorrow.
But we can now see what that would look like if software can build software and can also validate that it was done using the approved SOP.
Everything is a pipeline. Including the building and validation of software.
The human part is the desire to build, and the ideas for what to build.
Much of security comes down to things being built or implemented the wrong way, and there being nowhere near enough people or time to clean up afterwards.
Things are very different when automation can make a big dent in both.
So as a security person—or someone considering getting into security, which part of this do you want to work on?
- The automation to safely build?
- The automation to test what was built?
- The automation to fix the issues that are found?
- Or the Human version of that automation before the automation is invented
- Or the definition of the SOPs
- Or in the creation of the original business idea and product
Think carefully about where you want to be in this ecosystem.
Powered by beehiiv
September 23, 2024
UL NO. 451: Altman Says ASI in "Thousands of Days"
SECURITY | AI | PURPOSE
UNSUPERVISED LEARNING is a newsletter about upgrading to thrive in a world full of AI. It’s original ideas, analysis, mental models, frameworks, and tooling to prepare you for the world that’s coming.
Hope you’re having a good start to the week!
Thomas Roccia created a web GUI for Fabric called Fabric UI! Really slick! FABRIC UI
In the last few days I’ve probably spent 5 hours deep cleaning my mobile phone environment. Deleted probably 40 applications, phone screen cleanup, widgets refactor, watch faces cleanup, Focus modes redo, app subscriptions cleaning, etc. So much cruft removed. Super cathartic. Timed with new iPhone, which happens every year, but this year was a major clean.
MY WORKo1 Use Cases
I did an analysis of OpenAI’s long-form conversation with the o1 (strawberry) team, where they talked about how they built it, how it’s different from previous models, what they use it for, etc. I also used o1-preview to pull out a list of their favorite use cases for o1 where it’s better than previous models. MORE | THE INTERVIEW | THEIR USE CASES
The Strawberry Team’s o1 Use Cases
AI and Many Eyes
I wrote this piece for AT&T Business about how AI transforms real-time monitoring, threat modeling, and security. It’s something I’ve talked about before, but this is a deeper look at how I see it all fitting together.
AI Gets Us the Many Eyes We Were Promised
Discover how AI will transform industries through continuous monitoring and real-time data processing.
www.linkedin.com/pulse/continuous-ai-daniel-miessler-rdqwc/?trackingId=fQHVrDV4T6SGLE1yX9QR%2BQ%3D%3D
I'm excited to be a keynote speaker at Swiss Cyber Storm, Switzerland’s premier security conference, held at the stunning Kursaal in Bern. This year’s theme, "The AI Revolution," focuses on the concepts and trends shaping the security landscape. Use code UNSUPERVISED-LEARNING for 15% off your registration.
SECURITYIsrael launched an extraordinary attack on Hezbollah using a combination of supply chain and remote triggering techniques. For the pagers, the Mossad actually just started a pager company and Hezbollah become one of their customers. Which allowed them to put explosives in the devices before shipping them out. Thousands have been severely injured, and something like dozens or hundreds have been killed (the numbers aren’t clear). MORE
💡I think the biggest thing to discuss in this story is precedent. What does it mean for the world when a foreign intelligence service starts blowing up pagers and walkie-talkies of combatants wherever they happen to be at the time?
In general, because of the extraordinary circumstances of the targets being Hezbollah operatives, I think it was a surgical and well-thought-out attack. The vast majority of people even wearing the pagers weren’t killed, so it’s not like a car bomb where many noncombatants would die as well. There appear to be very few casualties that weren’t Hezbollah, in other words, and I think that is a good thing.
I do think it’s a big deal to wage war within a civilian population, however. Mentally. Visibly. It changes something in our psyche to know that the opposing side might attack our civilians, even if just collaterally. So I think anyone considering themselves “the good guy” should think very carefully about that.
Hezbollah, however, has already been doing that. Actively. On purpose. In broad daylight. Like it’s literally what they do. They drop rockets on civilians as a matter of course. By comparison, what the Mossad did here was infinitely humane (a perverse word to use in war). I just don’t think “better than Hezbollah” is a great standard for morality.
As another comparison, I believe this Mossad attack was far more careful and effective than what’s happening in Gaza. It’s 100% true that Hamas is using their people as human shields. It’s 100% true that Hamas doesn’t care about their people. And it’s true that Israel must defeat Hamas. But, to me, with my current level of knowledge, that arithmetic still doesn’t sum out to it being ok to kill tens of thousands of non-combatants with no end in sight. Especially when it’s likely that Israel is making many more terrorists than they’re killing by doing so. I just don’t see how we’re going to—or should—kill all Hamas in Gaza using this strategy. It just seems bad humanitarian-wise, but even as a strategy for protecting Israel. There has to be another way.
Anyway, with these targeted supply chain attacks against operatives, I think the crossover between only hitting combatants and doing very localized damage was really extraordinary. And given the fact that Hezbollah is a dictionary definition of a terrorist, I’d say this is about as clean of an attack as you can get. And that’s not even counting the psychological aspect.
Here’s an interesting point on that. Actual terrorism is designed to produce fear. But fear in the civilian population. What Mossad did was not designed to target or scare Lebanese people. It was designed to target and scare Hezbollah. That’s the difference between war and terror. It also has the advantage of making the population turn against Hezbollah, because you don’t want a terrorist in line next to you when you’re buying cantaloupe if that person spent last night building bombs destined for Israel.
That’s a good thing, I think, as a whole. I would just say we should be very careful about this calculus and constantly re-evaluate it. It’s pretty clear when it’s Israel, and it’s Hezbollah, and it’s a tiny little explosive, but the calculation gets a lot more messy when it’s not Hezbollah, or ISIS, or a group that’s as clearly evil. Or when the collateral damage increases (see: Gaza).
A security researcher named xyz3va found a "catastrophic" flaw in the Arc browser that let attackers inject arbitrary code into users' sessions using just a user ID. MORE
A hacker named Addka72424 has leaked a massive DB of 3.3 billion unique email addresses on an underground crime forum, claiming it was a personal experiment to see how much public data he could gather. It’s a 21.8GB database, and he claims they’re all unique. MORE
Chinese scientists have figured out how to use Starlink satellite signals to detect stealth aircraft and drones, which are designed to dodge radar. They ran an experiment in the South China Sea using a DJI Phantom 4 Pro drone to simulate a stealth aircraft. MORE
Sponsor
Are genAI tools integrated with your other apps?
Find out in minutes with Nudge Security. Nudge Security discovers all genAI accounts ever created by anyone in your org, as well as the OAuth grants that enable data-sharing across apps.
With Nudge Security, you can:
Discover all genAI accounts ever created in your org
See all users, authentication methods, and OAuth grants
Surface and revoke risky OAuth grants
Get alerted of new genAI tools or integrations
Vet unfamiliar tools with security profiles for each provider
Start a free 14-day trial and get your free genAI inventory in minutes.
nudgesecurity.com/use-cases/mitigate-ai-risks
Get StartedNuclei Templates v10.0.0 is out, and includes new Azure Config Review templates to help automate cloud misconfiguration reviews. This release builds on previous AWS and Kubernetes security checks, now offering a streamlined YAML format for Azure. MORE
Google is making it easier to use passkeys by allowing them to sync automatically via Google Password Manager across Chrome on Windows, macOS, and Linux, with Android support and iOS coming soon. MORE
GreyNoise has been tracking mysterious "Noise Storms" of spoofed internet traffic since January 2020, but their origin and purpose remain unknown. These storms, which include a curious "LOVE" ASCII string in ICMP packets, are suspected to be covert communications or DDoS coordination signals, among other possibilities. MORE
Sponsor
Align with Complex Cybersecurity Compliance Frameworks
This ThreatLocker eBook was designed to help you discover the strategies and toolsets needed to align with some of the most popular compliance frameworks. Learn how implementing specific technologies can streamline compliance across multiple standards and enhance your cybersecurity posture.
threatlocker.com/ebooks/the-it-professionals-blueprint-for-compliance
Download Now Continue reading online to avoid the email cutoff… AI / TECHSam Altman just dropped an essay called The Intelligence Age about AI progress, and in it he mentions superintelligence being possible in “thousands of days”. Keep in mind—not AGI. ASI. And thousands of days is like 3-5 years, roughly, if you read the tone right. MORE
South Korea's Electronics and Telecommunications Research Institute has unveiled "Dejaview," an AI system that analyzes CCTV footage to predict and potentially prevent crimes before they happen. Should be fine. MORE
💡Black Mirror as Business Plan.
Not really, though. It just means Black Mirror was good fiction because it saw where things were going. Along with things like Minority Report, although that was powers-based not AI-based.
Jony Ive has confirmed he's building a hardware AI device with OpenAI. The venture, backed by the Emerson Collective, could see up to $1 billion in funding and is already making waves with a team that includes ex-Apple designers Tang Tan and Evans Hankey. This thing might crush the others in the market since AI devices need the synergy between hardware, software, and aesthetics more than most gadgets. MORE
BlackRock and Microsoft are teaming up with the UAE's MGX to raise $30 billion for AI infrastructure, aiming to leverage it into $100 billion in investments. This Global AI Infrastructure Investment Partnership will focus on building data centers and energy projects, primarily in the US. MORE
A Canadian study has found that an AI tool can reduce unexpected deaths in hospitals by 26%. The tool works by analyzing patient data to predict and prevent potential complications before they become critical. MORE
LinkedIn has quietly opted users into using their data to train generative AI models, raising privacy concerns. Users can opt out by adjusting settings under "Data for Generative AI Improvement," but this won't undo past data usage. MORE
A recent study by Ringover found that 76.5% of recruiters preferred AI-generated headshots over real ones, but only when they didn't know the images were AI-generated. MORE
The Wall Street Journal reports that AI is leading to fewer job openings in the tech sector, as companies are automating tasks that used to require human workers. MORE
A lot of Amazon employees are upset about the requirement to go back to 5 days in the office in January. MORE
Apple's iOS 18 update that just came out has RCS support, which means green bubble Android users will enjoy features like high-res media, typing indicators, and read receipts when texting their friends with iPhones. MORE
Apple's A16 mobile processors are now being produced in the U.S. at TSMC's Arizona facility, marking a significant milestone under the CHIPS for America Fund. These chips, using the N4P process (an enhanced version of 5nm), are initially being manufactured in small quantities, with production expected to ramp up significantly by 2025. MORE
💡Absolutely loving this self-reliance / American manufacturing push we’ve seen lately. I think it’ll be increasingly good for the US as things get less stable geopolitically, and especially as we head towards possible conflict with China.
Apple's iPhone 16 now supports wireless firmware restoration. With iOS 18, users can restore their iPhone 16 by placing it next to another iOS device, eliminating the need for a Mac or PC. I’m guessing Android has had the feature since 2002. MORE
The Apple Watch's Remote app now lets you adjust volume with the Digital Crown, invoke Siri, and even control power and audio settings. MORE
Facundo Olano shares his journey of turning blog content into an ebook using the jorge site generator. The process involved creating a jorge project, using epub boilerplate files, defining chapter layouts, and syncing posts and images. MORE
HUMANSRick Beato argues that music is getting worse because technological advancements have made music too easy to produce and consume. MORE
There's a new study showing that omega-3 fatty acids can help reduce symptoms of anxiety and depression in mice. Interesting, but you know the drill with “studies say”. It’s a continuous wait-and-see approach. MORE
The US Department of Energy is rolling out over $3 billion to fund more than two dozen battery projects across 14 states, aiming to boost domestic manufacturing and support climate goals. MORE
Astronomers have discovered the largest black hole jets ever observed, named Porphyrion, stretching an astonishing 23 million light-years—equivalent to lining up 140 Milky Way galaxies. MORE
Voyager 1, the 47-year-old spacecraft that's been cruising through space since the late '70s, just fired up some thrusters it hasn't used in decades. This maneuver was necessary to adjust its orientation and keep its antenna pointed toward Earth. Meanwhile, the asphalt on our roads has to be replaced like every 45 minutes. MORE
There's an interesting piece in the Wall Street Journal about how pediatricians might have inadvertently sparked the peanut allergy epidemic. The article suggests that by recommending parents avoid giving peanuts to their young children, they may have increased the risk of allergies instead of reducing it. MORE
Ohio is directly funding private religious schools with taxpayer money. The state has bypassed traditional voucher programs and is now providing millions in grants to religious schools, mainly Catholic, for infrastructure projects like building renovations and playground improvements. I’m all for more structure in schools, but I think we need to be really careful how we get that. MORE
Motus is revolutionizing wildlife tracking by using lightweight radio transmitters to monitor the movements of small flying animals like birds, bats, and insects. This international network, managed by Birds Canada, has tagged nearly 50,000 animals across 400 species since 2014, providing invaluable data on migration patterns and behaviors. MORE
DISCOVERYrecaptcha-phish — My buddy John Hammond created a phishing tool that mimics a reCAPTCHA form, tricking users into executing malicious commands via copy-paste. The attack involves a fake "Verify you are human" prompt that instructs users to paste a command into the Windows Run dialog, exploiting the clipboard. MORE
rga — Ripgrep on growth hormone, letting you search through PDFs, E-Books, Office documents, and even compressed files like zip and tar.gz. MORE
Nuclei Templates v10.0.0 — This release expands on previous AWS and Kubernetes security checks, offering a streamlined YAML format for easier management and review of Azure configurations. MORE
Dune Shell — A new take on the command-line experience, aiming to bring a cozy, customizable feel that bash lacks. Unlike its predecessor Atom, Dune is designed with a standalone interpreter, allowing users to create their own custom frontends and unique shell experiences. MORE
Damn-Vulnerable-Drone — A drone hacking simulator built on the ArduPilot/MAVLink architecture, offering a realistic environment for practicing offensive security techniques. MORE
Sci-fi Ideas – Someone compiled a massive CSV file containing every sci-fi idea imaginable. MORE
Eli Bendersky talks about building LLM-powered applications in Go, highlighting its strengths in handling REST and RPC protocols, concurrency, and performance. The post walks through creating a RAG (Retrieval Augmented Generation) server using Go, showcasing different implementations with tools like the Gemini API, Weaviate, LangChainGo, and Genkit for Go. MORE
Assetnote talks about their approach to Recon. MORE
Paul Graham’s One-pager on How to Start a Startup MORE
IDEASDon’t Call Them LLMs
Probably the biggest idea that’s exploded in my mind lately is Karpathy’s point about LLMs being poorly named. His stance is that Transformers are general-purpose compute systems, and that LLMs are actually sequence predictors. And, crucially, it doesn’t matter what the stream is. We just happen to be sending language right now. But really what they do is take input, find patterns, and make predictions. This is an INSANE way to think about the last couple of years. And the next couple.
Start reframing your thinking about AI (and specifically LLMs) away from “just the next token of text” —> Sequence Prediction —> Answer Prediction.
As Karpathy talks about, the Transformer architecture works on sequences of ANYTHING—language was just a natural start. It works on whatever you feed it.
So the recommendation of the week is to: update your mental model of AI from specific text predictor to generalized answer predictor.
APHORISM OF THE WEEK Become a Member to increase Eudaimonia on planet EarthPowered by beehiiv
September 16, 2024
UL NO. 450: Thoughts on o1-preview and the Path to AGI (1)
SECURITY | AI | PURPOSE
UNSUPERVISED LEARNING is a newsletter about how to securely compete and thrive in a world full of AI. It’s original analysis, mental models, frameworks, and tooling to help you build a meaningful career that survives what’s coming for us.
Hey there!
When @CISAgov makes you release a patch for your end-of-life product because the vulnerability is so bad
— SwiftOnSecurity (@SwiftOnSecurity)
3:07 PM • Sep 16, 2024
Fabric now supports OpenAI’s new model, o1-preview. Just update and use the new -r flag, which sends requests using User rather than System, and without a Temperature parameter. TRY IT
An insane cookbook use case for o1-preview, where it’s used to do data validation on synthetic data. MORE
I’m back to kickboxing today! Hopefully I’ll suck less this time. I’m expecting to improve rapidly once I get settled in, but man—that first session was rough.
It’s LinkedIn Season!
Connect with me on LinkedIn, and I’ll follow you back! CONNECT
Last Week’s Comments on Current AI Advances
If you’re following the progress of AI, I highly recommend listening to last week’s podcast. I did a whole bunch of coverage of the current state of things, my thoughts on o1-preview, the path to AGI, and a bunch of other stuff. LISTEN NOW
The Art Quality Tier List
I think I finally figured out what Art is. This piece is a definition, discussion, rating system, and even a methodology for enjoying art. For a beginner, anyway. READ IT
The Art Quality Tier List (AQTL)
One model for thinking about, rating, and experiencing art
danielmiessler.com/p/art-quality-tier-list-aqtl
SECURITYThe US is evidently heavily reliant on Chinese cranes, particularly from Shanghai Zhenhua Heavy Industries (ZPMC). This report says ZPMC, a company owned by the PRC, dominates 80% of the US's ship-to-shore cranes, raising concerns about potential backdoors and remote access. MORE
💡80%? Jesus. I thought it was going to be like 25%, or 50%.
Like I can honestly imagine a war room where we have a kinetic conflict with China and they’re reviewing all the different ways to disable our economy. Terrifying. I can only hope there are people looking at this.
Fortinet has confirmed a data breach after a hacker, going by the name "Fortibitch," claimed to have stolen 440GB of files from their Microsoft Sharepoint server. Fortinet refused to pay a ransom and has notified affected customers. MORE
GitLab released critical updates to fix multiple vulnerabilities, with the most severe (CVE-2024-6678) allowing attackers to trigger pipelines as arbitrary users. This vulnerability, with a severity score of 9.9, can enable remote exploitation with minimal user interaction and low privileges. MORE
The Lazarus Group (NK), have been targeting Python developers with malware disguised as coding tests for about a year now. These attacks involve maliciously duplicated open-source Python tools and "coding tests" that trick users into installing malware hidden with Base64 encoding, allowing remote execution. MORE
Sponsor
Get the Most From Your Security Team’s Email Alert Budget
Relying on built-in controls or traditional blockers leads to more noise than your incident response team can handle.
Material Security takes a pragmatic approach to email security – stopping new flavors of phishing attacks before reaching the user’s mailbox, while searching for similar messages in a campaign. Highest-value cases are surfaced with all the context and reach consolidated into a single view.
Here’s what security teams have said:
“The response time is now just 3-4 minutes instead of 45. We don’t have to manually respond to the follow-on reports and all employees are already protected automatically by the initial report. Our whole workflow has changed.” – Gusto
“Material helps automatically cluster similar messages and apply warning messages or other remediations without the delay and manual effort of our security team’s review.” – Mars
Learn MoreMastercard is buying Recorded Future from Insight Partners for $2.65 billion, making it one of the biggest cybersecurity deals this year. Insight Partners originally acquired Recorded Future in 2019 for $780 million, so they're seeing a nice return on investment. MORE
💡One thing I see here is the motion from startup to platform. With Mastercard being the platform in this case, similar to Windows or Google or whatever.
So you have good ideas and execution, and their natural home is within some sort of ecosystem. So startups are basically petri dishes for features that will live inside of platforms.
The Security Canary Maturity Model is a framework designed to help organizations assess and improve their security posture by using canary tokens. The model outlines various maturity levels to guage where you’re at. MORE
💡I love this concept of a detection maturity model. Like, here’s the percentage of your most likely MITRE behaviors that you’d be able to see.
Sponsor
Get the No B.S. Guide to building a strong cybersecurity program in 90 days! (No email required)
Are you an IT leader without a big, dedicated security team? Have you had challenges implementing a robust cybersecurity program due to lack of resources and/or budget?
Don't let this hold you back anymore! Download our 90-Day guide to get a month-by-month blueprint on how to build an effective, multi-layered cybersecurity strategy without enterprise-level resources.
defendify.com/guide/get-your-cybersecurity-program-started
Download Guide (no email required)Australia is set to criminalize doxxing with penalties up to seven years in jail, as part of new legislation aimed at modernizing the Privacy Act. The legislation also proposes harsher penalties for doxxing based on race, religion, or other personal attributes. MORE
This piece discusses how AI-powered autonomous weapons systems are changing warfare. The recent withdrawal of U.S.-provided M1A1 Abrams tanks by Ukraine, after being targeted by Russian kamikaze drones, highlights the shift from traditional manned mechanized warfare to AI-driven combat. Friendly reminder that you should read Kill Decision, by Daniel Suarez, which predicted so much of this. MORE | KILL DECISION BY DANIEL SUAREZ
Russia's naval activity around undersea cables is raising alarms among US officials, with concerns that the Kremlin might be planning to sabotage underwater infrastructure through a secretive military unit known as GUGI. This unit reportedly operates submarines, surface vessels, and naval drones, and has been spotted near critical deep-sea cables that carry over 95% of international data. MORE
The U.S. is drafting a "New York Joint Statement" to bolster the security of global submarine communications cables, with a focus on excluding Chinese firms from the supply chain. This move mirrors past efforts to remove Chinese companies like Huawei from 5G infrastructure, driven by fears that the Chinese government could compel these firms to disrupt cable operations during critical times. MORE
💡We need a comprehensive critical infrastructure dependency analysis, which goes along with wargaming.
Actually, now that I think about it, I’m quite confident this is already happening. I just hope it’s being done with very smart red teamers on the China side flipping switches on our undersea cables, port/crane infra, etc.
The US House has voted to block the purchase of new drones from DJI, a major Chinese manufacturer, citing national security concerns. So much coverage of counter-China stuff lately. Seems like leadership is getting the message, which is great. MORE
The State Department has declared that Russia's state-owned RT news agency has become a key player in the Kremlin's military intelligence operations, including involvement in covert activities aimed at undermining American elections and democracies. I remember thinking this was happening with RT back in like 2017 or something, so—similar to China—I’m surprised it’s just now getting press. MORE
Serhii "Flash" Beskrestnov is a civilian radio enthusiast who's become a key figure in Ukraine's drone defense strategy against Russia. Operating from a mobile intelligence center in his VW van, Flash monitors Russian radio transmissions and shares his findings with over 127,000 followers, including soldiers and government officials, on social media. MORE
Continue reading online to avoid the email cutoff… AI / TECHA new paper had humans and AI create novel research ideas and then had human experts rate the ideas. And they actually preferred the AI ideas! MORE
💡This is the way to measure the abilities of AI—not with standalone testing. It’s the same with autonomous vehicle safety.
It’s not about how you think they do independently. It’s about comparing ACCEPTED METRICS between humans and the AI—as judged by humans who don’t know who made which.
OpenAI released their new o1-preview model, which is focused on reasoning. The biggest difference between it and previous models is its use of Chain of Thought (CoT) reasoning, and the fact that it actually spends time (and tokens) thinking before returning results. MORE | MY THOUGHTS ON IT SO FAR
Klarna's CEO, Sebastian Siemiatkowski, is suggesting that AI could replace enterprise software giants like Salesforce and Workday. He claims that conversational AI, like OpenAI's upcoming Strawberry reasoning model, can handle natural-language commands to build custom apps that replicate traditional enterprise functions, especially those managing corporate data. Um, yeah. It’s all going to be SPQA. MORE
AI-powered SAR satellites are now capable of detecting aircraft from space due to new radar tech. This allows for real-time monitoring of air traffic, which could have significant implications for both civilian and military applications. MORE
CardiaTec, a Cambridge University spinout, is leveraging AI to tackle cardiovascular diseases (CVD), the leading cause of death worldwide. They’re partnering with 65 hospitals in the UK and US to build a massive human heart tissue-multi-omics dataset to identify new drug candidates. Super exciting because AI needs data to form its model of the world. All the intelligence in the world doesn’t matter if you don’t have a representation of how things work. MORE
Salesforce just launched Agentforce, a suite of AI-powered agents designed to enhance human workers across various business functions, marking what they call the "third wave" of AI. MORE
Waymo's latest data shows that human drivers are responsible for most serious collisions involving its driverless cars, with 16 out of 23 severe crashes being rear-endings by human-driven vehicles. Over 22 million miles, Waymo's vehicles have been involved in fewer than one injury-causing crash per million miles, significantly outperforming typical human drivers in San Francisco and Phoenix. MORE
Tesla's Cybertruck is spiking in the electric pickup segment, with a 61% sales surge in July, outselling rivals like the Rivian R1T and Ford F-150 Lightning. So strange because they were getting slammed there for a while. I’m seeing a lot more in the Bay Area, too. MORE
The USPS has rolled out its new Next Generation Delivery Vehicles, and while they might not win any beauty contests, they're getting rave reviews from postal workers for their modern safety features and comfort, including air conditioning. MORE
Dmitry Grinberg has managed to run Linux and Ultrix on a business card, turning it into a tiny computer. The project involves using a microcontroller with just 8KB of RAM and 32KB of flash storage. MORE
There's a new study out showing that DebunkBot, an AI chatbot, can effectively persuade users to abandon conspiracy theories. The bot made significant progress in changing people's beliefs, challenging the notion that facts and logic can't combat conspiracies. What can convince you something is true can also do the opposite. This is why I’m optimistic about having AI on us all the time. Yes, it can be an Orwellian nightmare—or it can be a defender, protectors, tutor, coach, etc. That’s up to us. MORE
A community college had to cancel its CS career fair because no companies reached out to participate. Super sad, and super expected. If you have people coming out of college with a Masters in CS and they can’t find jobs, what hope do junior college prospects have? This is why we need Human 3.0; the future is connecting directly to individuals, not relying on a credential or institution. MORE
Google has officially killed off cache links that allowed users to view older versions of web pages. MORE
United Airlines is partnering with SpaceX to bring free Starlink Wi-Fi to all its planes, starting with tests in early 2025 and full passenger flights later that year. MORE
HUMANSUkraine just launched its biggest drone attack on Moscow yet, hitting the region with 144 drones. The strike resulted in one casualty, set several homes on fire, and led to the temporary shutdown of Moscow's four airports. Someone explain how Ukraine can possibly be winning this. Completely insane to me, in the best possible way. MORE
Sweden is increasing how much it’s paying migrants to go home. It’s now up to $34,000. MORE
NASA's Advanced Composite Solar Sail System (ACS3) has successfully deployed its ultra-thin solar sail in low Earth orbit, making it visible in the night sky from various locations worldwide. The spacecraft's reflective surface can appear as bright as Sirius, and NASA's mobile app now helps users spot it using augmented reality. Can’t wait to see this! MORE
C/2023 A3, also known as Tsuchinshan–ATLAS, is being hailed as "the comet of the century" and will be visible in September and October 2024. This comet is expected to be exceptionally bright, with its peak visibility on October 2, when it will be positioned between Mercury and Venus but closer to Earth. For the best viewing experience, look towards the horizon just before sunrise between 5 am and 7 am starting September 27, as it won't return for tens of thousands of years. MORE
The US is closing a trade loophole that ecommerce giants Temu and Shein have been exploiting. This loophole allows them to ship goods directly to American consumers without paying tariffs, which has given them a competitive edge over domestic retailers. MORE
There's a leaked PDF that details Mr. Beast’s unique company culture and strategies for creating viral YouTube content. MORE | ONE PAGE SUMMARY
This person says sunlight cured their migraines. It’s not a study, but I figured most people have tried everything so why not something else. MORE
Lara Hogan's piece on being a thermostat, not a thermometer, dives into how we can influence the mood in our work environments rather than just reacting to it. MORE
Content-driven development is a strategy for making progress on side projects by focusing on creating small, shareable pieces of work. MORE
In 1913, Vienna was quite a place to hang out, with Adolf Hitler, Leon Trotsky, Josip Tito, Sigmund Freud, and Joseph Stalin all residing in the city at the same time. MORE
DISCOVERYMerkleMap CLI — This command-line tool lets you search and enumerate subdomains using the Merklemap API, and even tail live subdomain discoveries in real-time. MORE
A 71 TiB ZFS NAS built with twenty-four 4 TB drives has lasted over a decade without a single drive failure, thanks to a strategy of keeping the server off when not in use. MORE
RAMBO Attack — Dr. Mordechai Guri has unveiled a new side-channel attack called RAMBO, which uses radio signals from a device's RAM to exfiltrate data from air-gapped networks. Let me guess—University of Tel Aviv? Israelis are the side channel GOATs. MORE
6 Techniques I Use to Create a Great User Experience for Shell Scripts — This post dives into creating user-friendly shell scripts with techniques like comprehensive error handling, colorful output, and detailed progress reporting. Soooo good. MORE
Soundiiz — Created by two friends in France, Soundiiz is a tool that lets you transfer playlists between Apple Music, Spotify, YouTube Music, and a host of other streaming services. MORE
Nothing — This is a timer that celebrates the art of doing absolutely nothing. It's not about staring at your screen but about stepping back from the chaos and embracing stillness. MORE
RAG Pipeline Quickstart with Pinecone — This guide walks you through setting up a pipeline that pulls data from an Amazon S3 bucket, creates vector embeddings using OpenAI's embedding model, and stores them in a Pinecone search index. MORE
Semantic Image Search CLI (sisi) is a new tool that lets you perform semantic image searches locally without relying on third-party APIs. MORE
IDEASI love it when experts completely disagree about a really important thing. It forces people like me to do tons of heavy reading so I can approach things from first principles.
RECOMMENDATION OF THE WEEK
You know what trips me out?
I follow several of the best China experts out there, and have read several books about their economy, but week to week it's impossible to know if they're about to crash or about to take over the world.
The opinions vary that widely.
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ (@DanielMiessler)
4:38 PM • Sep 16, 2024
Actively guard against age-related lock-in (it starts around 30).
Listen to new music. Read new books with new ideas. Talk to new people. Go to strange restaurants. Try new foods.
Don’t let your experiences reduce into a tighter and tighter death-spiral.
Variation keeps your mind young.
APHORISM OF THE WEEK Become a Member to lower my diastolic blood pressure by 21.6 points.Powered by beehiiv
UL NO. 450: Thoughts on o1-preview and the Path to AGI
SECURITY | AI | PURPOSE
UNSUPERVISED LEARNING is a newsletter about how to securely compete and thrive in a world full of AI. It’s original analysis, mental models, frameworks, and tooling to help you build a meaningful career that survives what’s coming for us.
Hey there!
When @CISAgov makes you release a patch for your end-of-life product because the vulnerability is so bad
— SwiftOnSecurity (@SwiftOnSecurity)
3:07 PM • Sep 16, 2024
Fabric now supports OpenAI’s new model, o1-preview. Just update and use the new -r flag, which sends requests using User rather than System, and without a Temperature parameter. TRY IT
An insane cookbook use case for o1-preview, where it’s used to do data validation on synthetic data. MORE
I’m back to kickboxing today! Hopefully I’ll suck less this time. I’m expecting to improve rapidly once I get settled in, but man—that first session was rough.
It’s LinkedIn Season!
Connect with me on LinkedIn, and I’ll follow you back! CONNECT
Last Week’s Comments on Current AI Advances
If you’re following the progress of AI, I highly recommend listening to last week’s podcast. I did a whole bunch of coverage of the current state of things, my thoughts on o1-preview, the path to AGI, and a bunch of other stuff. LISTEN NOW
The Art Quality Tier List
I think I finally figured out what Art is. This piece is a definition, discussion, rating system, and even a methodology for enjoying art. For a beginner, anyway. READ IT
The Art Quality Tier List (AQTL)
One model for thinking about, rating, and experiencing art
danielmiessler.com/p/art-quality-tier-list-aqtl
SECURITYThe US is evidently heavily reliant on Chinese cranes, particularly from Shanghai Zhenhua Heavy Industries (ZPMC). This report says ZPMC, a company owned by the PRC, dominates 80% of the US's ship-to-shore cranes, raising concerns about potential backdoors and remote access. MORE
💡80%? Jesus. I thought it was going to be like 25%, or 50%.
Like I can honestly imagine a war room where we have a kinetic conflict with China and they’re reviewing all the different ways to disable our economy. Terrifying. I can only hope there are people looking at this.
Fortinet has confirmed a data breach after a hacker, going by the name "Fortibitch," claimed to have stolen 440GB of files from their Microsoft Sharepoint server. Fortinet refused to pay a ransom and has notified affected customers. MORE
GitLab released critical updates to fix multiple vulnerabilities, with the most severe (CVE-2024-6678) allowing attackers to trigger pipelines as arbitrary users. This vulnerability, with a severity score of 9.9, can enable remote exploitation with minimal user interaction and low privileges. MORE
The Lazarus Group (NK), have been targeting Python developers with malware disguised as coding tests for about a year now. These attacks involve maliciously duplicated open-source Python tools and "coding tests" that trick users into installing malware hidden with Base64 encoding, allowing remote execution. MORE
Sponsor
Get the Most From Your Security Team’s Email Alert Budget
Relying on built-in controls or traditional blockers leads to more noise than your incident response team can handle.
Material Security takes a pragmatic approach to email security – stopping new flavors of phishing attacks before reaching the user’s mailbox, while searching for similar messages in a campaign. Highest-value cases are surfaced with all the context and reach consolidated into a single view.
Here’s what security teams have said:
“The response time is now just 3-4 minutes instead of 45. We don’t have to manually respond to the follow-on reports and all employees are already protected automatically by the initial report. Our whole workflow has changed.” – Gusto
“Material helps automatically cluster similar messages and apply warning messages or other remediations without the delay and manual effort of our security team’s review.” – Mars
Learn MoreMastercard is buying Recorded Future from Insight Partners for $2.65 billion, making it one of the biggest cybersecurity deals this year. Insight Partners originally acquired Recorded Future in 2019 for $780 million, so they're seeing a nice return on investment. MORE
💡One thing I see here is the motion from startup to platform. With Mastercard being the platform in this case, similar to Windows or Google or whatever.
So you have good ideas and execution, and their natural home is within some sort of ecosystem. So startups are basically petri dishes for features that will live inside of platforms.
The Security Canary Maturity Model is a framework designed to help organizations assess and improve their security posture by using canary tokens. The model outlines various maturity levels to guage where you’re at. MORE
💡I love this concept of a detection maturity model. Like, here’s the percentage of your most likely MITRE behaviors that you’d be able to see.
Sponsor
Get the No B.S. Guide to building a strong cybersecurity program in 90 days! (No email required)
Are you an IT leader without a big, dedicated security team? Have you had challenges implementing a robust cybersecurity program due to lack of resources and/or budget?
Don't let this hold you back anymore! Download our 90-Day guide to get a month-by-month blueprint on how to build an effective, multi-layered cybersecurity strategy without enterprise-level resources.
defendify.com/guide/get-your-cybersecurity-program-started
Download Guide (no email required)Australia is set to criminalize doxxing with penalties up to seven years in jail, as part of new legislation aimed at modernizing the Privacy Act. The legislation also proposes harsher penalties for doxxing based on race, religion, or other personal attributes. MORE
This piece discusses how AI-powered autonomous weapons systems are changing warfare. The recent withdrawal of U.S.-provided M1A1 Abrams tanks by Ukraine, after being targeted by Russian kamikaze drones, highlights the shift from traditional manned mechanized warfare to AI-driven combat. Friendly reminder that you should read Kill Decision, by Daniel Suarez, which predicted so much of this. MORE | KILL DECISION BY DANIEL SUAREZ
Russia's naval activity around undersea cables is raising alarms among US officials, with concerns that the Kremlin might be planning to sabotage underwater infrastructure through a secretive military unit known as GUGI. This unit reportedly operates submarines, surface vessels, and naval drones, and has been spotted near critical deep-sea cables that carry over 95% of international data. MORE
The U.S. is drafting a "New York Joint Statement" to bolster the security of global submarine communications cables, with a focus on excluding Chinese firms from the supply chain. This move mirrors past efforts to remove Chinese companies like Huawei from 5G infrastructure, driven by fears that the Chinese government could compel these firms to disrupt cable operations during critical times. MORE
💡We need a comprehensive critical infrastructure dependency analysis, which goes along with wargaming.
Actually, now that I think about it, I’m quite confident this is already happening. I just hope it’s being done with very smart red teamers on the China side flipping switches on our undersea cables, port/crane infra, etc.
The US House has voted to block the purchase of new drones from DJI, a major Chinese manufacturer, citing national security concerns. So much coverage of counter-China stuff lately. Seems like leadership is getting the message, which is great. MORE
The State Department has declared that Russia's state-owned RT news agency has become a key player in the Kremlin's military intelligence operations, including involvement in covert activities aimed at undermining American elections and democracies. I remember thinking this was happening with RT back in like 2017 or something, so—similar to China—I’m surprised it’s just now getting press. MORE
Serhii "Flash" Beskrestnov is a civilian radio enthusiast who's become a key figure in Ukraine's drone defense strategy against Russia. Operating from a mobile intelligence center in his VW van, Flash monitors Russian radio transmissions and shares his findings with over 127,000 followers, including soldiers and government officials, on social media. MORE
Continue reading online to avoid the email cutoff… AI / TECHA new paper had humans and AI create novel research ideas and then had human experts rate the ideas. And they actually preferred the AI ideas! MORE
💡This is the way to measure the abilities of AI—not with standalone testing. It’s the same with autonomous vehicle safety.
It’s not about how you think they do independently. It’s about comparing ACCEPTED METRICS between humans and the AI—as judged by humans who don’t know who made which.
OpenAI released their new o1-preview model, which is focused on reasoning. The biggest difference between it and previous models is its use of Chain of Thought (CoT) reasoning, and the fact that it actually spends time (and tokens) thinking before returning results. MORE | MY THOUGHTS ON IT SO FAR
Klarna's CEO, Sebastian Siemiatkowski, is suggesting that AI could replace enterprise software giants like Salesforce and Workday. He claims that conversational AI, like OpenAI's upcoming Strawberry reasoning model, can handle natural-language commands to build custom apps that replicate traditional enterprise functions, especially those managing corporate data. Um, yeah. It’s all going to be SPQA. MORE
AI-powered SAR satellites are now capable of detecting aircraft from space due to new radar tech. This allows for real-time monitoring of air traffic, which could have significant implications for both civilian and military applications. MORE
CardiaTec, a Cambridge University spinout, is leveraging AI to tackle cardiovascular diseases (CVD), the leading cause of death worldwide. They’re partnering with 65 hospitals in the UK and US to build a massive human heart tissue-multi-omics dataset to identify new drug candidates. Super exciting because AI needs data to form its model of the world. All the intelligence in the world doesn’t matter if you don’t have a representation of how things work. MORE
Salesforce just launched Agentforce, a suite of AI-powered agents designed to enhance human workers across various business functions, marking what they call the "third wave" of AI. MORE
Waymo's latest data shows that human drivers are responsible for most serious collisions involving its driverless cars, with 16 out of 23 severe crashes being rear-endings by human-driven vehicles. Over 22 million miles, Waymo's vehicles have been involved in fewer than one injury-causing crash per million miles, significantly outperforming typical human drivers in San Francisco and Phoenix. MORE
Tesla's Cybertruck is spiking in the electric pickup segment, with a 61% sales surge in July, outselling rivals like the Rivian R1T and Ford F-150 Lightning. So strange because they were getting slammed there for a while. I’m seeing a lot more in the Bay Area, too. MORE
The USPS has rolled out its new Next Generation Delivery Vehicles, and while they might not win any beauty contests, they're getting rave reviews from postal workers for their modern safety features and comfort, including air conditioning. MORE
Dmitry Grinberg has managed to run Linux and Ultrix on a business card, turning it into a tiny computer. The project involves using a microcontroller with just 8KB of RAM and 32KB of flash storage. MORE
There's a new study out showing that DebunkBot, an AI chatbot, can effectively persuade users to abandon conspiracy theories. The bot made significant progress in changing people's beliefs, challenging the notion that facts and logic can't combat conspiracies. What can convince you something is true can also do the opposite. This is why I’m optimistic about having AI on us all the time. Yes, it can be an Orwellian nightmare—or it can be a defender, protectors, tutor, coach, etc. That’s up to us. MORE
A community college had to cancel its CS career fair because no companies reached out to participate. Super sad, and super expected. If you have people coming out of college with a Masters in CS and they can’t find jobs, what hope do junior college prospects have? This is why we need Human 3.0; the future is connecting directly to individuals, not relying on a credential or institution. MORE
Google has officially killed off cache links that allowed users to view older versions of web pages. MORE
United Airlines is partnering with SpaceX to bring free Starlink Wi-Fi to all its planes, starting with tests in early 2025 and full passenger flights later that year. MORE
HUMANSUkraine just launched its biggest drone attack on Moscow yet, hitting the region with 144 drones. The strike resulted in one casualty, set several homes on fire, and led to the temporary shutdown of Moscow's four airports. Someone explain how Ukraine can possibly be winning this. Completely insane to me, in the best possible way. MORE
Sweden is increasing how much it’s paying migrants to go home. It’s now up to $34,000. MORE
NASA's Advanced Composite Solar Sail System (ACS3) has successfully deployed its ultra-thin solar sail in low Earth orbit, making it visible in the night sky from various locations worldwide. The spacecraft's reflective surface can appear as bright as Sirius, and NASA's mobile app now helps users spot it using augmented reality. Can’t wait to see this! MORE
C/2023 A3, also known as Tsuchinshan–ATLAS, is being hailed as "the comet of the century" and will be visible in September and October 2024. This comet is expected to be exceptionally bright, with its peak visibility on October 2, when it will be positioned between Mercury and Venus but closer to Earth. For the best viewing experience, look towards the horizon just before sunrise between 5 am and 7 am starting September 27, as it won't return for tens of thousands of years. MORE
The US is closing a trade loophole that ecommerce giants Temu and Shein have been exploiting. This loophole allows them to ship goods directly to American consumers without paying tariffs, which has given them a competitive edge over domestic retailers. MORE
There's a leaked PDF that details Mr. Beast’s unique company culture and strategies for creating viral YouTube content. MORE | ONE PAGE SUMMARY
This person says sunlight cured their migraines. It’s not a study, but I figured most people have tried everything so why not something else. MORE
Lara Hogan's piece on being a thermostat, not a thermometer, dives into how we can influence the mood in our work environments rather than just reacting to it. MORE
Content-driven development is a strategy for making progress on side projects by focusing on creating small, shareable pieces of work. MORE
In 1913, Vienna was quite a place to hang out, with Adolf Hitler, Leon Trotsky, Josip Tito, Sigmund Freud, and Joseph Stalin all residing in the city at the same time. MORE
DISCOVERYMerkleMap CLI — This command-line tool lets you search and enumerate subdomains using the Merklemap API, and even tail live subdomain discoveries in real-time. MORE
A 71 TiB ZFS NAS built with twenty-four 4 TB drives has lasted over a decade without a single drive failure, thanks to a strategy of keeping the server off when not in use. MORE
RAMBO Attack — Dr. Mordechai Guri has unveiled a new side-channel attack called RAMBO, which uses radio signals from a device's RAM to exfiltrate data from air-gapped networks. Let me guess—University of Tel Aviv? Israelis are the side channel GOATs. MORE
6 Techniques I Use to Create a Great User Experience for Shell Scripts — This post dives into creating user-friendly shell scripts with techniques like comprehensive error handling, colorful output, and detailed progress reporting. Soooo good. MORE
Soundiiz — Created by two friends in France, Soundiiz is a tool that lets you transfer playlists between Apple Music, Spotify, YouTube Music, and a host of other streaming services. MORE
Nothing — This is a timer that celebrates the art of doing absolutely nothing. It's not about staring at your screen but about stepping back from the chaos and embracing stillness. MORE
RAG Pipeline Quickstart with Pinecone — This guide walks you through setting up a pipeline that pulls data from an Amazon S3 bucket, creates vector embeddings using OpenAI's embedding model, and stores them in a Pinecone search index. MORE
Semantic Image Search CLI (sisi) is a new tool that lets you perform semantic image searches locally without relying on third-party APIs. MORE
IDEASI love it when experts completely disagree about a really important thing. It forces people like me to do tons of heavy reading so I can approach things from first principles.
RECOMMENDATION OF THE WEEK
You know what trips me out?
I follow several of the best China experts out there, and have read several books about their economy, but week to week it's impossible to know if they're about to crash or about to take over the world.
The opinions vary that widely.
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ (@DanielMiessler)
4:38 PM • Sep 16, 2024
Actively guard against age-related lock-in (it starts around 30).
Listen to new music. Read new books with new ideas. Talk to new people. Go to strange restaurants. Try new foods.
Don’t let your experiences reduce into a tighter and tighter death-spiral.
Variation keeps your mind young.
APHORISM OF THE WEEK Become a Member to lower my diastolic blood pressure by 21.6 points.Powered by beehiiv
September 15, 2024
The Art Quality Tier List (AQTL)
I think I finally figured out what art is. Took me decades.
Here’s my definition, which has two primary components:
Indirect expression of something that matters to humans.
So that’s two pieces:
Indirect expression
Of something that matters.
The indirect part is key. You can’t just clinically describe the scene of an accident like a forensic pathologist 1 . With art, you’re showing rather than telling. You’re presenting one thing, and what comes through is something else.
And the second piece is that whatever you’re trying to convey has to matter. To humans. To us. It needs to have valence. And the more it matters—and the deeper we feel it as the consumer of the art—the better.
So that’s the definition. As for the execution, I think three components cause us to move up in the tier list we see above.
The quality of the message
The quality of the expression
The authenticity of the exercise
The message is the thing being conveyed. Pain, happiness, existential dread, etc. And the more powerful, complex, or nuanced, that is—the better the art. Then there’s the execution of the transfer mechanism—so like the quality of the song, or painting, or whatever. Those are the two big ones.
And then there’s the authenticity. We humans often care about the story behind a piece of art because it adds (or detracts) from the meaning. For example, if you love a piece but find out it was made on a dare in 30 minutes to prove that one can create a painting without feeling anything, the emotional value of the piece goes to zero.
A quick note on AI artThis is instructive for looking at the pushback against AI art.
There’s a hidden assumption in art that the thing being communicated was actually being felt by the artist.
I think this explains why many are angry about AI art. As good as AI is right now, nobody's arguing that AI creating an image or video is feeling anything.2
So that's a fair point against AI art: It can’t be conveying emotion because no emotion is being experienced by the artist.
But I think there's another looser way to define art that’s also captured in the Tier list, which is on the receiving end. In other words, if the viewer of the art feels a thing, and that thing matters to them as a human, then I think we can still argue it's art.
It’s still indirect communication, and it still conveyed something that matters—it’s just not authentic. And that’s how we end up with the tier list.
An art enjoyment methodologyI love turning knowledge into methodology, so here’s my recommended approach for beginners looking to enjoy art.
Start by feeling the piece. No thinking. No analyzing. Just take it in and experience how it makes you feel. Let that go on for a while, preferably in silence.
Now that you have a sense of how it affected you, analyze the message you believe it’s trying to convey. Imagine what this person might have been feeling that drove them to create this.
Now that you have the message—or a possible message—analyze how it was transmitted to you. Think about the techniques used, and how they might have contributed to the impact.
If you’re with a friend, do this in silence for however long that takes to do 1-3, and then discuss their results of doing the same methodology.
As mentioned, I’m very much an art amateur, so I look forward to feedback from people who’ve thought about this for a long time. 3
1 It’s quite possible, obviously, to describe something artistically—which is why I used the word “clinically” here.
2 I suppose it’s possible for someone to feel something and then use AI to try to convey it, but the disconnect between the artist and the expression arguably detracts from the authenticity. I think this could change depending on implementation and over time as well.
3 Thanks to Kelly Small and Saša Zdjelar for their wisdom and contributions on this. Saša because he’s the first person I did this enjoyment methodology with, and Kelly because she’s my sister and an artist herself.
Powered by beehiiv
September 10, 2024
UL NO. 449: China Hits US ISPs, NIST CSF 2.0, Russian Intel Attacks, Stagnant Companies...
SECURITY | AI | MEANING :: Unsupervised Learning is a stream of original ideas, story analysis, tooling, and mental models designed to help humans lead successful and meaningful lives in a world full of AI .
Continue reading online to avoid the email cutoff… TOCNOTESHey there!
Super happy that we’ve been adding way more content to the podcast—including shorter clips that cover one particular idea. Here’s a good example of a clip about hiring the best talent. LISTEN TO THE CLIP | SUBSCRIBE ON APPLE | SUBSCRIBE ON SPOTIFY | SUBSCRIBE WITH YOUR CLIENT
—
This new keyboard I am using has the sexiest keypress sound and feel I’ve ever experienced. It’s called the Aula F75. I’ve had way more expensive keyboards (this one’s only like $70), but none have sounded and felt this good. Looked better? Maybe. But not felt better. MORE | TYPING SOUND
—
I continue to be blown away by the idea of encapsulating what people think the biggest problem in the world is, using extract_primary_problem. It’s a really powerful way to see what people prioritize—or perhaps should prioritize? That’s the point; it’s just very illuminating. USE THE PATTERN
echo “victor frankl’s work” | fabric -sp extract_primary_problem
“The lack of meaning in life leads to suffering and existential despair.”
🤯
—
My keynote at SANS went really well! Almost 30 minutes of questions afterwards! Was really fun seeing and talking to everyone. 🙏
—
I’m experimenting with some micro art/fiction on X. EXAMPLE
—
Working on a ton of Flagship content right now.
Defining Human 3.0
A piece on Security / Asset Management / AI
How to Write Fiction Using AI
A number of others
Can’t wait to get these out!
(NOTE TO SELF: This is NOT a substitute for doing the work!)
—
The End of Work
My big, depressing, and optimistic theory for why it's so hard to find and keep a job that makes you happy
danielmiessler.com/p/real-problem-job-market
SECURITYChinese government-backed hackers have been infiltrating U.S. internet service providers to spy on users, according to private security researchers. The attacks are described as unusually aggressive and sophisticated, targeting at least two major providers with millions of customers, along with several smaller ones. MORE
Halliburton confirmed a cyberattack where intruders accessed and exfiltrated data, with the ransomware group RansomHub claiming responsibility. I really hope it’s financial vs. espionage-related. MORE
Predator spyware is back with new features that make it even harder to track. Its infrastructure has re-emerged in places like the Democratic Republic of the Congo and Angola, and the latest updates further anonymize its operations. MORE
The latest version of the NIST CSF, CSF 2.0, introduces "Govern" as a new step and focuses on continuous improvement to adapt to emerging threats. Complementing CSF is the Continuous Threat Exposure Management (CTEM) framework, which enhances threat detection and mitigation by continuously monitoring and assessing threats. MORE
Sponsor
AI Risk Management Frameworks: The Guide for Cyber Pros
Navigating the complexities of AI risk management can be daunting. But with Hyperproof’s comprehensive guide, you don’t have to go it alone. Our Guide to AI Risk Management Frameworks is your go-to resource for mastering AI risk assessment and ensuring robust, responsible AI deployment.
🔍 What’s Inside?
Expert Insights: Dive into the latest frameworks shaping the future of AI risk management.
Practical Strategies: Learn actionable techniques to identify, assess, and mitigate AI risks.
Real-World Applications: Discover how leading organizations are successfully managing AI risk.
Whether you're a seasoned pro or just starting out, our guide equips you with the knowledge to tackle AI challenges head-on. Stay ahead of the curve and lead your organization with confidence.
hypreproof.io/guide-to-ai-risk-management-frameworks
Read NowMaltese security researchers have been charged after discovering a flaw in the FreeHour app and reporting it for a bounty. Unlike many countries that protect good-faith researchers from prosecution, Malta lacks such laws, leading to their arrest and upcoming trial next year. MORE
The U.S. Space Force is gearing up for potential conflicts in space with countries like China and Russia. They’re focusing on developing capabilities to protect American satellites and other space assets. MORE
Sponsor
Your SOC's New Best Teammate
The reality for most SOC teams? Too many alerts, not enough hands to handle them all. It's exhausting, and important threats can easily slip through the cracks. Enter Dropzone AI - the AI SOC analyst that works around the clock. It doesn't just flag alerts; it digs deeper, pulls in the context, and gives you a clear path forward. It's like adding an extra set of expert eyes to your team, but without the burnout. Want to see how it could make a difference for your SOC?
Watch It WorkThe U.S. is offering a $10 million reward for information on the Russian hacking group Cadet Blizzard, linked to the GRU's Unit 29155, which has been particularly focused on disrupting aid to Ukraine. They’ve been using tactics like deploying WhisperGate malware and exploiting vulnerabilities in Atlassian Confluence, Dahua Security, and Sophos' firewall. MORE
The NSA is launching a new podcast called "No Such Podcast," where they'll share stories about past missions, starting with their role in the takedown of Osama bin Laden. Love this. MORE
Evidently, a lot of people use the "I forgot my password" feature as a de facto login method. This is why it’s so important to think about system design and incentives when building UIs. MORE
A Starlink satellite dish was used on a US Navy ship for an illicit Wi-Fi network named "Stinky," which was used for streaming and civilian communication. The Navy demoted the senior enlisted leader responsible for being awesome. MORE
Continue reading online to avoid the email cutoff… AI / TECHApple released their September updates yesterday and they were decent. I am definitely getting a new watch, but I’m not sure if it’ll be a Black Ultra 2 or a new Series 10. I’ll decide when I see them on the morning of the 20th after camping. : ) I’m also getting the new Airpods 4 just because mine are glitching right now and there’s a chance that the version of the Airpods 2 Pro features I currently have have been updated in the Airpods 4. And if not, I’ll just return them and get a new pair of Pro 2’s. For the phone I’ll probably do the darkest grey/black 16 pro (not the max). Which are you getting?
Nvidia's RTX 50-series GPUs, including the RTX 5080 and RTX 5090, are expected to have their designs finalized this month, with a potential launch in late 2024 or early 2025. MORE
Nvidia's AI GPUs are cheaper to rent in China than in the U.S., with small Chinese providers offering 8-way Nvidia A100 servers at about $6 per hour compared to $10 in the U.S. This price difference is largely due to a robust resale market and smuggling, despite U.S. export restrictions. MORE
Trump is launching a crypto project, but there are concerns that 70% of tokens are being allocated to insiders—a figure Coindesk calls "unusually high." MORE
Ilya Sutskever's new AI startup, SSI Inc, has just raised a $1 billion seed fund, basically, to build safe superintelligence. A lot of people are seeing this as being paid to build safe ASI, but it’s really being paid to build ASI, safely. Big difference. MORE
Visa is set to launch a new account-to-account (A2A) payment service in Europe, allowing users to make direct bank transfers without using credit cards. MORE
Engineers from Cornell and Florence University have developed a biohybrid robot that uses electrical signals from a king trumpet mushroom to move and sense its environment. MORE
The 2024 Annual Work Trend Index from Microsoft and LinkedIn reveals a shift in employer preferences, with 71% of leaders favoring candidates with AI skills over those with industry experience. Despite this demand, only 25% of companies plan to offer AI training, leaving many workers to upskill independently. As AI continues to reshape the job market, professionals are advised to adapt quickly by learning AI tools to stay competitive. MORE
The Wall Street Journal is highlighting a trend where small startups are increasingly influencing the U.S. economy. These much smaller companies are leveraging technology and remote work to compete with larger firms. MORE
💡I’ve been thinking about this for the last few weeks, but I was going to state it more forcefully.
I think people are about to realize that most medium to large companies have become ineffective.
They lack vision and focus, there’s too much bureaucracy, and they have giant workforces that are hired for a worker-bee mentality, not for being exceptional or innovative.
This is another part of The End of Work I talked about recently, where much of the innovation in the world moves away from big companies and towards individuals and dynamic startups.
This is also what Marc Andreessen talked about in his conversation with Huberman.
Related to that (perhaps), Paul Graham's latest piece called Founder Mode looks at how bigger companies make the mistakes talked about above, and how it’s better if you stay in a more innovation-focused mindset. It’s a great read. MORE
Oakland Police are using Tesla's Sentry Mode footage to aid crime investigations by towing the vehicles when owners can't be found. MORE
Waymo is tackling the skepticism around its autonomous vehicles by launching a new safety hub filled with data and charts to prove their safety over human drivers. MORE
Joshua Austin's "A Manifesto for Radical Simplicity" argues for a streamlined approach to software delivery, ditching subjective metrics like story points in favor of focusing on real dependencies and outcomes. He emphasizes working on one task at a time, embracing change, and ensuring that software enhances rather than restricts human agency. MORE
Bluetooth 6.0 is here, and it's all about precision and security. The Bluetooth Special Interest Group (SIG) has introduced a feature called Channel Sounding, which uses phase-based ranging to achieve centimeter-level accuracy in tracking the distance between devices. MORE
Akara Etteh's phone was snatched in London, and despite tracking it with Find My iPhone, he watched it travel around the city before ending up in Shenzhen, China. MORE
HUMANSChinese President Xi Jinping has pledged to create over one million jobs in Africa, alongside $51 billion in financing for 30 infrastructure projects. MORE
💡I can’t stand seeing Africa become an extension of China. But it’s pretty hard for the West to even notice, given their history. The question is how long we’ll let that guilt be an obstacle to opposing China there.
A whole bunch of right-wing influencers received millions from Russia in return for promoting pro-Russian talking points. Hilarious to me since their whole narrative is to be skeptical and discerning. Except when it comes to obvious Russian propaganda. MORE
💡Here’s another way to think about it, from a guy who did some intel stuff in the Army.
Here are two probably unrelated phenomena.
1) We know for absolute certain that Russia is trying to use its significant propaganda capabilities to influence the right wing in the United States to be pro-Russia and anti-Ukraine.
2) The right-wing in the United States is now almost completely pro-Russia and anti-Ukraine.
Probably just a coincidence.
💡A brief political aside:
I already know I’m going to get hate mail about the point above because I’m a “crazy liberal”. Then I post lots of other stuff about the Far Left and their idiocy, and I get tons of comments about being “too far right”.
I ask you to consider another possibility: I’m actively considering each position from first principles. I’m not perfect, and I can be wrong, but I put a LOT of effort into having my own opinions that are not part of a tribe of pre-approved options.
Perhaps the best way to sum me up right now is that I am Liberal in my goals, and somewhat Conservative in my approach.
Meaning:
I want a planet full of lots of different colors and ethnicities of people—all thriving together. A secular society that encourages any religion but doesn’t allow any of them to infringe on government or the ideals listed here. Gender identity and private sexual behavior between consenting adults are all personal choices and nobody’s business. Basically, the freedom for everyone to strive to be the best versions of themselves that they can, and a society that sees that as simultaneously a matter of personal responsibility but also helps those on that path. So, free speech, the ability to offend people with difficult ideas, the concept of meritocracy, the emphasis on personal responsibility, etc.—but also the acknowledgment that some people and groups need help getting to the point where their personal responsibility can take root and help them thrive. And that it’s society’s responsibility to give that to them. In other words, if everyone had the same opportunity, I’d be fiercely all about the meritocracy. But not everyone has the same opportunity, so that’s the role of society, and charity, and kindness—to help them get to the place where their hard work can benefit them.
I see the Far Right AND the Far Left as being in opposition to these liberal ideals right now.
The Far Right because they want the wrong things. And the Far Left because they are so confused about how the world works that they’re causing more harm than good.
Anyway, that’s a short version of where I currently stand. Please refer to the above if you ever think I’m too left or right. : ) Also, consider making your own North Star paragraph like the above so you can answer similar questions about your positions.
North Star + First Principles is far better than picking a tribe and endorsing everything they say.
Sweden's health authority has issued new guidelines advising that children under two should have no screen time, while teenagers should be limited to three hours a day. Seems like a good start to me. MORE
A lot of people are starting to say (and supported by numerous studies) that exercise could be the most potent medical intervention we know of. MORE
David Brooks discusses Ted Gioia's essay on the decline of American culture, where art is overshadowed by entertainment, and now even entertainment is being consumed by distraction from platforms like TikTok and Instagram. MORE
A photographer is documenting the life and beauty of America's last old-growth forests, capturing the intricate ecosystems and the unique species that call these ancient woodlands home. MORE
The article explores the belief that there's a place for everyone, suggesting that every person has a unique purpose and value. It argues that our diverse traits and experiences create countless niches in society, yet many people struggle to find their fit due to globalization of attention, lack of guidance, and the misconception that fitting in should be effortless. MORE
Marco Giancotti argues that with millions of books available, only a select few—what he calls "Damned Good Books"—are truly life-changing. These are the books that transform you, offering new perspectives or knowledge that sticks with you and becomes part of your mental toolkit. He suggests being ruthless in selecting and discarding books to maximize the number of these transformative reads in your lifetime. MORE
Phoenix just hit 100 consecutive days of 100-degree heat, smashing the previous record of 76 days set in 1993. MORE
DISCOVERYllm.sh — This is a bash wrapper around Python's mlx_whisper designed to utilize the GPU on a Mac for audio transcription. MORE
hnterm — Lets you browse Hacker News right from your terminal. MORE
DungeonDash — A command-line RPG where you dive into dungeons, battle enemies, and collect loot to level up and become the ultimate hero. Each dungeon offers unique challenges, from battling the Forest Guardian in the Enchanted Forest to facing the Magma Lord in the Volcanic Lair. MORE
The NSA's "National Cryptographic School Television Catalogue" from 1991 has surfaced, listing around 600 training videos on COMSEC and SIGINT. MORE
IDEAS
Here’s an extraordinarily simple template you can use to orient your life.
—
I believe one of the biggest issues in the world is $PROBLEM.
Which I am looking to solve using $STRATEGY.
That is why I am doing these $PROJECTS.
And I’m measuring my success using $METRICS.
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ ⚙️ (@DanielMiessler)
5:07 PM • Sep 7, 2024
RECOMMENDATION OF THE WEEK
The more I think about it, the more I think a major career for creators going forward will be building entire realities for people to live inside of.
So think post-AG/SI and post UBI, and where games are extraordinarily immersive.
I think there will be a huge market for… x.com/i/web/status/1…
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ ⚙️ (@DanielMiessler)
8:13 PM • Sep 4, 2024
I’ve been a bit obsessed with problem definition lately, so here’s my recommendation for the week.
Get really good at articulating and prioritizing your problems.
Like, write them out in vast detail. Make yourself an expert in them. It takes away their power, kind of like staring directly at anger when meditating.
This also happens to be the key to brilliant AI prompting. It’s an extension of know thyself.
APHORISM OF THE WEEK Become a Member to find other kind people who love to readPowered by beehiiv
September 3, 2024
UL NO. 448: TSA SQLi, NYT Github, NK RPM, NVIDIA Mystery...
SECURITY | AI | MEANING :: Unsupervised Learning is a stream of original ideas, story analysis, tooling, and mental models designed to help humans lead successful and meaningful lives in a world full of AI .
Continue reading online to avoid the email cutoff… TOCNOTESHey there!
Ok, few quick things…
🎙️➡️Please resubscribe to the podcast. The podcast URL is updated and there’s a lot more content now each week! RESUBSCRIBE WITH YOUR FAVORITE CLIENT
My new favorite Fabric Pattern is one I just made called extract_primary_problem. It takes a text input, or a body of work, and gives a single sentence summarizing what that thinker believes the biggest problem in the world. This one ran on this article.
THE PATTERN
From If Your World Isn’t Enchanted, You’re Not Paying Attention
I’m absolutely blown away that I can now take ANYTHING and send it in here, like Tolstoy, the Unabomber, Dr. Ruth—whoever! And it will encapsulate their work into a problem that needs to be solved. Which we can then put into Substrate.
My other recent favorite is create_story_explanation, which explains a really difficult piece of content, or body of work, in a flowing story style that’s much easier to follow. THE PATTERN
MY WORKWe've Been Lied To About Work
My big, depressing, and optimistic theory for why it's so hard to find and keep a job that makes you happy.
danielmiessler.com/p/real-problem-job-market
SECURITYResearchers have discovered a SQL injection vulnerability in a critical air transport security system that could let unauthorized individuals bypass TSA security checks and access aircraft cockpits. MORE
The New York Times has revealed a significant breach involving GitHub tokens. Attackers exploited these tokens to gain unauthorized access to various repositories, potentially compromising sensitive data. MORE
Researchers from OpenAI, Microsoft, MIT, and Harvard have proposed "personhood credentials" to verify real humans online without revealing their identities. This system would require physical verification at trusted locations and use zero-knowledge proofs to confirm authenticity online. MORE
💡Really interesting project. So you have to validate who you are with a real address and such, but ZKP would protect that data during operations.
I love it, but we have to know the backend database will get hacked at some point too. Not sure how bad that would be relative to today, though, so probably still an upgrade.
Sponsor
Achieve scalable SaaS security while reducing spend
Learn how cloud-first org Stravito scaled their SaaS security program with Nudge Security while cutting SaaS spend and supporting rapid company growth, achieving these results:
Immediate visibility of their entire SaaS footprint
Cost savings from unnecessary SaaS licenses
Streamlined user access reviews
Faster vendor security reviews
Complete (and automated) employee offboarding
nudgesecurity.com/case-study/stravito
Read the Case StudyRecorded Future has announced a new integration with Google Security Operations, enhancing both SIEM and SOAR components. This integration aims to drive greater automation in threat detection and response, enabling security teams to manage more threats efficiently and focus on strategic decision-making. MORE
North Korean hackers are back to targeting the npm code repository with malicious packages. Phylum, a cybersecurity firm, has identified renewed activity from groups like Contagious Interview and Moonstone Sleet, who are using npm to spread malware. MORE
US Army Special Forces showed their hacking skills during the Swift Response 24 military exercises in Sweden. They used a remote access device to hack into a building's Wi-Fi, disable security systems, and then stormed the building, leaving behind signal-jamming equipment and a laptop playing Rick Astley's "Never Gonna Give You Up." MORE
Chinese companies are planning to launch over 15,000 low-Earth-orbit satellites, which Mercedes Page from the Australian Strategic Policy Institute warns could enable countries using Chinese broadband services to control information flow, monitor user activity, and even shut down the internet during unrest. MORE
Las Vegas police are pushing back against a new NFL policy requiring officers working Raiders games to provide photos for facial recognition. The police union is concerned about the potential misuse of biometric data and the risk of officers being targeted. MORE
Continue reading online to avoid the email cutoff… AI / TECHGoogle has announced new variants of its Gemini 1.5 model, including the smaller Gemini 1.5 Flash-8B, an improved Gemini 1.5 Flash, and a stronger Gemini 1.5 Pro. OpenAI keeps making everyone weight (sorry) for their new model, or half-model, which appears to be something called Orion that uses their new Strawberry technology. MORE
California's AI regulation bill, SB 1047, has passed the state Senate with a 29-9 vote and is now heading to Gov. Gavin Newsom's desk. It’s a set of rules saying companies making models of a certain size must have certain safety measures in place. MORE
OpenAI is reportedly in talks to raise a new funding round at a valuation exceeding $100 billion, led by Thrive Capital, with Microsoft also expected to participate. NVIDIA and Apple have also been rumored. MORE
OpenAI has enhanced its Assistants API, making it easier for developers to fine-tune how AI assistants handle file searches. The new controls allow developers to adjust how agents select information and inspect search results, improving response accuracy. MORE
💡This is a much-needed upgrade. The features and ease-of-use for a RAG system is the difference between popularity and obscurity.
Companies like JPMorgan and Walmart are shifting from restricting generative AI tools like ChatGPT to developing their own internal AI assistants. Basically, they can’t pass it up, but also can’t risk using the cloud versions. MORE
Cisco is acquiring Robust Intelligence, a company that secures AI applications. I’m not close to the details, but from Cisco this feels desperate to me. Like, “We know we’re screwed, let’s do something AI before it’s too late.” MORE
Plaud.AI's new NotePin is a wearable version of its previous credit card form factor. I have one on order. MORE
Amazon is set to release a new version of its Alexa voice assistant in October, and it will be powered by Anthropic’s Claude AI models. MORE
Nearly half of Nvidia's revenue comes from just four mystery customers, each spending over $3 billion on AI chips like the H200. This heavy reliance on a few major clients raises concerns about the sustainability of Nvidia's rapid growth. Well more than that I’m just really curious who they are, and I’m surprised it’s not easier to find out. MORE
AnandTech is shutting down after 27 years of covering computing hardware. Really sad. They said Tom’s Hardware will carry their torch. MORE
China's 'Wukong' game just sold 10 million copies in three days. This is a massive hit and shows the growing influence of Chinese game developers in the global market. MORE
Huawei posted record profits in the first half of 2024, hitting $7.7 billion in net profit despite ongoing U.S. sanctions. Their revenue surged by 34.3% year-on-year to CNY 417.5 billion, driven mainly by a revival in their consumer business and rapid growth in Huawei Cloud. Imagine what they’d have done without the US headwinds. MORE
A woman in California used an Apple AirTag to track down her stolen mail, leading to the arrest of two suspects in Santa Maria. The suspects, Virginia Franchessca Lara and Donald Ashton Terry, were found with mail addressed to over a dozen people and are facing multiple felony charges. MORE
HUMANSAnarchy in Sudan has led to the worst famine the world has seen in 40 years. The chaos has disrupted food supplies and aid, leaving millions on the brink of starvation. MORE
Nearly half of NYC bus riders skip paying the fare, causing significant revenue loss for the MTA, which is already under financial strain. 48% actually. Half? Wow. MORE
Researchers at the University of Kentucky have found that long COVID patients show brain changes similar to those seen in Alzheimer's disease. The study, published in Alzheimer's & Dementia, highlights shared issues like neuroinflammation and abnormal brain activity, suggesting common underlying mechanisms. MORE
Scientists have discovered that the interaction between two molecules, PKMzeta and KIBRA, is crucial for maintaining long-term memories. Blocking this interaction disrupts memory storage, highlighting the importance of their continual interaction rather than the molecules themselves. MORE
Ozempic, a drug for Type 2 diabetes and obesity, might also slow aging, according to new studies. Researchers found it could treat illnesses like heart failure, arthritis, Alzheimer's, and cancer, and even reduce death rates from cardiovascular issues and Covid-19. MORE
💡All this Ozempic news of it addressing more and more issues feels like it’s hitting something extremely fundamental, like inflammation—which has long been pointed at as a meta-cause or meta-symptom in lots of other diseases. I’m not saying it’s actually inflammation, just that it seems to be affecting something fundamental.
I mean, could that just be being thinner and having less visceral fat? Curious if any of you experts have opinions.
A CIA deep-cover operative, known as "Anthony Lagunas," spent years infiltrating Islamist extremist groups, even reaching Al Qaeda's broader network. Tragically, the psychological toll of his mission led to his death in 2016, raising questions about how the CIA supports its operatives' mental health. MORE
More people are going "no contact" with their parents, driven by a mix of personal growth and unresolved conflicts. MORE
DISCOVERYwush — wush is a command line tool for transferring files and opening shells over a peer-to-peer Wireguard connection. It eliminates the need for relay servers for authentication, using Wireguard for secure and fast connections. The tool leverages Tailscale's tsnet package and public DERP relays, but no Tailscale account is required. MORE
firecrawl — Crawl sites using Claude or GPT and turn the output into LLM-ready Markdown. MORE
history4feed — Dogesec developed an open-source tool that creates a complete historical archive of full-text posts from any RSS or ATOM feed. The tool uses the Wayback Machine and readability-lxml to scrape and clean up blog content, making it easier for researchers to access comprehensive cyber threat intelligence. MORE
The Most Dangerous Email I’ve Ever Sent MORE
Ask HN: Who Wants to Be Hired? — A Hacker News thread for people looking for work. MORE
My buddy Clint Gibler did an EPIC post summarizing every AI talk from Blackhat and DEFCON 2024. MORE
Using GPT-4o for Web Scraping MORE
Three questions candidates can ask to invert the power dynamic in technical interviews. MORE
The Hatch Restore 2 is a smart alarm clock designed to mimic sunrises and sunsets to help you wake up more naturally. I’m close to getting one, but I’m stopped by a simple fact: I get natural light in my windows in my bedroom when the….um…..sun, comes up. But I wear an eye mask to sleep. So I feel like this would be the worst kind of over-engineering. Still kind of want one. MORE
IDEASBeware of Commodified Incuriosity
This piece looks at the concept of "commodified incuriosity," where the act of researching and thinking is replaced by a focus on efficiency and productivity. I think it’s a great way to look at things, and a reason to be cautious with the overuse of something like extract_wisdom. Basically, a big part of learning something is struggling with it. This is why AI tooling focused on learning should be used—in my current opinion—to help you find things to slow read. And then you think about it. And then you can use something like extract_wisdom to help you make sure you don’t miss things in notes, etc. But don’t think that anything other than future learning implants can substitute for the hard work of actual thinking and processing. MORE
Depression as a Hand on a Stove
This argument suggests that instead of trying to eliminate depression, we should see it as a signal to make life changes. I think that’s absolutely true, but there are some cases where it’s pure chemistry out of whack. And I don’t know the difference between those. MORE
Attention → Enchantment
The piece argues that being enchanted by the world comes from learning to pay attention to it. I feel like learning to meditate (which is really just paying attention in my Sam Harris-based school), combined with music festivals, I’ve learned to truly appreciate small things in daily life. It’s made me a very happy person. I really feel like it’s a cheat to be able to extract this much joy from your neighbors, and seeing people going for a walk with their little kid, or hearing distant children playing. This also relates to framing, but the attention piece is key. MORE
Rarity and Beauty
I often wonder how much of beauty is just rarity. There are lots of seagulls at the lake I visit often. I barely notice them, by default. But I actively try to look at them sometimes as if they’re rare. To trick my mind into noticing their beauty. Ralph Waldo Emmerson has a quote, “If the stars should appear but one night every thousand years, how man would marvel and stare.” That’s really it, and I often think about how much beauty we have in our lives that we ignore because it’s either “common” or “omnipresent”. Or maybe those are the same in this context. I feel like the Stoics had it figured out when they taught the exercise of imagining your life without certain things. I try to do this, and it does help me appreciate them.
Two Bad Choices in November (Political, skip if you want)
I’ve heard for decades that “this election is between two bad choices”. I don’t know when people didn’t say that. I suppose maybe Ronald Reagan and Obama? Anyway, I really feel it this year. Personally. I cannot shake the feeling that Kamala is just a really bad candidate. Like, really bad. Like, vapid. And I see electing her as an extremely dangerous extension of the Far Left. The only thing I see as far worse, is Trump V2. Trump is, in my opinion, an actual wannabe dictator, and his fans are actually looking for one. Scares the crap out of me. What’s interesting though, is how different the dangers are. I think Kamala will further deteriorate the country through weakness, failure to address real problems, and harmfully addressing fake problems. And Trump will cause harm by creating chaos, disorder, and making the entire American system more cynical than it already is. A lot of people on the right think chaos is good, “cuz we need a shakeup”. Nah. not like this. Plus, the world will turn against us again, just like the first time. It’s just bad. But he will also do some good, just as Kamala will. It’s a mix, and a mess. I’m starting to think in terms of my recommendation of the week this week. Like my frustration is too much, and I feel helpless to assist. How about you?
Here’s a frame to try on: You become what you pay attention to.
It’s election year in a few places, including the US. The world is on fire. Politics are a mess everywhere. And it seems like the very fabric of Steven Pinker’s last couple of books has completely unraveled.
But maybe we have an option other than staring directly into the toilet. Maybe all the beauty in the world is still there. And maybe we can focus on that instead. Or at the very least—not on the toilet.
I’m not saying to be cowardly. If you’re one of the few people who can actually change lots of minds and help the world in some way, maybe you should serve time in the toilet that is our current situation. But that’s probably not the case. Most of us won’t be missed on those front lines.
So maybe instead we can use these few months to make a list of best poetry books. Or start a D&D campaign. Or to learn to play piano. Maybe we can focus our attention on the great stuff in the world that we always said we’d look at “later”.
Now is a pretty good time to do that. It’s a good time to fill our attention with that instead of the ugliness in the world. So we can become that goodness for someone else.
APHORISM OF THE WEEK Become a Member to interact with more positive people like yourselfPowered by beehiiv
Daniel Miessler's Blog
- Daniel Miessler's profile
- 18 followers
