urlscan.io logo urlscan.io
SecurityTrails logo

danielmiessler.com Open in urlscan Pro
2606:4700:20::681a:768  Public Scan

Back to summary
Submitted URL: http://link.mail.beehiiv.com/ss/c/u001.Yq9DzIZAkJMGQu_mc2P0Dn68EHlSt5O2f01Ixf9qghf9-Z1w36y92ZVljvCYHVvoftrdI9yW4er3IEaOmF25Md...
Effective URL: https://danielmiessler.com/p/ul-451?_bhlid=4bc60e49d78aae55baea4741931ddb3ede1f5b6d&last_resource_guid=Post%3A795d6e11-6020...
Submission: On September 24 via api from IE — Scanned from GB

Form analysis 2 forms found in the DOM

POST /post_like

<form class="group relative top-[3px]" action="/post_like" method="post"><input type="hidden" name="post_id" value="795d6e11-6020-42dd-b611-bf68ddc72a17"><input type="hidden" name="subscription_id" value="49632698"><input type="hidden"
    name="user_id"><button type="submit">
    <div class="text-wt-text-on-background opacity-50 group-hover:opacity-100 flex items-center">
      <div class="rounded-full p-1 hover:bg-[#f3f4f6]"><svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="h-7 w-7 outline-none h-4 w-4 stroke-1">
          <path stroke-linecap="round" stroke-linejoin="round" d="M21 8.25c0-2.485-2.099-4.5-4.688-4.5-1.935 0-3.597 1.126-4.312 2.733-.715-1.607-2.377-2.733-4.313-2.733C5.1 3.75 3 5.765 3 8.25c0 7.22 9 12 9 12s9-4.78 9-12Z"></path>
        </svg></div><span class="hidden text-transparent text-sm font-medium group-hover:opacity-100">0</span>
    </div>
  </button></form>

POST /create

<form class="group w-full rounded-wt bg-transparent" action="/create" method="post"><input hidden="" value="" name="ref"><input hidden="" value="" name="bhba"><input hidden="" value="123e7c87-a9b6-47cd-8def-c073db3a84e5" name="visit_token"><input
    type="hidden" value="" name="cf-turnstile-response"><input type="hidden" name="redirect_path" value="/subscribe?recommendations=true&amp;email="><input type="hidden" name="sent_from_orchid" value="true"><input type="hidden" name="fallback_path"
    value="/p/ul-451"><input type="hidden" name="is_recaptcha_enabled" value="false"><input type="hidden" name="double_opt" value="false"><input type="hidden" name="trigger_redirect" value="true"><input hidden="" name="subscribe_error_message"
    value="Oops, something went wrong."><input hidden="" name="subscribe_success_message" value="Subscribed!">
  <div class="flex flex-col">
    <div style="background-color:#F9FAFB;border:2px solid #02349a" class="flex w-full flex-col items-center sm:flex-row overflow-hidden rounded-lg">
      <div class="flex w-full items-center" style="background-color:#F9FAFB"><input type="email" autocomplete="email" required="" style="font-family:Lora;color:#111827"
          class="wt-button-font z-10 w-full border-none bg-transparent placeholder-shown:text-ellipsis text-lg focus:text-lg active:text-lg sm:text-lg" placeholder="Your best email…" name="email"></div><input type="submit"
        style="background-color:#02349a;color:#FFFFFF;font-family:Noto Sans" class="cursor-pointer px-5 py-3 font-semibold w-full sm:w-auto text-lg focus:text-lg active:text-lg sm:text-lg rounded-lg rounded-none sm:rounded-lg-r" value="Subscribe">
    </div>
  </div>
</form>

Text Content

Unsupervised Learning
Categories


NewsletterPodcastAboutBecome a MemberMember PortalSupport


0

 * Unsupervised Learning
 * Posts
 * UL NO. 451: Altman Says ASI in "Thousands of Days"


UL NO. 451: ALTMAN SAYS ASI IN "THOUSANDS OF DAYS"


A NEW FABRIC WEB APP CALLED FABRICUI!, MANY AI EYES, PAGERATTACK ANALYSIS, A NEW
RIPGREP, AND MORE...

Daniel Miessler
September 23, 2024



SECURITY | AI | PURPOSE
UNSUPERVISED LEARNING is a newsletter about upgrading to thrive in a world full
of AI. It’s original ideas, analysis, mental models, frameworks, and tooling to
prepare you for the world that’s coming.


TOC

 * NOTES

 * MY WORK

 * SECURITY

 * AI / TECH

 * HUMANS

 * DISCOVERY

 * IDEAS

 * RECOMMENDATION OF THE WEEK

 * APHORISM OF THE WEEK


NOTES

Hope you’re having a good start to the week!

 * Thomas Roccia created a web GUI for Fabric called Fabric UI! Really slick!
   FABRIC UI

 * In the last few days I’ve probably spent 5 hours deep cleaning my mobile
   phone environment. Deleted probably 40 applications, phone screen cleanup,
   widgets refactor, watch faces cleanup, Focus modes redo, app subscriptions
   cleaning, etc. So much cruft removed. Super cathartic. Timed with new iPhone,
   which happens every year, but this year was a major clean.


MY WORK

o1 Use Cases
I did an analysis of OpenAI’s long-form conversation with the o1 (strawberry)
team, where they talked about how they built it, how it’s different from
previous models, what they use it for, etc. I also used o1-preview to pull out a
list of their favorite use cases for o1 where it’s better than previous models.
MORE | THE INTERVIEW | THEIR USE CASES

The Strawberry Team’s o1 Use Cases

AI and Many Eyes
I wrote this piece for AT&T Business about how AI transforms real-time
monitoring, threat modeling, and security. It’s something I’ve talked about
before, but this is a deeper look at how I see it all fitting together.

AI Gets Us the Many Eyes We Were Promised

Discover how AI will transform industries through continuous monitoring and
real-time data processing.

www.linkedin.com/pulse/continuous-ai-daniel-miessler-rdqwc/?trackingId=fQHVrDV4T6SGLE1yX9QR%2BQ%3D%3D



I'm excited to be a keynote speaker at Swiss Cyber Storm, Switzerland’s premier
security conference, held at the stunning Kursaal in Bern. This year’s theme,
"The AI Revolution," focuses on the concepts and trends shaping the security
landscape. Use code UNSUPERVISED-LEARNING for 15% off your registration.


SECURITY

Israel launched an extraordinary attack on Hezbollah using a combination of
supply chain and remote triggering techniques. For the pagers, the Mossad
actually just started a pager company and Hezbollah become one of their
customers. Which allowed them to put explosives in the devices before shipping
them out. Thousands have been severely injured, and something like dozens or
hundreds have been killed (the numbers aren’t clear). MORE

💡I think the biggest thing to discuss in this story is precedent. What does it
mean for the world when a foreign intelligence service starts blowing up pagers
and walkie-talkies of combatants wherever they happen to be at the time?

In general, because of the extraordinary circumstances of the targets being
Hezbollah operatives, I think it was a surgical and well-thought-out attack. The
vast majority of people even wearing the pagers weren’t killed, so it’s not like
a car bomb where many noncombatants would die as well. There appear to be very
few casualties that weren’t Hezbollah, in other words, and I think that is a
good thing.

I do think it’s a big deal to wage war within a civilian population, however.
Mentally. Visibly. It changes something in our psyche to know that the opposing
side might attack our civilians, even if just collaterally. So I think anyone
considering themselves “the good guy” should think very carefully about that.

Hezbollah, however, has already been doing that. Actively. On purpose. In broad
daylight. Like it’s literally what they do. They drop rockets on civilians as a
matter of course. By comparison, what the Mossad did here was infinitely humane
(a perverse word to use in war). I just don’t think “better than Hezbollah” is a
great standard for morality.

As another comparison, I believe this Mossad attack was far more careful and
effective than what’s happening in Gaza. It’s 100% true that Hamas is using
their people as human shields. It’s 100% true that Hamas doesn’t care about
their people. And it’s true that Israel must defeat Hamas. But, to me, with my
current level of knowledge, that arithmetic still doesn’t sum out to it being ok
to kill tens of thousands of non-combatants with no end in sight. Especially
when it’s likely that Israel is making many more terrorists than they’re killing
by doing so. I just don’t see how we’re going to—or should—kill all Hamas in
Gaza using this strategy. It just seems bad humanitarian-wise, but even as a
strategy for protecting Israel. There has to be another way.

Anyway, with these targeted supply chain attacks against operatives, I think the
crossover between only hitting combatants and doing very localized damage was
really extraordinary. And given the fact that Hezbollah is a dictionary
definition of a terrorist, I’d say this is about as clean of an attack as you
can get. And that’s not even counting the psychological aspect.

Here’s an interesting point on that. Actual terrorism is designed to produce
fear. But fear in the civilian population. What Mossad did was not designed to
target or scare Lebanese people. It was designed to target and scare Hezbollah.
That’s the difference between war and terror. It also has the advantage of
making the population turn against Hezbollah, because you don’t want a terrorist
in line next to you when you’re buying cantaloupe if that person spent last
night building bombs destined for Israel.

That’s a good thing, I think, as a whole. I would just say we should be very
careful about this calculus and constantly re-evaluate it. It’s pretty clear
when it’s Israel, and it’s Hezbollah, and it’s a tiny little explosive, but the
calculation gets a lot more messy when it’s not Hezbollah, or ISIS, or a group
that’s as clearly evil. Or when the collateral damage increases (see: Gaza).

COMMENT

A security researcher named xyz3va found a "catastrophic" flaw in the Arc
browser that let attackers inject arbitrary code into users' sessions using just
a user ID. MORE

A hacker named Addka72424 has leaked a massive DB of 3.3 billion unique email
addresses on an underground crime forum, claiming it was a personal experiment
to see how much public data he could gather. It’s a 21.8GB database, and he
claims they’re all unique. MORE

Chinese scientists have figured out how to use Starlink satellite signals to
detect stealth aircraft and drones, which are designed to dodge radar. They ran
an experiment in the South China Sea using a DJI Phantom 4 Pro drone to simulate
a stealth aircraft. MORE

Sponsor

Are genAI tools integrated with your other apps?  

Find out in minutes with Nudge Security. Nudge Security discovers all genAI
accounts ever created by anyone in your org, as well as the OAuth grants that
enable data-sharing across apps.

With Nudge Security, you can:

 * Discover all genAI accounts ever created in your org

 * See all users, authentication methods, and OAuth grants

 * Surface and revoke risky OAuth grants

 * Get alerted of new genAI tools or integrations

 * Vet unfamiliar tools with security profiles for each provider

Start a free 14-day trial and get your free genAI inventory in minutes.

nudgesecurity.com/use-cases/mitigate-ai-risks

Get Started

Nuclei Templates v10.0.0 is out, and includes new Azure Config Review templates
to help automate cloud misconfiguration reviews. This release builds on previous
AWS and Kubernetes security checks, now offering a streamlined YAML format for
Azure. MORE

Google is making it easier to use passkeys by allowing them to sync
automatically via Google Password Manager across Chrome on Windows, macOS, and
Linux, with Android support and iOS coming soon. MORE

GreyNoise has been tracking mysterious "Noise Storms" of spoofed internet
traffic since January 2020, but their origin and purpose remain unknown. These
storms, which include a curious "LOVE" ASCII string in ICMP packets, are
suspected to be covert communications or DDoS coordination signals, among other
possibilities. MORE

Sponsor

Align with Complex Cybersecurity Compliance Frameworks  

This ThreatLocker eBook was designed to help you discover the strategies and
toolsets needed to align with some of the most popular compliance frameworks.
Learn how implementing specific technologies can streamline compliance across
multiple standards and enhance your cybersecurity posture.

threatlocker.com/ebooks/the-it-professionals-blueprint-for-compliance

Download Now



Continue reading online to avoid the email cutoff…


AI / TECH

Sam Altman just dropped an essay called The Intelligence Age about AI progress,
and in it he mentions superintelligence being possible in “thousands of days”.
Keep in mind—not AGI. ASI. And thousands of days is like 3-5 years, roughly, if
you read the tone right. MORE 

South Korea's Electronics and Telecommunications Research Institute has unveiled
"Dejaview," an AI system that analyzes CCTV footage to predict and potentially
prevent crimes before they happen. Should be fine. MORE

💡Black Mirror as Business Plan.

Not really, though. It just means Black Mirror was good fiction because it saw
where things were going. Along with things like Minority Report, although that
was powers-based not AI-based.

Jony Ive has confirmed he's building a hardware AI device with OpenAI. The
venture, backed by the Emerson Collective, could see up to $1 billion in funding
and is already making waves with a team that includes ex-Apple designers Tang
Tan and Evans Hankey. This thing might crush the others in the market since AI
devices need the synergy between hardware, software, and aesthetics more than
most gadgets. MORE

BlackRock and Microsoft are teaming up with the UAE's MGX to raise $30 billion
for AI infrastructure, aiming to leverage it into $100 billion in investments.
This Global AI Infrastructure Investment Partnership will focus on building data
centers and energy projects, primarily in the US. MORE

A Canadian study has found that an AI tool can reduce unexpected deaths in
hospitals by 26%. The tool works by analyzing patient data to predict and
prevent potential complications before they become critical. MORE

LinkedIn has quietly opted users into using their data to train generative AI
models, raising privacy concerns. Users can opt out by adjusting settings under
"Data for Generative AI Improvement," but this won't undo past data usage. MORE

A recent study by Ringover found that 76.5% of recruiters preferred AI-generated
headshots over real ones, but only when they didn't know the images were
AI-generated. MORE

The Wall Street Journal reports that AI is leading to fewer job openings in the
tech sector, as companies are automating tasks that used to require human
workers. MORE

A lot of Amazon employees are upset about the requirement to go back to 5 days
in the office in January. MORE

Apple's iOS 18 update that just came out has RCS support, which means green
bubble Android users will enjoy features like high-res media, typing indicators,
and read receipts when texting their friends with iPhones. MORE

Apple's A16 mobile processors are now being produced in the U.S. at TSMC's
Arizona facility, marking a significant milestone under the CHIPS for America
Fund. These chips, using the N4P process (an enhanced version of 5nm), are
initially being manufactured in small quantities, with production expected to
ramp up significantly by 2025. MORE

💡Absolutely loving this self-reliance / American manufacturing push we’ve seen
lately. I think it’ll be increasingly good for the US as things get less stable
geopolitically, and especially as we head towards possible conflict with China.

Apple's iPhone 16 now supports wireless firmware restoration. With iOS 18, users
can restore their iPhone 16 by placing it next to another iOS device,
eliminating the need for a Mac or PC. I’m guessing Android has had the feature
since 2002. MORE

The Apple Watch's Remote app now lets you adjust volume with the Digital Crown,
invoke Siri, and even control power and audio settings. MORE

Facundo Olano shares his journey of turning blog content into an ebook using the
jorge site generator. The process involved creating a jorge project, using epub
boilerplate files, defining chapter layouts, and syncing posts and images. MORE


HUMANS

Rick Beato argues that music is getting worse because technological advancements
have made music too easy to produce and consume. MORE

There's a new study showing that omega-3 fatty acids can help reduce symptoms of
anxiety and depression in mice. Interesting, but you know the drill with
“studies say”. It’s a continuous wait-and-see approach. MORE

The US Department of Energy is rolling out over $3 billion to fund more than two
dozen battery projects across 14 states, aiming to boost domestic manufacturing
and support climate goals. MORE

Astronomers have discovered the largest black hole jets ever observed, named
Porphyrion, stretching an astonishing 23 million light-years—equivalent to
lining up 140 Milky Way galaxies. MORE

Voyager 1, the 47-year-old spacecraft that's been cruising through space since
the late '70s, just fired up some thrusters it hasn't used in decades. This
maneuver was necessary to adjust its orientation and keep its antenna pointed
toward Earth. Meanwhile, the asphalt on our roads has to be replaced like every
45 minutes. MORE

There's an interesting piece in the Wall Street Journal about how pediatricians
might have inadvertently sparked the peanut allergy epidemic. The article
suggests that by recommending parents avoid giving peanuts to their young
children, they may have increased the risk of allergies instead of reducing it.
MORE

Ohio is directly funding private religious schools with taxpayer money. The
state has bypassed traditional voucher programs and is now providing millions in
grants to religious schools, mainly Catholic, for infrastructure projects like
building renovations and playground improvements. I’m all for more structure in
schools, but I think we need to be really careful how we get that. MORE

Motus is revolutionizing wildlife tracking by using lightweight radio
transmitters to monitor the movements of small flying animals like birds, bats,
and insects. This international network, managed by Birds Canada, has tagged
nearly 50,000 animals across 400 species since 2014, providing invaluable data
on migration patterns and behaviors. MORE


DISCOVERY

recaptcha-phish — My buddy John Hammond created a phishing tool that mimics a
reCAPTCHA form, tricking users into executing malicious commands via copy-paste.
The attack involves a fake "Verify you are human" prompt that instructs users to
paste a command into the Windows Run dialog, exploiting the clipboard. MORE

rga — Ripgrep on growth hormone, letting you search through PDFs, E-Books,
Office documents, and even compressed files like zip and tar.gz. MORE

Nuclei Templates v10.0.0 — This release expands on previous AWS and Kubernetes
security checks, offering a streamlined YAML format for easier management and
review of Azure configurations. MORE

Dune Shell — A new take on the command-line experience, aiming to bring a cozy,
customizable feel that bash lacks. Unlike its predecessor Atom, Dune is designed
with a standalone interpreter, allowing users to create their own custom
frontends and unique shell experiences. MORE

Damn-Vulnerable-Drone — A drone hacking simulator built on the ArduPilot/MAVLink
architecture, offering a realistic environment for practicing offensive security
techniques. MORE

Sci-fi Ideas – Someone compiled a massive CSV file containing every sci-fi idea
imaginable. MORE

Eli Bendersky talks about building LLM-powered applications in Go, highlighting
its strengths in handling REST and RPC protocols, concurrency, and performance.
The post walks through creating a RAG (Retrieval Augmented Generation) server
using Go, showcasing different implementations with tools like the Gemini API,
Weaviate, LangChainGo, and Genkit for Go. MORE

Assetnote talks about their approach to Recon. MORE

Paul Graham’s One-pager on How to Start a Startup MORE


IDEAS

Don’t Call Them LLMs
Probably the biggest idea that’s exploded in my mind lately is Karpathy’s point
about LLMs being poorly named. His stance is that Transformers are
general-purpose compute systems, and that LLMs are actually sequence predictors.
And, crucially, it doesn’t matter what the stream is. We just happen to be
sending language right now. But really what they do is take input, find
patterns, and make predictions. This is an INSANE way to think about the last
couple of years. And the next couple.


RECOMMENDATION OF THE WEEK

Start reframing your thinking about AI (and specifically LLMs) away from “just
the next token of text” —> Sequence Prediction —> Answer Prediction.

As Karpathy talks about, the Transformer architecture works on sequences of
ANYTHING—language was just a natural start. It works on whatever you feed it.

So the recommendation of the week is to: update your mental model of AI from
specific text predictor to generalized answer predictor.


APHORISM OF THE WEEK

❝

People are strange: they are constantly angered by trivial things, but on a
major matter like totally wasting their lives, they hardly seem to notice.

Charles Bukowski
Become a Member to increase Eudaimonia on planet Earth



Unsupervised Learning

SECURITY | AI | MEANING :: One security-minded AI builder's continuous stream of
original ideas, analysis, tools, and mental models on how to build a successful
and meaningful life in a world full of AI.

Home

Posts

Authors

Account

Upgrade

Manage Subscription

Referrals

Newsletter

Newsletter



© 2024 Unsupervised Learning.

Privacy Policy

Terms of Use

Powered by beehiiv