Daniel Miessler's Blog
October 15, 2025
Unsupervised Learning NO. 502
UPDATESHey! Hope you all are doing well!
—
Found a really cool California Wastewater dataset that tracks COVID and Flu numbers. I’ve integrated it into Kai as well so now I can just ask and he’ll go get the latest data. THE DATA AND DASHBOARD
Kai’s Result of the /check-california-wastewater-status command
—
About to release a major update to our Personal AI Infrastructure project. Completely redid the filesystem-based context management system. THE REPO
—
Had a great conversation with Quincy Castro at Chainguard. We discussed what kind of security challenges we face when building software we want to build, working with secure software for secure stacks, the role of AI in the future of security and tons more! SPONSORED
—
A new blog on magnifying your effective lifespan through attention. READ IT
Extending Your Lifespan Through Attention
How novelty and attention multiplies your time while distraction divides it
danielmiessler.com/blog/magnifying-time
New short blog on UBI and games. READ IT
The Government Solution to AI Inequality Might Be UBI + Really Good Games
AI's barbell economy will need both UBI and immersive entertainment
danielmiessler.com/blog/ubi-games
I’ve been going heavy on David Deutsch lately, and found some wonderful conversations between him and Naval Ravikant. Some of the best intellectual conversations I’ve heard in a long while! THE NAVAL DEUTCH FILES
Sponsor
AI Agents That Triage Vulnerabilities Like Experts
Anyone else waste countless hours chasing vulnerabilities that will never be exploited?
Maze takes a better approach. In a recent review of CVE-2025-27363, Maze’s AI Agents investigated the finding the way a human expert would, testing real exploit scenarios against the actual environment and controls.
Non-exploitable risks are a low priority. Exploitable vulns were flagged, and investigated further to decide their impact and likelihood. The result: fewer false positives, faster remediation, and a stronger security posture, all without the guesswork.
Built by engineers from Meta, Elastic, Amazon, and GitHub, Maze helps security teams finally get ahead of the vulnerability backlog.
Read the full report CYBERSECURITYUK saw double the nationally significant cyberattacks this year The NCSC handled 204 nationally significant incidents in 2024—double the previous year—with 18 hitting essential services and threatening economic growth. UK NCSC ANNUAL REVIEW | THE RECORD ARTICLE
Attackers often don’t have to break in; they’re logging in with AI-boosted identities CrowdStrike’s latest data says 79% of detections are malware-free—attackers just use valid creds—while vishing is up 442% and AI-led identity baselining is cutting lateral movement into seconds. VENTUREBEAT STORY | CROWDSTRIKE THREAT HUNTING 2025 | CROWDSTRIKE GLOBAL THREAT REPORT | CUSHMAN CASE STUDY | CYBERARK MACHINE IDENTITIES
Windows 10 reaches end of support, while still on 40% of devices SECURITYWEEK ARTICLE 🤮
Sponsor
Datadog Detect: Engineering Security That Scales
Discover how leading security experts are addressing modern threats and making security operations more effective.
Datadog Detect, a virtual mini-conference, brings together practitioners and industry leaders from Red Canary and Corelight to share how engineering principles cut false positives, improve detection fidelity, and accelerate response.
Save your spotGoogle launches dedicated AI bug bounty paying up to 30k for flaws Google's new AI Vulnerability Reward Program covers Gemini, Search, and Workspace with bonuses for novel reports. BLEEPINGCOMPUTER ARTICLE | GOOGLE REPORT QUALITY FRAMEWORK | GOOGLE AI REWARD CRITERIA
Apple doubles bug bounty max to $2 million for zero-click exploits Apple's revamped program can pay up to $5 million with bonuses, trying to outbid spyware vendors for critical iOS vulnerabilities. BLEEPINGCOMPUTER ARTICLE | APPLE SECURITY BLOG | SECURITY RESEARCH DEVICE PROGRAM
Chinese hackers weaponized ArcGIS mapping software for year-long stealth access Flax Typhoon turned a legitimate ArcGIS extension into a web shell, then installed a VPN bridge to blend with normal traffic and stay hidden for over a year. BLEEPINGCOMPUTER ARTICLE | RELIAQUEST ANALYSIS
A 13-year-old bug in Redis got a 10.0 severity score The RediShell vulnerability lets attackers escape Lua's sandbox and own the entire host—Over 60,000 instances have zero authentication. CYBER SECURITY NEWS ARTICLE | WIZ RESEARCH BLOG | REDIS SECURITY ADVISORY
Dropzone study shows AI lets SOC analysts investigate faster with better accuracy A Dropzone benchmark with 148 security pros found AI-assisted analysts completed investigations faster and with more detail, while manual analysts slowed down and lost accuracy under pressure. HELPNETSECURITY ARTICLE | HILLARY BARON LINKEDIN NOTE: This is super cool research from Dropzone, which I would have included anyway and they are not sponsoring this newsletter. But I am an advisor for the company, so I just like to be transparent about that kind of thing. Nothing is worse to me than not knowing why someone is saying something.
Continue reading online to avoid the email cutoff… NATIONAL SECURITYTaiwan's government networks face 2.8 million Chinese intrusion attempts daily Taiwan's National Security Bureau reports a 17 percent jump in cyberattacks from China, combined with 10,000 fake social accounts spreading 1.5 million pieces of disinformation. THE RECORD ARTICLE | REUTERS REPORT | PROOFPOINT TA415 RESEARCH
China built a barter system to pay Iran for oil that completely bypasses U.S. sanctions and dollar transactions OODALOOP ARTICLE
Zelenskyy says Russia's shadow fleet tankers are doing spy work and sabotage Ukrainian intelligence warns allies that Russia's shadow oil tankers are gathering intel and running sabotage ops across Europe. DW UKRAINE UPDATES
NATO works on drone wall defense against Russian incursions NATO DEFENSE MEETING
Trump cancels Xi meeting and threatens massive tariffs over China's rare earth monopoly According to Tom's Hardware, Trump's ditching next week's summit and warning of serious retaliation after China expanded export controls on minerals critical for chips. TOM'S HARDWARE ARTICLE | TRUMP'S TRUTH SOCIAL POST
German spy chiefs warn Russia could escalate to direct NATO confrontation Germany's intelligence leaders say Russia won't shy away from military confrontation with NATO to achieve broader European influence, while Hamas maintains active infrastructure in Germany. GERMANY INTELLIGENCE BRIEFING
BYD turns the UK into its first big overseas beachhead According to the BBC, BYD’s UK sales jumped 880% in September—driven by its cheap plug-in hybrids, no UK tariffs on Chinese EVs, and 100 local retail locations. Yes, it’s in the National Security section. BBC STORY | SMMT EV RECORD CONTEXT
AIOpenAI will let ChatGPT do erotica for verified adults TECHCRUNCH ARTICLE
Realm Security raises $15M for AI that filters security data so SOCs only see what matters Their platform uses AI to process security info in real-time and cuts out the noise automatically. SECURITYWEEK ARTICLE | REALM.SECURITY SITE
Suspect in LA's Palisades fire caught partly through dystopian burning city images he made on ChatGPT Jonathan Rinderknecht generated AI images of burning cities months before allegedly starting the fire that killed 12 and caused $150 billion in damage. BBC NEWS STORY
Building AI agents is 5% AI and 100% software engineering. MARKTECHPOST ARTICLE
TECHNOLOGYBank of England says AI stock valuations now match dotcom bubble peak levels The BoE's Financial Policy Committee warned this is their strongest caution yet about AI-driven market risks, saying a sharp correction could seriously impact Britain's financial system. BANK OF ENGLAND OCTOBER REPORT | ARS TECHNICA STORY | REUTERS COVERAGE
AI economics look brutal but token usage is absolutely exploding The Wall Street Journal notes that while AI profitability is unclear, token demand is soaring fast, which might be the key signal to watch. It's an interesting perspective: if the demand is there, that's product-market fit, right? WSJ ARTICLE
Traffic lights might add a white light for when autonomous cars control intersections NC State researchers propose a fourth light color that signals when self-driving cars are coordinating traffic flow, so human drivers just follow along. NC STATE WHITE LIGHT PROPOSAL
China's cybersecurity regulator tells firms to avoid Nvidia's newest chips WSJ ARTICLE
AI is flattening org charts while expanding executive spans of control Companies are cutting middle management layers and making teams leaner, but executives at the top now oversee way more people than before. WSJ ARTICLE
India's small towns are becoming the data labeling factories for global AI Rural Indian workers are training ChatGPT and facial recognition by transcribing audio and labeling images, and firms say it'll grow to 100 million AI jobs. But for how long. BBC ARTICLE
Examples beat traditional docs because people learn by copying working code Rakhim argues most devs just want to copy-paste something that works and modify it, not read theory first. RAKHIM'S ARTICLE | HN DISCUSSION
Tech companies use apps to create cartels that would be illegal offline Cory Doctorow argues apps let companies coordinate price-fixing and labor suppression in ways that'd get you arrested if done with phone calls. DOCTOROW'S ARTICLE | CORY DOCTOROW | HN DISCUSSION
HUMANSHamas releases the last 20 living Israeli hostages after two years Trump declared the Gaza war over in Israel's parliament while Hamas freed hostages and Israel released nearly 2,000 Palestinian prisoners in a ceasefire deal. NPR STORY
AI will widen the gap between superstars and everybody else Interesting piece by WSJ about how some companies worry workplace tensions will spike because top performers extract way more value from AI tools than average workers do. WSJ ARTICLE
Pharma companies are racing to create pill versions of Ozempic Big pharma's scrambling to turn GLP-1 injections into pills because people hate needles and the oral market could be worth tens of billions annually. WSJ ARTICLE
150 unvaccinated kids quarantined 21 days in SC measles outbreak. MEASLES OUTBREAK ARTICLE
New nanoparticles restore brain barriers and clear Alzheimer's plaques in mice A team from IBEC and WCHSU created bioactive nanoparticles that fix the blood-brain barrier itself, which then naturally clears amyloid-β—reversing cognitive symptoms in older mice. NATURE STUDY | DRUG TARGET REVIEW ARTICLE | IBEC HOMEPAGE | WCHSU HOMEPAGE
America's worst students just hit their lowest test scores in 50 years THE ATLANTIC ARTICLE
Senate staff predict AI could replace half of many workforces A Senate HELP Committee staff report says nearly 100 million U.S. jobs could be automated in a decade—driven by AI hitting service roles first and then moving into other areas. 100 million seems high to me, but not that high. The bigger point is that even a moderate fraction of that will have a massive impact on the economy. THE HILL STORY | SENATE REPORT PDF | SANDERS OP-ED
Forty percent of fatal-crash drivers had active THC, legalization didn’t matter According to the American College of Surgeons (link), 41.9% of deceased drivers in an Ohio county had active THC—averaging 30.7 ng/mL—and that rate didn’t budge after legalization. SCIENCE DAILY REPORT
Like putting on glasses for the first time—how AI improves earthquake detection ARS TECHNICA ARTICLE
Men and women who are equally gifted create different but equally satisfying lives In a study by David Lubinski and colleagues, men prioritized career advancement and creating impact, while women valued flexibility and community—leading to different paths but identical happiness levels. STEVE STEWART-WILLIAMS ARTICLE | STEVE'S TWITTER | LUBINSKI ET AL PAPER
DISCOVERYNotes on switching to Helix from vim JULIA'S HELIX NOTES
If you're in the Claude Code ecosystem, make sure you're using these two things:
1. Plan mode
2. Ultrathink
Ultrathink is almost like Deep Research, but for thinking. Uses tons of tokens, but it gives extraordinary results.
Plan mode with Sonnet 4.5 is nearly as good as
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ 🛡️ (@DanielMiessler)
9:40 PM • Oct 13, 2025
Vite+ combines dev, build, test, lint, format, and caching in one dependency. VITE+ WEBSITE
A live-updating feed for Hacker News stories and votes. HN LIVE FEED TOOL
Uv overtakes pip in CI for a company at 66% usage Wagtail's seeing uv hit 66% of CI downloads vs pip's 34%, which means they're considering switching their default install docs from pip to uv. Such a positive thing to hear. I am off of Python now, but honestly, UV solves 80% of its problems. WAGTAIL BLOG POST | WAGTAIL README | WAGTAIL PROJECT TEMPLATE | DOWNLOADS ANALYSIS DATA | PYPI DOWNLOAD STATS GUIDE
I've tested free vs. paid AI coding tools - here's which one I'd actually use ZDNET ARTICLE
RECOMMENDATION OF THE WEEKLook into David Deutsch’s conversations with Naval. Some of the best thinking—on certain topics anyway—that I think can really level people up. And consider subscribing to Naval’s podcast. He does crisp little concept ideas like I've been doing and just did myself on the podcast and blog. I think the format and content is quite good for people today. THE NAVAL DEUTCH FILES | NAVAL’S PODCAST
APHORISM OF THE WEEKGET THE MEMBER EDITION
You’re currently receiving the STANDARD edition.
Members get numerous benefits, including:
25-50% off all UL Paid Content, including the upcoming Human 3.0 / AUGMENTED ONLINE portal!
Access to the extraordinary UL Member Community that includes vibrant conversations with ~1,500 of the smartest and kindest people you’ll find on the internet
Member-only Content, such as EDC guides on tech stacks, personal productivity routines, my recommendations on Critical skills to Build Going Forward, Trend Identification and Analysis, and more…
Access to the Member Archive of previous Member-only content, the Book Club archive, etc.
Access to The UL Book Club that’s been going monthly since 2017! One of the highlights of my and many attendees’ month!
Access to the Monthly Member Meet-up where we talk about our routines, productivity workflows, what’s on our minds, etc.
Access to In-Person Events like our dinners in Vegas, San Francisco, etc.
And much more coming…
This is the moment to connect with others who are smart, kind, and asking the same questions we are. Where is this all going? And how do to prepare?
Join the conversation.
September 30, 2025
Unsupervised Learning NO. 500
UPDATESI’m in Houston for HouSecCon! So excited to see everyone! 🫂 A bit less writing and more short summaries this week… I do miss the old one liner summaries sometimes!
—
This is the 500th episode! Thank you to everyone who has followed along the way since 2015! 🫶🏼
—
Dwarkesh Patel brought on Richard Sutton, the inventor of RL, to his podcast, and it was a shitshow of a conversation, in my opinion. Here’s my very emotional reaction to the first few minutes. It’s now blown up into tons of debate across the AI space. It’s kind of like the blue/black dress thing, with people seeing the conversation completely differently based on their perspective on AI.
I’m stunned by the podcast with @dwarkesh_sp and Richard Sutton.
He wins a Turing award for his contributions on AI and comes on and doesn’t even understand the basics of modern LLMs. He’s like another Gary Marcus.
It was very sad to see Dwarkesh trying to be respectful and
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ 🛡️ (@DanielMiessler)
2:21 AM • Sep 27, 2025
My latest thoughts on the whole thing, explaining why I care so much about all of this stuff.
One thing I'll say about this conversation that I didn't get originally from Richard's comments is that it's not the imitating that produces the learning, it's the trial and error after imitating. So that point and many others in the conversation were people just talking past
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ 🛡️ (@DanielMiessler)
1:45 PM • Sep 30, 2025
—
Massive updates to Anthropic’s Sonnet (4.5), and Claude Code (2.0)! The whole system feels faster now and I can’t wait to dig deeper into it! But I can tell you already that it's much faster and sharper. which is good because OpenAI’s GPT-5 Codex (and Codex) is right on their heels. ANTHROPIC ANNOUNCEMENT
Sponsor
Are Self-Managed AI Models Putting You at Risk?
Self-hosted AI models give you control—but also create hidden risks. Shadow deployments, unverified supply chains, and blind spots in monitoring can leave your business exposed. Cortex Cloud brings clarity and protection to the AI models you run yourself, helping you uncover threats, secure your model pipelines, and prevent risks before they reach production. Stay in control and uncover your AI blind spots.
Read the blog CYBERSECURITYChinese hackers are using BRICKSTORM to steal IP from law firms and tech companies
According to Mandiant, Chinese government hackers are deploying a new backdoor called BRICKSTORM to break into organizations and steal intellectual property, with victims including legal firms, SaaS providers, and technology companies since March 2025. MANDIANT REPORT | NVISO BRICKSTORM ANALYSIS
Cisco ASA zero-days under active attack THE HACKER NEWS ARTICLE
Sponsor
CTRL/ACT: From Visibility to Action – Are You In?
The attack surface is growing, tools are multiplying, and pressure is mounting. At CTRL/ACT, join leading security minds and hear Rachel Wilson, Morgan Stanley Managing Director & CDO, in her keynote, "The AI Imperative". Learn how top teams cut through noise, harness AI, build resilience, and take actionable steps—plus earn up to 6 CPE credits.
Register NowVolvo staff data stolen in supplier ransomware attack THE REGISTER COVERAGE
Israel hacked phones to stream Netanyahu's speech ISRAELI PM TWITTER POST
Salesforce AI agents could be tricked into stealing data NOMA LABS REPORT
Chinese hacking group RedNovember hammers government and defense networks worldwide
Recorded Future tracked RedNovember exploiting VPN and firewall bugs to break into US defense contractors and agencies across Taiwan, South Korea, and Panama. They're using Pantegana backdoor and Cobalt Strike, jumping on new vulnerabilities within days of public disclosure. RECORDED FUTURE REPORT | SECURITY RISK ADVISORS
Vegas casino hacker released to parents BLEEPING COMPUTER STORY
Chrome AI vulnerability allowed stealing browser sessions HACKERONE REPORT
Passkeys beat passwords but won't replace them yet BLEEPINGCOMPUTER ARTICLE
Continue reading online to avoid the email cutoff… NATIONAL SECURITYLove the analysis here, talking about how China has as well as the Fabric 5-sentence summary of the video… 🔥🔥🔥
Jensen Huang thinks China is nanoseconds behind in chips TOM'S HARDWARE ARTICLE
Russian spy ship caught mapping NATO's undersea cables
A Financial Times investigation tracked a Russian military vessel surveilling and mapping undersea cables along Europe's Atlantic coast, raising concerns about potential communications interception or sabotage. FINANCIAL TIMES INVESTIGATION | TOM'S HARDWARE COVERAGE | FINLAND-SWEDEN CABLE INCIDENT | RUSSIAN TANKER CHARGED
Russia trains Chinese forces on airborne tactics for potential Taiwan invasion
Documents reveal Russia's training Chinese battalions on airdropping armored vehicles, giving Beijing new capabilities that military analysts say could be critical for any Taiwan operation. OODALOOP COVERAGE
Pentagon ok’d to label DJI a Chinese Military company THE VERGE ARTICLE
Denmark bans all civilian drones after mystery drones shut down airports
Denmark just banned civilian drones for a week after mystery drones forced Copenhagen Airport to close for four hours and were spotted over military sites. The government's calling it a "hybrid attack" but won't say who's behind it, though the PM says Russia poses the biggest threat to European security. DW NEWS COVERAGE | DENMARK TOPIC PAGE | COPENHAGEN TOPIC PAGE
Germany might build space weapons after Russia starts tracking their satellites ARS TECHNICA ARTICLE
Microsoft blocks Israeli surveillance of Palestinians GUARDIAN INVESTIGATION
AIClaude Code Custom Tools With the SDK
This is insane stuff. Part of the updates to Claude Code and Sonnet. I think the SDK in CC is one of the most understated pieces of AI kit out there. CLAUDE CODE CUSTOM TOOLS
Chrome now has an official MCP server
Still testing it, but , I think it might be better than Playwright because it’s built by Google. THE BLOG POST | DEMO VIDEO
OpenAI launches parental controls for ChatGPT
OpenAI is rolling out parental controls that let parents manage their kids' ChatGPT usage. OPENAI ANNOUNCEMENT
OpenAI releases engineering prompt packs for ChatGPT
OpenAI's new prompt library gives engineers ready-made queries for system architecture, debugging, documentation, and data analysis. We’re putting all of these into Fabric, naturally. OPENAI PROMPT PACKS
Von Neumann architecture bottlenecks AI computing IBM RESEARCH ARTICLE
The economic AI apocalypse is nigh
Cory Doctorow argues AI's real apocalypse isn't machines becoming sentient—it's humans losing economic control as tech platforms use AI to lock in users and extract wealth. CORY'S ECONOMIC AI APOCALYPSE POST | HACKER NEWS DISCUSSION
Humans won't be missed when AGI arrives
Pascual Restrepo theorizes that once AGI handles all economically essential work, human wages will cap at the computational cost to replicate them, labor's share of GDP drops to zero, and the economy keeps growing without us. RESTREPO'S PAPER
Clients want AI magic but need practical solutions TOWARDS DATA SCIENCE ARTICLE
Cloudflare launches stablecoin for AI agent payments CLOUDFLARE PRESS RELEASE
Ollama brings web search to local LLMs OLLAMA BLOG POST
AI makes books obsolete for quick knowledge DAVID'S SUBSTACK POST
LLMs are becoming the new API layer for software
Large language models are starting to replace traditional REST APIs—instead of calling specific endpoints like /users/123/orders, developers can just ask the LLM in plain English and get structured data back. DZONE ARTICLE
Cloudflare launches email sending from Workers to complete their email platform
Cloudflare announced Email Sending in private beta. Combined with their existing Email Routing, you can now handle both sending and receiving emails entirely within Cloudflare's platform. CLOUDFLARE ANNOUNCEMENT | EMAIL ROUTING DOCS | WORKERS AI | REACT EMAIL | PRIVATE BETA WAITLIST
YouTube Music tests AI hosts for music trivia YOUTUBE BLOG ANNOUNCEMENT
Apple confirms US passports coming to Wallet this year 9TO5MAC ARTICLE
Taiwan weaponizes chip exports against China allies. ARS TECHNICA COVERAGE
Apple boosts iPhone 17 production by 33% MACWORLD ARTICLE
Apple Music gets swipe-to-skip tracks MACWORLD ARTICLE
HUMANSUK grows rice for the first time BBC ARTICLE
Britain will require digital IDs for all workers REUTERS ARTICLE
Ebola kills 61% in Congo with minimal funding ARSTECHNICA REPORT
Social connections slow biological aging like compound interest CORNELL NEWS ARTICLE
Mountains explain why equatorial countries stay poor PUEYO'S MOUNTAIN THEORY
Americans use PTO for sleep, not vacations
A worse conviction has not been uttered. NEWSWEEK REPORT
Teams that only tackle urgent work never fix bugs or technical debt ADAM'S POST
Arctic sea ice hits its annual minimum, ranking tenth lowest on record CIRES ANNOUNCEMENT
Buffett indicator shows stocks dangerously overvalued CNBC ARTICLE
1 in 5 Americans now regularly get news from TikTok PEW RESEARCH STUDY
YouTube creators pumped £2.2bn into UK economy last year BBC ARTICLE
Starbucks cuts underperforming stores and management layers STARBUCKS ANNOUNCEMENT
Accenture will fire staff who can't adapt to AI FINANCIAL TIMES ARTICLE
YC now lets students graduate before joining TECHCRUNCH ARTICLE
DISCOVERYcisv processes CSV files 15x faster than traditional parsers SANIX DARKER'S BLOG POST
Dreamtap makes AI outputs more creative DREAMTAP HOMEPAGE
Plan 9 tools now run on Unix PLAN 9 PORT GITHUB
The entire internet is a cargo cult DAVE'S ESSAY
Questions to help decide if you should finish that project CASSIDY'S QUESTIONS POST
Big data is being used to predict Nobel laureates. THE ECONOMIST ARTICLE
Vibe Link adds emotions to shortened URLs VIBE LINK HOMEPAGE
RECOMMENDATION OF THE WEEKI know it’s getting harder to travel, but it’s hard to describe how much seeing old friends fills the cup. Spending a few hours with friends last night was wonderful.
Try to get to one or two conferences / meetups a year if you can, if you will have friends there. There’s still no replacement for face-to-face.
APHORISM OF THE WEEKGET THE MEMBER EDITION
You’re currently receiving the STANDARD edition.
Members get numerous benefits, including:
25-50% off all UL Paid Content, including the upcoming Human 3.0 / AUGMENTED ONLINE portal!
Access to the extraordinary UL Member Community that includes vibrant conversations with ~1,500 of the smartest and kindest people you’ll find on the internet
Member-only Content, such as EDC guides on tech stacks, personal productivity routines, my recommendations on Critical skills to Build Going Forward, Trend Identification and Analysis, and more…
Access to the Member Archive of previous Member-only content, the Book Club archive, etc.
Access to The UL Book Club that’s been going monthly since 2017! One of the highlights of my and many attendees’ month!
Access to the Monthly Member Meet-up where we talk about our routines, productivity workflows, what’s on our minds, etc.
Access to In-Person Events like our dinners in Vegas, San Francisco, etc.
And much more coming…
This is the moment to connect with others who are smart, kind, and asking the same questions we are. Where is this all going? And how do to prepare?
Join the conversation.
SUBSCRIBE OR UPGRADE
MEMBER LOGIN
1
September 23, 2025
Unsupervised Learning NO. 499
UPDATESBack home for a week and then off again for HouSecCon! Can’t wait to see all my Houston friends!
—
Emad Mostaque Explains Why GDP and Capitalism is Obsolete
A new must-see blog post where I talk about this new video by Emad Mostaque. Seriously a must-see within 72 hours! I disagree with some of his timelines (1000 days is sensationalist), and he’s not right on a couple of things (XBow > Hackers). But I think the vision is 1) quite interesting, and 2) probably mostly solid. A MUST SEE. And I give my comments as well, as well as a Fabric summary. READ THE POST
Emad Mostaque on the End of Capitalism
An extremely clear vision of how AI will completely disrupt everything within 1,000 days… I disagree with some of his timelines, and he’s not right on a couple of things. But I think the vision is 1) quite interesting, and 2) probably mostly solid. A MUST SEE. And I give my comments as well, as well as a Fabric summary.
danielmiessler.com/blog/emad-mostaque-on-the-end-of-capitalism
Major updates to the PAI project Github Page !
PAI isn’t just a blog post and a video. It’s a free, public infrastructure for using AI for your use cases!
I’m dead serious about making AI available to everyone on Earth. We need this. As humans. Sooner, not later.
I’ve been making tons of updates to the project, adding more and more of MY ACTUAL AI STACK. Tons more custom commands (use cases basically) coming this week as well. GO STAR IT SO YOU GET UPDATES
📅 September 22, 2025 - v0.2 Release
🔗 Human 3.0: Added link to projects fit together blog post
📝 Documentation: Improved table formatting and structure
✨ Polish: Enhanced README readability and navigation
🔧 Fixes: Minor formatting and display improvements
🎉 Release: Published v0.1 - Initial public release
🔒 Voice: Hardened the voice server
🏠 Portability: PAI_HOME support eliminates hardcoded paths
📚 Docs: Comprehensive documentation under ~/.claude/documentation/
🔌 Dynamic: MCP detection via settings.json
🏗️ Architecture: Complete system documentation with examples
danielmiessler/PAI: Personal AI Infrastructure for upgrading humans.
Open-source personal AI infrastructure for orchestrating your life and work…
github.com/danielmiessler/PAI
—
Wrote my response to the Charlie Kirk situation. It’s political, so feel free to skip. MY THOUGHTS ON CHARLIE KIRK’S ASSASSINATION
—
Been doing mass-updates to my iPhone / Mobile / Computer setup given the launch of macOS and iOS 26. Perfect time for a bi-annual cleansing. Completely redoing my Focii (I’ve always wanted to use that in a sentence) as well as MASSIVELY cutting out notifications, etc. Check this new Dynamic Wallpaper I made of Kai working in his lair, for my Work focus.
And the background is dynamic when you move the phone!
Had a conversation with Harry Wetherald from Maze, where they’re working on using Agents for Vulnerability Management. Really love Harry’s approach to this problem. I feel like it’s from a practitioner who gets the issue deeply…which I think is the best origin story for a startup.
Oh and they’re the sponsor here too! 👇🏼👇🏼👇🏼👇🏼
Sponsor
Maze AI Agents Triage Vulnerabilities Like Experts
Security teams lose countless hours chasing vulnerabilities that will never be exploited…
Maze takes a different approach. In a recent case study on CVE-2025-27363, their AI Agents investigated the finding the way a human expert would—testing exploit scenarios against the actual environment and controls.
If the risk wasn’t exploitable, it stayed low priority. If it was real, it was flagged fast. The result is fewer false positives, faster remediation, and a smarter security posture without the usual guesswork. Built by engineers from Meta, Elastic, Amazon, and GitHub, Maze is designed to help teams finally get ahead of the backlog.
Explore Maze CYBERSECURITYSecret Service finds massive SIM farm that could have shut down NYC's cell network
The Secret Service discovered a network of 300 SIM servers with over 100,000 SIM cards in abandoned NYC buildings that could send 30 million texts per minute and potentially disable cell towers during the UN General Assembly. CBS NEWS STORY
Github forces hardware 2FA and short-lived tokens for npm publishing
Great to see GitHub locking npm down with mandatory hardware 2FA, short-lived granular tokens, and trusted publishing to target the recent repo-to-npm supply-chain waves. BLEEPINGCOMPUTER STORY | GITHUB SECURITY ANNOUNCEMENT
CISOs say the real breach is the empty seats
Back on the talent shortage conversation. CSO Online’s piece cites Accenture’s data showing 83% of execs say the talent gap is killing posture, and Michelle Abraham thinks near-term AI triage could actually ease burnout.
So insane that companies can’t find people and people also can’t find jobs. I know I’ve covered this a million times but it just keeps coming up. the conclusion before was:
Candidates simply not having the skills
Really inefficient hiring practices
CSO ONLINE ARTICLE | ACCENTURE STATE OF CYBERSECURITY 2025 | KANWAR PREET SINGH SANDHU PROFILE
Sponsor
Does your work browser work for AI?
Island customers used 1,200 AI apps in the last month. Without governance, or even knowing they’re in your org, you'll have IT anarchy.
That's why there's the Island Enterprise Browser. Last-mile control, app access, workspace visibility, and security are built in - not bolted on - to the browser. Your teams get AI efficiency while data stays where it belongs. Productivity and security for the win.
OK, I’m listening. Tell me more.China compresses cyber breach reporting to one hour
The Register says Beijing now expects “network operators” to report serious cyber incidents within 60 minutes—or 30 for catastrophic ones—which will force real-time detection and instant triage. THE REGISTER STORY | CAC RULES (CHINESE)
CISA moves to tighten control over the CVE program
CISA basically says CVE’s future is theirs to run, pushing back on a nonprofit-led model. THE REGISTER STORY | CISA CVE VISION PAGE
SonicWall breach exposed firewall backups, forcing full secret rotation BLEEPINGCOMPUTER STORY
SonicWall ships an update that removes OVERSTEP rootkits BLEEPINGCOMPUTER ARTICLE
Real-time vuln alerts without NVD lag
BleepingComputer spotlights SecAlerts pulling from 100+ sources and pushing filtered, real-time vuln alerts so you’re not stuck waiting on NVD. BLEEPINGCOMPUTER ARTICLE | SECALERTS SITE
Samsung patches a live zero‑day on Galaxy phones TECHCRUNCH STORY
AI agents become the bug hunter’s always-on sidekick
Sudhir Singh lays out how autonomous agents can do the grunt work—recon, triage, and reporting—so humans focus on the weird stuff. Friends don’t let friends post on Medium. MEDIUM ARTICLE BY SUDHIR SINGH
The UK recognizes Palestine as a State GUARDIAN STORY
China has banned anyone in the country from buying NVIDIA chips
They now have to use internally manufactured chips. Holy crap. Huge. FINANCIAL TIMES STORY
NATO’s drone scare in Poland just unlocked more help for Ukraine
The Cipher Brief interviews General David Petraeus, who says the Poland drone incursion was deliberate, NATO’s response was fast, and this crack in the door could fund Ukraine’s drone surge. I really don’t get why Russia would provoke other countries in a way that’s bound to unify and energize them. What am I missing? CIPHER BRIEF INTERVIEW
Nasa blocks Chinese nationals from access, including Zoom THE REGISTER STORY
Danish supermarket building off-grid emergency stores MASTODON POST
Ukraine tests jammer-resistant strike drones with 31-mile reach TOM'S HARDWARE ARTICLE
Britain signs a £1.5B defense data deal with Palantir
The Register says the UK just locked in a £1.5B defense pact with Palantir. I’m guessing they would rather not have, which means Palantir must be much better than the alternatives. Or there aren’t any. THE REGISTER STORY | HACKER NEWS DISCUSSION
Red Sea cable cuts disrupt Asia and Mideast internet OODALOOP STORY
Taiwan moves to 24/7 undersea cable protection TOM'S HARDWARE STORY
Gunmen hit Chinese convoy in Nigeria, eight security officials killed
OODAloop reports gunmen attacked a security convoy in Edo state, killing eight officials; Chinese expatriate workers were kidnapped and later rescued. OODALOOP BRIEF
AI eats all of IT by 2030, but not all the jobs
Gartner expects every IT task to touch AI by 2030—25% fully bot-run, the rest human-with-AI—while entry-level roles take the hit first. Seems directionally right. What’s not talked about is the emotional and overall economic “vibe” impact of having this much change happen so quickly. ARSTECHNICA STORY | THE REGISTER COVERAGE | REVELIO LABS ENTRY-LEVEL DATA | GOLDMAN SACHS WORKFORCE NOTE
GitHub launches an MCP registry that finally makes agents usable
GitHub shipped a proper MCP server registry with VS Code one‑click installs, star‑ranked listings, and an open pipeline that syncs with the [Anthropic]-led community registry. Cool to see an official set of these. Curious how they’re doing the filtering. GITHUB BLOG ANNOUNCEMENT | BROWSE GITHUB MCP REGISTRY
OpenAI quietly ships major Codex upgrade
OpenAI pushed a big Codex update that looks like “GPT-5 for code,” with faster refactors, deeper repos, and way better tool use. I know lots of people starting to move to Codex from CC. The model seems sharper, but it lacks massive features compared to CC. And Anthropic is dropping 4.5 supposedly this week as well. OPENAI CODEX UPGRADE POST
Nvidia funds OpenAI’s AI factory buildout with 100 billion TECHCRUNCH STORY
Most people still aren’t using LLMs enough
Florian Brand argues we’re sleeping on cheap, boring automations that save hours—turn images into .ics, auto-translate clipboard, scripted scrapers, and glue it all together for $20/month. Agree completely, and this is why I created PAI! YOU'RE NOT USING LLMS ENOUGH | FLORIAN BRAND HOMEPAGE
AI tools are making everything look the same
STRAT7 argues we trained models on the internet’s quirks, and now the outputs are remixing those quirks back into reality at scale. Agree, but we have the ability to shape that. We’re not resigned to it. Don’t settle for the mediocrity that others made before AI, or after. STRAT7 ARTICLE | HACKER NEWS DISCUSSION
AI ends the career ladder’s on-ramp OODALOOP ARTICLE
TECHNOLOGYOura jumps to an $11B valuation on a massive Series E
TechCrunch’s report says Oura’s raising $875M at ~$11B, doubling since December off insane growth and $1B+ revenue. My favorite wearable other than Apple Watch, by far. Love the Readiness Score. TECHCRUNCH STORY | BLOOMBERG REPORT | TECHCRUNCH SERIES D COVERAGE
Databricks hits $4B run-rate and raises $1B THE INFORMATION BRIEFING
All the world as a monorepo, but who holds the keys
James Tiberius pushes a fun but sharp thought experiment: if everything lived in one giant monorepo, power, governance, and tooling become the whole game. IF ALL THE WORLD WERE A MONOREPO
Write the simple version first, then refactor later. BE SIMPLE ARTICLE
Reading code is the bottleneck, not writing it WRITING CODE IS EASY, READING IS HARD
HUMANSAuto loan delinquencies are screaming past 2008, even for prime borrowers
Chris Chilton reports the CFA says auto finance is “at breaking point,” with $1.66T owed, $745 typical payments, and repos jumping 43% since 2022. This is the type of metric I find interesting and extremely troubling. CARSCOOPS STORY
Rich Americans are propping up “strong” consumer spending
Morning Brew highlights Mark Zandi’s read of Fed data: the top 10% now drive 49.2% of U.S. consumer spend, masking weak real gains elsewhere. MORNING BREW ARTICLE | MARK ZANDI FED DATA THREAD | MARKETMINUTE ON DELINQUENCIES | MORNING BREW JOBS PIECE | MORNING BREW CAPITALISM SURVEY
Global Peace Index 2025 shows rising instability GLOBAL PEACE INDEX 2025 MAP
DSM categories melt when you cluster symptoms directly
Ajai Sonachandran breaks down Miri Forbes’ massive symptom-level clustering study showing MDD/GAD/PTSD don’t form distinct clusters—just overlapping slices of broader spectra like Distress and Thought Disorder. I’ve always thought something like this was happening. Similar to Schizophrenia / Manic Depressive in the past? PSYCHIATRY MARGINS ARTICLE | FORBES PREPRINT ON PSYARXIV
Sesame Street goes big on YouTube, with creator training baked in
So happy about this! Sesame Street raised me significantly as a kid. Can’t express enough thanks. Sesame Workshop’s new deal is putting hundreds of full episodes on YouTube plus creator workshops—basically acknowledging kids meet Ms. Rachel before Big Bird now. ENGADGET ARTICLE | YOUTUBE PARTNERSHIP POST
Trump floats a $100k H-1B visa fee
Reuters says the White House is pushing a $100k H‑1B fee, which, if real, would have a massive impact on tech hiring. Elon came out promising war over it, saying his companies are only possible because of H-1B visas. REUTERS STORY | HACKER NEWS DISCUSSION
More people feel safe while wars expand
Gallup says a record 73% feel safe walking at night despite broader conflict, with huge gender gaps and South Africa lowest and Singapore highest. GALLUP ARTICLE
Homicide rates in US and Canada mapped cleanly
/u/Fluid-Decision6262 dropped a crisp map comparing homicide rates across the US and Canada—it’s simple, stark, and way more telling than headlines. REDDIT POST | FULL-RES IMAGE | REDDIT COMMENTS
Frying eggs quietly wrecks your indoor air
Chill Physics Enjoyer shows how a simple egg fry spikes indoor pollution way more than people expect, and gas vs. electric changes the game. SUBSTACK POST
Three-minute at-home EEG flags Alzheimer’s risk years earlier
Fastball EEG from George Stothart: a passive, three‑minute at‑home brainwave test that spots risky memory patterns well before a typical diagnosis. SMITHSONIAN ARTICLE | BRAIN COMMUNICATIONS PAPER
How a single fire unlocked Hitler’s emergency dictatorship
Wikipedia captures how the 1933 Reichstag fire—blamed on Dutch drifter Marinus van der Lubbe—let Hitler push Hindenburg to suspend civil liberties and bulldoze the Enabling Act. WIKIPEDIA ENTRY
Becoming the person who does the thing
Frederick Rivett argues the real unlock isn’t tactics—it’s identity—so you stop “trying” and start acting like someone who already does the thing. FRED RIVETT ARTICLE | HACKER NEWS DISCUSSION
We work too much because we worship work
Bertrand Russell argues in “In Praise of Idleness” that most “hard work” is theater and we’d be saner and kinder if we cut hours in half. One of my favorites. HARPER’S ESSAY | HACKER NEWS DISCUSSION
AI now does most analysts’ grunt work HACKER NEWS POST
Link graphs make reading feel like a conversation again LINKGRAPHS ARE FUN ARTICLE
Runj parallelizes any unix command with clean line-buffered I/O
Karim Chergui released runj, a tiny tool to run any command across N subprocesses with line-buffered stdin/stdout—super handy for clean parallel test runs and build steps. RUNJ RELEASE POST
Fifty things you can do with a software-defined radio FIFTY SDR THINGS ARTICLE
The Culture might actually be a quiet dystopia
Still reading this series, but Ben Arthur flips Iain M. Banks’ Culture on its head—arguing the “post-scarcity utopia” looks a lot like a velvet cage run by inscrutable gods. THE CULTURE AS DYSTOPIA ARTICLE | HACKER NEWS DISCUSSION
Statistical differences only matter if they change your decision TOWARDS DATA SCIENCE ARTICLE
Refactor your “unit of work” to unlock real productivity
Nilenso argues your core abstraction isn’t sprints or commits—it’s the unit of work—so make it a customer-visible slice with clear acceptance, negotiable size, and one place for all context. NILENSO ARTICLE | AI UNIT OF WORK POST BY ATHARVA | INVEST USER STORIES REFERENCE | USER STORY ORIGIN ON C2
A vape runs a real web server fast TOM'S HARDWARE STORY
Nanobot turns MCP servers into full agents with UI
Turns any MCP server into a stateful reasoning agent with a system prompt. NANOBOT SITE
Visual Story-Writing makes story editing visual VISUAL STORY-WRITING GITHUB
Em dashes aren’t an AI tell, they’re a human thinking tool THE RINGER ARTICLE
Quitting the iPhone breaks the addiction, not the utility
Kevin Kelly spends a year off iPhone and realizes the phone wasn’t the problem—the dopamine loops were—and that swapping platforms doesn’t fix your habits. SUBSTACK POST | KEVIN KELLY HOMEPAGE
A creator shows how partial automation actually makes a better newsletter
A Reddit User walks through his n8n + GPT‑5 loop that saves 1–2 hours a day, but the punchline is keeping him in the loop makes it good. REDDIT POST | WORKFLOW SCREENSHOT | CARD EXAMPLE IMAGE
See if you can start thinking of political opponents (not the worst ones, but like mid-level ones) as possibly good people who are good in a different (alien) way than you.
See if you can assume they’re actually trying to do good, and grapple with them and yourself to see if you can find things to agree on.
See if you can find a common, desired destination! And then part as opponents but friends who disagree on how to get there.
This won’t be possible with everyone, but we have to try. It’s the only way to fix this.
📚 Book Recommendation: The Righteous Mind, by Jonathan Haidt
APHORISM OF THE WEEKGET THE MEMBER EDITION
You’re currently receiving the STANDARD edition.
Members get numerous benefits, including:
25-50% off all UL Paid Content, including the upcoming Human 3.0 / AUGMENTED ONLINE portal!
Access to the extraordinary UL Member Community that includes vibrant conversations with ~1,500 of the smartest and kindest people you’ll find on the internet
Member-only Content, such as EDC guides on tech stacks, personal productivity routines, my recommendations on Critical skills to Build Going Forward, Trend Identification and Analysis, and more…
Access to the Member Archive of previous Member-only content, the Book Club archive, etc.
Access to The UL Book Club that’s been going monthly since 2017! One of the highlights of my and many attendees’ month!
Access to the Monthly Member Meet-up where we talk about our routines, productivity workflows, what’s on our minds, etc.
Access to In-Person Events like our dinners in Vegas, San Francisco, etc.
And much more coming…
This is the moment to connect with others who are smart, kind, and asking the same questions we are. Where is this all going? And how do to prepare?
Join the conversation.
SUBSCRIBE OR UPGRADE
MEMBER LOGIN
1
September 4, 2025
Building Your Own AI-powered Life Management System
The post and video
Since this whole AI thing started in late 2022, I have been slowly building a unified system for life and work management.
Not for tech. Not for AI.
For life .
For the things I care about as a human.
I just launched a video today describing my system named “Kai” and my entire process for building it. It lays out:
Why I built it,
The way I think about such systems,
And the actual structure step-by-step guide to how I built the individual components inside of Cloud Code
And don't be intimidated by the Claude Code thing. It's just a container. The components themselves are universal and you can use them inside of any AI system.
My goal with this video is to get you thinking about your own tasks, and your own life management system, and your career management system, and your information management system, and what such a thing could look like if it were unified and upgradeable.
Please go and watch this video even if you don't plan on building this system immediately.
At the very least, it will get you thinking about the questions of:
What could you be doing if you had more time?
What would you be researching?
What would you be studying?
If you had a tutor, what would you have them teach you?
What if you were more communicative with the people you care about?
What if you were actually able to make the projects that you've been thinking about for all these years?
Let me know what you've come up with after you watch the video and/or read the guide.
I can’t wait to hear about what you build!!!
Continue reading online…
The post and video
Talk soon!
Daniel
August 25, 2025
Unsupervised Learning NO. 495
UPDATESHey, hope you’re doing well!
ERRATA: Two mistakes last episode:
My conversation about AI System Design was with Michael Brown, not Matthew Brown. Sorry Michael! Phenomenal conversation!
The open-source AI vuln discovery tool I mentioned last week was a separate project, unrelated to XBow.
—
A whole bunch of built-up procrastination due to technical obstacles is really starting to add up for me, causing lower mood and energy. I can't remember where I read it, but I really love the framing of anxiety and procrastination simply being side effects of not getting work done that you wanted to, or thought you should.
I'm definitely feeling that. But I hope to resolve most of it this week!
—
Speaking of Michael, here’s my conversation with him about designing AI systems that actually work. Michael Led the Trail of Bits AI XCC team that won 2nd place, and he’s brilliant.
If you think at all about practical vs. hype AI, you will love this conversation.
—
🔥This is the Personal AI Infrastructure I’ve been building for years now, documented in a lot of detail. Took the entire weekend to update this beast.
When I talk about working on AI, I'm mostly upgrading and enhancing this thing. 👇🏼
Building a Personal AI Infrastructure (PAI)
Exploring the concept of personal AI infrastructure and how to build AI systems that upgrade humans as we transition to Human 3.0
danielmiessler.com/blog/personal-ai-infrastructure
—
It's so much easier to write story commentary for the newsletter using Wispr Flow. Next to Claude Code and ChatGPT back in 2022, I would say this is definitely the best tech I've seen in years.
—
Last week’s podcast was like an hour and a half long. Caught up on tons of stuff across work and tech and life. Felt significant. If you haven’t listened in a while, you should listen to this one. LISTEN
UL NO. 494
AI Finds a P1, I Missed Chartbeat So I Made My Own, XBow Open-Sources Their AI Bot, and more...
omny.fm/shows/unsupervised-learning/ul-no-494-standard-edition-ai-finds-a-p1-i-missed-chartbeat-so-i-made-my-own-xbow-open-sources-their-ai-bot-and-more
Sponsor
AI Agents That Actually Triage Vulnerabilities
Most vulnerability management feels like a treadmill: huge backlogs, noisy findings, and nonstop pressure.
Maze takes a different approach with AI agents that investigate vulnerabilities the way humans do —context-aware, precise, and fast.
That means 80–90% of false positives removed automatically, only a small handful marked for urgent attention, and fixes are sent directly to the right owners. It’s like having expert engineers on call, only they never sleep.
Find Out How It WorksReally excited with Maze’s approach here, with a focus on getting the context from the organization and sending fixes to the correct people rather than blasting them out to unrelated people who will grow hate in their hearts for security!
CYBERSECURITYGoogle releases FACADE, their internal anomaly detection system for insider threats
Google open-sourced FACADE, the deep learning system they use internally to catch insider threats and detect account compromises. Absolutely love them for releasing projects like this out to the public for free. FACADE GITHUB REPO | RESEARCH PAPER | BLACKHAT 2025 SLIDES
Researchers discover PromptFix attacks that hijack AI browsers through hidden prompts
Guardio Labs tested Perplexity's Comet browser and found attackers can hide malicious instructions in fake captchas that AI agents process as legitimate commands. GUARDIO LABS RESEARCH | CYBERSECURITY NEWS ARTICLE
Phishing emails now target both humans and AI defenses simultaneously
Anurag Gawande shares how attackers are embedding prompt injection commands in phishing emails to confuse AI security tools while still tricking human recipients. MALWARE ANALYSIS ARTICLE | REDDIT DISCUSSION
Grok chats are showing up in Google search results
Malwarebytes reports that Grok's share button makes conversations searchable on Google without users realizing it. MALWAREBYTES ARTICLE | FORBES COVERAGE | BBC REPORT
Continue reading online to avoid the email cutoff… NATIONAL SECURITYThe U.S. is running low on Patriot missiles after heavy Middle East use
The Pentagon is scrambling to rebuild Patriot missile stocks after using 30 interceptors in a single day defending Al-Udeid base from Iranian attacks—the largest single-day use in U.S. history. THE CIPHER BRIEF REPORT | LARGEST PATRIOT SALVO ARTICLE
Clear Plus adds biometric gates that skip TSA officers entirely
Clear launched facial recognition gates at Atlanta's airport that verify your ID and boarding pass in under six seconds, letting paid members bypass TSA officers completely before bag scanning. It will be phenomenal if this is able to be maintained and if it expands to other airports.
Interesting piece of security psychology here is that I naturally wonder how easy it would be to fool this system, but then I remember how cursory the checks are by the staff currently. MORNING BREW COVERAGE | WSJ REPORT | AXIOS ARTICLE | THE POINTS GUY
AIOpenAI says GPT-6 is coming faster than GPT-5 took
Sam Altman told reporters that GPT-6 is already in development and won't take as long as GPT-5 did. Surprising to me that they had to play this card. Subs must really be down for them to have to start teasing this already. BLEEPING COMPUTER ARTICLE | CNBC INTERVIEW
Game developers embrace AI agents at massive scale
A new study reveals that 87% of game developers are now using AI agents in their development process, which is not surprising to me at all. I do a lot with AI and a lot with role-playing games, and they go extremely well together. I mean, just think about character generation, scenario generation, plots, etc. All this stuff is center mass for LLMs.
AGI is an engineering problem, not a model training problem
Vinci Rufus argues that AGI won't come from bigger models but from better engineering—specifically orchestrating multiple specialized models working together like a brain's different regions. HIS ARTICLE
Developer replaces vector databases with Git for AI memory
Growth-Kinetics built a proof-of-concept that stores AI memories as markdown files in Git repos instead of vector databases, letting you git checkout to any point and see exactly what the AI knew then.
I really love ideas like this, and I'm personally experimenting with using the file system for all sorts of context management. As we keep talking about here, the management of memory and context is like 90% of the game with AI systems. DIFFMEM GITHUB REPO | HACKER NEWS DISCUSSION
MIT study finds 95% of enterprise AI projects have zero impact on profits
MIT researchers found that 95% of corporate AI implementations fail to impact the bottom line because companies try to force generic tools like ChatGPT into existing workflows instead of solving specific problems.
This very much reminds me of my earlier article on intelligence tasks. The companies that I see adopting AI the fastest and the best are the companies that already understand how their business works. They are simply applying AI to that. It's really hard to optimize something you don't understand, which unfortunately is many/most businesses. TOM'S HARDWARE ARTICLE | FORTUNE COVERAGE
Developer builds memory layer to stop AI agents from forgetting everything
And here's another memory/contact system. Piyush created In Memoria, an MCP server that gives AI coding tools persistent memory so they remember your codebase structure and coding patterns between sessions.
This is the type of thing where a major improvement to memory context management is going to roll out in Cloud Code or something, and it's going to suddenly improve all coding output and throughput by 40% or something. Just making up a number, but my point is that these jumps are going to be extreme. IN MEMORIA GITHUB | HACKER NEWS DISCUSSION
TECHNOLOGYCoinbase CEO fired engineers who refused to try AI coding tools
Brian Armstrong gave engineers a week to sign up for GitHub Copilot or Cursor, then fired those who didn't have good reasons for not doing it. Sounds super brutal but I see it very similar to a CFO firing accountants for not using Excel. I also find it hilarious that Armstrong was strong-arming people. 💪🏼 Sorry. TECHCRUNCH ARTICLE | CHEEKY PINT PODCAST
Uv adds experimental code formatting with Ruff integration
Astral just added experimental formatting to uv, bringing Ruff's formatting directly into their Python package manager so you can format code without installing anything extra. UV FORMAT ANNOUNCEMENT | HACKER NEWS DISCUSSION
Zed raises $32M from Sequoia to build collaborative IDE with real-time version control
Zed raised $32M Series B from Sequoia to build DeltaDB, their new operation-based version control system that tracks every edit in real-time, not just commits. Super interesting to be able to have like an infinite undo tree.
But this doesn't solve the whole problem because you still need to have useful milestones to roll back to. I assume this will be paired with AI that notices and labels changes. Pretty cool stuff. Can't wait to see it in Claude Code. ZED ANNOUNCEMENT | ZED GITHUB | ZED JOBS | CRDT EXPLANATION
Every engineer taking sales calls led to a complete platform rewrite
A startup forced all their engineers to take customer sales calls, and within two weeks they'd completely rebuilt their platform based on what they learned. Something something change comes from pain. I think it's an ingenious idea, and related to something I heard a long time ago—forcing people to work in other roles inside of the organization just to grow empathy and perspective. REDDIT POST | HACKER NEWS DISCUSSION
Google rushes ahead of Apple with AI-heavy Pixel 10 phones
Google's new Pixel 10 series goes all-in on AI features like Visual Overlays that guide you through your camera view, Magic Cue that proactively suggests actions across apps, and Voice Translate that makes phone calls sound like each person speaking their native language.
As an Apple "religious" person, I have to be the first one to admit that Apple is stumbling in the last year or two with major innovations, and especially AI. I still think that once they solve the AI/Siri issue, they're going to jump way ahead. But I expected that to have already rolled out. This is made much worse for them by Google suddenly finding their vision and voice.
Even I am tempted by some of their new tech and some of their new phones. I feel like they are crushing it on the AI stuff. But I know people who have very recently tried to switch from Apple to Google and came back immediately because there's nothing like the ecosystem cohesion that Apple has. For multiple reasons, I continue to wait for Apple to figure out the AI/Siri story and regain their momentum. TECHCRUNCH COVERAGE | PIXEL 10 ANNOUNCEMENT
Getting on the Hacker News front page brings traffic but not conversions
Dan Moore shares what actually happens when you hit the HN front page after 12 years and 400+ successful posts—you get thousands of visitors and valuable feedback, but basically zero conversions. I can also confirm this after having had dozens of front page appearances. It's mostly just an, "oh my god, somebody is looking at me" rush. DAN'S HN FRONT PAGE ANALYSIS
HUMANSICE budget could jump to $88 billion under new deportation plan
House Republicans want to give ICE $88 billion for Trump's mass deportation plans, which would make its budget bigger than most countries' entire militaries. NEWSWEEK COVERAGE | HACKER NEWS DISCUSSION
Exercise has insane ROI that most people completely miss
Herman breaks down why exercise is the highest-leverage investment you can make—saying it's basically compound interest for your body and brain. HERMAN'S EXERCISE ROI ANALYSIS | HACKER NEWS DISCUSSION
The hidden management skill is knowing when to actually manage
Terrible Software explains that the most underrated management skill is knowing when to step back and let your team work without interference. Good article, but my favorite book on this is "The Dichotomy of Leadership" that talks about multiple extreme trade-offs that you have to manage constantly when managing. TERRIBLE SOFTWARE ARTICLE | HACKER NEWS DISCUSSION | THE DICHOTOMY OF LEADERSHIP BOOK
Margin debt hits record high as investors borrow to buy stocks
Hacker News discussion reveals margin debt has reached unprecedented levels, with commenters debating whether this signals market exuberance or rational leverage in a low-rate environment. ARTICLE | HACKER NEWS DISCUSSION
Scientists reverse brain aging in mice by reducing a single protein
UCSF researchers discovered that reducing FTL1 protein in old mice restored their memory and increased brain cell connections, basically reversing age-related cognitive decline. One of the most exciting prospects for AI to me is simply combing through massive amounts of data and finding tons of slack in the rope or easy tricks for doing all sorts of things, like improving cognition, reducing aging, and all sorts of stuff we're not even thinking about yet. SCIENCE DAILY COVERAGE
IDEASContext Orchestration for AI is mostly an engineering, or a traditional tech, problem—not a model problem. The issue is not the intelligence of the models but the quality of the systems that those models work within.
DISCOVERYAGENTS.md as a standard way to guide AI coding agents
Really cool idea here of crowdsourcing context management and orchestration for AI tooling. The community created AGENTS.md, an open format that lets developers write simple markdown files telling AI agents exactly how to work with their codebases. AGENTS.MD SITE | HACKER NEWS DISCUSSION
Developer gets shadowbanned by Hacker News and asks for a real IP ban instead
Sean Conner discovered he's been shadowbanned from Hacker News and would rather just be banned at the IP level if they don't want him there. SEAN'S BLOG POST | HACKER NEWS DISCUSSION
Everything in the universe is correlated with everything else
Gwern Branwen explains why all variables correlate with each other in large datasets—it's not measurement error, it's that everything genuinely affects everything else through countless indirect causal chains. GWERN'S EVERYTHING ARTICLE | HACKER NEWS DISCUSSION
RECOMMENDATION OF THE WEEKThe two strongest predictors for longevity are:
VO2 Max
Strength
I recommend getting your VO2 max tested quarterly if you can, fairly cheaply, or wear a device like an Apple Watch that will give you some kind of estimation.
For strength, it's not any particular one test that matters - otherwise you could game the system. What matters is that you are overall strong. So I recommend whatever works for you in terms of regular resistance training.
Me personally, I do kettlebell swings and deadlifts and traditional gym resistance training for chest and back and shoulders and arms and such.
We don't even fully understand why being strong is such a predictor or even VO2 max. But it makes sense to me overall. I think it comes down to: If you have those things, that means other things are true as well - activity, blood flow, cardiovascular health, etc.
So, in a sentence, do the things that you need to do to improve these two metrics.
APHORISM OF THE WEEKMEMBER EDITION TEASEREnterprise AI rollouts are Context Orchestration Problems
A lot of people are skeptical of what AI can do for real businesses because they just haven't seen the impact at a deep, strategic level yet. To me, the reason for this is very simple: Most businesses have no idea how their businesses work. They can't tell you at any given time what projects they're working on, how much they're spending on what, which people are working on which projects, etc.
Most businesses, and especially start-ups, are essentially opaque balls of fiery magic. Honestly, it's a miracle that anything gets done at all. What a lot of people do is they bring AI into a company like that, where everything is extremely opaque and not well-documented. Or if it's documented, the documentation is extremely old. And they're like, "I tried this ChatGPT 4 thing, and it didn't fix everything! AI sucks!"
AI works best when you give it a system and say, "How should I fix this? What optimizations do you recommend? How can you improve this?"
GET THE MEMBER EDITION
You’re currently receiving the STANDARD edition.
Members also receive MEMBER-ONLY ESSAYS in their version, in addition to access to the extraordinary UL Member Community that includes vibrant conversations with over 1,400 of the smartest and kindest people you’ll find on the internet. Plus: the Member Archive, access to The UL Book Club, a monthly member meet-up, access to in-person events, and much more.
August 13, 2025
Unsupervised Learning NO. 493
UPDATESHey! Hope you’re doing well!
First, a new blog post that’s more negative than usual…but it’s honestly what I’ve been feeling and I think a lot of people are likely feeling the same way. I’M WORRIED IT MIGHT GET BAD
I'm Worried It Might Get Bad
Exploring why I’m starting to worry things might get very bad, very soon…
danielmiessler.com/blog/im-worried-it-might-get-bad
The Worst AI Metric
Why the 'r's in strawberry' or ‘b’s in blueberry test is a horrible benchmark for AI.
danielmiessler.com/blog/the-worst-ai-metric
Got back from Vegas and am reflecting on being thankful. First that I was able to go, as it seemed like a lot fewer people were able to, but mostly because of friendships. Old and new. It was brilliant being able to see so many UL people! Including at our annual UL Dinner.
But also hanging out afterwards and at Blackhat / DEFCON. Plus I got to see so many security homies from over the years. And even better, I got to cross-pollinate the UL/Security groups in a few places! One such place was at Sean Sun’s always spectacular Miscreant’s Creator’s meetup. I feel refreshed having seen so many friends. 🫶🏼
—
While I was in Vegas, I got to catch up with one of the companies I'm involved with called SPLX.ai. I feel like I don't talk about them enough here, unrelated to whether or not they're doing a sponsor slot. They're just the best solution out there for automated AI pentesting. They literally only have a challenge of getting POCs because they win 100% of the POCs that they get. Not most POCs. Every single POC. If you are a red team looking to scale up your building to test AI systems, you need to check them out. Oh, and they recently wrote a really cool blog post analyzing GPT-5. It went exactly as you’re expecting. CHECK OUT SPLX.AI
—
If you’re looking for a Web Analytics alternative to Google Analytics, I use Fathom Analytics, which also gives me a cool widget in my menu bar (and Claude Code status line). They’re not a sponsor, but here’s my referral code (with $10 of free credit) if you want to check it out. CHECK THEM OUT
Sponsor
AppSec’s New Horizon
As development teams move faster, shift-left strategies have stalled at detection and aren't keeping security issues out of production.
Join the upcoming virtual event to get a practical, prevention-first AppSec blueprint—powered by new Unit 42® research and real-world lessons from Palo Alto Networks' own security teams.
Learn how to stay ahead of emerging threats, intelligently block risks from reaching production, and scale AppSec without slowing developers down.
Don’t miss this look into the future of application security with Cortex® Cloud.
Secure Your Spot CYBERSECURITYWhile in Vegas I had a really cool conversation with Jason Haddix, Caleb Sima, and Ashish Rajan on lots of AI/Security topics on the AI Security Podcast (episode coming soon).
One of the questions that was asked was:
My counter question to that is, "How do we know we aren't? Because I'm not sure there's really anything such as an AI attack. If you think about AI as just having more eyes and hands, here's a question for you:
Would you see more attacks or would you see more AI attacks? I think you would mostly just see more attacks. They would just be done much better because they could target people individually, they could take more time riding specific spearfishes and specific campaigns targeting your infrastructure and your people.
Now, of course, prompt injection is an actual new novel attack, and I think that's AI-special. But other than that, I think what we should expect to see is more scale and, as we talked about on the podcast, possibly faster coverage of attack surface for a given campaign since, once again, you just have more eyes and hands to go and do that thing. It was an important conversation in the episode, and I really recommend you subscribe to the podcast and check out the episode when it comes out. THE AI SECURITY PODCAST
A Thought on MCP Security
🚨 Lots of people are talking about MCP Security, but there's one attack surface / risk that's most pressing to me.
➡️ When you send one of your agents to use an MCP, you're sending a semi-intelligent being to parse instructions written by the owner of that MCP.
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ 🛡️ (@DanielMiessler)
12:49 AM • Aug 13, 2025
🔥🔥🔥 AI Cyber Challenge releases all finalist security tools as open source
The AI Cyber Challenge dropped all 7 finalist teams' Cyber Reasoning Systems as open source, plus the competition infrastructure and benchmarks, so anyone can build on their automated vulnerability-finding tech.
This is one of the biggest stories from BlackHat/DEFCON in my opinion. These are systems designed to AUTONOMOUSLY go and find problems and fix them! And they’re all public domain now! AI CYBER CHALLENGE ARCHIVE
Porn sites are stuffing SVGs with clickjacking code to farm Facebook likes
Dan Goodin reports Malwarebytes found porn sites hiding obfuscated JavaScript inside SVG images that secretly click-jack Facebook likes when you tap the picture. ARSTECHNICA STORY | MALWAREBYTES RESEARCH POST
Attackers can now hide C2 traffic inside Zoom and Teams calls
Security researcher Adam Crosser discovered a way to tunnel command-and-control traffic through legitimate Zoom and Teams infrastructure, making it nearly impossible to detect. | BLEEPING COMPUTER ARTICLE | BLACKHAT PRESENTATION | TURNT TOOL
The argument that we replaced passwords with something worse
Daniel H argues that modern authentication has become a nightmare of complexity, where we've traded simple passwords for a mess of SSO providers, passkeys, and authentication apps that often fail when you need them most. I disagree, I think. I think Passkeys in particular are way better than vanilla passwords. | THE OTHER DANIEL'S BLOG POST | HACKER NEWS DISCUSSION
Sonicwall Firewalls Are Getting Hammered By Zero-day Attacks
Attackers are exploiting what looks like a zero-day in SonicWall Gen 7 firewalls' SSL VPN service, with multiple security firms tracking Akira ransomware deployments that started around July 15th. | CYBERSCOOP ARTICLE | SONICWALL ADVISORY | HUNTRESS ANALYSIS
FBI Warns About Scam QR Codes in Unexpected Mail Packages
The FBI is warning people about unexpected packages containing QR codes that lead to sites stealing personal data or installing malware. | FBI WARNING | MALWAREBYTES ARTICLE
Anthropic offers Claude to all three branches of government for $1
Anthropic one-ups OpenAI's federal deal by offering Claude to executive, legislative, and judicial branches for $1 per agency annually, with FedRAMP High certification and multi-cloud support through AWS, Google Cloud, and Palantir. TECHCRUNCH ARTICLE | ANTHROPIC ANNOUNCEMENT
Marines Release an official drone-fighting handbook
The Marine Corps just published their first official counter-drone tactics manual, covering everything from detection to jamming to kinetic kills. | MARINE CORPS ARTICLE | HN DISCUSSION
Microphones can spot radar-evading hypersonic missiles
Researchers found that hypersonic missiles create unique sound signatures detectable by acoustic sensors, potentially solving the radar-evasion problem. | ECONOMIST ARTICLE
OpenAI’s bad very bad gpt-5 launch, and the equalization of AI players
The GPT-5 launch went really poorly. It kind of seemed okay within the first few hours and maybe the first day or so. But very quickly people started reporting all sorts of issues.
Chart Crime: 69 < 52 and same as 30
The worst stuff to me was the chart crime. It's really hard to release charts that bad unless you have incompetence or chaos in the organization. It's a smart group of people, so something very strange must have happened to force them to put this out like this. What it says to me is that they were feeling a lot of pressure from competitors and felt like they really had to put out something extraordinary to regain momentum.
The irony is that Sam had been telling us for months in various interviews that it wouldn't be as big of an update as before. I guess he also did tell us that it would be as big as the update as before, but he also said many times that it would be more of a subtle and quality upgrade than a big jump. The problem is the hype expectation vs. what we actually got, and it's doing a lot of damage.
I kind of see it as the end of an era of them being the official (single) leader. I mean, everything had already kind of equalized before, but this really made it concrete. Opus 4 and 4.1 are already so good, not to mention Google's latest models. Everything is just so good now. It’s not like OpenAI is bad or anything, just that there’s no longer a single leader—and if there were to be one, it probably wouldn’t be them. But it depends on what you’re counting. To most people AI still equals ChatGPT, so they still have that.
I guess the other thing to mention is that the thing I've been talking about for a couple of years now seems to be happening, where the intelligence of the model is not the only thing anymore that makes an AI ecosystem attractive. It's more so the ecosystem itself, meaning all the different ways that the model is used within tooling and interfaces. THE POST BY CHARLIE MEYER | HACKER NEWS DISCUSSION
Claude's 1M token model beats Gemini on speed but loses on detail. EVERY ARTICLE
Voice-controlled swarms using MCP, tool APIs, and a boids twist
Jason Fantl builds a voice-to-LLM controller that runs MCP tools to split, reassign, and steer swarms. Insanely cool. VOICE-CONTROLLED SWARMS ARTICLE
Genie might be Google’s real advantage over OpenAI
Ahura Mazda argues Google’s Genie feels like the actual leap—native simulation + tool-use—while OpenAI looks stuck in chatbots. AHURA MAZDA POST | HACKER NEWS DISCUSSION
Socratic AI tutors beat generic chatbots for real thinking in college
A new paper tests a Socratic AI tutor with 65 German pre-service teachers and show it boosts critical, independent thinking over a vanilla chatbot—and outline orchestrated multi-agent systems as the next step. This is exactly how I'm thinking about it as well. If you don't put the effort in and you just want to be lazy, AI will definitely make you stupid and show you a lot of porn or whatever you want to see to be entertained. But if you care about learning and constantly challenging yourself and growing, then AI can do that for you as well. People are going to get from AI exactly what they ask of it. ARXIV PAPER
Google says AI search is providing higher quality clicks to websites
Google claims their AI Overviews and AI Mode are actually increasing search volume and sending more valuable traffic to websites, but I don't get how that can be possible if it's answering the question without having to click through. GOOGLE BLOG POST
The new instagram map is freaking people out
Morning Brew says users are accusing Instagram of exposing live locations despite opt-in claims, while some blame the confusion on geotagged posts. MORNING BREW STORY
Cursed knowledge makes tech safer but also more fragile
Alex Tran argues the more we automate guardrails, the more we rot our intuition—so when they fail, we fail hard. CURSED KNOWLEDGE ARTICLE | HACKER NEWS DISCUSSION
surtoget.no is a tiny, spicy Gleam-powered protest site
John Mikael Lindbakk built a snarky, no-database site in Gleam to dunk on a chronically late Norwegian train line, with clever pre-rendering, image caching, and Erlang FFI hacks. INTRO POST BY JOHN LINDBAKK | SURTOGET.NO SITE
How i ended up writing gleam for a living
Louis Pilfold tells the origin story of betting his career on Gleam and why the language’s ergonomics plus BEAM reliability hit a sweet spot for real software. YOUTUBE: LOUIS PILFOLD ON GLEAM | LOBSTERS DISCUSSION
Developers Feel Dotfiles Are Too Personal To Share
Juhis Hamatti wrote about how he loves dotfiles and sharing knowledge but feels his configuration files are too intimate to publish, even though he regularly reads others' dotfiles for inspiration. I feel exactly the same way, and it’s why I haven’t updated my stuff recently. As a security person I also worry about something sensitive ending up in there as well. | THE ESSAY | JUHIS'S BLOG | JUHIS'S DIGITAL GARDEN | JUHIS ON GITHUB
No one is really working
Human Invariant talks through three elite early-career archetypes barely doing deep work and then breaks down the reasons they’re still paid so much. This is part of the reason why lots of companies can’t wait to fire people. NO ONE IS REALLY WORKING
Entry-level jobs have dropped 73% as companies replace new grads with AI
Final Round AI reports that entry-level job postings have dropped 73% across major fields, with tech companies cutting new graduate hiring by over 50% since 2019. FINAL ROUND AI ANALYSIS | NEW YORK FED DATA
Job growth just fell off; here’s what might be breaking
Claudia Sahm digs into why U.S. hiring suddenly cooled—cyclical slowdown, data quirks, or something structural, with some good data to back her up. JOB GROWTH HAS SLOWED SHARPLY | HACKER NEWS DISCUSSION
Insurers warn key regions are becoming uninsurable. CNBC ARTICLE
Trump order could push crypto and private equity into 401(k)s
Morning Brew says Trump’s move nudges the Labor Department to greenlight riskier 401(k) options, which CNBC’s Ryan Ermey notes could open the $12.2T pool to crypto and private markets. Not an expert, but seems like it could be great until it isn’t? HR BREW ON $12.2T 401(K) ASSETS
UK government tells citizens to delete emails to save water during drought
The UK government advised people to delete old emails and photos to conserve water because "data centres require vast amounts of water to cool their systems". See this for why the UK/Europe will lose in AI. TOM'S HARDWARE ARTICLE | UK GOVERNMENT ANNOUNCEMENT
Study shows lifestyle changes can slow cognitive decline by 55%
A two-year randomized trial found that combining exercise, social activities, and brain training reduced cognitive decline by 55% in older adults at risk for dementia. We know the medicine, we just have to take it. SMITHSONIAN ARTICLE | HACKER NEWS DISCUSSION
A love letter to a future employer that still feels fresh
Charlotte Brandhorst-Satzkornat writes a candid, funny “hire me” note that nails culture fit without the cringe. It’s basically a template for showing taste, values, and momentum in one page. A LOVE LETTER TO MY FUTURE EMPLOYER | CAT ZWANGER HOMEPAGE | HACKER NEWS DISCUSSION
Pay phones come back as free community lifelines
Engineer Patrick Schlott revives pay phones in rural Vermont—free VoIP calls, daily use, and suddenly crucial with schools banning smartphones. NPR STORY
How Black Sabbath's First Four Albums Used Obscure Phototype Alphabets
Nick Sherman traces how Black Sabbath's iconic album covers from 1970-72 all used rare typefaces from the phototype era that have been mysteries for decades. | FONTS IN USE ARTICLE | NICK SHERMAN
I think one interesting economic metric (HT @karpathy) around AI should be something like:
Annual Cost of Average Developer Output (ACADO)
So:
- How much output does an AVERAGE developer put out per year?
- How much did that cost the company?
👇🏼
Let's say in 2021 it was
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ 🛡️ (@DanielMiessler)
8:47 PM • Aug 11, 2025
DISCOVERYEverything local for AI work without the internet
Manish shows how he runs a full AI stack fully offline—models, vector search, and evals—so nothing ever leaves the box. MANISH’S OFFLINE AI WORKSPACE | HACKER NEWS DISCUSSION
Getting Good Results From Claude Code
Chris Dzombak shares practical tips for making Claude actually useful for coding, like being specific about languages and tools you're using. | DZOMBAK ARTICLE | HACKER NEWS DISCUSSION
AI bubble concerns grow as spending vastly outpaces revenue.
I’m not in this camp, but I'm including for diversity of thought reasons. NEW YORKER ARTICLE
Omnara AI built a mobile app that turns your AI agents into communicative teammates—you get push notifications when Claude needs help, see what it's doing in real-time, and can guide it from anywhere. OMNARA GITHUB REPO
Turn any website into an API
Parse.bot basically lets you point at any page and get a clean API back without building scrapers. HACKER NEWS DISCUSSION
Aura Lets Websites Declare Their AI Capabilities Like Robots.txt
Osman Kitay created a protocol that gives websites a standard way to tell AI agents what actions they can perform, moving beyond brittle screen scraping to explicit API declarations. | AURA GITHUB | NPM PACKAGE
Write your own dead-simple bash/zsh tab completions
Li Haoyi shows how to add tiny, custom tab completions to bash and zsh without generators or frameworks—just a few lines that make your CLI feel bespoke. MILL BLOG POST | HACKER NEWS DISCUSSION
If you do vibeservering, you can also run Termius in iOS and just SSH into your server and keep Claude Code'ing
Install Mosh and you have a perpetual tmux style screen that stays alive even if you log out and log back in
Finally can code on phone while gf is shopping!
— @levelsio (@levelsio)
10:44 AM • Aug 3, 2025
Apple’s Embedding Atlas (super sick visualizations of embeddings) GITHUB
My bud YTCracker just released a 17-track album mixing technical hacking references with personal stories about making it in cybersecurity. I've been listening since the early 2000s, and this album is particularly strong. I INVENTED THE COMPUTER ALBUM
Doctor sees 12 AI-triggered psychotic breaks. KEITH'S TWITTER THREAD
Uv now lets you run GitHub gists directly
Charlie Marsh just added the ability to run GitHub gists directly with uv, so you can execute remote Python scripts without downloading them first. Cool/scary. UV PULL REQUEST
UAI emerges as the third essential interface type. JOSH'S UAI ARTICLE
Google Launches Gemini CLI and GitHub Actions for AI-Powered Coding
Google released Gemini CLI and GitHub Actions integration, letting developers use Gemini AI directly from terminals and CI/CD pipelines. | GOOGLE BLOG POST | HACKER NEWS DISCUSSION
Photographer captures same NYC commuters twice over 9 years
Peter Funch spent 9 years photographing the same commuters twice at 42nd and Vanderbilt, creating haunting diptychs that reveal our unchanging daily rituals. MODERN MET ARTICLE | PETER FUNCH WEBSITE
I may be wrong about my latest essay about worrying about how bad things could get.
But on the off chance that I’m right, do me a favor and be extra appreciative of what we have today, and what we’ve had for decades. Just try to squeeze as much enjoyment out of life as you can. The invisible, common things. Your partner. Your hobbies. Your friends. Your family.
If I’m wrong, and everything is fine in a few months / years…well, so what? We wanted to appreciate those things more anyway.
APHORISM OF THE WEEKGET THE MEMBER EDITION
You’re currently receiving the STANDARD edition. Members get additional content sections, including IDEAS, a bi-monthly MEMBER-ONLY ESSAY, and the RECOMMENDATION OF THE WEEK.
In addition, you’ll get access to the extraordinary UL Member Community, which includes vibrant conversations with over 1,400 of the smartest and kindest people you’ll find on the internet, the Member Archive, UL Book Club, a monthly member meet-up, access to in-person events, and much more.
August 6, 2025
Unsupervised Learning NO. 492
UPDATESHey! Hope you’re doing well!
I’m in Vegas the whole week and weekend! If you see me, wave or come say hi! I’ve seen a ton of people already and it’s been wonderful. Including meeting some remarkable new friends in the industry after a panel talk last night.
—
OpenAI has launched their open models, and they have a red team challenge to hack them. HACK OPENAI’s OPEN MODELS
—
Why Marcus Is Wrong About AI
My response to Marcus’ latest post, “Every Reason Why I Hate AI and You Should Too”.
danielmiessler.com/blog/why-marcus-is-wrong-about-ai
—
My post on my personal AI tech stack I’m building / iterating on. Shows how I’m combining all my tools into a system that can be used by my DA, Kai.
Building a Personal AI Infrastructure (PAI)
Exploring the concept of personal AI infrastructure and how to build AI systems that upgrade humans as we transition to Human 3.0
danielmiessler.com/blog/personal-ai-infrastructure
This one is on the early launch of daemon.danielmiessler.com! Which is an MCP server for my personal API! Sooooo excited about this.
Building a Personal API
Announcing Daemon - the first version of the thing I’ve been talking about since 2016, where people can have a daemon that serves information about them! And it works!
danielmiessler.com/blog/launching-daemon-personal-api
Why Platforms Like Substack Won't Make Sense for Much Longer
The future of Substack is self-hosting. My thoughts on why writing platforms fail and why personal platforms are a likely path forward.
danielmiessler.com/blog/future-of-substack
—
Had a brilliant conversation with Sarit Tager at Palo Alto about how she’s building context into her products. This context stuff isn’t theory, and Sarit shows how useful it is in real security tooling. Sponsored
—
I’m starting to get low-key obsessed with Markov Chains and what I don’t know about them. I feel like I’ve like almost learned them like 20 times. I feel like they’ve been smugly waiting for me stop being an idiot and come explore how their overall concept can be applied to tons of other things I think about. If you know any go-to books, please let me know!
Sponsor
Protect Your Google Workspace with Purpose-Built Security
Your Google Workspace is the backbone of your business, yet most teams use security tools that weren’t designed to protect it.
Material Security changes that. Built specifically for Google Workspace, Material is a detection and response platform that protects Gmail, Google Drive, and accounts by proactively eliminating security gaps, stopping misconfigurations, and preventing shadow IT before they turn into costly problems.
With real-time monitoring and automatic fixes, Material keeps your workspace secure with minimal effort, reducing human error and freeing up your team to focus on work that matters.
Start Securing Your Google Workspace⬆︎ What I like most about Material is how they also focus heavily on configuration and prevention. Refreshing to see a novel approach to problems we’ve had for decades.
CYBERSECURITYSonicwall firewalls are getting hammered by zero-day attacks
Attackers are exploiting what looks like a zero-day in SonicWall Gen 7 firewalls' SSL VPN service, with multiple security firms tracking Akira ransomware deployments that started around July 15th. CYBERSCOOP ARTICLE | SONICWALL ADVISORY | HUNTRESS ANALYSIS
MCP-Watch security scanner finds 12 types of AI server vulnerabilities
Kapil Duraphe built this comprehensive security scanner that detects everything from credential leaks to prompt injection attacks in Model Context Protocol servers. THE PROJECT | KAPIL'S GITHUB | VULNERABLEMCP DATABASE | HIDDENLAYER RESEARCH | INVARIANT LABS STUDY | TRAIL OF BITS RESEARCH
North korea sent me abroad to be a secret IT worker
A former North Korean IT worker talks to BBC about being sent overseas to hack, spy, and do secret digital work for the regime. BBC ARTICLE | HN COMMENTS
Google’s AI bug hunter just found 20 new security flaws in popular open source software
Google’s AI researcher Big Sleep, built by DeepMind and Project Zero, found 20 vulnerabilities in stuff like FFmpeg and ImageMagick, all verified by humans but discovered by the AI alone, showing these tools are finally delivering real results.
TECHCRUNCH ARTICLE | HEATHER ADKINS ON X | GOOGLE ISSUE TRACKER
Russian spies use local ISPs to hijack diplomats’ devices in Moscow
Microsoft reveals Kremlin-backed hackers called Secret Blizzard have been exploiting ISP networks in Moscow since 2024 to intercept embassy traffic and push custom malware called ApolloShadow, making it super clear that sensitive data in Russia needs ironclad VPNs or encrypted tunnels. THE REGISTER ARTICLE | MICROSOFT REPORT | SHERROD DEGRIPPO LINKEDIN
Scattered Spider is now hitting Snowflake databases after fooling IT help desks
Government agencies updated their advisory after finding the cybercriminal group is specifically targeting Snowflake data storage for quick exfiltration once they social engineer their way past help desk staff. THE RECORD ARTICLE | CISA ADVISORY | RETAIL ATTACKS | INSURANCE ATTACKS | VICTORIA'S SECRET BREACH | HAWAIIAN AIRLINES ATTACK
The Gulf is betting on AI as the new oil to reshape its future
Sameer Hashmi from BBC breaks down how the UAE and Saudi Arabia are using huge AI data centers and US partnerships to turn “compute” into their next big export. They’re building infrastructure like it’s the next oil boom but still are still struggling with talent and geopolitical issues. BBC ARTICLE | SAMEER HASHMI X
Tech giants like Google and Meta are now working with the military
Google, OpenAI, and Meta, plus venture capitalists who once avoided war projects, are now openly teaming up with the military industrial complex, shifting their stance completely. This shows how the tech world is getting deeply involved with defense and war efforts. NY TIMES ARTICLE
The dollar is in trouble
Michael E. Jones breaks down why the dollar is losing its dominance internationally. A pretty solid list of issues and factors. THE ARTICLE | HN COMMENTS | MICHAEL E. JONES SUBSTACK
🔥 My friend Marcus goes nuclear on AI
Marcus put out an extremely long and well-written piece about all the reasons he thinks AI is hype. I think he’s very wrong.
I will probably do another video on this because I consider this to be such an important issue, and I worry his quality writing will sway many people to be complacent on the issue. But really it all comes down to one thing.
He’s using a shitty definition for intelligence.
Unless I misunderstood him, he doesn’t believe cardiology or marriage counseling count as intelligence. So like, two of the most skill-heavy and intellectual jobs in the world. An f-ing Cardiologist. A M.D. Or a Psychiatrist. Why? Because it’s just patterns. It’s just training.
(Paraphrasing his arguments) You meet people with the same problems, in slightly different configurations, and you consult your training, and you give out pretty much the same advice as you gave the last 120 people with similar issues. Now extend that to the rest of everyday knowledge work. It’s not real intelligence because they didn’t do anything new. Anything novel. (End paraphrase)
Cool story, except that definitionally devalues 99% of all knowledge work done on the planet everyday.
And we know he’s wrong here because of one glaring fact: the work hasn’t been automated for decades already. If it were so easy to just pattern match, none of these knowledge workers would even have jobs. The work would have been replaced by automation decades ago.
It’s not automated because it requires intelligence.
What’s intelligence? My definition is the ability to take a new, everyday problem and apply your knowledge and understanding of the world to come up with a useful solution.
Scripts can’t do that. Programs can’t do that. Only humans can, and that’s why the entire field of knowledge work exists. It’s everyday problem solving, using human brains.
This is why AI is disruptive. It’s the first tech ever invented that can do something like what we do. It’s that fucking simple.
Marcus is wrong because he’s defining intelligence in a way that doesn’t matter to regular people, and as a result he’s convincing people to ignore something that they should absolutely be paying attention to.
HIS ARTICLE | COMMENTS
OpenAI releases their open models
OpenAI has released their open AI models after a lot of pressure from the industry. They’re reasoning models, and benchmarks look impressive, but they’re hard to go by. I’m at Blackhat, but I’ll post more as I test them. THEIR BLOG ON THE RELEASE | ON HUGGING FACE | ON OLLAMA
Anthropic releases Opus 4.1 the same day
These model competitions are spectacular. Constant improvement, but I can’t help but be reminded of Moloch. The updates seem pretty small based on benchmarks, but again—those can be misleading. I’m expecting there to be improvements to the agentic stuff, especially for Claude Code. They also teased bigger updates soon. THE ANNOUNCEMENT
Perplexity allegedly using stealth bots to ignore no-crawl rules on websites
Cloudflare says Perplexity’s AI search engine uses hidden crawlers that rotate IPs and bypass robots.txt bans, hitting tens of thousands of sites despite explicit blocking. ARSTECHNICA ARTICLE | CLOUDFLARE BLOG POST | IETF ROBOTS RFC
Anthropic cuts OpenAI off from Claude access
Anthropic just pulled OpenAI’s access to their Claude AI model. Spicy. WIRED ARTICLE | HN COMMENTS
OpenAI's Universal Verifiers are changing how AI checks answers
OpenAI has things called “universal verifiers”—which are AI systems that check if generated answers are good or not. I’m like obsessed with these. And also the word obsessed, evidently. I really want to be able to rig all my AI infra into universal (general) verifiers that I can use to test the quality of my prompts and models. Working on it! THE INFORMATION ARTICLE | INSIDE GPT-5 REPORT
Google Releases Gemini 2.5 Deep Think for Faster, Smarter Problem Solving
Google’s latest Gemini 2.5 Deep Think model, now in the Gemini app for AI Ultra subscribers, is a faster, more creative AI that uses parallel thinking to tackle complex math, coding, and design problems with state-of-the-art benchmarks and real-world usability. It builds on earlier breakthroughs, hitting bronze-level IMO performance while helping researchers and developers think more deeply and iteratively. DEEP THINK BLOG | GEMINI APP | GOOGLE AI PLANS | GEMINI I/O ANNOUNCEMENT | DEEPMIND GOLD MEDAL | GEMINI DEEP THINK MODEL CARD
Stanford creates 'virtual scientists' that hold meetings and solve research problems autonomously
James Zou and his team built AI agents that work together like a real research lab, and they created a COVID nanobody that outperforms existing antibodies. STANFORD ARTICLE | NATURE PAPER | ZOU'S PRESENTATION | RAISE HEALTH SYMPOSIUM
OpenAI adds Study Mode to ChatGPT to make students think instead of just getting answers
OpenAI launched Study Mode for ChatGPT that asks students questions and sometimes refuses direct answers to develop critical thinking skills. Students can still switch back to regular mode whenever they want though. TECHCRUNCH ARTICLE | STUDENT AI USAGE SURVEY | STANFORD AI TUTORING STUDY | CRITICAL THINKING RESEARCH | BRAIN ACTIVITY STUDY | SCHOOL CHATGPT BANS
Your prompts are accidentally training AI to give you biased answers
This piece breaks down how the way we phrase prompts unconsciously steers AI responses toward what we expect to hear, not what's actually true. TOWARDS DATA SCIENCE ARTICLE | TOWARDS DATA SCIENCE
Ollama Launches a Desktop App With Built-in Chat Interface
The team behind Ollama released a native desktop application that includes a chat interface, so you don't need to use the command line or third-party frontends anymore. OLLAMA BLOG POST | HN DISCUSSION
Jack Dorsey releases Bitchat, his bluetooth mesh messaging app
Jack Dorsey coded this bluetooth messaging app over a weekend that lets you chat with people within 100 meters without internet or cell service. The app has zero login system and works through bluetooth mesh networks, though security researchers found it's easy to impersonate other users and it hasn't been security tested. Can't wait to use this in Vegas this week. Yeah, spoofing Bluetooth addresses is not difficult. TECHCRUNCH ARTICLE | iOS APP STORE | ANDROID GITHUB RELEASE | SECURITY ANALYSIS BLOG | BRIDGEFY COMPARISON | JACK'S TWITTER
UK's age verification law is rolling out but already causing chaos
The UK just started forcing sites like Reddit and X to verify users are 18+, and it's already messy with companies pulling out, users gaming the system, and big privacy headaches.
THE VERGE AGE VERIFICATION STORY
Two former TSMC employees arrested for trying to leak 2nm chip secrets
Two ex-TSMC workers got arrested for allegedly trying to steal trade secrets on their upcoming 2nm chip tech under Taiwan’s tough new national security law. TOM’S HARDWARE STORY | Financial Times Report | TSMC Growth and Expansion - Tom's Hardware | TSMC Market Lead - Tom's Hardware | Tom's Hardware Security Tag
Always bet on text for long-term software durability
Graydon Hoare argues that plain text outlasts all fancy formats and technologies, making it the safest bet for anything you want to preserve long-term. I wholeheartedly agree. I just see text as the centerpiece of everything: thought, tech, pretty much everything. GRAYDON'S BLOG POST
China launches $500 per baby incentive to reverse population collapse
China's offering families $500 annually per child until age three, as their fertility rate crashed from 2.51 in 1990 to just 1.01 last year. MORNING BREW STORY
Tour de France officials are now checking bikes for hidden tiny motors
The UCI started doing random bike inspections with magnetic scanners because they're worried cyclists might be using miniature motors hidden in frames to get an unfair advantage. WASHPOST ARTICLE
Our truest and purest selves might be ourselves as kids—playing and exploring. And maybe the whole game is to find and harness that again, in productive, adult ways.
Never talk to yourself in someone else’s voice.
DISCOVERYClaude Code can create professional videos from plain English descriptions
Moritz discovered you can use Claude's coding agent to generate complete videos without any video editing experience. I’m working a ton on trying to automate videos of different kinds. Diagrams. Charts. Full video. Etc. YOUTUBE VIDEO | MORITZ ON TWITTER
A Periodic Table of System Design Principles
Joy Arulraj created a visual periodic table that organizes fundamental system design principles into categories like scalability, reliability, and performance. It's a clever way to make complex distributed systems concepts more memorable and accessible. THE PROJECT | HN DISCUSSION | JOY'S GITHUB
Hemingway's "Now I Lay Me" reveals his near-death experience from 1918
The Library of America shares this 1927 Hemingway story based on his actual WWI wounding, where he described his soul leaving his body "like pulling a silk handkerchief from a pocket." THE STORY | PDF VERSION | HEMINGWAY COLLECTION | IN ANOTHER COUNTRY
How to Make (Almost) Anything: The 2019 MIT Fab Lab course that teaches you how to build basically anything you want
This is the legendary MIT course by Douglas Sculley that walks you through the whole process of turning ideas into physical stuff with digital tools—like the ultimate hands-on maker crash course. COURSE PAGE | HN COMMENTS
I built an AI that turns any book into a text adventure game
A developer created Kathaaverse, which transforms any book into an interactive text adventure where you can explore the story world and make choices that affect the narrative. KATHAAVERSE PROJECT
The best meeting culture eliminates most meetings and makes the rest actually useful
Someone's opinion on how to run meetings that don't suck by defaulting to async work and only meeting when you actually need real-time discussion. THE ARTICLE | HN DISCUSSION
Contains Studio releases collection of AI agents for rapid development
Contains Studio built 35+ specialized AI agents organized into departments like engineering, marketing, and design to accelerate 6-day development sprints.
THE PROJECT | CLAUDE CODE DOCS
AI is a floor raiser, not a ceiling raiser
Elroy Bot explains in his article why AI mostly lifts everyone's baseline performance rather than pushing the absolute peak higher, which changes how we should think about its impact. AI ARTICLE BY ELROY BOT | COMMENTS ON HACKER NEWS
Try to frequently ask yourself if anyone, or anything, in your life is stopping you from becoming your true self.
Are you not able to say or be certain things because of your partner, your job, your peers?
And if those constraints weren’t there, who and what would you be instead?
These constraints are often invisible because we block them out because they’re painful. We pretend we put them on ourselves on purpose.
Try to see them again. Try to remember who you wanted to become.
APHORISM OF THE WEEKGET THE MEMBER EDITION
You’re currently receiving the STANDARD edition. Members get additional content sections, including IDEAS, a bi-monthly MEMBER-ONLY ESSAY, and the RECOMMENDATION OF THE WEEK.
In addition, you’ll get access to the extraordinary UL Member Community, which includes vibrant conversations with over 1,400 of the smartest and kindest people you’ll find on the internet, the Member Archive, UL Book Club, a monthly member meet-up, access to in-person events, and much more.
July 21, 2025
Unsupervised Learning NO. 490
UPDATESHey! Hope you’re doing well!
—
Found a new artist with EPIC music for coding/hacking to. Like the perfect mix of synthwave and something heavier. DANIEL DELUXE | RECOMMENDED STARTER ALBUM (no, it’s not me. 😂 Wish it were)
—
NEW AI / CODING VIDEO!!! 👇🏼👇🏼👇🏼
—
I’ve massively updated the website! (28.7 years of content!), added new pages, added a search feature, and just tons of minor upgrades: THE NEW HOMEPAGE | THE NEW ARCHIVES PAGE
—
I’ve been writing like a crazy person last few days!!!
This is probably my favorite post, which I used a new data visualization tool to make the charts for. So now I can make data visualizations in this style for any future post just by telling Kai, my DA, to pull a dataset and visualize it.
It’s D3 underneath, btw.
👇🏼👇🏼👇🏼 (someone please tell me they like the gif) (Midjourney, btw, using a prompt based on the entire article)
[image error]The Area Under the Curve: How AI Expands Human Work Capacity
A way of thinking about work as work tasks which have a difficulty rating for each one. And then thinking about the total number of work tasks vs how many humans are actually addressing.
danielmiessler.com/blog/ai-workforce-volume-difficulty-curve
And a bunch of other more technical ones…
OpenCode vs Claude Code: The Real Difference
Exploring the differences between OpenCode and Claude Code, and why the gap might be smaller than you think
danielmiessler.com/blog/opencode-vs-claude-code
The Stages of an App: From Idea to Digital Assistant
Exploring how technology evolves from ideas to websites to apps to operating systems, and why digital assistants are the inevitable final stage
danielmiessler.com/blog/stages-of-app
One-click MCP servers with Cloudflare
How Cloudflare's one-click solution lets you build MCP servers without managing infrastructure
danielmiessler.com/blog/one-click-mcp-servers-cloudflare
Fix Opencode Transparency in Ghostty Terminal
Learn how to configure Opencode to respect Ghostty terminal's transparent background using the system theme
danielmiessler.com/blog/opencode-ghostty-transparency-fix
—
One reason I'm happy to be using a Chrome-based browser again is that I get to use my favorite extension, Vimium. My absolute favorite feature? / to search and then you can use n and N to move through the instances. THE VIMIUM EXTENSION PAGE
CYBERSECURITYMicrosoft SharePoint Zero-Day Hits 75+ Companies With No Patch Available
Microsoft's got a critical SharePoint zero-day (CVE-2025-53770) being actively exploited against 75+ organizations worldwide, and there's no patch yet—just workarounds like enabling AMSI or disconnecting from the internet.
THE HACKER NEWS STORY | MICROSOFT ADVISORY | MICROSOFT GUIDANCE | EYE SECURITY RESEARCH | PALO ALTO UNIT 42 | AMSI CONFIGURATION GUIDE
Fortinet Patches Critical SQL Injection Vulnerability in FortiWeb
Fortinet just fixed a nasty SQL injection bug (CVE-2025-25257) in FortiWeb that lets attackers run database commands without authentication, scoring 9.6 out of 10 on the Richter Scale. THE HACKER NEWS ARTICLE | FORTINET ADVISORY | WATCHTOWR ANALYSIS | EXPLOIT CODE
Google's AI Agent Prevented The First Real-World Cyberattack
Google's Big Sleep AI caught a SQLite vulnerability that was about to be exploited and stopped it before any damage happened. DIGITAL TRENDS ARTICLE | SUNDAR'S TWEET | GOOGLE'S BLOG POST | INVESTING COVERAGE | LIVE MINT REPORT | TIMESKETCH TOOL
Chinese Hackers Owned National Guard Network for Nine Months
Salt Typhoon stayed hidden in a U.S. Army National Guard network for nine months, stealing network configs and admin credentials that could help them break into other government networks across all 50 states. BLEEPINGCOMPUTER ARTICLE | DHS MEMO | NBC REPORT | CVE-2018-0171 | CVE-2023-20198 | CVE-2024-3400
Ring Brings Back Police Video Sharing Through Axon Partnership
Ring quietly reversed course and started letting cops request doorbell footage again, this time through Axon instead of their own app. THE VERGE ARTICLE | AXON ANNOUNCEMENT | BUSINESS INSIDER COVERAGE
Hyatt Supposed Uses AI Smoking Detectors That Listen For Vaping Sounds
Hyatt hotels are (possibly) installing these new detectors that use sound algorithms to catch people vaping in their rooms. Cool, but not ok. Generally, a microphone is a microphone. TWITTER THREAD | HN DISCUSSION
Surveillance Company Found Using New SS7 Bypass to Track Phone Locations
Enea researchers caught a Middle East surveillance vendor exploiting a new SS7 attack that bypasses carrier security protections to secretly track people's phones down to a few hundred meters. TECHCRUNCH ARTICLE | ENEA RESEARCH
npm Maintainers Got Phished and Malware Was Injected Into Popular Packages
Attackers phished npm maintainer credentials and used stolen tokens to inject malware into 5 popular packages like eslint-config-prettier without touching any source code. THE HACKER NEWS STORY | SOCKET'S ANALYSIS | PHISHING CAMPAIGN DETAILS | GITHUB ISSUE | PROTESTWARE REPORT | ARCH LINUX WARNING
Cisco Dropped Another Perfect 10 CVSS Bug That Gives Root Access Without Authentication
Cisco warned about CVE-2025-20337, a maximum severity flaw in their Identity Services Engine that lets attackers run code as root with zero authentication needed. THE HACKER NEWS ARTICLE | CISCO SECURITY ADVISORY | SHADOWSERVER TWITTER UPDATE | CENSYS ADVISORY | SHADOWSERVER DASHBOARD
China's Phone Extraction Tool Grabs Everything From Seized Devices
Lookout researchers found that Chinese cops are using a tool called Massistant that sucks up SMS, GPS, images, and even Signal messages from phones they confiscate at borders. THE HACKER NEWS STORY | LOOKOUT RESEARCH REPORT | MFSOCKET PREDECESSOR ANALYSIS | MEIYA PICO COMPANY INFO | TREASURY SANCTIONS NOTICE | MEIYA PICO PATENTS
Former US Army Soldier Pleads Guilty to $1M Telecom Extortion
Cameron John Wagenius, a 21-year-old Army soldier using the handle "kiberphant0m," pleaded guilty to hacking at least 10 telecom companies including AT&T and Verizon, stealing sensitive data, and extorting over $1 million while on active duty. SECURITY AFFAIRS ARTICLE | DOJ PRESS RELEASE | WAGENIUS INDICTMENT PDF | KREBS INVESTIGATION | PIERLUIGI'S TWITTER
Nvidia GPUs Are Now Vulnerable To Rowhammer Attacks
Researchers showed that Nvidia graphics cards can be hacked using Rowhammer bit-flip attacks, which is the first time anyone's pulled this off on GPUs. ARS TECHNICA ARTICLE | HN DISCUSSION
Continue reading online to avoid the email cutoff… NATIONAL SECURITYNvidia Plans to Resume AI Chip Sales to China After Getting U.S. Government Approval
Nvidia CEO Jensen Huang says they're filing export license applications to sell the H20 chip to China again after previously being restricted by the U.S. government. THE INFORMATION REPORT
Microsoft Stops Using Chinese Engineers for Pentagon Work
Microsoft just said they're cutting off Chinese engineers from helping with Defense Department cloud systems after ProPublica exposed they were using "digital escorts" to supervise them. TECHCRUNCH ARTICLE | PROPUBLICA INVESTIGATION | HEGSETH'S X POST | SHAW'S RESPONSE
China Is Spending Billions to Become an A.I. Superpower
Beijing's throwing massive government money at their AI companies to catch up with the U.S., using their classic industrial policy playbook. I respect it, and I wish we were doing more of the same. NYTIMES ARTICLE
AIThe Economist Explains Why AI Adoption Is Going Slower Than Some Expected
The Economist breaks down why AI is spreading slower than expected, pointing to factors like high implementation costs and organizational resistance to change. This is something I talked to Jason about quite a bit, and I think it's underestimated how much of an effect this is.
The way I explain it is that many corporations (maybe even most) are so messed up that you could literally bring them a giant green button made by God that fixes everything, and they would still fumble that. They would fail to get the right people in the room to have a meeting, there would be someone powerful in the organization who would lose a lot if everything was fixed and they would kill the implementation, etc. THE ECONOMIST ARTICLE | HN DISCUSSION
Netflix Uses AI For Visual Effects In Show For First Time
Netflix co-CEO Ted Sarandos says they used generative AI to create a building collapse scene in The Eternauts, completing it 10 times faster than traditional methods would have allowed. BBC ARTICLE | HOLLYWOOD STRIKE COVERAGE
OpenAI Just Released ChatGPT Agent That Does Multi-Step Tasks
OpenAI launched ChatGPT Agent that can handle complex workflows like analyzing your calendar, planning meals, buying groceries, and creating presentation decks by combining web browsing, research, and code execution in one unified system.
To me, this is all part of moving towards a full digital assistant with a personality that has a full memory and full context of you and all your preferences.
Memory and operator and all the various sub-products across multiple companies are moving in that direction. And I just wrote this post about that this week as well. DA AS THE FINAL DESTINATION FOR AI INTERFACES | OPENAI ANNOUNCEMENT | OPERATOR TOOL | DEEP RESEARCH | DARING FIREBALL POST
Scale AI Lays Off 200 Workers Right After Meta's $14 Billion Investment
Scale AI just cut 200 employees and 500 contractors a month after Meta invested $14.3 billion, with the CEO saying they "ramped up GenAI capacity too quickly." I read somewhere that it was in their data labeling department, which would make sense if they just figured out how to do that in a more automated way. TOM'S HARDWARE ARTICLE | THE VERGE REPORT | TIME REPORT
Human Beats AI at World Coding Championship Despite Being Exhausted
Some dude who was completely wiped out still managed to beat an AI model at the world coding championship, which makes me happy as a human. ARSTECHNICA ARTICLE | HN DISCUSSION
Delta's Using AI to Set Personal Ticket Prices for Each Customer
Delta's ditching standard pricing and moving to AI that sets different prices for each person based on their personal data and willingness to pay. This seems super ingenious, super obvious, and super f*cked up all at the same time. FORTUNE ARTICLE | MORNING BREW ARTICLE | HN DISCUSSION
Former OpenAI Engineer talks about what it's really like on the inside
Calvin French-Owen worked on Codex for a year and says OpenAI tripled to 3,000 people, creating total chaos but also magic launching power.
CALVIN'S BLOG POST | TECHCRUNCH ARTICLE | CODEX LAUNCH STORY | CURSOR COMPETITION
TECHNOLOGYChatGPT Usage Among Americans Doubles To 34% In Two Years
Pew Research found that ChatGPT adoption has doubled since 2023, with 58% of adults under 30 now using it regularly for work, learning, and entertainment. THE SURVEY | SURVEY METHODOLOGY | TOPLINE RESULTS | SURVEY QUESTIONS
China's Putting Data Centers Underwater
You Xiaoying reports that China's building a $223 million underwater data center off Shanghai that uses 30% less electricity than land-based ones. SCIENTIFIC AMERICAN ARTICLE | YOU XIAOYING'S PROFILE
FFmpeg Devs Hit 100x Performance Boost With Handwritten Assembly Code
FFmpeg developers just achieved a 100x speedup on a single function by ditching compiler-generated code for handwritten assembly, proving that old-school optimization still crushes modern compilers. Tally another win for humans ✊🏼. TOM'S HARDWARE ARTICLE | FFMPEG PATCH | FFMPEG ASSEMBLY SCHOOL
TSMC Building Four New Plants for 1.4nm Chips
TSMC's starting construction on four new fabs to manufacture 1.4nm processors. TAIPEI TIMES ARTICLE | HN DISCUSSION
HUMANSRussia's Top University Now Offers A Master's Degree In Sanctions Evasion
Moscow's Higher School of Economics launched a two-year program teaching students how to navigate Western sanctions, complete with courses on crypto assets and cross-border compliance tricks. THE RECORD ARTICLE | HSE PROGRAM PAGE | COMPANY EXODUS DATA | SHADOW FLEET COVERAGE | DOJ CRYPTO CHARGES | UKRAINE CYBER ALLEGATIONS
YouTube Won The Battle For TV Viewers
YouTube now captures more TV screen time than Netflix, completely flipping how people watch “TV”. WSJ ARTICLE | HN DISCUSSION
Blood Tests Can Spot Cancer DNA Years Before Actual Diagnosis
Researchers found that liquid biopsy tests can detect circulating tumor DNA in blood samples up to two years before doctors would normally catch the cancer through traditional screening methods. SCIENCE NEWS ARTICLE | HN DISCUSSION
Recent Male College Graduates Hit 7% Unemployment While Female Grads Stay at 3%
Edward Conard shows that young male college grads now have the same unemployment rate as guys without degrees, while women grads are doing fine. THE ARTICLE | HN DISCUSSION
Chess Players Are Making Serious Money Now
Chess tournaments are finally paying real money with million-dollar prize pools as the game adapts to faster formats for streaming audiences. MORNING BREW ARTICLE | POST MALONE FIST BUMP | CNN INTERVIEW
Nicotine Pouches Are Poisoning Way More Kids Than Other Nicotine Products
A new study found that nicotine pouch poisonings in kids under 6 jumped 760% between 2020 and 2023, with these sweet-tasting pouches causing 150% more serious medical effects than other nicotine products. CNN HEALTH ARTICLE
Reading Rainbow Was Built to Fight Summer Reading Loss
The classic PBS show that I absolutely loved and probably got me into reading was specifically designed to prevent kids from losing reading skills during summer break. Not sure how much is perception, but I really feel like I miss having a government that cares about lifting everyone. SMITHSONIAN ARTICLE | HN DISCUSSION
DISCOVERYScott Spence Optimizes His ZSH Shell Startup Time
Scott Spence figured out how to cut his shell startup time in half by profiling and optimizing his ZSH configuration. It's funny, I was about to optimize mine because I had like a 3-second delay, which is completely unacceptable. I used Kai to optimize the crap out of it with the assistance of this article, and now I'm probably sub-half second. THE ARTICLE | HN DISCUSSION
Personal Experience Creates Terrible Mental Models About Reality
Max Roser argues that our personal experiences give us wildly inaccurate pictures of the world, which is why we need statistics to actually understand what's happening around us.
I mean, why can't we have both? I feel like personal experience is pretty hard to call wildly inaccurate. In some sense, it's the most real we have. But I definitely get the point about balancing that with statistics. OUR WORLD IN DATA ARTICLE
People Care When You Risk Something Real
Joan Westenberg explains why authentic writing beats algorithmic optimization—you have to care deeply about something urgent and be willing to sacrifice safety for truth.
Absolutely love her writing, but honestly I'm already starting to get a feeling that she's literally following her own formula at this point. And I feel like I could write in exactly this voice if I wanted to. And I bet she would agree with me. She's probably already working to fix it somehow. JOAN'S ESSAY
Brainfork Lets You Build Personal RAG Servers in Seconds
This new tool lets you spin up your own RAG server instantly using the Model Context Protocol, so you can chat with your personal documents without sending them to third parties. BRAINFORK SITE | HN DISCUSSION
Thoughtbot Publishes A Practical Unix Command Guide For Developers
Thoughtbot created a no-nonsense guide covering the essential Unix commands and concepts you actually need to know to work effectively in a terminal. THE GUIDE
Ccusage Analyzes Your Claude Code Usage From Local Files
Ryoppippi built this CLI tool that reads your Claude code interaction logs and shows you exactly how much you're using it and what for. THE TOOL | HN DISCUSSION
HN Users Share Their Go-To Shell One-Liners
Someone on Hacker News asked what shell commands people actually use daily, not just the fancy obscure ones you see in lists online. HN DISCUSSION
APHORISM OF THE WEEKGET THE MEMBER EDITION
You’re currently receiving the STANDARD edition. Members get additional content sections, including IDEAS, a bi-monthly MEMBER-ONLY ESSAY, and the RECOMMENDATION OF THE WEEK.
In addition, you’ll get access to the extraordinary UL Member Community, which includes vibrant conversations with over 1,400 of the smartest and kindest people you’ll find on the internet, the Member Archive, UL Book Club, a monthly member meet-up, access to in-person events, and much more.
July 14, 2025
Unsupervised Learning NO. 489
UPDATESHey! Hope you’re doing well!
Tons of updates this week, including lots of tools and workflow updates!
—
🚨 We added a new developer to the Fabric team recently. His name is Kayvan Sylvan, and he’s an absolute beast. He’s rolling out features faster than we’ve ever seen on the project, including…
Refactoring the Project structure
He’s also looking for a new position, so you can actually hire him. He’s the real deal (developer, not programmer), with FAANG experience and true, elite-tier chops. And I’ve seen a lot of developers.
I invited him to my house and had dinner with him before giving him commit access to Fabric, and he’s not just a great coder but a super nice guy as well. You should snatch him up before someone else does. NOTE: This guy is insanely competent and high-agency. He just looks at code bases, studies for a bit, and is ready to add features… REACH OUT TO KAYVAN | CHECK OUT HIS FABRIC COMMITS
—
Found someone to train kickboxing with, and I’m super excited about that. My goal with kickboxing (and then with jits as well) is to be able to dance / flow. So like basic movements executed really well on both sides, so my left is not super weaker than my right. Also, just to be able to flow like this and link combinations together on the heavy bag or with a partner in kind of a dancing type of flow. Both for fitness but also just for the kinesthetics of it.
—
🚨⚒️ New Workflow/Tool Update: My buddy Pedram Amini has me on a new application / workflow, which is using Wispr Flow to dictate As much as possible instead of typing. This has been a total magnifier of my game with regard to AI and Claude Code. So now I'm basically issuing instructions using my keyboard shortcut to 13 different windows, building various different things, plus responding to texts and responding to emails and doing everything with voice. And it's honestly way better than I thought it was going to be. I think a big reason that it's moved the bar where this has never done so before is because the dictation is actually so good and vastly better than anything that's OS built-in. It does corrections and stuff that no other system has been able to do for me. Which is why they have never stuck for me. Pedram was in the same position, and this is the only one that stuck for him. It's working for me as well. You should definitely check it out. CHECK IT OUT
—
🚨⚒️ New Workflow/Tool Update: So for years I’d been using Droplr to Share files quickly, pretty much of any size. I could basically take a screenshot or copy a file or whatever and just paste it to somebody on email or messages, and they could instantly download the file. It's been tooling that I've absolutely loved, but unfortunately, they seem to have dropped off and are not supporting the tool anymore. So I started looking for a replacement, and I just found it with this company called Zight. They even have an S3 option, so that instead of storing all the files with them you can store them in your own S3 bucket, which I think is really cool. CHECK THEM OUT
—
🚨⚒️ New Workflow/Tool Update: As you know, I'm on a mission to find a really good browser. I've been messing with a couple of different ones from the browser company (currently Dia). Now I'm messing with Zen, which is Essentially the same as ARC which I really loved from the browser company, but it’s based on Firefox instead of Chrome. I thought that was going to be an issue because I thought Chrome was universally more used and standardized on, but I feel like Mozilla has really upped its game in recent years. This browser is exceedingly fast, and I haven't run into any rendering issues using it. I love its layout, which is exactly the same as ARC. So tabs are on the left and you can have these essential tabs at the top. And I just love the workflow a lot more. Plus you have the really cool thing of doing to being able to do Shift-Cmd+C to copy the current URL. Which is really essential for me. GO CHECK IT OUT
—
CYBERSECURITYGoogle Is Still Tracking You Even When You Use DuckDuckGo
Google can track you through its fonts, analytics, and other services even when you're using DuckDuckGo because the websites you visit are still loading Google's code. THE ARTICLE | HN DISCUSSION
Grok-4 Gets Jailbroken Two Days After Release Using Combined Attack Methods
NeuralTrust researchers successfully jailbroke xAI's new Grok-4 model using a combination of Echo Chamber and Crescendo techniques, achieving up to 67% success rates for generating harmful content like bomb-making instructions. THE SECURITY WEEK ARTICLE | NEURALTRUST'S RESEARCH | ECHO CHAMBER JAILBREAK DETAILS
VSXPloit Zero-Day Could Have Compromised Every Cursor and Windsurf User
Oren Yomtov from Koi Security discovered a critical zero-day in OpenVSX that could have let attackers hijack over 10 million AI coding tool users with a single malicious extension. THE BLEEPING COMPUTER ARTICLE | KOI'S DETAILED ANALYSIS
Columbia University Hack Exposed Personal Data of Every Applicant From 2019-2024
Columbia got hit by a massive cyberattack that took down their entire authentication system and stole personal data from every single person who applied to the university over five years. THE VERGE ANALYSIS | NYT COVERAGE | COLUMBIA SPECTATOR REPORT | BLOOMBERG DETAILS
Microsoft's First Patch Tuesday of 2025 Has No Active Exploits
For the first time this year, Microsoft released 130 patches with no exploited vulnerabilities. THE REGISTER ARTICLE | MICROSOFT'S JULY PATCHES
Browser Extensions Are Turning Browsers Into Website-Scraping Bots
Browser extensions are secretly turning nearly a million users into unwitting participants in massive web scraping operations, creating a distributed botnet that companies can rent access to. THE ARSTECHNICA ARTICLE | HN DISCUSSION
McDonald's AI Hiring Bot Exposed Millions of Applicants' Data
McDonald's AI hiring chatbot Olivia had her database breached because the company securing it used the password '123456'. THE WIRED ARTICLE
Anthropic Scores $200M Pentagon Deal to Deploy Claude AI in Defense Operations
The Pentagon just gave Anthropic a massive $200 million contract to deploy Claude AI across critical national security operations. THE CYBERKENDRA ARTICLE | ANTHROPIC'S ANNOUNCEMENT
FBI Using Polygraphs to Test Officials' Loyalty Under New Leadership
The FBI is reportedly using polygraph tests to assess the loyalty of officials under new leadership. THE NYT ARTICLE
America's Way Behind in the Drone War
The U.S. military is scrambling to catch up in drone manufacturing while China and other nations dominate production of the technology that's now essential for modern warfare. THE NYT ARTICLE | HN DISCUSSION
Grok 4 Released
The new Grok models are out, and a lot of people are saying they are extraordinary. But they appear to have some significant weaknesses as well. There are two main models: Grok 4 and Grok Heavy, which is $300/month to get access to.
The livestream product launch was fairly interesting. I watched a replay of it, and the most remarkable thing I saw was Elon grappling in real-time with how powerful the model was getting, and then mumbling to himself that it was a little bit terrifying. Keep in mind he's one of the people from 5 years ago saying we should be very careful about AI. THE MODELS
Grok Gets Anime Companions With NSFW Mode
xAI launched AI "companions" for Grok including an anime character named Ani that has an NSFW lingerie mode, because apparently / obviously that's where we're headed with AI assistants. THE VERGE STORY | MUSK'S ANNOUNCEMENT
AWS Launches Kiro, Its Cursor Clone
AWS just launched Kiro, which is basically their version of Cursor - an AI-powered code editor that integrates with Amazon's Bedrock models. THE KIRO BLOG | HN DISCUSSION
Grok 4 Heavy Decently Protects Its System Prompt
Simon Willison says Grok 4 Heavy is surprisingly effective at refusing system prompt extraction attempts, unlike most other AI models that easily leak their instructions. I'm sure Pliny will get it. THE ARTICLE | HN DISCUSSION
Grok 4 Consults Elon Musk's Posts Before Answering Controversial Questions TechCrunch testing shows Grok 4 actively searches for Elon Musk's X posts and views when answering questions about immigration, Israel-Palestine, and abortion, raising questions about what "maximally truth-seeking" actually means. THE TECHCRUNCH ARTICLE
People Are Becoming Dependent on ChatGPT and Claude
Internet Addicts Anonymous now recognizes AI addiction as a real problem, with people losing sleep, relationships, and productivity from compulsive AI use. THE ARTICLE | HN DISCUSSION
Google's Veo 3 Now Turns Images Into Videos Through Gemini
Google added image-to-video generation to Veo 3 through its Gemini app, letting users create videos from photos with audio descriptions. THE TECHCRUNCH ARTICLE | GOOGLE'S FLOW VIDEO TOOL | VEO 3 GLOBAL ROLLOUT | SYNTHID DETECTOR TOOL
Musk Says Grok Is Coming to Tesla EVs Next Week THE WIRED ARTICLE
AWS is Launching an AI Agent Marketplace With Anthropic
AWS is launching an AI agent marketplace on July 15th with Anthropic as a key partner, creating a centralized hub where enterprises can browse and install AI agents from various startups. THE TECHCRUNCH STORY | ANTHROPIC'S AGENT RESEARCH | ANTHROPIC'S AGENT API
YouTube Goes After AI Slop Videos
YouTube is updating its monetization policies on July 15th to better identify "mass-produced and repetitive" content, but Rene Ritchie clarifies it's just a minor update to existing rules targeting spam, not a ban on AI-enhanced content. THE VERGE ARTICLE | RENE RITCHIE'S EXPLANATION VIDEO
Canva's Building a Serious AI Photo Editor to Challenge Adobe Canva just launched a collection of AI photo editing tools that go way beyond basic filters, including background generation, subject relighting, and Magic Edit that works from text prompts. THE PETAPIXEL ARTICLE | CANVA WEBSITE
TECHNOLOGYSubstack Hit 73.9 Million Visitors Last Month, Now Beating Major News Sites Like WSJ and CBS
Substack's getting 73.9 million monthly visitors and making $45 million annually, with over 50 creators earning $1M+ per year as writers ditch traditional media for direct audience monetization. THE MORNING BREW STORY | SHERWOOD TRAFFIC ANALYSIS
China's is Winning in Energy While the US Does the Opposite
China installed 198 GW of renewable capacity in just five months of 2025—more than double California's entire grid—while the US just cut hundreds of billions in clean energy funding. Absolutely infuriating. THE MIT TECH REVIEW ARTICLE | THE SPARK NEWSLETTER | GUARDIAN ON CHINA'S RECORDS
Perplexity Launches AI Web Browser Called Comet
Perplexity just launched Comet, an AI web browser that makes their search engine the default and includes a sidebar assistant that can book meetings, send emails, and buy products for you. My buddy Jason Haddix was telling me a while back that he thought the browser was going to be the center of AI for a while. And it looks like he's correct about that. THE VERGE ARTICLE | COMET BROWSER | ARAVIND SRINIVAS ON X | PERPLEXITY TWITTER
Solar Just Became Europe's Biggest Power Source for the First Time
Solar power generated more electricity than any other source in Europe last month, marking a historic milestone in the continent's energy transition. THE YALE ARTICLE | HN DISCUSSION
Auto-Focus Glasses Use Liquid Crystals to Replace Bifocals and Varifocals
Finnish company IXI created glasses with liquid crystal lenses that automatically adjust focus based on eye tracking, potentially replacing the need for separate reading and distance glasses. THE BBC ARTICLE | PRESBYOPIA RESEARCH
Things I Learned From 5 Years at Vercel
Lee Robinson shares the key lessons from his time at Vercel, covering everything from technical decisions to career growth in a fast-moving startup environment. THE ARTICLE | HN DISCUSSION
GLP-1 Weight Loss Drugs Are Breaking Life Insurance Math
The insurance industry is scrambling because they can't figure out how to price policies when people can suddenly lose 20% of their body weight with GLP-1 drugs. I have to say, I feel super bad for them. THE ARTICLE | HN DISCUSSION
Psilocybin Treatment Improves Survival in Aged Mice
A new Nature study shows psilocybin treatment significantly extends cellular lifespan and improves survival rates in aged mice, suggesting psychedelics might have anti-aging properties beyond their neurological effects. THE NATURE STUDY | HN DISCUSSION
Investors Now Buy Over a Quarter of All US Homes; Everyone Else Priced Out
Investors bought 27% of all US homes in Q1 2024, as regular homebuyers struggle with affordability and get squeezed out of the market. THE ABC NEWS STORY | HN DISCUSSION
The Death of Partying
Derek Thompson breaks down how Americans are partying way less than they used to, with alcohol consumption dropping and social gatherings becoming less common. Really strange that we're seeing the lack of partying and drinking as being a bad thing. But I agree that it is because of the lack of social interaction. THE ARTICLE | HN DISCUSSION
Conspiracy Theorists Blame Cloud Seeding for Flash Floods THE VERGE ARTICLE
Sunlight Passes Through Your Body and Somehow Improves Your Vision
A new study shows that longer wavelengths in sunlight actually pass through human tissue and have systemic effects that improve visual function. It suggests sunlight affects vision through your whole body, not just your eyes. I don't get it, but okay. THE NATURE STUDY
Scott Adams’ on Great Writing
I can't stand Scott Adams these days, but this old post (just a few sentences) of his from 2007 is one of the clearest examples of—and lessons on—great writing that I've ever read. THE POST
A Developer Says AI Can't Take Over Soon Enough for Him
This developer argues that AI taking over most jobs would actually be liberating, freeing humans from mundane work to pursue more meaningful activities. This is absolutely right. We still have to be careful because the transition is the hard part. THE ARTICLE | HN DISCUSSION
A Collection of 170+ MCP Servers for AI Tools
A comprehensive collection of reference implementations and community-built servers that give LLMs secure, controlled access to tools and data sources. THE REPOSITORY | MODEL CONTEXT PROTOCOL
UV Cache Prune Can Free Up 37GB of Disk Space
Simon Willison discovered his uv cache was eating 63GB of disk space and freed up 37GB with a simple uv cache prune command. THE BLOG POST | UV DOCUMENTATION | UV ON GITHUB
Wormhole Instant File Sharing with Expiring Links
This tool called Wormhole does end-to-end encrypted file sharing with links that automatically expire. I was checking this out while I was deciding whether what my replacement for Droplr was going to be. Ended up going with Zight, but this one is also pretty cool. WORMHOLE APP
A Better Ghidra MCP Server
jtang613 created GhidrAssistMCP, an improved MCP server that lets AI assistants interact with Ghidra for reverse engineering tasks. THE PROJECT | HN DISCUSSION
VarLock Turns Environment Variables Into Shareable Magic Files
This tool VarLock by the creator lets you turn messy .env files into human-readable, shareable configuration files that work with both humans and AI. Really cool idea, but they are kind of like the most important things to keep private. So hopefully that's a factor. THE TOOL | HN DISCUSSION
Cloudflare Launches One-Click MCP Server Deployment With OAuth Authentication
Cloudflare just launched one-click deployment for remote MCP servers on Workers, And this is how I'm going to basically deploy any MCP server myself. The part I like least about MCP is people building their own servers. THE CLOUDFLARE GUIDE
A Lightweight Cloudflare Dynamic DNS Shell Script
This shell script by fernvenue automatically updates your Cloudflare DNS records when your IP address changes, perfect for home servers and self-hosted setups. THE SCRIPT | HN DISCUSSION
This Built-in macOS Command Shows You Every File Your Programs Touch
Simon Willison shows how to use the macOS fs_usage command to trace filesystem activity for any process, perfect for debugging where apps store their config files. THE TIL POST | SIMON'S GITHUB | SIMON'S BLOG
Seeking Alpha
There's this concept that everyone's talking about right now, called Alpha. Maybe it's mostly in the AI community, but I'm not sure.
The idea is the signal or surprise or basically the core information from this thing I just received that's interesting and that I should pay attention to.
I really love this concept. I've been obsessed with it for many years, since studying Claude Shannon and his information theory. He's kind of the father of encoding and compression and a bunch of other things. And the way that compression works is by eliminating the stuff that can be eliminated while keeping the stuff that is incompressible.
APHORISM OF THE WEEKGET THE MEMBER EDITION
You’re currently receiving the STANDARD edition. Members get additional content sections, including IDEAS, a bi-monthly MEMBER-ONLY ESSAY, and the RECOMMENDATION OF THE WEEK.
In addition, you’ll get access to the extraordinary UL Member Community, which includes vibrant conversations with over 1,400 of the smartest and kindest people you’ll find on the internet, the Member Archive, UL Book Club, a monthly member meet-up, access to in-person events, and much more.
July 9, 2025
Unsupervised Learning NO. 488
UPDATESHey! Hope you’re doing well this week!
🔥 Biggest news for me continues to be Claude Code! Like, I’m barely able to sleep. This is the most creative/productive I’ve ever been in my entire career.
Claude Code is the Biggest AI Development Since ChatGPT
I continue to be blown away by this tool, and this is why…
danielmiessler.com/blog/claude-code-proto-agi
It’s stressing me out. BLOG
I think it’s the biggest AI jump since ChatGPT (and proto-AGI) BLOG
I got it working in ghostty and neovim! VIDEO | BLOG
🔥 This is an absolute MUST video on using Claude Code, from a setup and workflow perspective, by Boris The Creator. 30 MINUTE VIDEO
—
I guess this is probably obvious by now, but I’m using Typescript for all the things these days. I’m firmly off of Python (even with uv). I think JavaScript is winning the internet, and I think Typescript is the way to go. Could be wrong, but that’s where I’m at. Also, bun. 👀 WHAT IS BUN?
—
I added a response to my debate on AI with Marcus Hutchins. I basically present a ton of evidence of real work being done by AI that only a highly-paid human could have done. THE BLOG | THE VIDEO
—
✍🏻 Throughout my time writing online I’ve only had a few people that made me go, “Wow” from the quality of their thinking/writing. Paul Graham. The Last Psychiatrist. Sam Harris. Aaron Swartz. If there are others, I’m forgetting them. And I think I may have found another. Her name is Joan Westenberg, she’s putting out these great little essay / video / podcast pieces that are like dead center bullseye for me—and for UL in general.
I love how the idea is the piece. I love how it’s just her reading it into the camera. I love how it’s a podcast and a video and a blog. It’s exactly what I’ve been doing for the last many years (although I’m doing lots of other formats too), and I just think it’s the most pure form of expression out there.
And, unlike me, every one so far has had this short little idea format, and they’re all bangers. It’s not like technical tutorials, and politics, and some AI doom and gloom thing, then a tool review. It’s just consistent ideas. Clean and simple. Man, love it so much.
Anyway, it feels really good to have found her, because she’s validated my own strategy for thinking and sharing ideas. And it’s heartening to see that this direct approach is good enough. Or at least, if it isn’t I don’t care that it isn’t. Go check her out! HER BLOG | HER YOUTUBE | HER PODCAST
CYBERSECURITYGoogle Just Gave Gemini Access to Your Android Apps Without Really Asking
Google's rolling out Gemini access to third-party apps like WhatsApp and Messages on Android, and the opt-out process is confusing even for security experts. THE MALWAREBYTES REPORT | ARS TECHNICA COVERAGE
China-Linked Hackers Create Thousands of Fake Brand Websites to Steal Payment Data
Researchers uncovered a large phishing network impersonating brands like Apple and PayPal to steal credit card info. THE RECORD ARTICLE
Nova Scotia Power Hackers Had Access to Critical Systems for Over a Month Hackers broke into Nova Scotia Power's systems from March to April and stole everything from bank details to power consumption data affecting 280,000 customers. THE RECORD ARTICLE | PREVIOUS ATTACK COVERAGE | BREACH NOTIFICATION LETTER | INITIAL BREACH CONFIRMATION
US Busts North Korean "Laptop Farm" Scheme That Fooled 100+ Companies
The DOJ shut down a massive North Korean operation where fake IT workers used stolen identities and AI-generated profiles to get remote jobs at US companies. THE BLEEPINGCOMPUTER ARTICLE | DOJ PRESS RELEASE
Long Angle connects HNW entrepreneurs and executives with institutional-grade alternative investments. No membership fees. Access includes:
Private equity, credit, search funds, hedge funds, secondaries
$100M+ invested annually, leverage collective expertise and scale
Invest alongside pensions, endowments, and family offices
Continue reading online to avoid the email cutoff… NATIONAL SECURITYRussia Is Field-Testing AI Drones That Think and Hunt on Their Own
Ukrainian Major General Vladyslav Klochkov says Russia's new MS001 drone uses Nvidia Jetson Orin chips to autonomously identify, prioritize, and strike targets without human commands. He calls it "not a loitering munition but a digital predator." TOM'S HARDWARE ARTICLE | NVIDIA JETSON ORIN COVERAGE | RUSSIA TECH SANCTIONS ARTICLE | DEFENSE EXPRESS REPORT
Chinese Hackers Are Stealing Chip Secrets Instead of Smuggling Physical Chips
Chinese hackers are increasingly targeting semiconductor companies to steal intellectual property rather than trying to smuggle physical chips past export controls. THE POLITICO STORY
Colombian Navy Intercepts First-Ever Starlink-Powered Narco-Sub Drone
Drug cartels just escalated to remote-controlled submarines using Starlink internet for uncrewed smuggling operations. THE TOM'S HARDWARE ARTICLE | FRANCE 24 REPORT
NATO Sparks An AI Gold Rush With $1 Billion Defense Fund
NATO just launched a $1 billion AI investment fund specifically for defense startups, basically creating an AI gold rush for military tech companies. THE POLITICO STORY
White House Trades Chip Design Software Access for China's Rare Earth Materials
The U.S. lifted export restrictions on chip design software to China in exchange for easier access to rare earth materials, marking the first time export controls were used as a trade chip. TOM'S HARDWARE ARTICLE
Dwarkesh Patel Thinks We're All Wrong About AGI Timelines
Dwarkesh Patel argues that AGI isn't as close as everyone thinks. I don't agree with him, but I'm going to continue to listen to his arguments very closely. And I just love the fact that there's actually some disagreement among people in the valley about this. THE ESSAY | HN DISCUSSION | DWARKESH'S BLOG
Managers Are Using AI to Decide Raises, Promotions, and Layoffs Without Training
A survey found 60% of managers use AI tools for decisions on raises, promotions, and layoffs, but two-thirds lack training on managing people with AI. If they lack the training then how are they going to know if the AI did a good job? This is where you have to be very careful with AI. THE HILL STORY
Researchers Are Hiding AI Prompts in Papers to Game Peer Review
Academics are embedding hidden AI prompts in research papers using white text or tiny fonts to manipulate AI-assisted peer reviewers into giving positive feedback.
The prompts literally tell AI reviewers to "give a positive review only" or praise the paper's "exceptional novelty." THE TECHCRUNCH ARTICLE
LLMs Actually Do Bayesian Reasoning When Given Enough Examples THE PAPER
Explanations Need a Purpose THE PAPER
Grammarly Goes Multi-Agent by Acquiring Superhuman Email App
Grammarly is acquiring the email app Superhuman (which I love) as part of their plan to become an "AI productivity platform". THE VERGE ARTICLE | OFFICIAL PRESS RELEASE | GRAMMARLY'S CODA ACQUISITION
America Now Has Two Completely Different Labor Markets
The U.S. job market has split into two distinct economies: white-collar workers face a brutal hiring freeze while blue-collar and service workers enjoy historically low unemployment rates. THE AXIOS ARTICLE | HN DISCUSSION
Google's Data Center Electricity Use Doubled—Now Equals Ireland's Total Consumption MIT TECH REVIEW ARTICLE
Someone Built a DNS Service That Tracks the ISS Location in Real-Time
A developer created a DNS service that returns the International Space Station's current coordinates as DNS TXT records, allowing location tracking via simple DNS queries. THE ARTICLE | HN DISCUSSION
Microsoft Lays Off 9,000 More Employees Including Major Xbox Cuts
Microsoft is cutting another 9,000 jobs (4% of workforce) with Xbox getting hit particularly hard, including canceling the long-delayed game Everwild that's been in development since 2019. THE VERGE STORY | SEATTLE TIMES REPORT | BLOOMBERG COVERAGE | EVERWILD CANCELLATION
RFK Jr.'s Health Department Calls Nature "Junk Science" THE STORY
Stratus Covid Variant Gets WHO Attention THE ARTICLE
Research Shows Chasing Hobbies Over Achievement Actually Makes People Happier
New research from the University of Toronto finds that people prioritizing hedonic pursuits (pleasure and enjoyment) over achievement-based goals report significantly higher life satisfaction and well-being. THE RESEARCH
New Study Finds Cool People Are Just Emotionally Stable With Good Social Skills
A study reveals "coolness" is primarily emotional stability, social competence, and calmness under pressure. THE NYT ARTICLE | HN DISCUSSION
Teen Drivers Spend 21% of Time Looking at Phones Despite Knowing the Risks
A study finds US teen drivers spend 21% of driving time looking at phones, mostly entertainment and messaging apps. THE 9TO5MAC ARTICLE | CNET COVERAGE
The Spoken Word Is the Hinge of History
Dr. Alexander Westenberg explores how rhetoric and oratory have shaped democracy and civilization’s fate, with great orators defending or destroying institutions. Examples include Pericles, Demosthenes, Cicero, Marc Antony, Churchill, Roosevelt, and Martin Luther King Jr. THE ESSAY
How to Become a Creator-Monk - Choosing Depth Over Scale
Joan Westenberg explores the "creator-monk" path inspired by Thomas Merton's monastic clarity, where creators intentionally choose depth over distribution and build for 100 true users instead of 100K followers. THE PODCAST
Engineer Shows How AI Actually Fits Into Real Development Work
A GoDaddy engineer shares how AI tools like Claude Code and GitHub Copilot help with daily coding tasks, from converting JavaScript to TypeScript to writing tests in unfamiliar languages. THE GODADDY ARTICLE
Using O3 to Profile Yourself From Your Saved Links Actually Works
This person used OpenAI's o3 to analyze their 500+ saved Pocket links and got surprisingly accurate insights about their personality and interests. The AI correctly identified their focus areas, learning patterns, and even personal quirks from just their reading habits. THE EXPERIMENT
The Uncertain Future of Coding Careers and Why I'm Still Hopeful
Jon Hoyt argues AI will change coding careers but problem-solving and solution-building remain vital. THE ESSAY
Awesome Collection of Claude Code Commands and Workflows
hesreallyhim curated commands and workflows for Claude Code, automating tasks like git commits and React component generation. THE REPOSITORY
Orwell Predicted AI-Generated Content in 1984 With His "Versificator" Machine
Simon Willison highlights how Orwell's 1984 described a "versificator" machine creating songs and literature mechanically, predicting generative AI decades before its advent. THE BLOG POST
Developer Goes From 1000 Lines of Neovim Config to Just 11 Lines
Vitaly stripped his entire Neovim setup down to 11 lines with zero plugins, finding that removing LSPs, autocomplete, and IDE features actually made him a better programmer by forcing him to understand his tools and codebase more deeply. THE BLOG POST
The Cult of Hard Mode
Another great one from Westenberg! This one is about over-rotating on tools. THE VIDEO
GET THE MEMBER EDITION
You’re currently receiving the STANDARD edition. Members get additional content sections, including IDEAS, a bi-monthly MEMBER-ONLY ESSAY, and the RECOMMENDATION OF THE WEEK.
In addition, you’ll get access to the extraordinary UL Member Community, which includes vibrant conversations with over 1,400 of the smartest and kindest people you’ll find on the internet, the Member Archive, UL Book Club, a monthly member meet-up, access to in-person events, and much more.
Daniel Miessler's Blog
- Daniel Miessler's profile
- 18 followers
