Daniel Miessler's Blog, page 127

This week’s topics: Apple fixed tons of bugs, hacking smart TVs over DVB-T, gift card bots, handgun AIs, Uber manipulations, AI vs. jobs, how to read more, cloud secret management, OPSEC and phishing, links, projects, and more…

This is Episode No. 72 of Unsupervised Learning—a weekly show where I curate 3-5 hours of reading in infosec, technology, and humans into a 15 to 30 minute summary.

The goal is to catch you up on current events, tell you about the best content from the week, and hopefully give you something to think about as well.

The show is released as a Podcast on iTunes, Overcast, Android, or RSS—and as a Newsletter which you can view and subscribe to here.

Newsletter

Every Sunday I put out a curated list of the most interesting stories in infosec, technology, and humans.

I do the research, you get the benefits. Over 5K subscribers.

Recent Newsletters

04/02/2017 – Daniel’s Unsupervised Learning Newsletter: No. 72


03/26/2017 – Daniel’s Unsupervised Learning Newsletter: No. 71


03/19/2017 – Daniel’s Unsupervised Learning Newsletter: No. 70


03/13/2017 – Daniel’s Unsupervised Learning Newsletter: No. 69


03/06/2017 – Daniel’s Unsupervised Learning Newsletter: No. 68


02/27/2017 – Daniel’s Unsupervised Learning Newsletter: No. 67


02/21/2017 – Daniel’s Unsupervised Learning Newsletter: No. 66


02/13/2017 – Daniel’s Unsupervised Learning Newsletter: No. 65


02/06/2017 – Daniel’s Unsupervised Learning Newsletter: No. 64


02/06/2017 – Daniel’s Unsupervised Learning Newsletter: No. 63

The podcast and newsletter usually go out on Sundays, so you can catch up on everything early Monday morning.

I hope you enjoy it.

__

I do a weekly show called Unsupervised Learning, where I collect the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

Before we can fully transfer and represent human minds into digital form, and thus achieve long-term immortality, we will have many intermediate phases.

One such phase will be parsing the artifacts left behind by a living person before they died, and then creating a digital simulation that emulates them as closely as possible.

If the simulations are good enough, it’ll be a lot like not dying for the person who is passing.

They’ll spend a large amount of money—say 250K to 5 million—to have this AI-powered team go and read everything they ever wrote, do hours of exhaustive interviews, deep level brain scans, parse all social media, interview everyone they care about, etc.

They’ll then build the next version of themselves using this data, and the AI will excel at getting the details right, i.e., adding elements that the human team would miss.

The more they do the better they’ll get at it. And it’ll be easy to judge success or failure from interactions of the new “entity” with other humans—especially those who knew them in real life.

The goal is simple, though. Make it so that when people lay down to die, they’re ok with it because they know they’re about to wake up again in a different form.

People will want to interview the new version before they shut down their mortal bodies. They’ll talk to it, ask it questions, see how it reacts.

And the more it feels like them, the happier they’ll be to drink the wine and sleep.

Or maybe a lot of people wouldn’t want to talk to it. Because then it’s something separate, and it won’t be possible to feel like it’s you if YOU are interacting with IT. Maybe that would be far too jarring, and people would prefer to just know that it will turn on only once you’ve passed.

In other words, it will require the sensation that something from you is transferring into the new thing. Otherwise it’ll feel like a trick.

It’ll be interesting either way.

__

I do a weekly show called Unsupervised Learning, where I collect the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

Woke up in attack mode today.

Consider the common tone of many social media posts complaining about various brands.

I’ve met elementary school kids with more tech knowledge than the average Best Buy store manager.

or…

Anyone know a better bank than Bank of America? I’ve had enough of their mistreatment of customers.

In both of these cases, when made public, the target (yes, let’s call them that) has done something fascinating.

Companies commonly send emails right after in-store or online interactions, so by telling us about the bad experience they’ve just had, they’ve not just told us what businesses they have relationships with—they’ve told us that they would not be surprised at all to receive some sort of email from them.

Oops. OSINT fails are labyrinths of potential negative outcomes.

Phishing tool concept

So how about a phishing tool that parses a target’s social media feeds looking for experiences with any brand, and provides a top 3 list of recent and negative interactions.

Then you build your phishing template for that brand, because they’ll be expecting it.

Then, when they receive it, they immediately find and click the unsubscribe button, and that’s where you’ve placed the malware.

Profit.

Public persona hacking tool concept

Or, better yet, how about an OSINT tool called Adaptash0n that takes any username as an input and provides the following outputs by scrubbing dozens of social media feeds:

Any services that they use (a basic username check on a couple of hundred services)
Any service they complain about (a combination of mention, with an indicator of recent experience, with a negative sentiment)

So the tool basically tells you what type of phishing emails the target is likely to click on, or which services you can go after belonging to them that they might not have maintained good password security for.

Did you remember to change your password for all 113 services you have accounts on, where the password is something well known now from HIBP breaches?

Yeah, didn’t think so.

So basically a personalized targeting tool that gives you suggestions for the best way to hack any particular person with a social media presence.

Summary


When people talk about where they’ve had bad experiences they’re primed to receive an email from that company because it’s common practice for companies to send emails right after you interact with them.
If the experience was negative, they’ll still be pissed at the company, and the email will make them even more angry, which means they’re likely to find and click the unsubscribe button immediately. And that’s where you put the malware.
You can extend this to a full targeting tool that learns all about a given target in an automated way and gives you surface area to attack.

Now for breakfast and coffee.

__

I do a weekly show called Unsupervised Learning, where I collect the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

One of the best talks I saw at Enigma 2017 was this one by Ian Haken (@ianhaken) of Netflix about establishing a trust scaffolding within the cloud.

When building complex IT infrastructure you always have to create/retrieve/and store secrets, and when you’re doing this quickly, at scale, like we do in modern cloud environments, you have to start wondering where the trust chain begins.

Ian does a great job of explaining this in his talk, using the metaphor of turtles standing on turtles. Eventually you realize it’s turtles all the way down, and it gets a bit hopeless.

A solution

Ian explains that the solution to the problem comes from AWS itself.

In order to grant secrets to something or someone, you have to first confirm their identity. There are many ways to do this, but none of them really scale well in ephemerally paced cloud environments. But AWS has an API where an instance can ask who it is and what it’s meant to do.

AWS then returns a signed document attesting to the identify of that instance, and the instance can then send that document to the service that grants secrets, whether that’s some microservice, HSM, or whatever.

Summary


Secret management is hard.
Traditional ways of solving the problem tend to be impractical in ephemeral and large scale cloud environments.
The stack of turtles ultimately comes down to identity validation at the lowest level.
AWS is able to validate the identify of any instance in a programable and verifiable way.
You can use that capability to bootstrap the pulling of keys from a secret service.
BONUS: You can even bootstrap additional secret service instances using the same method.

I think this talk by Ian should be a lot more popular than it is. There are thousands of companies out there struggling with this same issue and that aren’t aware of a provider-based solution to the turtle problem.

If you know anyone grappling with secret management in the cloud, make sure they’re aware of this talk.

Notes


As Ian noted, the solution here is not specific to AWS; it can be any similar service that has the infrastructure to guarantee the identity and characteristics of a given instance.

__

I do a weekly show called Unsupervised Learning, where I collect the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

On March 22nd, 2017 a man drove his car into pedestrians on the Westminster Bridge in London, and then attacked a police officer inside New Palace Yard. He killed three people and injured more than 50. The perpetrator had converted to Islam during one of his periods in jail, and the attack had much of the classic structure of an ISIS approach—which encourages individuals or small groups to do whatever they can to harm the west.

It seems likely to me that it was ISIS-inspired, but perhaps it wasn’t. Either way, the image above was passed around on social media. It’s quite well done, and definitely produced a smile from me, but the underlying idea is misguided.

The message is that the IRA and ISIS are basically the same, and that when the IRA was blowing things up all throughout England, nobody was targeting young Irish people the way we’re targeting Muslims today. And since they weren’t, there’s clearly a bias based on race.

This is dumb for two main reasons:

Image from Victor Patterson.

Britain absolutely targeted Irish men during the time that the IRA was active. They actively sought out where young Irish groups were meeting, tried to figure out their connections, their ties to radical ideas, harassed them, searched them, etc.
There is an actual fundamental difference between the IRA and ISIS: the IRA wanted independence from Britain in a tiny part of the world, whereas ISIS wants actual world domination.


The ideology danger test

Here’s a great way to tell how dangerous an ideology is: imagine a world where this particular group gets exactly what it wants.

For the IRA, they wanted Ireland to be left alone. They’d be Catholic, England would be Protestant, they’d mind their own business, and life would go on for everyone. The problem—in their minds—was that England was in their city, in their politics, in their churches, and it had to be opposed. It doesn’t justify what they did, but it’s a pretty classic story of struggling for independence from an external force.

ISIS wants to subjugate the entire planet Earth under Sharia Law.

ISIS makes no secret of its ultimate ambition: A global caliphate secured through a global war. To that end it speaks of “remaining and expanding” its existing hold over much of Iraq and Syria. It aims to replace existing, man-made borders, to overcome what it sees as the Shiite “crescent” that has emerged across the Middle East, to take its war — Islam’s war — to Europe and America, and ultimately to lead Muslims toward an apocalyptic battle against the “disbelievers.”

Source: ISIS: What does it really want? – CNN.com

So, a global battle against the disbelievers in order to subjugate the world under Sharia Law. That’s literally what ISIS is working towards. Quite a bit different from the Irish wanting the English out of one particular part of their country, right?

One wants independence from an oppressing external force, and the other wants world domination that institutionalizes slavery, rape, and dozens of other ancient and horrific practices.

Summary


The image above is cute and funny, but it doesn’t represent reality.
Irish men were absolutely targeted by British soldiers and police during the IRA’s time. When over 95% of your attackers have very specific things in common, not applying additional scrutiny to that group constitutes incompetence.
It’s ridiculous to compare the the IRA with ISIS because the IRA just wanted to be left alone in a small part of Ireland, whereas ISIS wants to dominate 7 billion people under Sharia Law.

Don’t accept narratives just because they’re pleasing to your (and my) liberal worldview. Take the time to think about what’s being said.

Notes


Just to be clear, banning Muslims en masse from anything is not a solution here, and I fully oppose the Trump administration’s handling of that issue. But applying some measure of additional scrutiny to people who are likely to have these types of views is not racism, it’s common sense—just as it was for young Irish guys while the IRA was active. We have to understand the difference between intelligent adjustment of scrutiny based on who’s attacking us, vs. overt racism. One is smart and logical, the other is ugly and bad.

__

I do a weekly show called Unsupervised Learning, where I collect the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

This week’s topics: Half of Android devices haven’t been patched in over a year, Tavisclosure, NEST camera flaws, senate vs. privacy, electronics ban, bad Let’s Encrypt certs, Moodle SQLi, infosec venture capital drying up, IBM employees heading into the office, Twitter going paid model, Google killing Talk, Quiet spaces, Age of the influencer, AI vs. jobs, tools, aphorisms, and more…

This is Episode No. 71 of Unsupervised Learning—a weekly show where I curate 3-5 hours of reading in infosec, technology, and humans into a 15 to 30 minute summary.

The goal is to catch you up on current events, tell you about the best content from the week, and hopefully give you something to think about as well.

The show is released as a Podcast on iTunes, Overcast, Android, or RSS—and as a Newsletter which you can view and subscribe to here.

Newsletter

Every Sunday I put out a curated list of the most interesting stories in infosec, technology, and humans.

I do the research, you get the benefits. Over 4K subscribers.

Recent Newsletters

03/26/2017 – Daniel’s Unsupervised Learning Newsletter: No. 71


03/19/2017 – Daniel’s Unsupervised Learning Newsletter: No. 70


03/13/2017 – Daniel’s Unsupervised Learning Newsletter: No. 69


03/06/2017 – Daniel’s Unsupervised Learning Newsletter: No. 68


02/27/2017 – Daniel’s Unsupervised Learning Newsletter: No. 67


02/21/2017 – Daniel’s Unsupervised Learning Newsletter: No. 66


02/13/2017 – Daniel’s Unsupervised Learning Newsletter: No. 65


02/06/2017 – Daniel’s Unsupervised Learning Newsletter: No. 64


02/06/2017 – Daniel’s Unsupervised Learning Newsletter: No. 63

The podcast and newsletter usually go out on Sundays, so you can catch up on everything early Monday morning.

I hope you enjoy it.

__

I do a weekly show called Unsupervised Learning, where I collect the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

I think we’re entering a new era of human creativity and productivity—one that is focused around individual influencers and the value that they bring to the world by themselves. This transition is being driven by several factors:

Companies shedding their workforces due to advancements in AI, automation, and robotics, leaving people to come up with alternative ways to make money.
Mass adoption of mobile technologies that allow anyone to consume anyone else’s content.
The rise of streaming platforms that allow individuals to project their personalities and skillsets into the world.
The commoditization of production and creativity tools that allow smaller organizations and even individuals to produce high quality content.
The realization by business people that—because of the other factors above—value creation increasingly comes from the content creator, and not with the middlemen that stand between them and the consumer.

The combination of these forces are pushing people to platforms like YouTube and Twitch to broadcast themselves, grow an audience, and to monetize their following. There are already a couple hundred thousand people doing this, with the top percentages doing the work full-time and making a significant living from it.

The future of work

As I wrote about here back in 2014 and talked about in my book, the Future of Work is everyone being an Uber driver—except for every skill they have.

We’ll all run an application called Work, and within this system you’ll have all your skills, your work history, your certifications in each skill, the ratings you’ve received for previous jobs you’ve done, recommendations from people you’ve worked with in the past, etc.

Think LinkedIn + FICO + the Uber app, except for any job type. People are often able to do many different jobs, with varying degrees of skill, and those will be reflected in the system. People will be listed as a paralegal, a catsitter, an EMT, a Krav Maga instructor, a personal organizer, a public speaking coach, writer, a Good Listener, a plumber, a bassist, a poet, an editor, a bouncer, etc.

And everyone—both people who need jobs done, and those who are available and qualified to do those jobs—will be running the Work app. Incoming jobs will simply flow into you based on your qualifications, your work history and ratings, your preferences, your location, and your availability.

Imagine incoming offers of various kinds being displayed Tinder style—first on a mobile phone like today, but they’ll soon be read to you by your digital assistant, or shown to you in AR. Either way, you’re simply accepting or rejecting various gigs based on your own criteria.

A job creator will say to their digital assistant:

Find me someone to edit this article I just wrote.

And in 15 seconds they’ll return with 3 bids for you to choose from, which were handpicked from among 1,112 good options, which were picked from 234,981 options available. 10 seconds later you’ve made your selection, and within 15 minutes someone highly qualified is working on the job.

With fewer and fewer people working exclusively for one company doing one thing, this will become the Future of how work is done throughout the world.

The role of the influencer

Being an influencer in this new economy will be a massive advantage. It’ll still be possible to have a successful career (if you can call it that) without marketing oneself because the Work platform will make your skills and ratings visible to people who need them, but it won’t be nearly as effective as being an influencer as well.

Most importantly, influencers will become known for doing what they do. That might be professional gaming, it might be music, art, comedy, blacksmithing, executive protection, martial arts, short stories—whatever. There are already many (and will soon be infinitely more) ways to broadcast oneself as an influencer.

You don’t have to sing or even be social necessarily. Some people just draw, or paint, or do whatever they do with their fans watching, and rarely say much at all. Others have very little content and just be their crazy selves. Both approaches can and will attract followings, as long as there is some core value being transferred.

Ultimately what this means is higher ratings in your actual skills, and the ability to receive targeted jobs within the Work model. So instead of telling your digital personal assistant that you need a personal class on a certain drawing style, you instead say:

Sign me up for a one week class with TheSketcher.

*TheSketcher then raises her prices and is soon making incredible money doing a few high-paid gigs per year. This will still be possible without being an influencer, but it will be harder and take more time.

A new platform model

IMAGE 1. — Removal of the middleman.

Another major change I see coming to the concept of influencing is in the way platforms work. Right now platforms such as YouTube and Twitch are very much middlemen. They’re quite analogous to the record companies, Hollywood, and other organizations that serve as gatekeepers between content creators and audiences. You must use them in order to reach your fans, and if you don’t you cannot be heard.

But that is changing, too.

In the entertainment world we’re seeing the lines blur between content creator, distributor, network, and whatever other categories used to exist. They seem to be collapsing into two main entities: content creators, and the audience.

Distributors and other support entities are now having to justify their existence, which is a change I absolutely welcome.

So what I think we’re about to see is a completely different kind of platform—an agnostic one that provides mostly bandwidth and sets of enablement tools for content creators and influencers.

So instead of an influencer being forced to live on YouTube, or Twitch, or Beam, or wherever—where they don’t have a direct tie to their audience, they aren’t able to easily reach out to that audience directly, and where the benefits most from monetization—I think we’re going to see agnostic broadcast platforms that allow audiences to connect to the influencer directly.

The difference is subtle, but transformative.

Rather than platforms being a middleman making all the money and controlling influencer audiences, the platform will just be the broadcast medium for the influencer themselves, and any services that want to benefit from the influencer’s reach will have to market themselves to the influencer.

They won’t be in the middle.

So the bandwidth platform still gets paid, but the conversation switches from this:

OLD PLATFORM-CENTRIC MODEL: You’re lucky I let you live on my platform and give you access to our unbelievable audience. You will pay me this amount or I will kick you off. You will abide by all of our rules, or I will kick you off. And you’ll like it.

to this…

NEW INFLUENCER-CENTRIC MODEL: I’ve selected your bandwidth platform from among one of many, and I agree to give you 4% of my profits. While I’m small I won’t cost you much, and when I get big you’ll make a lot off of me, which I’m happy to give due to your great service.

And it’ll be the same with sponsors, advertisers, free gifts, promotions, and the dozens of new services and monetization models that will emerge to serve the influencer and benefit from their reach.

Prepare yourself

Not everyone needs to try to become some internet celebrity in order to prepare for what’s coming. The best thing you can do is start asking yourself the following questions.

How would you summarize yourself?
What are the top skills that you would like to be known for?
What are your interests?
What are you passionate about?
What could you just talk for hours about if someone would listen?
What are you trying to achieve in life?
What do you find interesting in the world?
What are your favorite books?
Your favorite movies?
And for all of these questions…why?

The answers to these questions are you, and they constitute what you project onto the world.

Summary

Knowing what you’re about and what you can offer to others is going to become extremely essential in the new economy. In the past we had companies marketing themselves, with the employees doing the work that they found.

When people are forced to work for themselves, that marketing falls on the individual.

It’s time to get yourself and those you care about ready for what’s coming.

__

I do a weekly show called Unsupervised Learning, where I collect the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

I think we’re entering a new era of human creativity and productivity—one that is focused around individual influencers and the value that they bring to the world by themselves. This transition is being driven by several factors:

Companies shedding their workforces due to advancements in AI, automation, and robotics, leaving people to come up with alternative ways to make money.
Mass adoption of mobile technologies that allow anyone to consume anyone else’s content.
The rise of streaming platforms that allow individuals to project their personalities and skillsets into the world.
The commoditization of production and creativity tools that allow smaller organizations and even individuals to produce high quality content.
The realization by business people that—because of the other factors above—value creation increasingly comes from the content creator, and not with the middlemen that stand between them and the consumer.

The combination of these forces are pushing people to platforms like YouTube and Twitch to broadcast themselves, grow an audience, and to monetize their following. There are already a couple hundred thousand people doing this, with the top percentages doing the work full-time and making a significant living from it.

The future of work

As I wrote about here back in 2014 and talked about in my book, the Future of Work is everyone being an Uber driver—except for every skill they have.

We’ll all run an application called Work, and within this system you’ll have all your skills, your work history, your certifications in each skill, the ratings you’ve received for previous jobs you’ve done, recommendations from people you’ve worked with in the past, etc.

Think LinkedIn + FICO + the Uber app, except for any job type. People are often able to do many different jobs, with varying degrees of skill, and those will be reflected in the system. People will be listed as a paralegal, a catsitter, an EMT, a Krav Maga instructor, a personal organizer, a public speaking coach, writer, a Good Listener, a plumber, a bassist, a poet, an editor, a bouncer, etc.

And everyone—both people who need jobs done, and those who are available and qualified to do those jobs—will be running the Work app. Incoming jobs will simply flow into you based on your qualifications, your work history and ratings, your preferences, your location, and your availability.

Imagine incoming offers of various kinds being displayed Tinder style—first on a mobile phone like today, but they’ll soon be read to you by your digital assistant, or shown to you in AR. Either way, you’re simply accepting or rejecting various gigs based on your own criteria.

A job creator will say to their digital assistant:

Find me someone to edit this article I just wrote.

And in 15 seconds they’ll return with 3 bids for you to choose from, which were handpicked from among 1,112 good options, which were picked from 234,981 options available. 10 seconds later you’ve made your selection, and within 15 minutes someone highly qualified is working on the job.

With fewer and fewer people working exclusively for one company doing one thing, this will become the Future of how work is done throughout the world.

The role of the influencer

Being an influencer in this new economy will be a massive advantage. It’ll still be possible to have a successful career (if you can call it that) without marketing oneself because the Work platform will make your skills and ratings visible to people who need them, but it won’t be nearly as effective as being an influencer as well.

Most importantly, influencers will become known for doing what they do. That might be professional gaming, it might be music, art, comedy, blacksmithing, executive protection, martial arts, short stories—whatever. There are already many (and will soon be infinitely more) ways to broadcast oneself as an influencer.

You don’t have to sing or even be social necessarily. Some people just draw, or paint, or do whatever they do with their fans watching, and rarely say much at all. Others have very little content and just be their crazy selves. Both approaches can and will attract followings, as long as there is some core value being transferred.

Ultimately what this means is higher ratings in your actual skills, and the ability to receive targeted jobs within the Work model. So instead of telling your digital personal assistant that you need a personal class on a certain drawing style, you instead say:

Sign me up for a one week class with TheSketcher.

*TheSketcher then raises her prices and is soon making incredible money doing a few high-paid gigs per year. This will still be possible without being an influencer, but it will be harder and take more time.

A new platform model

IMAGE 1. — Removal of the middleman.

Another major change I see coming to the concept of influencing is in the way platforms work. Right now platforms such as YouTube and Twitch are very much middlemen. They’re quite analogous to the record companies, Hollywood, and other organizations that serve as gatekeepers between content creators and audiences. You must use them in order to reach your fans, and if you don’t you cannot be heard.

But that is changing, too.

In the entertainment world we’re seeing the lines blur between content creator, distributor, network, and whatever other categories used to exist. They seem to be collapsing into two main entities: content creators, and the audience.

Distributors and other support entities are now having to justify their existence, which is a change I absolutely welcome.

So what I think we’re about to see is a completely different kind of platform—an agnostic one that provides mostly bandwidth and sets of enablement tools for content creators and influencers.

So instead of an influencer being forced to live on YouTube, or Twitch, or Beam, or wherever—where they don’t have a direct tie to their audience, they aren’t able to easily reach out to that audience directly, and where the benefits most from monetization—I think we’re going to see agnostic broadcast platforms that allow audiences to connect to the influencer directly.

The difference is subtle, but transformative.

Rather than platforms being a middleman making all the money and controlling influencer audiences, the platform will just be the broadcast medium for the influencer themselves, and any services that want to benefit from the influencer’s reach will have to market themselves to the influencer.

They won’t be in the middle.

So the bandwidth platform still gets paid, but the conversation switches from this:

OLD PLATFORM-CENTRIC MODEL: You’re lucky I let you live on my platform and give you access to our unbelievable audience. You will pay me this amount or I will kick you off. You will abide by all of our rules, or I will kick you off. And you’ll like it.

to this…

NEW INFLUENCER-CENTRIC MODEL: I’ve selected your bandwidth platform from among one of many, and I agree to give you 4% of my profits. While I’m small I won’t cost you much, and when I get big you’ll make a lot off of me, which I’m happy to give due to your great service.

And it’ll be the same with sponsors, advertisers, free gifts, promotions, and the dozens of new services and monetization models that will emerge to serve the influencer and benefit from their reach.

Prepare yourself

Not everyone needs to try to become famous—or to become some internet personality—in order to prepare for what’s coming. The best thing you can do is start asking yourself the following questions.

How would you summarize yourself?
What are the top skills that you would like to be known for?
What are your interests?
What are you passionate about?
What could you just talk for hours about if someone would listen?
What are you trying to achieve in life?
What do you find interesting in the world?
What are your favorite books?
Your favorite movies?
And for all of these questions…why?

The answers to these questions are you, and they constitute what you project onto the world.

From there you can start thinking about how to make that visible to others.

__

I do a weekly show called Unsupervised Learning, where I collect the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

Canada is trying to make it illegal to criticize Islam by labeling all such criticisms as “Islamaphobia”.

That’s dumb.

The hard right in the U.S. and Europe wants to do the exact opposite and label all Muslims as terrorists.

That’s dumb too.

So now the forgotten center of these two countries get to watch the fringe extremes battle back and forth as if they represent the people.

They don’t, but they might as well, because the center is non-existent or silent.

Nothing good can come from two idiotic extremes battling each other and convincing the people that their narratives are the only options. We need a logical third option that shows the flaws in both.

Let me try:

Where Islam opposes humanist ideals it should be criticized and countered.
Where Islam embraces humanist ideals it should be respected.
This applies to any other religion or ideology as well.

See? It’s not hard.

__

I do a weekly show called Unsupervised Learning, where I collect the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

Game Design—defined not just as the visual elements in a game, but the underlying structure, incentives, value systems, and other mechanics—is about to become an extremely important job in our society.

In the past the title was associated with the visual aspects of video games, such as the art, the interfaces, etc., and video games have long been a major source of entertainment, but we’re about to see a fundamental shift in the importance of games.

Because real life is becoming less attractive to the masses due to automation taking jobs, Game Designers will suddenly take on the monumental responsibility of providing humans with meaning.

As more and more people are fired from jobs, fail to get jobs after high school and college, gaming (which I’ll say includes all types of non-reality-based technologies) will become the main way people seek and attain any sense of meaning in their lives.

They’ll do work there. They’ll provide value there. They’ll receive positive reinforcement there. They’ll maintain social bonds there. It’ll be reality remade in a form that AI improves rather than replaces (unlike the real world).

And it will be up to the designers to create and tweak the underlying mechanics for these new realities.

How difficult is it to do things?
What is the penalty for “dying” in the game?
How do you incentivize different things you want to happen?
How do you balance grinding and suffering with rewards and advancement?

These are God questions, and they’re about to be re-explored and answered by a special set of geeks.

The job will be quite cross-discipline, at least at the high levels, because you need to understand not just aesthetics, UI, UX, etc, but also the fundamentals of human psychology. Solid backgrounds for these positions will include evolutionary psychology, psychology, game theory, anthropology, design, etc. It’s a spectacular mashup of talents.

So if you’re wondering what a really solid career choice is, going 10 or 20 years into the future, think about the underlying mechanisms that will need to be in place to support and enthrall billions of people who are not useful to analog society due to AI/automation/robotics.

That is the world that’s about to become most people’s primary reality, and it still needs to be built.

Notes


It’s true that AI will eventually get so good that it can do a lot of this design itself, but for a long while the extremely cross-discipline nature of this type of creativity will still require humans.
Image from Adobe.

__

I do a weekly show called Unsupervised Learning, where I collect the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.