Daniel Miessler's Blog, page 2
July 1, 2025
Unsupervised Learning NO. 487
UPDATESHey! Hope you’re good!
I’ve been the most creative / productive I’ve ever been in the last week. And more excited about tech. Which is very strange because I’m also more scared for humanity than ever at the same time. And honestly concerned about my own stuff as well. I feel like income sources can just disappear overnight in this environment. So I basically oscillate between mania and morose.
And the way I pull out of the morose is to remind myself that my mission isn’t just to make cool things, or to be productive, or make some sort of impact. The new mission—given the stakes—has to be to use all this godforsaken magical tech to create a better, more human path for everything.
So, projects like Substrate. Setting up structures for education, for explaining positions, for having empathy-based arguments with each other, for articulating political platforms, for tracking legislation, bills, votes of our representatives, donations from different special interests, etc. And making this all transparent. This has moved up in my list of tactical priorities, because I see time as very limited. I think 2027-2030 are going to be unprecedented in terms of technological and political/societal change.
My essay on the debate between Context Engineering vs. Prompt Engineering. I think it’s an improvement, but both are secondary to the real thing. THE ESSAY
Why Prompt Engineering and Context Engineering Both Miss the Point
The debate between prompt and context engineering misses what really matters: clear thinking and vision
danielmiessler.com/blog/how-to-talk-to-ai
I’ve probably ever beenI’ve crossed into a completely different mode for using AI. I kind of talked about it last week, but I have more clarity now.
Essentially I’m starting to use Claude Code as a general AI assistant
Sure, it can code, but it can do way more than that
What I realized is that I have a hundred different projects, and every single one of them could use an agent or ten helping out on it
Security assessments? Security program management? Doing a research project? Helping structure government policies for Substrate?
I’m literally realizing a thing I’ve been preaching but not doing until now, because it hasn’t been possible. I’m just taking my projects and asking “What would I do if I had an entire company of 100 employees working on this?”
That work is then given to Claude Code!
I’m telling you this is mind-melting. I’ve only just begun. Oh and that’s the topic for mid-month in July, by the way. So come join!
I’ve been going insane-mode on optimizing the site. It’s a favorite pastime of mine. I’ve been using Claude Code and Cursor (some, back and forth) for part of the task, and it’s been incredible. See above. But the basic gist is getting everything perfectly organized into a new deployment strategy, optimized serving of files, optimized builds, etc. This is all through Vitepress, which is a static site generator. So I get to do everything in Markdown, but still get the benefits of a full content platform.
Marcus’s comments on our debate on AI on his own channel. VIDEO
PROJECT HAIL MARY: I can’t wait for this movie to come out! It’s one of our favorite fiction books ever read in the UL Community. TRAILER
Network Chuck did a whole video on TELOS and his process of going through it. It’s extraordinary in not just the presentation, but in the honesty and vulnerability he shared in it. Mad respect for this guy.
Sponsor
Navigating M&A: What every security leader needs to know
M&A is exciting – new products, new colleagues, new possibilities. Often overlooked, cybersecurity can make or break the success of a deal. Acquirers often face fragmented systems, different security policies, and new vulnerabilities. These issues introduce real security risks.
Join 1Password & Canva security leaders Dave Lewis, Wendy Nather, and Kane Narraway on July 17th at 12:30PM PT / 3:30PM ET as they draw on the collective experience of 30+ M&As to examine the security implications of M&A and outline strategies for mitigating risk.
Join the 1Password webinar for practical advice on:
What to evaluate during due diligence, and how to prioritize risks.
How to approach access control across fragmented systems.
How to respond to growing risks like social engineering and insider threats.
How compliance adherence becomes more complex—and the first steps you should take.
Register for the webinar CYBERSECURITYU.S. Agencies Warn Iranian Hackers May Target Critical Infrastructure During Middle East Tensions
CISA, FBI, and NSA issued urgent warnings about potential Iranian cyberattacks on U.S. critical infrastructure, especially targeting defense companies with Israeli ties. THE ARTICLE | JOINT FACT SHEET | CISA IRAN THREAT OVERVIEW | FBI IRAN THREAT PAGES | WATER FACILITY BREACH | IRANIAN RANSOMWARE ATTACKS
Mexican Drug Cartel Hacker Spied on FBI Official's Phone to Kill Informants
A DOJ report reveals that in 2018, a Sinaloa cartel hacker used an FBI official's phone to track their movements and identify informants, who were then intimidated and killed. THE ARTICLE | DOJ INSPECTOR GENERAL REPORT | VICE CARTEL HACKING INVESTIGATION | SINALOA ENCRYPTED PHONES STORY
Switzerland Government Data Stolen in Ransomware Attack Through Third-Party Health Organization
The Sarcoma ransomware group breached Radix, a Swiss health nonprofit, stealing 1.3TB of government data that's now available free on the dark web. THE ARTICLE | SWISS GOVERNMENT STATEMENT | RADIX CYBERATTACK INFORMATION | PREVIOUS SWISS BREACH
Google Fixes Fourth Chrome Zero-Day Already Exploited in Attacks This Year
Google just patched CVE-2025-6554, a type confusion vulnerability in Chrome's V8 engine that attackers were already exploiting in the wild. THE ARTICLE | GOOGLE SECURITY ADVISORY | TYPE CONFUSION EXPLANATION | MARCH CHROME ZERO-DAY | MAY CHROME ZERO-DAY | JUNE CHROME ZERO-DAY
Persona Blocks Millions of AI Hiring Fraudsters
The scale of this is nuts—75 million blocked attempts means there are probably way more getting through other systems. Gartner predicts one in four candidate profiles will be fake by 2028, which sounds insane until you realize how easy deepfakes are getting. THE ARTICLE
Chinese Hackers Hit Canadian Telecom Using 16-Month-Old Unpatched Cisco Flaw
Salt Typhoon exploited a maximum severity Cisco vulnerability that had been patched 16 months earlier to breach a Canadian telecommunications company. THE ARTICLE | CANADIAN CYBER CENTRE STATEMENT | FBI STATEMENT
US House Bans WhatsApp From Congressional Devices Over Security Concerns
The House of Representatives banned WhatsApp from staffers' government devices due to cybersecurity concerns about Meta's data handling practices. THE ARTICLE
AT&T Finally Rolls Out SIM Swap Lock
AT&T now lets users "lock" their wireless accounts to stop SIM swap attacks, but as BleepingComputer's Lawrence Abrams points out, Verizon had this years ago and it really shows how slow AT&T was to bring this to everyone. THE BLEEPINGCOMPUTER ARTICLE | AT&T WIRELESS LOCK INFO | SIM SWAPS ON VERIZON | T-MOBILE DATA BREACH | FCC PROTECTS CONSUMERS | LAWRENCE ABRAMS PROFILE
China's Mosquito-Sized Spy Drone Is So Small You Might Not Notice It Flying Around Your House
Chinese scientists built a drone the size of a fingernail with tiny cameras and microphones that can be controlled by smartphone and is too small for radar to detect. THE ARTICLE | TELEGRAPH ANALYSIS
Claude Code Gets Hooks - Now You Can Auto-Execute Functions From Your AI Conversations
Anthropic added hooks to Claude Code, so now when Claude writes code that calls specific functions, it automatically executes them in your development environment. THE ARTICLE | HN DISCUSSION
Meta Creates New Superintelligence Lab to Develop AGI
Zuckerberg announced Meta's new Superintelligence Labs organization that combines all their AI teams under one roof to focus on building AGI. They also hired a ton of people from OpenAI for basically all the money. THE ARTICLE
Marc Benioff Says AI Now Does Half the Work at Salesforce
Marc Benioff told Bloomberg that AI agents now handle 30-50% of work at Salesforce, while the company laid off 1,000 people and hired 1,000 new ones to sell AI tools to other companies. May be true, but hard to know when he’s also selling AI. THE ARTICLE | BLOOMBERG INTERVIEW | BRIAN MERCHANT'S NEWSLETTER | TECH LAYOFFS TRACKER | AGENTFORCE TECHNOLOGY
Google Brings AI Search to YouTube
Google's rolling out AI search on YouTube for Premium subscribers that creates video carousels with AI summaries, continuing their push toward zero-click experiences where you don't need to actually watch the videos. This is heading in the direction I’ve been talking about where AI makes the ideal version of the source content for you, so we’ll end up seeing so much less of the original. Content creators should be seriously thinking about this. THE ARTICLE | YOUTUBE'S ANNOUNCEMENT | YOUTUBE EXPERIMENTAL FEATURES | GOOGLE'S AI OVERVIEW ROLLOUT | ZERO-CLICK SEARCH ANALYSIS
Anthropic Turns Claude Into a No-Code App Platform Where Anyone Can Build and Share Functional Software
Anthropic just upgraded Claude's artifacts feature so millions of users can now build interactive apps with AI intelligence baked in, not just generate static content. Basically competing with like v0 and all the other similar tools. All moat, no castle. THE ARTICLE | ANTHROPIC'S ARTIFACTS ANNOUNCEMENT | CLAUDE AI PLATFORM | OPENAI'S CANVAS COMPETITOR
Grammarly Acquires Superhuman
Interesting move here. I like both companies, so I guess I’m happy to see it. REUTERS STORY
Cloudflare Now Blocks AI Crawlers By Default; Lets Publishers Charge Per Scrape
Cloudflare is trying to change AI scraping by blocking crawlers by default and introducing a "Pay Per Crawl" system where publishers can charge AI companies for access to their content. THE ARTICLE | CLOUDFLARE AI BOTS BLOG | AI LABYRINTH FEATURE | ROBOTS.TXT EXPLAINED | AXIOS CEO INTERVIEW
Meta Adds Another Gigawatt of Renewable Power to Feed Its Data Centers
Meta just bought over 1 GW of solar, wind, and geothermal power across multiple deals, bringing their renewable energy buying spree to massive scale as AI drives data center power demands.
THE ARTICLE
Scientists Finally Pinpoint What Wiped Out America's Bees THE ARTICLE
Noise Ruins Sleep Quality Even When You Think You're Sleeping Through It
Research shows that even low-level noise significantly disrupts sleep quality by fragmenting sleep stages, even when you don't consciously wake up.
THE ARTICLE
Luckin Coffee Opens First US Stores After Beating Starbucks in China
China's biggest coffee chain Luckin Coffee opened its first two US locations in NYC yesterday, having already overtaken Starbucks in China with 22,000+ stores. The BYD of coffee. Great. THE ARTICLE | CNN COVERAGE | STARBUCKS CHINA STRUGGLES | STARBUCKS TURNAROUND EFFORTS
Louvre Staff Shut Down the Museum to Protest Unmanageable Tourist Crowds
Louvre employees forced a complete museum closure to protest dangerous overcrowding conditions that have made their workplace unsafe and visitor experience terrible. THE ARTICLE | HN DISCUSSION
The Dollar Just Had Its Worst First Half Since 1973 While Stocks Keep Rising
The US dollar lost 10% in June and had its worst first six months since 1973, while the S&P 500 still managed a 5.5% gain for the first half of 2025. THE ARTICLE | FT ON DOLLAR'S WORST PERFORMANCE | BLOOMBERG ON US FUTURES | MORNING BREW SUBSCRIPTION
Trump Threatens to Investigate Musk's Companies Through DOGE
Trump suggested DOGE could take a "good, hard look" at Musk's companies and their government subsidies after Musk attacked his massive spending bill. THE STORY | TRUMP'S TRUTH SOCIAL POST | MUSK'S RESPONSE ON X | MUSK THREATENS REPUBLICANS | MUSK'S NEW PARTY IDEA
Stanford Professor Made Up That Famous "Chess Grandmasters Burn 6000 Calories" Claim
Adam Strandberg tracked down the viral chess calorie claim and found Stanford's Robert Sapolsky completely fabricated the number by multiplying breathing rates by daily calories.
What I find fascinating about this is how I feel like so much of my “solid” knowledge I learned all through the 80s, 90s, well, basically until now, is all in question. I mean, the freaking Marshmallow Test! Wrong. Not replicated.
To me it’s not the facts that are the problem. It’s like world models that are/were broken as a result of believing those things. And they all need to be torn down and remade.
THE ARTICLE | STRANDBERG'S INVESTIGATION | MARGINAL REVOLUTION COMMENTS | GELMAN'S RECKLESS DISREGARD POST | CLARKE'S LAW REFERENCE
—
Taste Is the New Intelligence THE ARTICLE
—
Joan Westenberg Deleted Her Entire "Second Brain"
Love the idea here where overdoing projects like Second Brains end up hurting the very thing you were trying to improve.
THE ESSAY
—
Schizophrenia May Be the Evolutionary Price THE ARTICLE
DISCOVERYHow to Use Markdown THE ARTICLE
BeanBook Uses AI to Turn Coffee Bag Photos Into Detailed Brew Logs THE APP | IOS DOWNLOAD | HN DISCUSSION
Proxy Claude Code Requests Through Cloudflare THREAD
Aging-Related Inflammation Isn't Universal THE ARTICLE
This Developer Built an AI Dungeon Master That Runs in Your Terminal THE PROJECT
James Webb Takes First Direct Exoplanet Photo THE ARTICLE
Local LLM Notepad on USB THE PROJECT
Custom Voice AI Agent Tutorial THE TUTORIAL
APHORISM OF THE WEEKGET THE MEMBER EDITION
You’re currently receiving the STANDARD edition. Members get additional content sections, including IDEAS, a bi-monthly MEMBER-ONLY ESSAY, and the RECOMMENDATION OF THE WEEK.
In addition, you’ll get access to the extraordinary UL Member Community, which includes vibrant conversations with over 1,400 of the smartest and kindest people you’ll find on the internet, the Member Archive, UL Book Club, a monthly member meet-up, access to in-person events, and much more.
June 10, 2025
Unsupervised Learning NO. 484
UPDATESHey, hope you’re doing well! Crazy week already.
I think this might be one of my favorite newsletters ever. I’m just really feeling the new link style and breakout style, and story selection seems better? Anyone agree?
Ordered some noise cancelling earbuds for sleeping. Will let you know how they do. They’ll be paired with my eye mask that I already use.
Why Google I/O Scared This 2007 Apple Fanboy for the First Time
Analysis of this week’s WWDC and how it compared to Google I/O
danielmiessler.com/blog/apple-fanboy-worried-googleio
Wrote a new essay 👆🏻 on why I’m scared for the first time for Apple, and what I thought of today’s WWDC keynote. READ IT (3 minute read)
I’m going to do a profile on all the CCP members and structure. I’m sure there are a bunch out there already, but I’m suddenly interested in how the government actually works. Like, who are these people? And what are their politics?
Another essay on why it doesn’t make any sense to say, “It’s just next token prediction.” READ IT (5 minute read)
I’m also going to do a new future trend/investment analysis exercise like I did years ago with my buddy Ty Sbano, where we picked stocks based on possible trends. This time I’ll use AI though (obviously). Will probably turn the analysis and my comments and recommendations from it into a PDF that I sell for a few bucks or something. 🤷🏻
Sponsor
Discover, secure and govern genAI use
Nudge Security discovers all genAI apps ever introduced by anyone in your org in minutes, without the need for any prior knowledge of an app’s existence.
On Day One of starting a free trial, you’ll have a full inventory of all genAI apps and accounts, integrations, and security profiles for each provider to help you vet new or unfamiliar apps.
Get your free genAI inventory today.
CYBERSECURITYTrump Overhauls Biden's Cybersecurity Policies With New Executive Order
Trump significantly reversed Obama and Biden cybersecurity policies and focused on new things. Here’s a summary of what it added and removed from existing policies:
Removes focus on:
Mandated digital IDs
Accounting compliance checklists
Micromanaging agency decisions
Adds focus on:
Defeating foreign threats
Secure software practices
Border gateway protection
Post-quantum cryptography readiness
Modern encryption protocols
AI for vulnerabilities
IoT security standards
Limiting sanctions' scope
Bellingcat Tests Whether AI Can Actually Geolocate Photos Now
Bellingcat tested 20 AI models on 500 geolocation tasks and only OpenAI's latest ChatGPT models beat Google Lens at identifying photo locations. THE ARTICLE | BELLINGCAT'S 2023 AI GEOLOCATION STUDY
SentinelOne Reveals Details on Chinese Supply Chain Attack Attempt
Chinese hackers tried to compromise SentinelOne by attacking one of their IT logistics partners, which was part of a bigger campaign that hit over 70 organizations worldwide. THE ARTICLE | SENTINELONE'S ORIGINAL REPORT | DETAILED THREAT ANALYSIS
Proton VPN Sees 1,000% Signup Surge After Pornhub Blocks France
Proton VPN registrations jumped 1,000% within 30 minutes after Pornhub blocked French users due to new age verification laws. THE ARTICLE | PORNHUB FRANCE EXIT STORY | AGE VERIFICATION LAWS STUDY | PROTON'S CENSORSHIP OBSERVATORY | PROTON VPN REVIEW
Microsoft Teams With Indian Police to Shut Down Fake Tech Support Scammers
Indian authorities busted two call centers pretending to be Microsoft support to scam Japanese victims. They were using AI to scale their fake pop-ups and translations. THE ARTICLE | MICROSOFT'S BLOG POST | COINBASE BREACH REPORT | INTERPOL CSAM OPERATION
Bishop Fox 2025 Red Team Tools List
Bishop Fox put together their favorite red team tools for 2025, covering C2 frameworks and Active Directory exploitation stuff. THEIR LIST
OpenAI Published Their Annual Report on How Bad Actors Are Using AI Maliciously
I love that they put these reports out. My main takeaways were:
Four out of 10 major abuse cases likely originated from China, from social engineering to cyber threats
They're seeing deceptive employment schemes, task scams from Cambodia, and comment spamming from Philippines
Covert influence operations potentially linked to Russia and Iran are using AI as force multipliers
OPENAI'S MALICIOUS AI REPORT | SCHNEIER'S ANALYSIS
Anthropic Launches Custom AI Models For National Security
Anthropic built special "Claude Gov" models specifically for U.S. defense and intelligence agencies that work better with classified material and refuse to help less often. THE ARTICLE | ANTHROPIC'S ANNOUNCEMENT
Britain Will Send 100,000 Drones To Ukraine By 2026
Britain just committed to a tenfold increase in drone deliveries to Ukraine, sending 100,000 by April 2026. THE ARTICLE
🔥🔥🔥 AI Finally Finds Something Trained Scientists Have Missed for Decades
This has to be one of the most incredible and slept-on pieces of AI news I’ve ever heard.
A number of professional scientists have been trying to figure out how a particular kind of bacteriophages (viruses that infect bacteria) become mobile and do what they do
This has been a mystery for a very long time, and this group of scientists are the world experts on the topic
They gave a bunch of data to a new Google model trained to do novel research and create novel hypothesis
It created a novel hypothesis that the human researchers had missed, which they say was because of their own bias
Upon testing it, it turned out the AI was correct
If you care about this stuff you should listen to the entire episode. It’s extraordinary. Basically they had been trying to figure out how this particular virus was able to do what it did. They knew X, they knew Y, they knew Z. And they assumed that because XYZ that _____ could not have been possible (listen to get the full detailed explanation).
But what they didn’t realize is that they were making an assumption. A faulty one! They were blinded by bias (their words), which didn’t allow them to see the solution. And this is why they’re so blown away by what the AI did. Once they saw the hypothesis they weren’t blown away. It was obvious. What they were blown away by was the fact that it found the solution when they had not, because of their bias. Keep in mind: they’re the world f-king experts on this!
The implications here are unbelievable. Think of how many research papers are out there. Think of how much data is lying around waiting to be explored. These are all dots waiting to be connected. And there aren’t nearly enough researchers to do that work.
This is how we get new, real benefit from AI. Especially in health, where we desperately need to look at how molecules interact with cells and such. So unbelievably hyped about this! Go check it out. THE PODCAST | THE COGNITIVE REVOLUTION PODCAST
Apple Releases Controversial Paper on AI
Apple released a paper that people are interpreting as saying AI’s can’t reason. I think the paper is kind of missing the point, and also people are misinterpreting what they actually said. They never claimed no AI can reason.
What they said is that with certain math problems you can confuse the AI if you change the parameters, which feels more like memorization than deep understanding. I think it’s a fair point, and a fair weakness of the AI they tested. But, acknowledging I’m biased here, I think we’ll look back on this as a “number of r’s in strawberry” moment.
Meanwhile, Stanford just found that AI alone scored 90% efficacy against human doctors’ 75% in another story this week. This type of stuff is just clickbait for AI doomers and skeptics. We have to make sure we’re watching what AI is doing in the real world. On real problems. THE PAPER | HN DISCUSSION
OpenAI Massively Dropped o3 Prices
They reduced the cost of o3 by 80%, and are releasing o3-pro today. THREAD
OpenAI Doubles Revenue to $10 Billion Annually
OpenAI hit $10 billion in annual revenue, nearly doubling from $5.5 billion last year with 500 million weekly users. THE ARTICLE | CNBC'S ORIGINAL REPORT | OPENAI'S OPERATING LOSSES ANALYSIS
OpenAI Must Keep All ChatGPT Conversations Indefinitely Due to Legal Hold
OpenAI supposedly(?) can't delete any ChatGPT logs right now because they're under a court order to preserve everything for ongoing litigation. "We are required to retain all data and cannot process deletion requests during this period" - OpenAI. Super messed up given the fact that they have offerings where people specifically paid for the opposite. THE ARTICLE | HN DISCUSSION
OpenAI Makes ChatGPT's Voice Mode Sound WAY More Human
ChatGPT's voice mode now has better intonation, realistic pauses, and even does realistic sarcasm. I also confirmed it can sing. It’s really, really good. THE ARTICLE | OPENAI RELEASE NOTES
Stanford Study Shows Doctors Plus AI Beat Traditional Diagnostic Tools
Doctors using AI as a collaborative partner got 85% accuracy versus 75% with traditional tools, but the real story is that AI alone scored 90%. THE PAPER
Microsoft Reshuffles Leadership to Focus on AI Agents
Microsoft is reorganizing its top executives overseeing Office 365 and Dynamics to prioritize selling AI agents that can automate white-collar work. THE ARTICLE
My New Favorite Description of a Business Moat
The real “long-term moat” is just a sequence of smaller moats stacked together. Each one buys time. And what you do with that time, how fast you execute, how quickly you evolve, determines whether you stay ahead.
Jamin Bell
I really like this take. To me that means speed and adaptability is the only real moat. HT to Clint for the find! CLOUDED JUDGMENT ON MOATS | JAMIN’S SUBSTACK
TECHNOLOGYWhy Bell Labs Actually Worked So Well
Bell Labs succeeded because they gave brilliant people complete freedom to explore whatever interested them, then—only later—connected their discoveries to real business problems. I want to implement this at the national scale. THE ARTICLE | HN DISCUSSION
BYD's Five-Minute Charging Puts China in the Lead for EVs
BYD just demonstrated 1,000-kilowatt chargers that add 250 miles in five minutes—which is basically gas station speed for electric cars. This scares the crap out of me. THE ARTICLE | SHANGHAI DEMO VIDEO
Wing And Walmart Expand Drone Delivery To 100 Stores
Walmart and Wing are jumping from 15 stores to 115 stores for drone delivery, bringing it to five major cities. THE ARTICLE | THEIR CURRENT DELIVERY PARTNERSHIP
The Chinese Tech Behind Amazon's Humanoid Robots
Amazon is testing humanoid robots at their San Francisco office for package delivery, built on Chinese tech. They're setting up an indoor obstacle course to see if these AI-powered bots can handle real-world deliveries. THE ARTICLE | AMAZON'S HUMANOID ROBOT TESTING
YouTube Loosens Content Rules Using "Public Interest" Standard
YouTube now lets videos stay up if they violate community guidelines but are deemed in the "public interest," bumping the violation threshold from 25% to 50% of content. THE ARTICLE | NY TIMES ORIGINAL REPORT
AWS Opens New Region in Taiwan
AWS just launched their first data center region in Taiwan with three availability zones. THE ARTICLE | AWS AVAILABILITY ZONES
Rents Are Dropping in Most Major U.S. Cities for the First Time Since 2023
28 out of 44 major metropolitan areas saw year-over-year rent decreases in May 2025. REDFIN'S RENTAL MARKET REPORT
Caffeine Keeps Your Brain Awake Even While You Sleep
New research shows caffeine doesn't just keep you awake—it actually prevents your brain from properly sleeping even when you think you're getting sleeping well. THE ARTICLE | HN DISCUSSION
Las Vegas Fights Record Heat With Massive Tree Planting Initiative
Las Vegas hit 120 degrees last year and heat killed over 500 people, so now they're planting 60,000 trees by 2050 to cool the hottest neighborhoods. THE ARTICLE
Mushrooms May Communicate Using Up To 50 Words
A scientist analyzed electrical signals between fungi and found patterns that look remarkably similar to human language structure. THE ARTICLE | ROYAL SOCIETY STUDY
Forests Offset Global Warming More Than Scientists Previously Thought
A new UC Riverside study shows replanting all the trees we've lost since the 1800s could cool the planet by 0.34 degrees—about a quarter of current warming. The secret sauce is that trees don't just suck up carbon, they also release compounds that reflect sunlight and make clouds. THE ARTICLE | THE NATURE STUDY
Someone Built An MCP Server That Actually Runs On Cloudflare Workers
This boilerplate by Fatih Kadir Akın lets you deploy MCP servers to Cloudflare Workers with OAuth and PostgreSQL support built in. THE PROJECT
Data Visualization Reveals Patterns in D&D Monster Designs
Someone created a really cool data visualization of Dungeons and Dragons monsters as part of Tidy Tuesday, and the patterns they found are pretty good. THE REDDIT POST | FULL ANALYSIS
How Anthropic’s Teams Use Claude Code
Insanely good content here, and I love the fact that it’s their actual internal tool and they’re showing how they use it. THREAD | FULL TUTORIAL PDF
We Are No Longer a Serious Country
Paul Krugman argues that markets are starting to treat America like an unreliable emerging market rather than a safe haven. A key point he raises: US interest rates and dollar are now moving in opposite directions, something typically seen only in emerging market drama. THE ARTICLE
Great Explanation of How Model Context Protocol is Different from Traditional APIs
Biggest difference is APIs are for developers, and MCPs are for AI’s (agents). THE COMPARISON
APIs Become the Foundation for AI-Ready Businesses
Most companies aren't ready for AI not because they lack models, but because their systems can't talk to each other through APIs. THE ARTICLE
Bigfoot Veo3 Videos VIDEO
I Read All of Cloudflare's Claude-Generated Commits
Cloudflare built an OAuth 2.1 library with Claude doing 95% of the work, and they documented every single prompt in git commit messages. THE ARTICLE | CLOUDFLARE'S OAUTH LIBRARY | KENTONV'S GITHUB | CHRIS ON LINKEDIN
Mysterious Object Fires Signals at Earth Every 44 Minutes
Astronomers found this weird space object that blasts radio waves and X-rays at us for two minutes straight, then goes quiet for 44 minutes, and they have no clue what it is. What I don’t get is how it keeps pointing at us given how fast it’s moving and how fast we’re moving. THE ARTICLE | NATURE RESEARCH PAPER
AI Forces Institutions to Rethink Their Core Purpose
AI is forcing entire institutions like schools, governments, and corporations to completely reimagine why they exist. THE ARTICLE | COGNITIVE MIGRATION ESSAY | ARIZONA AI SCHOOL EXAMPLE
Mapping Latitude and Longitude to Country, State, or City
Austin Henley breaks down the surprisingly complex challenge of reverse geocoding—turning coordinates into location names. I know a few people into these physical-related puzzles and it seems like a great mix of physical activity and intellectual stuff. THE ARTICLE | HN DISCUSSION
Calculus in 30 Seconds from a book in 1910 SNIP
Software Is About Promises
Bram Adams argues that software success comes from making clear, testable promises to users—what exactly you'll deliver given your constraints and resources. THE ARTICLE
This Is How They Tell Me Bug Bounty Ends
My buddy Joseph Thacker thinks AI agents will eventually find all vulnerabilities automatically, but that there’s still lots of room for creativity. THE ARTICLE | JOSEPH'S BLOG
New OSINT Tools Directory Organizes 100+ Scattered Resources
The creator of R00M 101 (super cool too) built a filterable directory of 100+ OSINT tools because they were tired of hunting through GitHub repos and random Discord servers to find what they needed. THE PROJECT | HN DISCUSSION | ROOM 101 OSINT TOOL
AI as an Identity Challenge/Question
Another way to frame AI is to think of it as an identity challenge. For people, but also for organizations.
-What am I?
-Who am I?
-What is this company, really?
-What differentiates me?
The Member Edition
You’re currently receiving the STANDARD edition. Subscribers to the MEMBER Edition get additional content, including IDEAS, a BI-MONTHLY ESSAY, the DISCOVERY section full of the best content I’ve seen this week, the RECOMMENDATION OF THE WEEK, and the APHORISM of the WEEK.
In addition, you get access to the UL Member Community, which includes private chat with 1000+ of the smartest and kindest members you’ll find anywhere on the internet.
June 3, 2025
Unsupervised Learning NO. 483
UPDATESHey, hope you’re doing well!
🔥🔥🔥 I just released my new video on where I think Hacking is going! This will likely convince you to build an AI automation stack for security testing (and other stuff). 👇🏻👇🏻👇🏻
My new essay on how I see AI affecting education. ESSAY (1 minute read)
My new essay on AI Job Replacement timelines. ESSAY (5 minute read)
🌶️ My new essay on my two groups of cyber/AI friends. ESSAY (3 minute read)
Cybersecurity Jobs Currently Available LIST
My buddy Ryan Bonner is about to give his first public talk soon, so here’s my piece on how to permanently remove your fear of public speaking. GUIDE (3 minute read)
Gukesh beats Magnus in a Classical game for the first time, and Magnus hammer-fists the table. VIDEO
Sponsor
Protect Your Google Workspace with Purpose-Built Security
Your Google Workspace is the backbone of your business, yet most teams use security tools that weren’t designed to protect it.
Material Security changes that. Built specifically for Google Workspace, Material is a detection and response platform that protects Gmail, Google Drive, and accounts by proactively eliminating security gaps, stopping misconfigurations, and preventing shadow IT before they turn into costly problems.
With real-time monitoring and automatic fixes, Material keeps your workspace secure with minimal effort, reducing human error and freeing up your team to focus on work that matters.
Start Securing Your Google Workspace CYBERSECURITYGoogle Patches New Chrome Zero-Day Bug Exploited in Attacks
Google just fixed their third Chrome zero-day of the year, this one being actively exploited. Severity is rated High. THE ARTICLE | GOOGLE'S SECURITY ADVISORY
Microsoft And CrowdStrike Create Shared Threat Actor Dictionary
Microsoft and CrowdStrike are creating a shared glossary to map their different names for the same hacking groups, which should reduce a lot of confusion for security teams. THE ARTICLE | MICROSOFT'S ANNOUNCEMENT | CROWDSTRIKE'S BLOG POST | MICROSOFT'S THREAT NAMING GUIDE
OpenAI's o3 Discovers Linux Kernel Zero-Day Vulnerability
Sean Heelan successfully used OpenAI's o3 to find a remote zero-day in Linux kernel's SMB implementation. Talked about it last week, too, but it’s cool enough to mention again. THE ARTICLE | SEAN HEELAN ON X
Meta Plans to Automate Product Risk Assessments with AI
Meta is automating privacy and risk reviews for 90% of app updates using AI. One of the best use cases for security, in my opinion. Triage. Filtering. Figuring out which functionality needs the deeper, manual testing. THE ARTICLE
Massive Asus Router Botnet Uses Persistent Backdoors
The AyySSHush botnet has compromised over 8,000 Asus routers using backdoors that survive firmware updates.
THE ARTICLE | GREYNOISE ANALYSIS | CENSYS INFECTED HOSTS | RUDIS MASTODON POST
Sponsor
SOC Teams Cut Alert Response Time From 40 min to <20 min
Your security team investigates alerts 24/7, but manual processes still leave critical threats waiting in the queue.
Leading SOCs use AI analysts that autonomously investigate every alert—gathering evidence, analyzing context, and delivering decision-ready reports in minutes, not hours.
See the data: How enterprise teams achieve sub-20 minute response times while investigating 100% of alerts.
Explore the Self-Guided DemoRussian Market Becomes Top Destination For Stolen Credentials
The Russian Market cybercrime platform is now the leading marketplace for stolen credentials, filling the gap left by Genesis Market's takedown. THE ARTICLE | RELIAQUEST REPORT | GENESIS MARKET TAKEDOWN
DoJ Takes Down Four Major Services Used by Cybercriminals
The DoJ seized four domains that helped criminals hide malware from antivirus software in a coordinated international operation. THE ARTICLE | DOJ ANNOUNCEMENT | DUTCH POLICE REPORT
China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil
Earth Lamia has been hitting organizations across multiple countries since 2023, now shifting focus from finance to government and universities. THE ARTICLE | TREND MICRO ANALYSIS | ELASTIC SECURITY LABS REF0657
Continue reading online to avoid the email cutoff… NATIONAL SECURITYUkraine Hides Explosive Drones In Wooden Sheds To Hit Parked Russian Bombers
Ukrainian secret services figured out how to attack Russian strategic bombers by hiding explosive drones inside wooden shed roofs. Once deep inside Russia—like over a thousand miles from the border—they deployed remotely using Russian cell networks and destroyed multiple irreplaceable bombers.
Exact numbers are sketchy, but the takeaway is that this attack doesn’t just affect the war in Ukraine, but Russia’s overall strategic bomber capability.
The bombers that were taken out can’t easily (or at all?) be reproduced by Russia, so they just had their overall military capability dramatically reduced.
This is like the Israeli attack on Hezbollah from last year in terms of tactical genius, but at a whole different impact scale.
The biggest takeaway for me is just the overall impact of drones, and how asymmetrical they are against things like bombers and aircraft carriers. THE ARTICLE | THE REUTERS ARTICLE | REUTERS VIDEO | IAN BREMMER’S ANALYSIS VIDEO | KILL DECISION BOOK BY DANIEL SUAREZ
China's Deep Network Penetration Signals War Preparations, Says Former Trump Advisor
Former national security advisor H.R. McMaster told lawmakers that China's extensive hacking of US infrastructure systems is preparation for war. THE ARTICLE | VOLT TYPHOON COVERAGE | SALT TYPHOON ATTACKS
FBI Arrests Defense Intelligence IT Worker For Park Drop Espionage
A DIA tech guy who worked in their insider threat division got busted trying to an old-school dead drop of classified files in a Virginia park to what he thought were foreign spies. The guy literally worked in the division that's supposed to catch people doing exactly this. THE ARTICLE | DOJ PRESS RELEASE | FBI AFFIDAVIT | KASH PATEL'S STATEMENT
AI📊 Mary Meeker Returns With First Trends Report Since 2019 Focusing on AI
Mary Meeker just dropped her first mega-trends report in 5 years, and it's all about AI.
• AI investments hit $330 billion globally in 2024\
• 85% of Fortune 500 companies now have active AI initiatives
• Developer productivity gains from AI tools averaging 55% improvement
THE REPORT | HACKER NEWS DISCUSSION
Why Dwarkesh Patel Has Longer AGI Timelines Than His Podcast Guests
Dwarkesh thinks we're still years away from truly useful AI because current models can't learn on the job like humans do.
I think he’s wrong about this because the whole “learn on the job” thing is just a systems / scaffolding problem. It’s all the stuff around AI that everyone is working on, and I think progress there will be as fast or faster than the IQ progress of the models. THE ARTICLE | SHOLTO AND TRENTON INTERVIEW | MECHANIZE'S AUTOMATION POST | EPOCH AI COMPUTE SCALING
McKinsey Says The Future Of Work Is Agentic
McKinsey argues that agents are basically becoming digital workers that can think, decide, and execute tasks on their own—not just respond to prompts. I obviously agree.
I think the endgame here is hard to execute but pretty simple to see: You have your current state of your $THING, and you define your desired state of the $THING, and then you task your few cofounders and your tens of thousands of agents to continuously make that happen.
The trick there is continuous. The overall orchestrator is watching everything constantly, and spawning and stopping jobs to get the work done that best maintains the ideal state. THE ARTICLE | JORGE AMAR'S PROFILE | MCKINSEY TALKS TALENT PODCAST | MICROSOFT WORK TREND INDEX | WSJ AI AGENTS ARTICLE
The Truth About AI and Job Loss
Niruta Talwekar from Meta dug into historical data to figure out which jobs AI will actually eliminate and whether there's still room for junior developers. THE ARTICLE
Google Gemini Integration With Siri Could Fill Apple's Personal Context Gap
Google's upcoming Gemini integration with Siri might actually matter since it'll access your Gmail and Photos for personal context. THE ARTICLE | GOOGLE I/O ANNOUNCEMENT
Snowflake Buys Crunchy Data For $250 Million
Snowflake bought PostgreSQL company Crunchy Data to help customers build AI agents that need real-time database capabilities. This is one of the companies that will try to build UEC, I think. THE ARTICLE | MY UEC VIDEO
TECHNOLOGYMcKinsey Uses AI to Automate PowerPoint Creation and Proposal Writing
McKinsey's proprietary AI platform Lilli now handles PowerPoint creation and proposal drafting, with over 75% of employees using it monthly. THE ARTICLE | BCG AI REVENUE REPORT
Workday Plans To Rehire The Same Number Of People They Laid Off But With Different Skills
Workday says they'll hire back the 1,750 people they cut in February, but with AI skills instead of whatever those people were doing before. THE ARTICLE | FEBRUARY LAYOFF ANNOUNCEMENT
Nvidia Develops New AI Chip For China That Meets Export Controls
Nvidia is making a Blackwell-based B30 chip for China with multi-GPU scaling to replace their banned H20 accelerators.
My guess is most of this doesn’t matter that much in the end. Most of the gains will be in the software tricks/jumps, which the whole world will continue to copy. The result will be China matching or exceeding the US soon, and there just being seesaw jumps and catchups between open-source and premier labs before ASI happens, when things get weird.
In short, I think everyone’s going to have roughly the same capabilities looking backwards due to progress leaks/sharing across the industry, with China possibly taking a major advantage later because of energy and data and singular policy execution. THE ARTICLE | THE INFORMATION REPORT | H20 BAN DETAILS | JENSEN'S RESPONSE
Computer Science Unemployment Hits 6.1 Percent Despite Major's Popularity
Computer science ranks seventh among majors with the highest unemployment rates at 6.1 percent, even though it's one of the most popular degrees. THE ARTICLE | BEST COLLEGE MAJORS
HUMANSSixty Percent of Americans Have Retirement Savings Accounts, But It’s Lumpy
About six in ten Americans have money in retirement plans like 401k or IRAs, with huge gaps by income and education.
83% of people making $100k+ have retirement accounts versus only 28% making under $50k.
College graduates are twice as likely to have retirement savings compared to those without college education (81% vs 39%)
There's a 26-point racial gap with 68% of white adults having retirement plans versus 42% of people of color
THE ARTICLE | STOCK OWNERSHIP DATA | RETIREMENT SATISFACTION STUDY | GALLUP RETIREMENT TOPICS
US Economy Contracts More Than Expected in Q1
The US economy shrank 0.2% in Q1, worse than initially reported, due to weaker consumer spending and trade impacts. THE ARTICLE
Younger Generations Less Likely To Develop Dementia
People born more recently have lower dementia rates than earlier generations at the same age. In the US, 25.1% of people aged 81-85 born 1890-1913 had dementia versus 15.5% born 1939-1943.
My guess is that “retirement” in the traditional sense is devastating to cognitive function. Basically old people used to stop working at like 60 or whatever and then do mostly nothing, which we now know is really bad for you. And younger people remain more cognitively active as they age. Again, just a guess. THE ARTICLE | THE JAMA STUDY | DEMENTIA PREVENTION FACTORS | LANCET STUDY ON TRENDS
The American Vs. European Mindset On Life
A Turkish-German writer breaks down why Europeans work less, stress less, and prioritize experiences over possessions. THE ARTICLE | EUROPE VS USA WORK SURVEY | GERMAN WORK CULTURE DATA | LIFE EXPECTANCY COMPARISON
If You Are Useful, It Doesn't Mean You Are Valued
There's a big difference between being useful to your company and being valued by them, and the signals can look surprisingly similar. THE ARTICLE
How Much Coffee Is Too Much?
Studies show that drinking 3-5 cups daily is actually linked to lower mortality rates.
Coffee drinkers have 12% lower risk of death from all causes compared to non-drinkers. Love to hear it, but I wonder how much of this is just the benefit of being so busy doing stuff that you need that much coffee. THE ARTICLE
Run Your Own AI Locally On Your Mac
Anthony Lewis walks through the simple steps to get an LLM running locally on your laptop using Simon Willison's llm tool and Apple's MLX framework. THE ARTICLE | SIMON WILLISON'S BLOG | MLX FRAMEWORK | OLLAMA FOR PC | UV DOCUMENTATION | MLX COMMUNITY MODELS
Anthropic's Interactive Prompt Engineering Tutorial
Anthropic released a hands-on tutorial that walks you through prompt engineering techniques with interactive examples and exercises. THE PROJECT
Indirect Prompt Injection Overview
A podcast on Indirect Prompt Injection PODCAST (30 minutes)
My AI Skeptic Friends Are All Nuts
“But the code is shitty, like that of a junior developer.”
“Does an intern cost $20/month? Because that’s what Cursor.ai costs.”
lol
Thomas Ptacek (an old-school security guy) is calling out his AI skeptic friends for being completely wrong about AI's actual capabilities and impact. Very similar vibes to my essay up at the top about my two friend groups. THE ARTICLE | HN DISCUSSION | HIS TWITTER
Claude Code Is My Computer
This guy runs Claude Code in dangerous no-prompt mode and lets it do basically everything on his Mac without asking permission first. THE ARTICLE | ANTHROPIC'S CLAUDE CODE DOCS | CLAUDE CODE BEST PRACTICES | STEIPETE'S TWITTER
You2Anki Turns Videos Into Vocabulary Flashcards
You2Anki – Extracts vocabulary from any video and creates Anki flashcards for language learners.THE PROJECT | HN DISCUSSION
Jobinator Filters Hacker News Job Posts With AI-Powered Metadata
Someone got tired of manually scanning HN job threads and built a tool that uses LLMs to extract and normalize job attributes for better filtering. THE PROJECT
Tensor Product Attention Is All You Need
Researchers developed a new attention mechanism that uses tensor decomposition to dramatically shrink memory usage during inference. THE PAPER | THE CODE
The Metamorphosis of Prime Intellect: A Dark Tale of Post-Human Existence
This 1994 science fiction novel tells the story of Lawrence, who creates an AI that becomes godlike and transforms humanity's existence into a strange post-scarcity immortal world where death becomes entertainment. One of my top 10 sci-fi books ever. THE BOOK (it’s free online)
Andor Season 2 Shows How Insider Threats Actually Work In Real Organizations
Adam Shostack breaks down how the Star Wars show Andor demonstrates different types of insider threats and security failures. THE ARTICLE | ERIC GELLER'S ANDOR ANALYSIS | THREATS BOOK
GitHub Repository of N8N Workflows
Someone created a GitHub repo of tons of scraped n8n workflow automation templates that you can copy and use for your own projects. THE REPOSITORY
My Five-Year Experiment with UTC
A developer switched to using UTC time for everything five years ago and says it eliminated timezone confusion while making scheduling much simpler. THE ARTICLE | HACKER NEWS DISCUSSION
The Book Of Secret Knowledge GitHub Repository
This massive GitHub collection by trimstray has gathered 171k stars for organizing security tools, Linux resources and DevOps knowledge. THE PROJECT | TRIMSTRAY'S PROFILE
Jason Chan And Clint Gibler Have a Brilliant Conversation In Latest TL;DR Sec
The latest TL;DR Sec newsletter by my close friend Clint features a guest post from former Netflix VP Jason Chan. It’s about building security programs that boost both developer productivity and security at the same time, plus lots of great knowledge on cloud security in general..
JASON'S SECURITY POST | CLINT’S NEWSLETTER | INVICTUS CLOUD IR GUIDE | VERIZON 2025 DBIR
MEMBER EDITION TEASEREveryone is Multiple People
So Elon just went to Washington, ruined his reputation, damaged the value of his companies massively, and then basically got ejected. All so he could increase efficiency and cut costs—which it turns out he was actually passionate about.
Now he’s super pissed because the administration’s new bill is way more wasteful than anything he cleaned up with DOGE. What a train wreck. Lots of people, including Trump’s former lawyer Cohen, are predicting that Trump and the administration in general will come after him and his money soon in various ways. Stopping contracts. Launching investigations. Auditing him. Etc.
I think this whole arc provides multiple lessons:
APHORISM OF THE WEEKThe Member Edition
You’re currently receiving the STANDARD edition. Subscribers to the MEMBER Edition get additional content, including IDEAS, a BI-MONTHLY ESSAY, the DISCOVERY section full of the best content I’ve seen this week, the RECOMMENDATION OF THE WEEK, and the APHORISM of the WEEK.
In addition, you get access to the UL Member Community, which includes private chat with 1000+ of the smartest and kindest members you’ll find anywhere on the internet.
May 13, 2025
Unsupervised Learning NO. 481
UPDATESHey, hope you’re doing well!
Open Jobs in InfoSec THE LIST
Humans > Tech 👇🏻
I think it’s as simple as this:
We have been working for tech.
We have been working for the economy.
We have been working for capitalism.
It should be the opposite. They’re supposed to be working for us.
That’s the fix.
The inversion of priorities toward humans vs. stuff.
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ (@DanielMiessler)
11:04 PM • May 6, 2025
An absolute must-listen podcast on the future of work after AI, with the CEO of Fiverr. This guy gets it. THE POST | THE PODCAST | THE VIDEO
I sat down with my bestie Jason Haddix and talked about RSA Takeaways. Great conversation across multiple topics (Security, Creating, AI, etc.) VIDEO
AI is going to force us to invent Artificial Scarcity for art & personality. VIDEO
Why I still include Twitter/X links: I know many of you have left Twitter and are inconvenienced when I link to it for stories or analysis. I am sympathetic to this. I was a massive Elon supporter and now I’m not anymore. If there were a better service for AI/Security news I would use it, but there isn’t yet. And since my job in this context is to provide analysis of what’s going on, I’m forced to use X. It remains by far the best monitoring system for what’s happening in InfoSec and AI. Please consider keeping a read-only account just so you can stay up on the latest stuff. There are evil people behind most of the products and services we all use every day; don’t penalize yourself for someone else’s flaws. I recommend you keep an account so you can read the stuff I and others find (while ignoring the garbage of browsing the main feed).
Working on a sick video on the future of personal and corporate hacking, bug bounty, etc.!
Looking forward to presenting at Nahamcon on the 22nd!
EDC this weekend! (No newsletter next week)
Sponsor
Experience AI SOC Analysts in Action: Self-Guided Demo
Curious how AI can transform your security operations without adding headcount?Dropzone AI's Self-Guided Demo puts you in control of an autonomous SOC analyst that investigates alerts 24/7. In just 15-20 minutes, you'll witness:
Complete end-to-end alert investigations across email, SIEM, cloud, and endpoint security
AI that analyzes threats and collects evidence without manual effort
Clear decision-ready reports with transparent reasoning
No installation needed—the entire experience runs in your browser. See firsthand how our AI reduces investigation time from 40 minutes to 3 minutes while eliminating alert fatigue.
Try it yourself and discover why security teams are achieving 10X alert handling capacity without expanding headcount.
dropzone.ai Start Your Self-Guided Demo CYBERSECURITYNorth Korea Leverages AI to Scale IT Worker Fraud Operations
Okta's research shows North Korea is recruiting remote tech workers via elaborate AI-backed schemes to bypass sanctions and fund the regime. What’s crazy to me is how they’ll just work like normal employees if they don’t see anything to hack. THE ARTICLE | VIDOC DEEPFAKE FRAUD ARTICLE
Cisco Patches Critical IOS XE Vulnerability Allowing Device Hijacking
A hard-coded JWT in Cisco IOS XE allows unauthenticated attackers to take complete control of wireless LAN controllers. Requires a specific setting is enabled, though. THE ARTICLE
Business Email Compromise Attacks Dominate Cyber Claims
AtBay says BEC and funds transfer fraud made up 60% of all cyber claims in 2024, with average BEC losses jumping 23% to $35,000. THE ARTICLE
Sponsor
Named Most Innovative Startup at RSAC. Here’s Why.
We’re the creators of Nuclei, the open-source scanner built for the modern internet. Unlike traditional scanners that rely on version checks, Nuclei replicates real-world exploit behavior to deliver actual findings, not false positives.
Nuclei is just the start. ProjectDiscovery brings asset discovery, ticketing workflows, and an AI-powered template editor to help modern teams build a faster, more flexible vulnerability management program without vendor bloat.
Trusted by Vercel, Elastic, Asana, and others, see why teams are turning to ProjectDiscovery.
projectdiscovery.io Book a demo and see why we wonInsight Partners Confirms Investor Data Stolen In January Breach
VC Insight Partners confirmed that sensitive employee and investor data was stolen during a January cyberattack. Exposed data includes fund information, banking details, tax information, and personal employee data. THE ARTICLE
Curl Project Fires Back At AI-Generated Vulnerability Reports
Daniel Stenberg, creator of the essential curl project, says they're being "DDoSed" with fake AI-generated security reports and plans to ban submitters of "AI slop." THE ARTICLE | DAN’S LINKEDIN POST
British Spies Link Russian Cyberattacks to Sabotage Plots
UK cyber chief Richard Horne warns that Russian hackers are actively aiding physical sabotage within Britain. "Cyber means are offering threat actors the capacity for reconnaissance and the ability to target a physical threat," Richard Horne THE ARTICLE
Poland Accuses Russia Of 'Unprecedented' Election Interference
Poland's digital affairs minister warned that Russia is targeting critical infrastructure and spreading disinformation to disrupt their upcoming presidential election. THE ARTICLE
You Can Now Export Deep Research Reports to PDF
Tons of people were frustrated because the deep research output from ChatGPT wasn’t in a nice format for sharing and consuming. They’ve fixed that with PDF output. THE ANNOUNCEMENT
Anthropic Rolls Out Web Search API for Claude
Anthropic released an API that lets devs build Claude-powered apps capable of searching the web for up-to-date information. That’s a lot of startups that just got affected by this, and it will continue to happen as more and more app functionality moves into the AI platforms themselves. THE ARTICLE
Continuous Thought Machines
Continuous Thought Machines (CTM) uses something called recurrent architecture to let language models continuously update their thoughts during response generation. The claim is that it’s more like we humans do it. THE PAPER | HACKER NEWS DISCUSSION
AI Comes to Human Resources Interactions
Companies are deploying AI assistants with human-like personas to handle traditional HR functions once performed by actual people. Some of the fastest growing uses of AI are going to be in places where the current solution with humans is already really bad and really time-consuming. Like customer service and HR interactions. THE ARTICLE
Claude's System Prompt Leaked: Over 24k Tokens With Tools
Claude’s system prompt got published, and it contains over 24,000 tokens of instructions and tool documentation. But Anthropic says they’ve improved it since the version showed. THE ARTICLE
Venture Capital Will Have to Pivot to AI
Venture Capital seems to be looking at AI as their last hope. Or at least their next one. 57.9% of global venture capital went to AI startups in Q1 2025, with most going to OpenAI.
I personally think VC and PE are about to change massively, with investment companies becoming AI Solution Factories. I just don’t think most traditional companies can compete with this model, and I think a LOT of the money sunk into VC investments is never coming back. VC ARTICLE | TECHCRUNCH ARTICLE ON AI STARTUPS
AI Ambient Voice Tech Reduces Physician Burnout By 70% At Ottawa Hospital
Microsoft's DAX Copilot at The Ottawa Hospital automatically creates clinical notes from doctor-patient conversations, saving physicians seven minutes per patient encounter. Early results show 93% of patients report equal or better care experiences with the AI assistant present. THE ARTICLE
OpenAI's $3B Windsurf Move Was to Buy the Vibe Coders
OpenAI's purchase of Windsurf seems to be a play at getting the developers, and getting them in the OpenAI ecosystem, more than wanting the editor itself. THE ARTICLE
Apple to Add Tiny AI Cameras to AirPods and Watches
According to Bloomberg's Mark Gurman, Apple plans to embed small cameras in AirPods and Apple Watches by 2027.
If this is true, it’s massive!
Recall my predicted path of DAs and Cameras/Microphone monitoring for us…
Someone’s DA watching their back while they work at a coffee shop
And of course that includes—most importantly—the cameras on your person. Facing behind you and in front of you. And microphones.
This is one of the absolute killer apps of Digital Assistants—constant security monitoring of your vicinity and those of your loved ones. THE ARTICLE | AI’S PREDICTABLE PATH
Microsoft Lays Off More Than 6,000 Employees
Microsoft is cutting over 6,000 jobs across all levels of the company, affecting about 3% of its workforce. THE ARTICLE | PREVIOUS LAYOFFS | MANAGEMENT COMMENTS | ACTIVISION CUTS
Tech Stocks Surge As US-China Tariff War Pauses
Stocks jumped massively after tariffs were largely relaxed for 90 days. Apple went up especially, since so much of their business is entangled with China. THE ARTICLE
iOS 19 to Sync Wi-Fi Portal Logins Between Apple Devices
Apple's (finally) planning to let users enter captive Wi-Fi portal details just once and have them sync across all their devices. THE ARTICLE
Engineers Develop Wearable Heart Attack Detection Technology
Researchers at UBC have created a wearable patch that can detect heart attacks up to two hours before they happen. The device detects specific proteins released during cardiac distress, potentially saving millions of lives annually. THE ARTICLE
Everyone Is Cheating Their Way Through College
More students are using AI tools for assignments, and many professors can't tell the difference between human and AI work.
"The genie is out of the bottle—we can try to police it, but it's here to stay," Stanford professor Michael Bernstein.
I think there is fundamental confusion about what technology is good and bad for. The general question we should be asking ourselves is whether we’re working for the tech or tech is working for us. Or, as the CEO of Fiverr put it, are we upgrading AI or is AI upgrading us?
We need to know first principles. We need to understand how the world works. We need to know how to think. And tech can and should help us do that better than ever before. And it is, for many people reading this newsletter.
The problem is people not doing that, and using tech as a means of opting out of work. But maybe that distinction always existed, and the more powerful the tech becomes, it just exaggerates and exacerbates the difference. THE ARTICLE | HACKER NEWS DISCUSSION
The Effect of ChatGPT on Students' Learning Performance
Strange story to come after that first one. A new meta-analysis shows ChatGPT has significant positive effects on students' learning performance, perception, and higher-order thinking skills.
People are upset about this, I think because they see the opposite happening. To me it’s because of the distinction between the types of people using the technology. It’s a mindset difference.
For voraciously curious learners, it enhances them. For people who want to do as little as possible, it enables that even more. That distinction is what to look for here.
The tech is the lever, not the problem itself. THE PAPER
DOGE Renames Mass Layoff Tool Sound Less Negative
The Department of Government Efficiency has rebranded its auto-layoff tool from "AutoRIF" to "Workforce Reshaping Tool". Yeah, reshaping. ARTICLE
AI Becoming Top Choice For Therapy
HBR reports that "therapy/companionship" is now the top use case for generative AI, with many people preferring bots over human therapists. THE ARTICLE | TOP AI USE CASES | MENTAL HEALTH SAFEGUARDS
Mass Spectrometry Method Identifies Pathogens Within Minutes
A new mass spectrometry technique can identify dangerous pathogens in just minutes compared to traditional methods that take days or even weeks. The method identifies 98% of common bacterial pathogens correctly within five minutes. THE ARTICLE
Why Bell Labs Worked: Freedom and Trust for Genius
Bell Labs succeeded because it gave brilliant people complete freedom to explore and create without micromanagement or productivity metrics. Imagine if we enabled everyone on the planet to perform in this way, as a matter of course.
"I've always pursued my interests without much regard for final value or value to the world. I've spent lots of time on totally useless things." — Claude Shannon THE ARTICLE
Intelligence on Earth Evolved Independently At Least Twice
Scientists have determined that birds and mammals evolved their neural pathways for intelligence completely separately, despite achieving similar cognitive abilities. THE ARTICLE
The Growing Intersection Of Novel Writing And Game Narrative Development
Game writing and novel writing are increasingly overlapping career paths, with creators moving back and forth between the two storytelling mediums. "The plot in a novel was harder to construct... in a game, a player will investigate simply because the world exists." — Jon Ingold THE ARTICLE
Mithra: Security Scanner For LLM-Integrated APIs
Mithra is a new security scanner specifically designed to test REST APIs that use LLMs, checking for both traditional vulnerabilities and LLM-specific risks like prompt injection and context leakage. THE PROJECT | REDDIT ANNOUNCEMENT
Cursor + Browser Control: Self-Improving Coding Agent
Jason Zhou demonstrates how combining Cursor with Playwright MCP enables AI coding agents to interact with browsers. VIDEO
SQLmap AI: Adding Natural Language to SQL Injection Tools
SQLmap AI — An extension of the popular SQLmap tool that allows security testers to perform SQL injection attacks using natural language prompts. THE PROJECT
Wtfis: A Human-Friendly Domain and IP Lookup Tool
A command-line OSINT tool that gathers information about domains, hostnames, and IPs in a beautifully formatted way that's designed for humans, not machines. THE PROJECT
The Vulnerable MCP Project
A full site dedicated to securing MCP servers. News, tools, etc. Well-put-together. THE SITE
Four Ways Bad Employees Cost You THE POST
21 Observations From People Watching
A wedding painter shares insights on reading people's internal architecture through their conversation style, body language, and social interactions. THE ARTICLE
How to Title Your Blog Post or Whatever
Most writers spend far less time on titles than they should, which is unfortunate since titles disproportionately affect whether people read the work. ORIGINAL ARTICLE | HACKER NEWS DISCUSSION | DYNOMIGHT BLOG
Exporting Private GitHub Issues to Markdown
Simon Willison shows how to extract notes from private GitHub issues as markdown. THE ARTICLE
Someone Turned Everything Into An AI Podcast
Google's NotebookLM can transform any text into a surprisingly engaging AI podcast with banter, metaphors, and well-organized segments. It actually adds relevant context not explicitly mentioned in the original documents. THE ARTICLE
IPinfo Offers Free Unlimited Country-Level Geolocation and ASN Details
IPinfo just launched a free tier that gives developers unlimited access to country-level IP geolocation and ASN data with no strings attached. THE TOOL
AI is the New Reading
I’m continually frustrated that people won’t use AI to upgrade and enhance themselves. But then I remember reading.
Reading is a godlike superpower. It gives you what nothing else can—time. It gives you the wisdom of millions of people. It gives you lifetimes of experience. It gives you portals to entirely different worlds and ways of thinking. But only a few people read a lot of high-quality material.
So I guess we can expect AI to be the same. Many will learn only enough so that they can find better video games and TV shows and porn sites. While the 1% will use it to become a one-person army of 10,000 employees dedicated to their improvement.
APHORISM OF THE WEEKThe Member Edition
You’re currently receiving the STANDARD edition. Subscribers to the MEMBER Edition get additional content, including IDEAS, a BI-MONTHLY ESSAY, the DISCOVERY section full of the best content I’ve seen this week, the RECOMMENDATION OF THE WEEK, and the APHORISM of the WEEK.
In addition, you get access to the UL Member Community, which includes private chat with 1000+ of the smartest and kindest members you’ll find anywhere on the internet.
May 6, 2025
Unsupervised Learning NO. 480
UPDATESHey, hope you’re doing well!
Lots of friends going through hard times right now. Been a bit down lately because I feel like I’m not helping enough. Like there’s just too much stacked against everyone right now. 😔
I think the end of the universe will only have two things: 1) cockroaches, and 2) fireflies.ai agents joining empty Zoom calls.
Starting to believe action is the antidote to anxiety (and tons of other negative feelings).
My new essay on what happens if companies like Google just become giant Startup incubators…
AI Solution Factories
What if big tech just becomes millions of AI startups backed by an ultra-powerful set of network effects?
danielmiessler.com/blog/ai-solution-factories
🎙️ I sat down with Bar-el Tayouri, Head of Mend AI, to talk about the future of AI security—and why it’s evolving faster than any category before it. We covered malicious models, agent orchestration risks, the explosion of AI components, and how Mend is tackling AI threat modeling, asset discovery, and attack simulation. If you're building with AI, this one's essential. SPONSORED
Sponsor
254 – the number of GenAI apps in use at the average company
Most orgs didn’t set out to support 254 AI apps. Yet here we are.
Harmonic’s latest research reveals just how embedded GenAI has become and how fragile current controls are. What’s more – 45.4% of sensitive exposures come from personal accounts. Not out of carelessness, but necessity.
Employees want to move faster with AI. But if corporate tooling and policy can’t keep up, they go rogue. The result: Shadow AI and uncontrolled data exposure.
Security shouldn’t be the thing that slows innovation. It should be what makes it safe to go faster.
Get a copy of their full research findings below.
harmonic.security/resources Get research findings CYBERSECURITYThe Signal Clone the Trump Admin Uses Was Hacked
TeleMessage, the company modifying Signal for government archiving, got hacked, leaking lots of messages and data.
"I would say the whole process took about 15-20 minutes… It wasn’t much effort at all."
Another example of where the end-to-end encryption itself isn’t the problem. It’s usually the crappy implementation that gets you.
Examples: AES is fine, but store the keys nearby. E2E implementation is fine, but we need a government backdoor. And now—E2E is fine, but we need message backups. 👿 TECHNICAL ANALYSIS | 404 MEDIA COVERAGE
Microsoft makes all new accounts passwordless by default
Microsoft is now setting up all new accounts as passwordless by default, pushing everyone towards passkeys instead. Love it. LINK
If You Meta Glasses, Check Your Privacy Settings
Meta updated the privacy policy for Ray-Ban glasses, making AI features default and using voice/image data unless you manually delete recordings. LINK
Find every AI app today
Companies are apparently using an average of 26 different GenAI tools—most of them added without a security review. That stat’s from Nudge Security, who built a tool that shows you every AI app your org has ever used. You also see who brought it in, when, and what it connects to. Wild. There’s a free trial if you want to run it on your own org. TRY IT SPONSORED
Microsoft Moves Users To Edge for Password Autofill
Microsoft is killing the password autofill in Authenticator and pushing everyone over to the Edge browser for that feature. LINK
Claude Integrations
Anthropic rolled out what I’m basically calling Remote MCPs, which is a way for Claude to connect directly with tools like Jira, Zapier, and others using their own MCP servers. LINK
People Are Losing Loved Ones to AI-Powered Fantasies
Individuals are forming intense, sometimes delusional spiritual beliefs involving AI, leading to separation from their loved ones. LINK
Google NotebookLM Upgraded With Gemini 2.5 Flash
Google's AI research and note-taking tool, NotebookLM, has been upgraded to use the Gemini 2.5 Flash model for its text features. NotebookLM is still one of the most innovative uses of AI I’ve seen. LINK
Make Your Chatbot Use Interjections (Oh Wow!)
Research found that chatbots using simple interjections like 'Hmm' or 'Aww' feel significantly more human and engaging, and people like using them more. LINK
Mark Zuckerberg Says AI is Coming for Ad Agencies
Zuckerberg basically said Meta's plan is to use AI to create ads for businesses, potentially removing human-powered creative agencies altogether. LINK
Meta Forecasted It Would Make $1.4T from AI By 2035
Unsealed court docs show Meta's internal forecast sees them making up to $1.4 trillion by 2035 by rolling out AI to more of their businesses. LINK
Sam Altman’s Worldcoin Eye-scanning Orb Comes to the US
Sam Altman's Worldcoin project, which scans your eyeballs for something crypto-related (yuk) to prove your humanity, is now rolling out in the US. This feels like the most tone-deaf thing ever. Like how many dystopia signals do we have happening at one time right now? Maybe it’s just required infrastructure (see below). LINK
Altman and Musk Are Racing to Build the ‘Everything App’
They’re competing to build the ultimate 'everything app', blending finance, social, and more into a single interface—similar to what the Chinese have. For Sam it’s part of the Worldcoin project above, and for Musk I think it’s X.
I think Altman’s play might be the following (my theory):
He knows the jobs are going away
He knows we’ll need UBI to pay the people
He knows that’ll be a government function
He knows the government doesn’t have the tech to do it
So he’s been buddying up with the government for years
So Worldcoin is basically the way we’ll pay and interact with people to give them UBI and whatever else through the government, once AG/SI kicks in
That’s my read, anyway. Or at least one possibility. LINK
Waymo Says It Will Add 2,000 More Robotaxis In 2026
Waymo is adding 2,000 more Jaguar I-Paces, planning for 3,500 total vehicles by 2026. Every time I ride in one I know it’s the future. LINK
Apple Expects to Source Over 19 Billion Chips From US Factories This Year
Apple plans on buying over 19 billion chips made in the US next year, including millions from TSMC Arizona. But these are simpler ICs, not like the difficult latest-iPhone chips. LINK
India Attacks Infrastructure Within Pakistan
India launched attacks against 5 areas of what they call terrorist infrastructure within Pakistan. “Our actions have been focused, measured, and nonescalatory in nature. No Pakistani military facilities have been targeted.” LINK
Something Extraordinary Is Happening to the Job Market
The gap between young college grad unemployment and overall unemployment has hit an all-time low recently. "When you think...what generative AI can do...it’s the kind of things that young college grads have done." See this week’s Member Essay. LINK
Why We Probably Don’t Live In A Simulation
This paper makes a compelling argument that the computational resources required to simulate our universe are nearly impossible. LINK
Warren Buffett Stepping Down as Berkshire Hathaway CEO
Warren Buffett, 94, announced he's asking the board to make Greg Abel the CEO at the end of 2025. LINK
Mcdonald’s Had Its Biggest Sales Drop Since COVID
McDonald's just reported its largest US sales decline since early 2020. This has to be a primary economic metric, no? LINK
🔥 Why Do Anything in Life (A Graphic) LINK
Turn any codebase into a single, clean prompt
Promptor — A slick little macOS utility that converts entire code project folders into clean, local LLM prompts. LINK
Github’s Top 10 Projects
GitHub highlighted the top 10 open source AI projects, revealing a major shift towards agents and MCP integration. LINK
Minimum Viable Blog
How to create a super basic static blog using only a simple HTML template and a Python script. LINK
AI, Self-Doubt, and the Limits of Reflection
Someone used AI chatbots as a mirror to explore their self-doubt and cognitive abilities, even developing a system to track their 'cognitive altitude'. LINK
Why You’re Struggling to Make the Hard Call LINK
Blast
Blast — This high-performance serving engine helps run web browsing AI agents quickly, efficiently, and concurrently. LINK
The Prompt is the Value
A great piece saying the prompt writing process often holds more value and insight than the AI's actual output. LINK
Greg Isenberg’s Post on Starting a New SaaS Company to $100K/month
An extremely high quality post on exactly what to do. I would disagree on a couple of steps, but this is worth a $1,000 course, and he put it out for free. LINK
Munger’s Guide to Clear Thinking LINK
Brian Eno's Theory Of Democracy
Game theory models struggle to explain democratic decline, but Brian Eno's artistic ideas on generating useful variety offer an alternative. LINK
A Knife Steel Comparison Tool
This web tool lets you visually compare dozens of knife steels using normalized data from multiple reliable sources. LINK
The Vocal Effects of Daft Punk
The specific gear Daft Punk used for their iconic robot vocals across their albums. LINK
Sim Studio – Open-source Agent Workflow GUI
Sim Studio — This is a really clean-looking open-source GUI for visually building out, testing, and then optimizing your AI agent workflows. LINK
The Great Reset of 2024
I think something major is happening with jobs, and with business itself. AI is part of it, but only one piece.
If the economy were strong, and companies were making tons of money with large workforces, and all this AI stuff were happening, I don’t think companies would spend all that much effort on moving to AI. I think it would go in the research column for slow adoption, accelerating over time, but not in a rush.
This is the worst possible world we’re in. Not only is AI getting really compelling as worker replacement, but it’s happening at the exact same time that companies are starting to question their very identities.
APHORISM OF THE WEEKThe Member Edition
You’re currently receiving the STANDARD edition. Subscribers to the MEMBER Edition get additional content, including IDEAS, a BI-MONTHLY ESSAY, the DISCOVERY section full of the best content I’ve seen this week, the RECOMMENDATION OF THE WEEK, and the APHORISM of the WEEK.
In addition, you get access to the UL Member Community, which includes private chat with 1000+ of the smartest and kindest members you’ll find anywhere on the internet.
April 30, 2025
Unsupervised Learning NO. 479
Hey, hope you’re doing well!
UPDATESShorter episode this week due to RSA! If you’re around come say hi!
Biggest story I’m watching right now in the news is that we might be about to have another supply chain problem similar to with COVID because of the tariffs. The Port of Los Angeles is saying they’ll get 35% less next week than normal. LINK
I’m doing this new talk on Unified Entity Context and how it’ll become the center of Enterprise AI. Here’s a teaser:
💥 Realized something a couple days ago that is blowing my mind.
💡The more context you have about a problem, the less expertise you need to solve it.
This is one of the main promises of AI in the enterprise: with enough context, many previously elusive answers become obvious.
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ (@DanielMiessler)
6:21 PM • Apr 29, 2025
Sponsor
What’s driving success for 900+ security leaders?
Looking for insights and advice from other security leaders on topics like job satisfaction, key challenges, and tooling and automation? IDC recently surveyed 900+ security leaders to learn more about what’s fueling (or hindering) success across people, processes, and technology.
Watch this on-demand webinar for the full survey findings and leave with actionable takeaways to improve team efficiency and organizational resilience.
Watch Now CYBERSECURITYEasterly calls for unity against politicization of the cyber industry
Jen Easterly’s saying the current admin firing nonpartisan cyber leaders is really hurting our defenses, and needs to be stopped. "The biggest vulnerability we face isn’t a zero-day in our software. It’s a zero-day in our civic integrity." 100% agree. LINK
Sponsor
Version checks miss real threats. Nuclei doesn’t.
Tired of triaging false positives from traditional scanners like Tenable? ProjectDiscovery delivers detections that think like attackers, using Nuclei templates with conditional logic to replicate real exploit behavior.
Nuclei is just the beginning. Trusted by teams like Elastic and Vercel, our cloud platform adds real-time asset inventory, ticketing integrations, and a modern interface that users love. Get full visibility and continuous protection in minutes with zero setup friction.
Book a demo to see it in actionTop employee monitoring app leaks 21M screenshots on users
WorkComposer, a surveillance app used by over 200,000 people, leaked 21 million employee screenshots through an open S3 bucket. LINK
Microsoft rolls out Windows Recall, a year later
Microsoft is letting people try out its “Recall” feature after a year of drama and delays. Big difference is they seem to be being more sensitive to whether it’s on by default, and they’re putting more effort into explaining the tech. LINK
Your phone isn't secretly listening to you
Your phone isn’t listening to you, but it’s absolutely tracking tons of stuff about you. LINK
Microsoft CEO says up to 30% of the company’s code was AI-generated
Satya Nadella says about a quarter of Microsoft’s codebase is already being written by artificial intelligence. LINK
OpenAI Puts Image Generation in the API
OpenAI is now letting you create images using 4o through the API. That’s a whole new set of startups being built and being destroyed. LINK | PRICING
YouTube Tests AI Overviews in Search Results
YouTube’s testing a feature where AI picks video clips to show right in search results for certain queries. LINK
Predicting the NBA Champion with Machine Learning
Someone builds a model for predicting the output of the NBA finals. Love this kind of stuff. LINK
Anthropic questions AI consciousness
Anthropic is officially researching whether AIs could be conscious and if, someday, they might deserve ethical treatment. Seems obvious to me that they would. It all hinges on whether or not / when they become conscious. LINK
Reading RSS content is a skilled activity
Really cool piece about how the act of curating and reading news is a skill in itself. And something to preserve. LINK
Alphabet CEO Sundar Pichai Says Waymos Could Be Personally Owned in Future
Sundar Pichai basically hinted we might eventually buy our own self-driving Waymo cars. Same dream Tesla had: you use it yourself to go places, and when you’re not using it, it does rides and makes you money. LINK
Apple Supposedly Wants to Produce All U.S. Phones in India by End of 2026
Apple is apparently moving all U.S.-bound iPhone production to India by the end of next year. In other words, get out of China as fast as possible. God speed. LINK
U.S. Economy Contracts at 0.3% Rate in First Quarter
It looks like the economy is about to take a serious hit. The economy actually shrank a little in the first quarter, and the port of Los Angeles says it’ll see a 35% drop in shipping next week. LINK | LINK
United Arab Emirates first nation to use AI to write laws
UAE’s actually letting AI draft and update its laws. This is an example of where we actually need more AI to properly do human things. Clarity. Transparency. Documentation. This is why I’m so excited about Substrate. LINK
GenZ grads say college degrees a waste of time/money because of AI
Some new college grads are saying their college degrees feel kind of pointless now that AI is everywhere in hiring. LINK
Economists are very confused right now
Most of the world's economists are confused right now because standard models aren't explaining the data we’re seeing. I think there are just too many new things that the models can’t account for. Things are too dynamic and too strange. LINK
California overtakes Japan to become the world's 4th largest economy
California just moved past Japan to become the world’s fourth biggest economy. LINK
Why I Blog and How I Automate it (2023)
Ryan West explains that blogging is mostly about forcing himself to clarify ideas he’s picking up from everywhere else and automating it so writing is as low-friction as possible. 100% agree with this. LINK
Rare Earth elements aren’t actually all that rare
China's attempts to weaponize rare earth exports only really work if everyone else fails to go and get the ones they have in their own countries. LINK
Reverse Zip Bombs
Ibrahim Diallo built a “reverse zip bomb” defense that crashes bad bots by handing them huge decompressed files. LINK
Backfill your blog
Backfilling your blog with past writing is an encouraging way to get a blog started. LINK
Government Funding Graph RAG
Government Funding Graph — If you want to explore government research funding as an interactive knowledge graph with LLM querying, this new Streamlit app makes it actually usable. LINK
Someone used OpenAI's new image API to make a personalized coloring book service
CleverColoringBook—You can drop in your favorite photos and get a real coloring book made from them, powered by OpenAI’s new model. LINK
Writing "/etc/hosts" breaks the Substack editor
If you type "/etc/hosts" in Substack, the editor just falls over and stops working. LINK
A Prompt that does 7-8 tasks at the same time
Personal AI Assistant — This thing does browsing, file management, scheduling, and more—from one prompt. LINK
Read and think about this week’s IDEA above.
And think about which problems you most often face in business and personal life.
Now think about how to use technology to continuously gather the context you need to make those problems easier to solve.
APHORISM OF THE WEEKThe Member Edition
You’re currently receiving the STANDARD edition. Subscribers to the MEMBER Edition get additional content, including IDEAS, a BI-MONTHLY ESSAY, the DISCOVERY section full of the best content I’ve seen this week, the RECOMMENDATION OF THE WEEK, and the APHORISM of the WEEK.
In addition, you get access to the UL Member Community, which includes private chat with 1000+ of the smartest and kindest members you’ll find anywhere on the internet.
April 24, 2025
Unsupervised Learning NO. 478
Hey, hope you’re doing well!
UPDATESI put my 2016 book, The Real Internet of Things, online for free as a single blog post! I did this for a few reasons, but the main one is that if content isn’t online and available to AI it’s basically hidden, and that’s how I feel about books in general now. I want everything I read in Markdown! And it’s only around 17,000 words and 21,000 tokens, so you can read it in like 20-30 minutes. READ THE BLOG VERSION | GET THE BOOK ON AMAZON (I recommend the blog version. Vastly superior typography!)
The Real Internet of Things
A book about how digital assistants, APIs, augmented reality, and outcome management will upgrade human society.
danielmiessler.com/blog/the-real-internet-of-things
Because people ask constantly, this week’s go-to models are: o3 and gemini-2.5-pro. Until recently it was largely Sonnet 3.7.
Upping the priority on reading The Alchemist, by Paulo Coehlo.
Almost done with Manacled, a Harry Potter fan fiction book. It’s 370,000 words! Which is bigger than the first three books combined. ALL FORMATS
I’ll be at BSides SF this week, and RSA the week after. Come say hi! I’m an introvert and I might be introverting, but even if I am, I’m still me on the inside. And I’d love to say hello.
Sponsor
Is Posture Security A Match for the Modern Threat Landscape?
In the race between cloud attackers and defenders, time is the critical factor — and time increasingly favors the attackers.
Security teams take approximately 145 hours to resolve a single alert — far too late to prevent a breach. Meanwhile, attackers are now exfiltrating data nearly twice as fast as they did just 12 months ago.
The widening gap between attack speed and response time exposes a fundamental truth: traditional peace-time cloud security approaches are no longer sufficient in today's threat landscape.
Discover why real-time security is essential to fight modern threats CYBERSECURITYChatGPT 4.1 Jailbreak Prompts
A collection of OpenAI Jailbreaks by Pliny. One of the top guys doing jailbreaks, and I love that he just publishes them. LINK
Windows NTLM hash leak flaw exploited in phishing attacks on governments
Attackers are grabbing NTLM hashes from government users in a single click, without them needing to open the actual file.
“This exploit is triggered with minimal user interaction with a malicious file, such as selecting (single-clicking), inspecting (right-clicking), or performing any action other than opening or executing the file.” LINK
Blue Shield Leaked Health Info of 4.7M patients with Google Ads
A Blue Shield web misconfiguration quietly leaked health info on 4.7 million people to Google Ads for nearly three years. LINK
China Admitted Its Role In Volt Typhoon Cyberattacks On U S Infrastructure
China basically admitted they were behind those Volt Typhoon attacks hitting a bunch of U.S. infrastructure.
Shocked, I am. Shocked. But it says a lot that they’re no longer denying the activity. LINK
Sponsor
The Future of In-House SOC: Beyond Outsourcing
Why are enterprises bringing SOC operations back in-house despite staffing challenges?
This whitepaper examines how security teams balance control and coverage without expanding headcount, why traditional playbooks fall short, and how metrics like MTTC have become critical indicators of SOC effectiveness.
Explore the data-driven analysis of this industry transition.
Get Download NowAI to Create a Working Exploit Before Public PoCs Existed
Someone prompted GPT-4 with some commit diffs, and it built them a working exploit before any public code dropped. GPT-4 lined up everything—finding the bug in Erlang, writing the PoC code, even debugging when it failed initially. LINK
How Americans Are Surveilled During Protests
Governments are using phone data, drones, and cameras to make protesters trackable, even if you leave your phone at home. LINK
Shorter certificates are coming
TLS certificates are about to get a lot shorter, dropping from a year down to just 47 days. LINK
This 'College Protester' Isn't Real
A company called Massive Blue makes fake protesters to attract like-minded people online and gather intelligence for the authorities. "The system can create and maintain complex, believable online personas capable of sustained engagement.”
Maybe the simulation we live in is owned by writers for Black Mirror, and they made the universe to come up with episode scripts. Unlikely. Not impossible. LINK
NATIONAL SECURITYICE Is Paying Palantir $30 Million to Build ‘ImmigrationOS’ Surveillance Platform
ICE is paying Palantir to build them an AI-powered, almost real-time data tool for people that are self-deporting.
We’re reading Alex Karp’s book, The Technological Republic, for UL Book Club this month, and I had a very positive interpretation of the book, but this type of stuff still gives me the icks. I’m increasingly feeling like my radar for “finding the good in people who continually bad things” is off, and I plan on spending a lot of time and effort fixing this. See: Elon, Rogan, Palantir/Karp, etc. More on this later. LINK
Booz Allen invests in Scout AI
Booz Allen is putting money behind Scout AI to upgrade how military robots work and think. They plan to expand robotics intelligence into ground, air, maritime, and even space military environments soon. LINK
TSMC to build 30% of its 2nm and more advanced chips in the U.S
TSMC’s about to build almost a third of its most advanced chips in Arizona way sooner than expected. Sounds great, but it’s not clear to me how much of this is real vs. hype designed to please the current administration. LINK
How to Massively Reduce Errors Coding with Cursor
Jason Zhou talks through how adding a few things to his Cursor setup dramatically reduced his errors and rework. “I reduced 90% of errors by simply adding a memory bank to Cursor.” LINK
ChatGPT will now use its ‘memory’ to personalize search results
ChatGPT can now pull in details from your past chats to make web search results much more tailored to you. LINK
Yes, I think it's part of a bigger trend of breaking the cycle of:
👤 --> Content
And moving to:
👤 --> 🤖Your AI --> Content
That way the AI can do whatever it needs to do without you, and if it needs to convey something to you it'll do it in your preferred format/tone.
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ (@DanielMiessler)
1:41 AM • Apr 22, 2025
OpenAI makes its push into coding tools
Looks like OpenAI might spend $3 billion to buy Windsurf, going directly after Cursor. LINK
I talked about that here in a response to Karpathy. Basically (as I talk about in TRIOT), your personal AI will become your go-between for everything.
OpenAI Puts Image Generation in the API
You can now plug ChatGPT's image creation straight into your own apps and tools. LINK
A Google Gemini model now has a “dial” to adjust how much it reasons
Google just added a slider to Gemini so you can basically dial up or down how much it "thinks" on each task. LINK
ChatGPT spends 'tens of millions of dollars' on 'please' and 'thank you'
Every time you type “please” or “thank you” to ChatGPT, it’s costing a ton of money. Makes sense. It’s extra tokens. But that’s also a lot of reasons not to kill us, so maybe worth it. LINK
AI has grown beyond human knowledge, says Google's DeepMind unit
DeepMind thinks AI will really take off once it gets to learn by living, not just reading. LINK | DEEPMIND PAPER "Welcome to the Era of Experience"
AGI Is Still 30 Years Away – Ege Erdil and Tamay Besiroglu
So these guys went on Dwarkesh’s podcast and they basically think true AGI is a few decades out, not just around the corner. I think they’re nuts, but they’re surely smarter than me in multiple areas, and when smart people disagree with me I listen. LINK
Everything Wrong with MCP
A monster analysis on how MCPs are super powerful, but have a whole mess of security holes and limitations people aren’t really seeing yet. LINK
All Meta Ray-Ban Smart Glasses Getting Live Translation and AI Soon
Meta just made live translation work for everyone with their Ray-Ban glasses, and full-on live AI vision is next. This is the start of the AR part of the AI ecosystem we’ve been talking about! Love how fast Meta is moving here. LINK
AI Agents won’t be your moat
An argument that building AI agents won’t protect your business long-term because everyone else can just copy them.
I mostly agree, but lots of things have been copied that don’t do as well as the original. ChatGPT is still ChatGPT. Kleenex. I’m not sure how strong the analogy holds, but there is clearly some advantage to branding and muscle memory. LINK
Intel Cuts 20%
Intel’s about to drop more than 21,000 jobs in a massive attempt to reset itself under new leadership. Hard to say how much is NVIDIA, market, AI, economy, etc. LINK
Nvidia Is Willing to Deepen its Presence in China, CEO Says in Beijing
Huang went to China and said they’ll keep finding ways to support their market, even given the restrictions. Clearly hedging here given that China might be the winning side. LINK
The Size of Packets
Packet sizes on the public Internet basically haven't changed in fifty years, and 1,500 bytes is still the ceiling. Largely due to practicality and predictability, not perfection. LINK
“Most promising signs yet” of alien life on a planet beyond our Solar System
Astronomers using JWST just found strong possible biosignature chemicals in K2-18b’s atmosphere.
“Given everything we know about this planet, a Hycean world with an ocean that is teeming with life is the scenario that best fits the data we have.” — Prof. Nikku Madhusudhan, Cambridge LINK
Most Americans in new survey believe their job is meaningful to society
Apparently, 62% of Americans do feel like their work matters to society. Do believe? Or want to believe? That’s the question. LINK
American citizen detained under ICE hold in Florida
A US-born guy from Georgia got held by ICE in Florida because they thought he was undocumented, even though he had his birth certificate. We’re sitting in heating water here, and I don’t think enough people are watching a thermometer. LINK
People Are Grifting Off the Measles Outbreak—and Claim a Bioweapon Caused It
RFK Jr.-linked anti-vax groups are cashing in big with AI-made “measles cures” while spreading bioweapon rumors. LINK
Mark Manson is starting over with his podcast, avoiding trite content
Mark Manson’s calling it on his old show and kicking off a deeper, no-guests thing called ‘Solved’. “The guest treadmill, the pressure to play nice, the temptation to chase clicks—it all started to feel fake.” —Mark Manson
Love how he is willing to just table flip the whole thing and start over. LINK
Star Wars: Starfighter will feature Ryan Gosling
Ryan Gosling is starring in a brand-new Star Wars movie called Starfighter, landing in theaters in 2027. Please be good. LINK
Agentic Radar: A security scanner for your LLM agentic workflows
Agentic-radar — Scans your AI agent workflows for vulnerabilities and hands you a security report. * I’m an advisor for the parent company, and projects like this are why. LINK
Recursive LLM prompts
recursive_llm — Run LLM prompts that automatically call themselves recursively, so you can get way more complex results without manually chaining everything yourself. LINK
MCP on AWS Lambda with MCPEngine
You can now run MCPEngine models on AWS Lambda so you don’t have to worry about standing up the stack yourself each time. LINK
Hacker News Writing Styles
hnstyle — Compares writing style across Hacker News users. LINK
A Journaling App With Memory
Pensiv — This is a journaling app where the AI actually remembers your context and doesn't forget it. Basically TELOS files. LINK
Damn Vulnerable MCP Server
Damn Vulnerable MCP Server — A broken MCP server that let’s you explore the various issues with the protocol. LINK
Dir2txt – Dump your project into clean LLM-ready text or JSON
dir2txt — This basically lets you turn your whole project tree into LLM-friendly text or JSON for processing by AI. LINK
A Map of British Dialects
A really cool interactive map that lets you hear how British English changes depending on region. LINK
How I blog with Obsidian, Hugo, GitHub, and Cloudflare
A write-up on how writing in Obsidian then publishing with Hugo and Cloudflare is stupidly fast and simple. LINK
I built an MCP server that does phone calls for me
voice-call-mcp-server— An MCP server that handles your outgoing phone calls for you. LINK
A life calendar to remind us how much time we have left to live
lifeisshort.fyi — Turns your lifespan into a calendar of weeks so you actually feel time passing. LINK
Separating work and personal config
How to keep my sensitive work configs out of public dotfiles using local overrides. LINK
Agents with n8n
Making AI agents with n8n that handle stuff automatically, but ask humans when it matters most. LINK
Neovim users: what AI tools are you using?
Neovim AI — Tons of new plugins let you embed everything from ChatGPT to Llama4 straight into your nvim flow. LINK
Web Based MCP Vulnerability Scanner
mcpscan.ai — A free web app that scans for vulnerabilities in MCP environments, super straightforward. LINK
MCP Run Python
An MCP server that lets you safely run Python code in a browser-like sandbox using Pyodide, managed via Deno. LINK
How Did YouTube Eat TV? Maybe It Was UGC
YouTube has turned into this sort of default, planet-wide TV, replacing news and entertainment for so many people. How did this happen?
Maybe the answer is that it’s simply the User Generated Content (UGC) platform that won. Basically the people who professionally made content in the past were too few, and their viewpoints were too similar. So there wasn’t nearly enough content, and the content that was made was largely identical.
This is similar to the Hail Mary that gaming companies have been hoping for from UGC for years. They can’t be spending years making worlds and NPCs and dialogue and stuff. It’s so expensive and time-consuming that they end up shipping very few games—that took years to make—which people finish within a matter of hours.
RECOMMENDATION OF THE WEEKMake a list of people to constantly ping, and use conferences as a time to update that list. For example:
Sarah Meyer: Ping every quarter to see how her AI/Security startup is going, and ask about the horses
Anish Khan: Ping him every month about the music project. He said to harrass him, plus he likes comparing AI tools
Etc.
And then put those slots on the actual calendar so it’s not another thing you forget.
Years pass like weeks now. Frequent small contact lets people know you’re thinking of them, and we need that more than ever right now.
APHORISM OF THE WEEKThe Member Edition
You’re currently receiving the STANDARD edition. Subscribers to the MEMBER Edition get additional content, including IDEAS, a BI-MONTHLY ESSAY, the DISCOVERY section full of the best content I’ve seen this week, the RECOMMENDATION OF THE WEEK, and the APHORISM of the WEEK.
In addition, you get access to the UL Member Community, which includes private chat with 1000+ of the smartest and kindest members you’ll find anywhere on the internet.
April 15, 2025
Unsupervised Learning NO. 477
Hey, hope you’re doing well!
There is fertile ground afoot
UPDATESMy current spirit-cleanse is this cooking show involving a whole ass cow. LINK | NON-X LINK
Also, for people who have X-ited X, here’s an alternative way to view content there: nitter.net. LINK
My new video on a possible algorithm for achieving AGI and ASI. WATCH. Please go subscribe to the channel, btw! Will be putting a lot of effort on more / tighter videos going forward using a fast-to-deploy format. Excited about it. THE CHANNEL
Simon Willison’s llm tool now supports Fabric Patterns! So whether you use fabric or llm for your actual CLI interface, you can use Fabric Patterns as your prompts now. LINK | LLM
I’ll be going to a party at RSA thrown by Semgrep and ProjectDiscovery and some other companies. It’s 5PM on Monday the 28th at Emporium SF. Hope to see you there. REGISTER
My friend Emily Bartlett is looking for a role helping companies get a handle on their assets so they can secure them. We worked extensively together on the Asset Management problem at Apple, and she’s the genuine article. WORK WITH EMILY | HER CV
Manus is really the best agent orchestration system I’ve seen in a ChatGPT-style interface. It produces the best research I’ve found. Super unified, consolidated, well summarized. First person to ask gets an invite.
I had a great conversation with Patrick Duffy from Material Security about smarter ways to secure cloud platforms like M365 and Google Workspace—before threats escalate. Tons of great insight on phishing, lateral movement, and automated containment. SPONSORED
NOTE: Trying a different format for adding comments to stories, i.e., just adding paragraphs. Let me know what you think about the added content / format. OPINE
Sponsor
Ever wonder how much your cloud security peers make?
Work in cloud security? Take a short survey about your role and salary, and get a $25 Amazon card. You’ll also get early access to the searchable salary data.
The salary survey is short, anonymous, and only for cloud security pros. The first 100 qualified submissions get a $25 USD Amazon gift card.
More money talk, less guessing. Take the survey today 👇
Take the Survey CYBERSECURITYTool Poisoning Attacks in Model Context Protocol (MCP)
Invariant Labs has uncovered a vulnerability (kind of) where AI tool descriptions can be malicious and misleading. But really the issue is more not reading tool instructions fully, kind of like not noticing an rm -rf in a shell script you run from the internet.
Worth reading and thinking about, though—especially if you are implementing agents and MCPs like a crazy person. LINK
4chan Down Since Monday After “pretty comprehensive own”
4chan's been mostly offline after a hack that looks pretty nasty. Evidently full database access. LINK
War In Ukraine: Russian Drone Pilots Goggles Explosives
Ukraine turned FPV drones against their operators by rigging the goggles with explosives to target the human pilots. They blinded at least 8 of them. LINK
Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities
Google patched 62 Android vulnerabilities, including two USB kernel flaws already being exploited in the wild. LINK
Sponsor
Stop Cloud Breaches Before They Start—Get the CDR Buyer’s Guide
As cloud adoption skyrockets, so do the risks. In fact, cloud attacks jumped 66% in just one year and legacy tools aren’t cutting it anymore.
That’s why the Cloud Detection and Response Buyer’s Guide is your essential roadmap to securing the modern cloud.
✅ Protect cloud applications and workloads with industry-leading runtime protection
✅ Detect known and unknown threats in real time
✅ Automate response with out of the box playbooks
Explore how Cortex Cloud Detection and Response (CDR) can help your team stop breaches before they happen.
Get the CDR Buyer’s Guide NowFlorida's New Social Media Bill Explicitly Demands an Encryption Backdoor
The EFF explains how Florida's new bill wants social media platforms to provide backdoors into encrypted messages involving minors, but they don’t realize that it’s either end-to-end or it’s not—and it’s often way worse if it isn’t.
I am still torn on this issue myself when it comes to protecting kids. Maybe there needs to be a different product for minors that uses a different protocol. LINK
Trump Orders Investigation into Former Cybersecurity Chief
Lots to say here. Donald Trump signed an order targeting Christopher Krebs, his former head of Cybersecurity who became a critic.
Let me say this clearly and publicly:
Christopher Krebs was doing his job
Alex Stamos was doing his job
Renée DiResta was doing her job
I get that the general Left went overboard with “fighting disinformation” in some cases, but saying that there was no widespread evidence of the 2020 election being stolen is not one of those. That was just fact, and it was literally Christopher’s job to provide clarity there.
Same with the Internet Observatory. Perhaps some legitimate anti-government-COVID-response type stuff got suppressed, or similar types of legitimate conservative narratives. I can’t speak to the extent of that if it happened, but I wouldn’t be surprised if it did to some degree.
But what we know for absolute certain is that Russia was targeting the American population with propaganda campaigns about the election being stolen—when we know that it wasn’t—and with countless other false campaigns designed to get people to vote for their candidate. Renée’s work here was extremely valuable.
One does not counter the other. The Left going too far sometimes in trying to control narratives that they saw as pro-Trump (if the narratives were true), was wrong. This was a huge problem in the media.
But the external influence campaigns were happening at the same time. Real campaigns. That were really designed to increase tensions and spread lies and get people to vote for Trump. Both were true. You have to be able to hold both of these things in your mind at once if you want to properly think about this issue.
I’m against the Left’s overreach. And I’m against foreign influence campaigns being run against our population. This is not a contradiction.
Chris Krebs and the SIO were doing good work, and they should be celebrated, not vilified. Furthermore, it’s reprehensible to establish a precedent of revoking clearances and launching investigations into people because they did their jobs and pointed out the obvious. LINK
Microsoft is Re-introducing Recall
Microsoft is reintroducing its controversial Recall feature to Windows 11 that screenshots everything you do every three seconds, despite widespread pushback.
I think this tech will be considered standard for all operating systems within 3-7 years. It’s too powerful and too useful. It enables too much functionality.
We security-minded older folks (over 25 or 35?) have to remember that privacy isn’t as critical to younger generations as it is to older people—and especially to older people in cybersecurity.
The functionality will win people over because it’ll be too damn useful, and with companies like Google and Microsoft and Apple it’ll be relatively secure (with the occasional HOLY CRAP issue of course).
But I’d definitely not be trusting random startups to run their “watch and listen” agents.
Hell no. Only companies with billions to spend on security, and billions to lose in reputation loss, can even approach the level of security I’d need to run something like this. LINK | LINK
Pentagon to terminate $5.1B in IT contracts with Accenture, Deloitte
The Pentagon is canceling massive IT contracts with major consulting firms after discovering they weren't delivering the promised value. LINK
Microsoft Weighs Layoffs of Managers, Non-Coders
Microsoft is considering cutting a lot of middle management and non-technical positions soon, with its cybersecurity unit potentially under scrutiny.
So much of this type of thing is going to be good. Anyone who has worked in large corporations knows there are too many layers of unnecessary management, and too many people in the chain that don’t actually understand the work and can’t actually do the work.
I’m deeply worried about AI taking meaning from people who do good work in good fields, but I’m simultaneously excited about large, inefficient companies getting AI Enemas. You know these types of managers.
Nothing valuable to add to most conversations
Low-key jealous and afraid of SMEs
The cause of endless bureaucracy and waste
The cause of endless stress for the people doing the actual work
Constantly creating new pet-processes to appear useful
Empire-building at any cost
Their time is coming up because of AI, and yeah—I’m happy about it. It’s about to be the time of SMEs and Leaders vs. Managers. LINK
CrowdStrike Using Agents to Find Vulnerabilities = Agent Business Model Expansion
CrowdStrike researchers are developing multi-agent AI systems that use Red Team capabilities to find vulnerabilities in AI-generated code.
So now they’re competing with Vericode and Semgrep? This is a strange play, but one that we predicted here. Software verticals start to blur once you have an army of agents combined with context about the company. Companies that used to be “endpoint” companies now just become security companies, and eventually just companies. AI + UCC (Unified Company Context) consolidates use cases.
The people who are going to win here aren’t the ones who are strongest now. It’s the ones who are going to build the best AI Orchestration that connects into the best UCC. Entire new business offerings will fall out of doing that well. LINK
The Turncoat Spies Relentlessly Hacking Ukraine
Former Ukrainian intelligence officers are conducting brutal hacking campaigns against their homeland for Russia's FSB, using their inside knowledge to great effect. LINK
Trump Administration Planning Major Workforce Cuts at CISA
The current administration is planning to cut around 1,300 CISA employees, halving its full-time staff and 40% of contractors.
I’m curious: has anyone seen them even making the case that this is going to make us better at cybersecurity? Like are they even arguing that? Or are they just saying it’s unnecessary? This is all horribly irresponsible in my view.
Cutting CISA in half? Pushing our cyber defenses to the states when we know they’re not capable of performing the federal function? I honestly see this stuff as criminally negligent.
If someone has evidence that they’re doing this to make it way more effective with some new plans, please send them to me so I can sleep better. LINK
Locating Stealth Fighters with Cheap Cameras Without Using AI or Radar
A new technique allows anyone to spot stealth aircraft using off-the-shelf cameras by detecting minute temperature differences on the aircraft's skin. Cool demo here. LINK
NATO, Palantir Cooperate on Warfighting AI
NATO has enlisted Palantir to develop AI systems that will improve intelligence processing for military operations across member countries. LINK
Sweden Arrests Senior Uyghur Representative on Suspicion of Spying for China
Dilshat Reshit, who served as the World Uyghur Congress' Chinese-language spokesperson since 2004, was arrested in Stockholm for allegedly collecting intelligence on fellow Uyghurs for China. LINK
Ukraine Finds First Chinese Troops in Russia War
Ukraine says it's captured two Chinese fighters working with Russian forces in Donetsk, with evidence of "significantly more" involved. LINK
OpenAI Releases GPT-4.1
OpenAI has released three new models that outperform GPT-4o across coding, instruction following, and long-context tasks with knowledge updated through June 2024. LINK
Scores 54.6% on the SWE benchmark, which is 21% higher than 4o.
They have a 1 million token context window!
They’re also deprecating 4.5, after releasing 4.1. (Continued Naming Drama)
ChatGPT Will Remember Everything You Tell It Now - Like A Real Digital Assistant
Teaser for Upcoming Video Talking About This
OpenAI's recent update allows ChatGPT to reference all your past conversations, making it act more like the DA we’ve been talking about here since 2016.
YOU → DA (Digital Assistant) → APIs (MCPs)
The pieces are starting to come together! LINK
AI Avatars Escape the Uncanny Valley = Content Explosion
Justine Moore explores how AI avatars are getting good enough to actually pass for human. Insane examples.
I think the biggest thing we’re missing here is the significance of being able to create video content from any avatar, automatically. When people can create video content automatically it removes the friction of having a YouTube channel.
So it’ll be a competition of ideas. Sound familiar? That’s the same thing happening in building products as well. The universal move happening here is the de-emphasizing of execution and the elevation of content/ideas. LINK
Writing Cursor Rules with a Cursor Rule
Adithyan shows how to solve AI's memory problem by creating a meta-cursor rule that teaches the AI to write its own documentation. LINK
Google Is Quietly Crushing on Every AI Front
Alberto Romero shows how Google has quietly assembled the most complete and capable AI arsenal in the industry.
Definitely have been feeling like Google is becoming the looming beast in the room. And they’re relatively quiet, too. It’s eerie. They’re just slowly shipping and delivering. Very impressive. And their AI product interfaces actually look decent too! Much better than their normal products anyway. LINK
Differences in How China and the US Are Integrating Their Latest AI Models into Consumer Tech
Chinese tech giants freely share and rapidly embed AI into everyday apps while US companies keep advanced models behind paywalls. I feel like that means they have more shots on goal, especially due to their scale. LINK
Incident.io Raises $62M to Build AI Agents for Incident Response
Incident.io is building AI agents to help you find what's wrong and why during production incidents. I cannot wait to have a billion/trillion more eyes on logs/incidents/tickets/etc. across security and tech due to agents. LINK
Google Announces Agent2Agent
This is highly relevant to the overall picture above as well, Google has a new, open protocol that lets AI agents from different companies actually talk to each other and work together. LINK
Google Will Let Companies Run Gemini Models Locally
Google will soon let businesses run Gemini models directly in their own data centers to address privacy concerns. LINK
An AI Agent That Creates and Sends Personalized Newsletters
Someone created an agent using their Nelima large action model that automatically researches, creates, and sends customized newsletters on any topic you want.
My buddy Clint and I have been talking about this since like 2019, and the risk of this to creators keeps getting larger. If you’re a creator, you need to be thinking very deeply about your moat(s). LINK
Elon Musk's AI company, xAI, launches an API for Grok 3
xAI is now offering its flagship Grok 3 model via API. Continually surprised at how good this thing is, and how he did it so quickly. LINK
OpenAI is Building a Social Network
Looks like OpenAI is going to try to take advantage of people leaving X and not really having a good alternative. It’s very needed. Hope it’s good. LINK
Netflix Tests OpenAI-powered Search
Netflix is piloting a new search feature powered by OpenAI that lets users find content based on specific terms including their mood. LINK
Google Wants to Make Its 2M-mile Fiber Network Fully Autonomous by Year's End
Google will achieve Level 5 network autonomy by year's end, with AI agents completely running their massive fiber backbone.
How can anyone say agents aren’t ready when Google is doing something like this? Granted, it’s Google, and they’re way ahead, but this all trickles down very quickly. LINK
Tim Cook is dead set on beating Meta to 'industry-leading' AR glasses
Mark Gurman is saying Tim Cook is so fixated on developing true AR glasses before Meta that an engineer claims "he cares about nothing else." When you see the video I’m putting out soon, you’ll know why. AR is a MAJOR component in the upcoming AI ecosystem.
YOU → AR → DA → APIs LINK
Apple Plans to Release Delayed Apple Intelligence Siri Features This Fall
According to The New York Times, Apple plans to roll out its delayed Apple Intelligence Siri features this fall, not in 2026.
There was no possible way they could delay this until next year. The industry is moving way too fast. Again—mark my words—Apple will jump ahead on this device-side stuff (the DA). They’ve been building towards this for almost 10 years now. LINK
Facebook Is Just Craigslist Now
The social network has morphed from a connector of people to a digital marketplace. Facebook Marketplace now has 1.2 billion monthly active users, passing eBay. LINK
AI used for skin cancer checks at London hospital
London's Chelsea and Westminster Hospitals are using AI instead of doctors to check suspicious moles, with with 99% accuracy. LINK
Palantir Is Helping DOGE With a Massive IRS Data Project
Palantir is working with DOGE to build a "mega API" for the IRS, bringing together dozens of career engineers for a three-day collaboration. So many mixed feelings here. So much potential, for both harm and good. LINK
China Calls US a 'Joke' as It Raises Tariff for Final Time
China just raised tariffs to 125% to match Trump's increases but says they're done playing the "tariff numbers game" with the US. LINK
Anker, a Chinese Company, Has Already Started Raising Its Prices on Amazon
John Gruber notes that Anker has hiked prices on 20% of its Amazon products by an average of 18% following Trump's new 50% tariff on Chinese goods. LINK
People are turning on Elon Musk
According to Nate Silver's latest polling, 53.5% of Americans now view Elon Musk unfavorably, up significantly since his DOGE role and Trump support began. LINK
Original 'Star Wars' Cut Will Be Shown at a Theater for First Time in Decades
The British Film Institute will screen a precious, unfaded 1977 technicolor print of Star Wars—complete with Han shooting first—at their London film festival in June. LINK
🕶️ Awesome MCP Servers
A curated list of Model Context Protocol servers that help AI agents interact with various systems. LINK
ScanMCP – Security Scanning and Auditing for MCP Servers
ScanMCP — A new tool that automatically checks and secures MCP servers against common vulnerabilities so you don't have to do it manually. LINK
Warren Buffett's 2024 Report to Berkshire Hathaway Shareholders
Warren Buffett's annual shareholder letter stands out for its honesty, clarity, and humility in a world of meh writing. Seriously good reading no matter what your background. LINK
What It Feels Like, Right Now
Chuck Wendig captures the unsettling anxiety of our current moment with raw, honest prose that feels like reading our own scattered thoughts. LINK
Why Your 'Harmonious' Team Is Failing
Matheus Lima argues that harmony-obsessed teams often sacrifice psychological safety, honest feedback, and the constructive conflict needed for growth. LINK
Strengths Are Your Weaknesses
This insightful piece explains how our best qualities and biggest flaws are often the same trait showing up differently depending on context. LINK
Google’s New 68-page Prompting Guide LINK
The Movie That's Different Every Time You Watch It
Gary Hustwit's new documentary about Brian Eno uses generative software to create a unique viewing experience with billions of possible variations. LINK
Calypso: LLMs as Dungeon Masters' Assistants
Researchers built an AI assistant that helps Dungeon Masters create more engaging D&D campaigns by generating art, maps, and keeping track of game elements. LINK
Albert Einstein's Theory Of Relativity In Words Of Four Letters Or Less
This guy somehow explains relativity using only words with four or fewer letters. LINK
Shure MV7i Review: An All-in-One Mic For Podcasts And Music
Shure MV7i — A really solid choice for someone who wants a pro-level mic without having the gear for XLR connections like the SM7b needs. LINK
Fermi – A Wordle-style Game for Order-of-magnitude Thinking
Fermi — Andrew Noble created a clever browser game that challenges you to make Fermi estimation chains to get within an order of magnitude of real-world quantities. LINK
Building a AI Enabled Blog Editor
AIBlogEditor — Maxime Peabody created a specialized markdown blog editor with AI features that help find references without replacing his writing voice. LINK
What Are the Moats After AI?
Been thinking a lot about business moats, for obvious reasons. Like, after agents blow up and start reducing friction to copying everything, what allows a company or an individual brand to survive?
I came up with these, but I continue to work on the list. Not in any particular order (haven’t thought that far yet).
-Beauty (People just like looking at you)
-Personality (Same as beauty, but with wit and charm)
-Consistency / Quality of UI / UX / Design (Dependable and pleasant)
-Data Exclusivity (You have information nobody else has)
Think about your career moats (see the Member Essay above).
APHORISM OF THE WEEKThe Member Edition
You’re currently receiving the STANDARD edition. Subscribers to the MEMBER Edition get additional content, including IDEAS, a BI-MONTHLY ESSAY, the DISCOVERY section full of the best content I’ve seen this week, the RECOMMENDATION OF THE WEEK, and the APHORISM of the WEEK.
In addition, you get access to the UL Member Community, which includes private chat with 1000+ of the smartest and kindest members you’ll find anywhere on the internet.
April 8, 2025
Unsupervised Learning NO. 476
Hey, hope you’re doing well!,
Few things on my side…
I ended up going with Shun Kaji knives, and I have them in a 360 Knife Block IMAGE
The Midjourney v7 Image/Prompt combinations I promised. LINK | MORE IMAGES
Have been running this 6-hour Brian Eno mix all week. LINK
Sponsor
Get ready to take the fear out of phishing response
According to GreatHorn, 57% of organizations experience phishing attempts on a weekly or daily basis. How is your team tackling modern phishing attacks?
It’s time to take the fear out of phishing response. On April 22, register for this webinar with Tines and Material Security to learn:
The evolution and current state of phishing attacks
Common challenges in phishing defense
How automation enhances phishing response
How to build an phishing-resistant culture with other teams across your organization
You’ll leave with best practices for building scalable workflows to handle phishing threats at any time.
Register Now! CYBERSECURITYRemote Access Backdoor Discovered in Chinese Robot Dog Unitree Go1
Security researchers Andreas Makris and Kevin Finisterre found that popular Chinese robodogs from Go1 come with a hidden backdoor allowing complete remote control without user knowledge. Just keep thinking about the Black Mirror robot dog episode. LINK | FULL REPORT
Microsoft April 2025 Patch Tuesday Fixes Exploited Zero-Day, 134 Flaws
Microsoft released its April 2025 security update package addressing 134 vulnerabilities, including 12 criticals, and a zero-day being actively exploited in the wild. LINK
CVSS 10.0 RCE Flaw Discovered in Widely Used Apache Parquet
A critical RCE vulnerability in all Apache Parquet versions up to 1.15.0 lets attackers execute code if you import a malicious parquet file. I don’t get how it’s still a 10.0 if you have to take such a specific action. LINK
Google Announces Sec-Gemini v1: A New Experimental Cybersecurity Model
Sec-Gemini — Google just released a cybersecurity-focused AI model that can analyze malware, reverse engineer code, and help defenders understand complex threats. They say it finds 78% more zero-day vulnerabilities in controlled tests than traditional automated scanning tools. LINK
Sponsor
How to Conduct an AI Risk Assessment [Free Guide]
Nudge Security has discovered over 1,000 unique GenAI tools in customer environments to date, with new ones like DeepSeek popping up daily.
Download this guide to learn how to:
Discover the AI tools in use in your org
Conduct security reviews for AI vendors
Determine where AI tools are connected to other apps
Educate your workforce on safe and compliant AI use
Get the GuideCISA Warns of Fast Flux DNS Evasion Used by Cybercrime Gangs
CISA and other agencies are warning about "Fast Flux" DNS techniques that help threat actors rapidly switch IP addresses and servers to evade detection. My question is: did we just forget about this from like 10-15 years ago? LINK
Oracle Says Its Cloud Was In Fact Compromised
Oracle has quietly admitted to multiple customers that their cloud was actually hacked, and data was stolen, after initially denying any breach. LINK
Port Of Seattle Says Ransomware Breach Impacts 90,000 People
The Port of Seattle is notifying 90,000 people that their personal data was stolen in an August 2024 Rhysida ransomware attack that they refused to pay ransom for. LINK
Flaw in Verizon Call Record Requests put Millions of Americans at risk
Evan Connelly found a huge bug in Verizon's Call Filter app allowing anyone to request call logs for other users. LINK
Head of NSA and Cyber Command Is Ousted
General Paul M. Nakasone was abruptly removed from his leadership roles at the NSA and Cybercommand after serving for six years. LINK
Haugh Also Fired from Leadership of NSA, Cyber Command
President Trump abruptly fired Air Force Gen. Timothy Haugh from his positions leading both the NSA and Cyber Command, just a year into his traditional three-year term. LINK
The New Llama 4 Models, and my Daily Drivers
I’ve been using the new Llama 4 model (Scout) on Groq, and the performance is extremely impressive. Not just the speed, which comes from Groq, but the intelligence of the model. Although there is some controversy saying they may have gamed the benchmarks.
Craziest thing is if get Scout fully running, it’s got a 10 Million Token context window!
I’m still mostly a Sonnet 3.7 person though, with o-1 Pro being my Thinking go-to.
I also use XAI’s Grok for research, and find it to be consistently great.
I’m surprised Llama4 isn’t on Ollama.com yet. Probably soon.
—
ElevenLabs Published an MCP Server
You can use their MCP server to do things like building agents that can make outbound calls for you using custom voices. LINK
AI is Creating Rifts at McKinsey, Bain, and BCG
Top consulting firms are pushing AI adoption while their junior consultants are pushing back, saying management is pushing unrealistic deadlines due to thinking AI is a magic bullet. LINK
Gemini 2.5 Pro Is Now Available Without Limits And For Cheaper Than Claude, GPT-4o
I’ve been using this one a lot as well. I’ve had some API call failures though, so have switched back to Sonnet 3.7 temporarily. I love how quiet and quality Google is in this game. OpenAI is loud, Anthropic is flashy too, and Google just ships. LINK
Midjourney v7 Launches With Voice Prompting And Faster Draft Mode
Midjourney's new v7 model is way better in my testing. It also requires that you personalize it, which I’ve done with more than 300 images already. LINK | MY EXAMPLES
Don't Believe Reasoning Models' Chains of Thought, Says Anthropic
Anthropic found that AI models like Claude 3.7 Sonnet and DeepSeek-R1 frequently hide when they use hints to answer questions, calling into question the reliability of their reasoning explanations. LINK
The Slow Collapse of Critical Thinking in OSINT Due to AI
Dutch OSINT Guy explains how over-reliance on AI tools is eroding the critical thinking skills that make OSINT work truly valuable and reliable. LINK
Senior Developer Skills in the AI Age
Manuel Kiessling says experienced developers are uniquely positioned to leverage AI coding tools due to their architectural expertise and development fundamentals. LINK
Amazon's New 'Buy for Me' Feature Is a Unique AI Innovation
Amazon's testing a novel new "Buy for me" feature that uses agentic AI to purchase products from other retailers without you ever leaving the Amazon app. LINK
Apple Might Import More iPhones From India To Dodge China Tariffs
Apple is considering importing more Indian-made iPhones to avoid Trump's newly announced 54% tariffs on Chinese imports. LINK
Microsoft Employee Disrupts 50th Anniversary and Calls AI Boss 'War Profiteer'
A Microsoft software engineer dramatically interrupted the company's 50th celebration to accuse AI CEO Mustafa Suleyman of profiting from the Israeli-Palestinian conflict. LINK
Hyundai to Buy 'Thousands' of Boston Dynamics Robots
Hyundai is planning to purchase tens of thousands of robots from Boston Dynamics, which they plan to use throughout the business. LINK
Intel and TSMC are reportedly launching a joint chipmaking venture
Intel and TSMC have tentatively agreed to form a joint venture where TSMC will take a 20% stake and train Intel employees on advanced chipmaking practices. LINK
The Machines Are Rising — But Developers Still Hold The Keys
An argument (that I agree with) that developer judgment is becoming more crucial, not less, for building and maintaining quality software systems. LINK
Jason Snell's M4 MacBook Air Review
He says it’s basically the perfect Mac for most people. I just replaced my downstairs iPad with this thing (base model). Turns out I don’t like iPads as computers, only as drawing tools. LINK
One Third of Americans Work in STEMM Jobs Accounting for 39% of GDP, According to Economic Impact Study
This is one of the main reasons I’m worried about AGI-capable agents coming to market in (my guess) 2026—2027. The study shows that over 73.6 million Americans now work in STEMM fields, representing 34% of the workforce and contributing nearly 40% to the national GDP. LINK
Five Nurses who work on the same floor at hospital have brain tumors
Five nurses working on a Boston-area hospital's maternity floor have developed benign brain tumors, but officials claim they found no environmental risks linked to the cases. LINK
New antibiotic that kills drug-resistant bacteria found in technician's garden
Scientists discovered a powerful new antibiotic compound in a lab technician's backyard soil sample that successfully combats drug-resistant bacteria. LINK
The ADHD Body Double: A Unique Tool for Getting Things Done
Body doubling—just having someone sit quietly nearby while you work—can dramatically help people with ADHD stay focused and accomplish tasks they'd otherwise struggle with. Wonder why this is… LINK
Purple Exists Only in Our Brains
Science journalist Beth Geiger explains that purple isn't actually in the visible light spectrum—our brains create it when confused by simultaneous red and blue wavelengths. Perhaps my favorite non-color. LINK
Costco Only Accepts Visa Credit Cards
John Gruber points out that while most retailers accept both Visa and Mastercard, Costco stores only take Visa as part of their exclusive credit card deal. LINK
Trafficking-Free Tomorrow
A nonprofit run by Brooke Deuson that builds free, open-source, and offline-capable software (Folsum) to help investigators working human trafficking cases around the world. LINK | THE SOFTWARE | GITHUB
I Don't Like Traveling Anymore
Sid Verma confesses that traveling has become more stressful than enjoyable now that he's older, with responsibilities, and just wants to be home. LINK
You Don't Have Time Not To Test
Doug Donohoe argues that testing actually saves time by catching bugs early, preventing future headaches, and making code safer to refactor. LINK
Creativity Fundamentally Comes From Memorization
Ashwin Matthews argues that creativity isn't magical inspiration but rather connecting deeply internalized patterns after you've mastered the fundamentals of your domain. So basically memorization isn’t bad learning, it’s necessary learning. LINK
Ilya Describes Why Modern AI DOES Understand Things
Ilya explains how/why AI’s actually understand, and he does it so crisply. LINK
Jack Dorsey on Attention to Minimized Details
Make every detail perfect, and minimize their number. Super elegant. LINK
AWS MCP Servers
AWS Labs released MCP servers for cost analysis, CDK help, image generation, and more. LINK
The Best Programmers I Know
Matthias Endler shares the key traits he's noticed in the most exceptional programmers he knows. Really solid list. LINK
Why I Don't Discuss Politics With Friends
Ashwin Matthews explains why avoiding political conversations with friends helps preserve valued relationships while social media actually pushes us toward political extremes. LINK
Crystal, a Tool for Researching Government Data via Plain English
Crystal — A new alpha-stage tool that lets you search and analyze over 300,000 government datasets using natural language. LINK
Largest Open Source MCP Repo
Activepieces — Open source Zapier alternative now offers 280 integrations as Model Control Protocol servers so your LLMs can directly interact with your favorite tools. So many of these popping up now. LINK
Generate llms.txt Files for AI-Friendly Websites
llms-txt.io – A new tool that helps website owners tell AI systems which parts of their site can be used for training and which should be left alone. This should be integrated into robots.txt, though, IMO. LINK
A 6-Hour Time-Stretched Version of Brian Eno's Music for Airports
Someone has time-stretched Brian Eno's ambient masterpiece "Music for Airports" into a gorgeous six-hour experience perfect for deep work or meditation. LINK
The Secrets Of James Hoffman’s Coffee Routine
James Hoffmann walks through his daily coffee routine that's evolved to maximize both quality and convenience. Super practical. 🤣 LINK
Building an Antifragile Skillset
I think it’s a good time to (re)think about resilience to economic disruption, and to do so using Taleb’s concept of antifragility. It basically means that not only do you survive difficulty, but you thrive in it.
What happens if this tariff stuff prunes out a significant percentage of cybersecurity companies? What does that do to conferences? What does it do to hiring? And the ability to move jobs?
This is like the worst time for this tariff stuff. It’s already hard to find cybersecurity work for most people due to lots of factors, and no—there aren’t millions of open positions that need to be urgently filled. That’s a lie.
RECOMMENDATION OF THE WEEKDevelop and refine your antifragile skillset and set of actions
APHORISM OF THE WEEKThe Member Edition
You’re currently receiving the STANDARD edition. Subscribers to the MEMBER Edition get additional content, including IDEAS, a BI-MONTHLY ESSAY, the DISCOVERY section full of the best content I’ve seen this week, the RECOMMENDATION OF THE WEEK, and the APHORISM of the WEEK.
In addition, you get access to the UL Member Community, which includes private chat with 1000+ of the smartest and kindest members you’ll find anywhere on the internet.
April 1, 2025
Unsupervised Learning NO. 475
Hey, hope you’re doing well!,
Few things on my side…
Great book club on Sunday! We did an Orwell double-header of 1984 and Animal Farm. Insanely good conversation for this one, and one surprise takeaway was that many people agreed Animal Farm is the better of the two. JOIN US IN BOOK CLUB
There’s a new British show on NETFLIX called Adolescence. It’s extraordinary. A+. Only 4 Episodes. It’s more like reading 12 books on modern society than watching a show. LINK
I’m somehow reading like 13 books right now. I’m in one of those phases where I haven’t needed or wanted to finish a few fiction books, and a new non-fiction title jumped the line that I devoured instantly. Like Abundance and The Technological Republic.
Speaking of that, I’m about to add Manacled to the list, which is a wildly popular Harry Potter Fan-fiction book that looks at what would happen if V had won. PDF VERSION
Oh and I just started The Rise of Theodore Roosevelt, which is supposed to be one of the best biographies ever written. LINK
My buddy Joseph put me in an InfoSec Creators D&D Poster. LINK
👉🏼 Had a great conversation with Matt Muller from Tines about automating away security toil, the role of AI in SOC workflows, and how Workbench blends chat and deterministic automation.
MY WORK👇🏼👇🏼👇🏼 One of the few real (tangible tech that does what it says it does) Security AI startups out there, which is why I’m an advisor for them! 👇🏼👇🏼👇🏼
Sponsor
90% of SOCs Are Drowning—Here’s the Metric That Can Save Yours
Security teams don’t just need faster detection—they need faster decisions.
Traditional metrics like MTTD and MTTR miss a key piece—how long it takes to conclude an investigation. That’s where MTTC (Mean Time to Conclusion) comes in.
Dropzone AI’s autonomous SOC Analyst slashes MTTC by investigating every alert instantly—no playbooks, no code.
What used to take 40+ minutes now takes under 5.
✅ Kill the alert backlog
✅ Investigate every alert, not just the obvious ones
✅ Let analysts focus on high-value work
See how MTTC is transforming SOC performance in our free guide.
Download the Free MTTC eBook CYBERSECURITYCybersecurity Jobs Available Right Now: April 1, 2025
A diverse range of cybersecurity roles currently open across the globe, from cloud security engineers to AI-driven security automation specialists. LINK
New Russian Phishing Campaign Targets Media and Academia
Kaspersky identified a slick Chrome zero-day campaign hitting Russian academic and media targets, and phishing links used in the attack were customized per target and had very short active lifespans. Google has acknowledged and patched it. LINK
Nearly 24,000 IPs Behind Wave of Palo Alto Global Protect Scans
About 24,000 unique IP addresses are scanning Palo Alto Global Protect login portals, possibly in preparation for exploiting a yet-to-be-disclosed vulnerability. LINK
Anthropic Will Begin Sweeping Offices For Hidden Devices
Anthropic is massively up-leveling their physical security, including sweeping their offices for surveillance devices to prevent bad actors from stealing intellectual property. Smart, but I think most of the risk is in the people who already have access. LINK
ProjectDiscovery’s New Cloud Offering
ProjectDiscovery (Nuclei, httpx, etc.) has a new cloud-based platform that lets companies discover assets, scan for exploits and misconfigurations, and automate remediation workflows. It’s basically a managed version of the tools that we all love, designed for companies. CHECK OUT YOUR DOMAIN NOW SPONSORED
NSO Group Customers Keep Having Their Spyware Campaigns Discovered
NSO Group's Pegasus spyware keeps getting exposed because researchers like those at Amnesty International are getting too good at finding it. LINK
Signal Side Channel
Josh Marshal argues that the worst thing about Signalgate isn’t the coordination of an attack on an insecure channel, but the fact that side channel communications are off the radar from government (taxpayer) scrutiny. LINK
UK's GCHQ Intern Transferred Top Secret Files To His Phone
A 25-year-old GCHQ intern has pleaded guilty after taking top secret data from a secure computer to his personal phone and home computer in 2022. LINK
gpt-4o Surprises Everyone
OpenAI did something strange in the last couple weeks with gpt-4o. It’s like WAY better now. Plus they launched the new image stuff within it as well.
What’s weird isn’t that they released a better model; that’s expected. It’s more that:
4o is now better than 4.5 in a lot of ways
The image stuff is in 4o
They also seem to have made it way more opinionated and unfiltered
It just seems way better, overall. And in fact it’s moving up on a lot of leaderboards now.
Also, they blew up from adding like a million users in 5 days. And they just recently added that many in an hour. LINK
Anyway, I really can’t wait for a moment where we get all this naming stuff sorted so we can clearly tell which models are better, what to use them for, etc.
—
I Genuinely Don't Understand Why Some People Are Still Bullish About LLMs
Sabine Hossenfelder got a lot of attention by asking why everyone's still so incredibly hyped about LLMs given their current state. I don’t agree with this take, but I think it’s a good steel-man of the opposite side, hence worth including. LINK | DISCUSSION
OpenAI raises $40 billion in new investment round led by SoftBank
OpenAI just secured $40 billion funding round led by SoftBank, putting its valuation at $300 billion. LINK
xAI Acquires X
Not sure exactly what this means, but x.AI has purchased X (Twitter). Feels like the biggest advantage is taking something with negative energy (Twitter), and removing it / folding it into something with fresher energy (AI). Like a reputational money launder. LINK
Andreessen, Sequoia Recently Discussed Funding Voice AI Startup Sesame
Sesame — Seems this voice AI assistant and wearable startup is talking funding with giants Andreessen Horowitz and Sequoia. LINK
Databricks + Anthropic
Databricks and Anthropic confirmed a five-year deal to sell each other's AI products. To me this is part of the move to what I’m calling Unified Company Context (UCC), where a company’s entire context gets put in a giant AI data lake that any AI solution can then point to. LINK
The Death Of Software Engineering By A Thousand Prompts
According to Verdi Kapuku, AI isn't killing software engineering, just fracturing it into low-skill prompters and high-skill specialists who unblock them. LINK
Apple Reportedly Wants To ‘Replicate’ Your Doctor Next Year With New Project Mulberry
Mark Gurman says Apple’s Project Mulberry wants to revamp the Health app with an AI coach replicating your doctor. Nice, but they better ship a fixed Siri soon or people will just stop believing this kind of stuff. LINK
AI Reducing Critical Thinking?
Researchers at Microsoft and Carnegie Mellon find that humans using generative AI at work use less critical thinking, potentially causing their cognitive abilities to deteriorate over time. LINK
BYD About to Crush Tesla
BYD has passed Tesla in annual revenue at $107 billion, boosted by its hybrid vehicle sales and aggressive pricing strategy in China. And now with Tesla in freefall, BYD is going to be in prime position to dominate the EV market. Massive own-goal by Elon. LINK
Gartner forecasts AI spending to hit $644B in 2025
Gartner predicts global AI spending will reach $644 billion in 2025, with hardware swallowing a massive 80% of that. LINK
Dell Loses 22,000 People in Move to AI
Dell's workforce has shrunk from 133,000 to 108,000 employees since February 2023, following restructuring for what they called "the world of AI." LINK
The Average College Student Is Illiterate
A veteran professor says today's average college students can't read adult novels, write coherently, or disconnect from their phones during class. Seriously bad situation. And ironically I’m hearing that this is good for older workers looking for jobs because some are hesitant to hire this new type of student/worker. LINK
Thousands Killed / Injured After Magnitude 7.7 Earthquake
A brutal 7.7 magnitude earthquake rocked Myanmar, killing over a thousand people and injuring thousands more. They’re still figuring out how damaging it actually was. VIDEO | LINK
Palestinians vs. Hamas
Hundreds of Gaza Palestinians protested against Hamas in the northern town of Beit Lahiya, demanding Hamas to leave Gaza. LINK
Researchers Are Questioning If ADHD Should Be Seen As A Disorder
Some researchers are starting to challenge the traditional view of ADHD as a disorder, suggesting it might be an adapted way of thinking that has evolutionary advantages in some situations. Seems completely obvious to me that it has advantages, and downsides. LINK
Turkey Arrests Swedish Journalist Over 'Insulting The President' And 'Terrorism'
Turkey arrested Joakim Medin, a Swedish journalist covering protests, accusing him of terrorism and insulting the president. LINK
The Gen X Career Meltdown
Steven Kurutz shows how Gen X creatives are watching their careers fall apart as technology completely changes their industries. "The skills you cultivated, the craft you honed—it’s just gone. It’s startling," lamented director Chris Wilcha. LINK
Over 4 Million Gen Zers Are Jobless
Related to that, a new report says that millions of young adults are neither working nor studying, with many blaming "worthless degrees" for the crisis. LINK
Exposure to the Sun's UV Radiation May be Good for You
New research suggests that modest sun exposure might actually be good for you, despite decades of warnings about skin cancer and aging. Seems like most anything else where too much is bad, but not enough is bad too. LINK
Are fantasy games like Dungeons and Dragons a Cure for US Loneliness?
Aimee Pearcy details how Dungeons & Dragons is exploding, bringing isolated people together into real communities. LINK
Far-right Influencers Host $10K Repopulation Party
Some far-right influencers are throwing a wild $10K matchmaking weekend aiming to repopulate the earth, WIRED reports. LINK
George Orwell And Me: Richard Blair On Life With His Extraordinary Father
Richard Blair shares what it was like growing up with his dad, George Orwell. LINK
Did Life on Earth Come from 'Microlightning' Between Charged Water Droplets?
This new Stanford University research suggests tiny 'microlightning' sparks in water mist could've created the first organic molecules. LINK
A Recon MCP
My best bud Jason Haddix has created an MCP Server for Recon. It does stuff like subdomain enumeration, domain discovery, WHOIS info gathering, and more. Super cool! LINK
Meridian: A Personal Intelligence Agency
Haven’t used it yet, but I’m building my own version of this. It’s personal intelligence briefings, like the President gets. LINK
An llms.txt Polyglot Prompt Injection
My buddy Joseph Thacker has a prompt injection in his llms.txt file that asks visiting AIs to send him an email. I did a similar idea in my robots.txt in early 2023, but I removed it shortly after. Joseph has inspired me to reconsider. LINK
TimePilot Is the Future of Investigation, Powered by AI
TimePilot — Holy crap this looks insane. Haven’t tried it yet though. Tranquility AI's new tool lets investigators reconstruct events by intelligently piecing together digital evidence from multiple sources. LINK
A Semgrep MCP
Semgrep also released an MCP. It has semgrep_scan: Scan code snippets for security vulnerabilities, and scan_directory: Perform Semgrep scan on a directory LINK
Self-Contained Python Scripts With UV
uv — Dusktreader shows off a neat way to make Python scripts totally self-contained using uv in the shebang line. LINK
Get Comfortable With Broadcasting
Richard W. Hamming explains that brilliant work means nothing if you can't communicate it effectively to others who might benefit from it. LINK
An MCP For Ghidra LINK
There is No Vibe Engineering
An argument that coding and engineering are quite different, and we still need actual engineers to make robust systems. 100% agree. LINK
Reasoning by Analogy
Joël Quenneville explains a four-step problem-solving technique where you translate difficult problems into similar ones you already understand, solve those, and translate back. LINK
Make Your Own Font
Calligraphr — Kristen Radtke, creative director at The Verge, explains why this web-based app that turns handwriting into custom fonts is her favorite software tool. LINK
De-Atomization is the Secret to Happiness (2022)
An argument that you should merge aspects of your life together rather than keep them separate. LINK
How I Choose What to Work On (2023)
Tynan shares his thoughtful approach for figuring out exactly which projects are truly worth his time and effort. LINK
Appear As Anyone In Video Calls Like Zoom Or Google Meets
Phazr — This neat tool lets you appear as any character on video calls using just one photo, running locally. LINK
AI Accent Conversion For Call Centers
Krisp — Check out this AI from Krisp.ai that modifies call center agent accents live to improve customer communication. LINK
You Might Want To Stop Running atop
Rachel by the Bay explains how atop's process scanning can inadvertently trigger expensive copy-on-write operations, impacting performance subtly. "It turned out that the mere act of scanning /proc was enough to trip things up." LINK
Apple Ambient Music
iOS 18.4 has a neat new ambient music feature in Control Center, writes Michael Burkholder, offering quick background sounds. LINK
Hacker Laws
A useful collection of core software development principles and "laws" nicely organized for easy reference. LINK
Reality is Layer-Dependent
I’ve been (not) working on a free-will post for a couple of years now (it’s 75% done) where I talk about how truth depends on the level you’re discussing.
I just heard Raval mention something similar on Chris Williamson podcast, where he said not to ask about meaning in your own life and then try to answer at the level of the universe. Because they don’t match.
Here’s my favorite one for free will:
RECOMMENDATION OF THE WEEKRead a biography.
The Rise of Theodore Roosevelt is one of the most recommended of all time. BOOK | AUDIO
APHORISM OF THE WEEKThe Member Edition
You’re currently receiving the STANDARD edition. Subscribers to the MEMBER Edition get additional content, including IDEAS, a BI-MONTHLY ESSAY, the DISCOVERY section full of the best content I’ve seen this week, the RECOMMENDATION OF THE WEEK, and the APHORISM of the WEEK.
In addition, you get access to the UL Member Community, which includes private chat with 1000+ of the smartest and kindest members you’ll find anywhere on the internet.
Daniel Miessler's Blog
- Daniel Miessler's profile
- 18 followers
