Daniel Miessler's Blog, page 77

.errordiv { padding:10px; margin:10px; border: 1px solid #555555;color: #000000;background-color: #f8f8f8; width:500px; }#advanced_iframe {visibility:visible;opacity:1;}#ai-layer-div-advanced_iframe p {height:100%;margin:0;padding:0}

—

If you like my content, you can support it directly for less than a latte a month ($50/year) which also gets you the Unsupervised Learning podcast and newsletter every week instead of just twice a month.

Normally when I write I have a specific thought and I try to lay it out in a structured way.

This post, however, will be one of my stream of consciousness flows that I do every couple of years.

I just finished reading a book called Behave, and it—combined with a number of other books and ideas—is having a strong effect on my thinking.

I’m struck by two (seemingly) conflicting thoughts:

We are so obviously moist robots, with no free will, and our inability to see this is purely a symptom of our scientific infancy, and…
We have no idea what we’re capable of, and genius and exceptional outcomes can spring from nearly anywhere at any time.


Behave

The book Behave by Robert Sapolsky makes an extremely persuasive argument that we are pure products of our genetics and environment. And he does it in an approachable, convincing, and—yes—positive way.

The book taught how little genes matter by themselves, and how much the environment is in play. Perhaps my main takeaway was:

I’m paraphrasing here.

It’s useless to ask what a gene does by itself, because there is no such thing. You have to ask what it does in a specific context.

That is so empowering!

To me it says very clearly that you should try to tweak every possible variable in your favor, because there are thousands (or millions?) of switches constantly being flipped on and off within you, based on your environment.

And the environment means your health. Your food. Your exercise. Your stress levels. Etc.

To whatever degree we control anything.

Those are things we can actually control. We can choose to wake up early and exercise. We can choose to eat less. To eat more healthily. To exercise. To be mindful. To be grateful for the small things in life. To read more books.

And as Sapolsky expertly demonstrates, all these things (especially combined) can make profound differences in how your genes are activated.

So you can have someone who is extremely lucky genetically, but who gets unlucky with their environment, or doesn’t choose to take care of themselves, and they can end up deeply unhealthy, unhappy, and unsuccessful because their talents never get activated or their (now fully active) negative traits overcome any positives.

Conversely, you can have someone who isn’t nearly as gifted—athletically, intellectually, whatever—and yet they eat well, study hard, maintain a positive attitude, get plenty of sleep and exercise, and all those things combine to make them one of the most productive people in the world.

That’s a spectacularly powerful and contradictory message.

You are nothing but your genes and your environment.
But your genes are significantly activated/controlled by your environment.
So do your best to maximize yourself by controlling your environment.


The separating classes

What this got me thinking about is the issue of dramatic class separation taking place right now. Piketty talked about it most clearly in his book, Capital in the 21st Century, which showed that it’s expected for the classes to separate until either war, disease, or famine bring them back together.

Yay. Something to look forward to.

Anyway, it got me thinking about the narratives that people use to explain these things, and how they only focus on one side of the truth.

Some, for example, think that life is all about good genetics and intelligence, and if you’re not born with those things then you’re destined for a life of squalor and unhappiness. And they’re likely to see everything through a Naturalistic Fallacy lens, where if it’s natural it must be good.

Others see the world as this formless mush of potential and success, and it’s just a matter of a few evil people at the top keeping everyone else down. Because everyone has equal potential to succeed at intellectual and athletic and professional tasks. We’re all the same, after all.

Difficult, but not impossible.

Both of these are horribly mistaken, and I think it’d be difficult to finish a charitable read of Sapolsky’s book and arrive at any other conclusion.

People are different. We have different talents. And many talents do come in significant part from our genetic makeup. But it’s not really a group message: it’s an individual message. And it’s a message tempered massively by the role of the environment.

We see people sitting in bad neighborhoods, hurting each other, elevating violence, disrespecting education, etc. And people think this is a genetics problem. Like, “those people” are just like that.

But what this book shows is how much anyone can be like that with similar stimuli.

It reminds me of Outliers, by Malcolm Gladwell.

He showed how if you happened to be born in a certain time of a certain month, you’re likely to be just old enough to be the oldest kid in a particular cohort being selected for a sport.

And since a kid like this was many, many weeks older than other kids, they had a slight size and strength advantage. A small one, but significant enough.

And because they had that advantage, they got noticed by coaches, which got them far better coaching, which in turn led to elite coaching in some cases.

So what you ended up with someone having a tiny luck advantage (they didn’t choose when they were born), which turned into them getting picked for an elite coaching camp that made them so good they’re going to play professionally.

Looking back, people will say, “Oh, he was just that good, and the coaches all saw it.”

The reality is often different though, and Gladwell showed that a disproportionate percentage of the kids who made it to the elite level were born in that magical time window that made them slightly bigger than other kids.

The world is that selection process

What so many fail to understand is that our whole world works like this, constantly, everywhere, for everyone.

First you get lucky or unlucky in the genetic lottery. Then you get lucky or unlucky in where you were born. What parents you had, whether they were stable and loving and educated and affluent, or some combination of the opposite.

Those factors make up the vast majority of outcomes. Truly.

There are, of course, many exceptions to this, where people have every advantage and end up being nothing. Or people are supposedly dull, and come from a horrible background, but they go on to be a master inventor millionaire and saver of the world.

All of these models are true simultaneously, and it’s critical that we understand that.

Stochastic Determinism

I’m reading a book about Claude Shannon’s life and work, and was just reminded of Stochastic processes, where you have short-term randomness but long-term predictability. Or as some put it:

Statistically predictable, but individually unpredictable.

My favorite analog and visual for this is a really drunk person staggering home. If you were to try to predict the way in which they would dip and catch on their next few steps, it’d be near impossible.

But assuming they were not too drunk to walk (and perhaps had some practice), they’re moving along a very predictable path back to their house.

I think this is a really powerful way of thinking about humans and the forces that push them towards greatness, misery, success, and suffering.

We cannot know how poverty will affect a child, but we know how it affects children.

And being financially stable doesn’t mean you’ll be happy.

Having two parents with Masters degrees doesn’t guarantee a given person will be financially stable, but if you look at 10,000 people it probably comes pretty damn close.

Same for childhood hunger, or genius, or good role models, or any number of things.

That’s really the point: there are a massive number of factors that we know to be beneficial to the growth of an individual or a society, and there’s a similar list of the things we know are harmful.

All we can do is turn the knobs.

That’s our mission in life, actually. It cannot be stated more plainly than that.

Our job is to find those variables, attach knobs to them, and turn them to the best possible settings for the largest number of people.

The Absurdist angle

There’s one more dimension here that I want to add, and that is Absurdism.

My definition of this is essentially:

The tension between the truth and what we must pretend were true in order to continue.

I talk about this a lot with regard to Free Will, where I say the way to unify Compatibilist and Incompatibilist thinking is to accept our limitations as humans trying to live daily lives.

The situation is very much the same as someone who studies evolutionary biology, and economics, and sociology, and political science, etc.

I, for example, know that it generally requires a certain pedigree to become part of the intellectual community I admire. People who make it there usually have Ph.D’s, and have parents who both have degrees. Etc.

I don’t have those things. But I also know that the world is different than it was 25 years ago, and 25 seconds ago.

And I also have a whole host of other advantages that could easily help me penetrate particular areas if luck and preparation happen to make friends at some point.

So I grind. Constantly. I always have. Since my 20’s. I’ve been writing in this way since 1996, and I sort of did it long before that.

I know my chances of becoming a Paul Krugman or David Brooks or Sam Harris—in terms of exposure—are severely limited by my background and other factors that were determined for me.

But I don’t care. Because I don’t know the future, and neither does anyone else. And many things far less possible happen all the time.

To be clear, the process is most of the fun anyway, but I do stochastically pursue some goals as well.

So I grind.

Now imagine this same thing multiplied by a million for someone not white, not in one of the world’ds top cities, and without really smart parents. Not super lucky, in other words.

So what I’m saying is that we should simultaneously acknowledge limitations and reject them, just as Camus did with ultimate meaning for the universe.

All we can do is turn the knobs of education, networking, grinding, diet, exercise, reading, etc., and then believe—in some part of you, sometimes—that those knobs are what will make the difference.

That’s what we need to do as individuals, and it’s also what we need to do as a society.

We have to find enumerate the very real disadvantages that people have, find the variables we need to improve, and simultaneously broadcast at full volume that anyone can achieve anything.

This is my mission in life.

Model the world.
Find the knobs.
Set them to the best possible settings.
Pursue individual and societal excellence with optimistic abandon.

—

If you like my content, you can support it directly for less than a latte a month ($50/year) which also gets you the Unsupervised Learning podcast and newsletter every week instead of just twice a month.

You ever been talking to someone on Slack and they send you something formatted in a super cool way, or they use some piece of functionality that you didn’t even know existed?

Yeah, me too. That’s why I wrote this.

This page is a collection of the super cool stuff you can do with Slack, so you can be the person impressing instead of being impressed.

Shortcuts

Slack takes a lot of its DNA from IRC.

The first thing you need to do is learn to stay on the keyboard as much as possible, and the ⌘ and / characters are crucial for this.

The master invocation

⌘–K

It’s still better to do things directly, but if you can’t remember then ⌘-K is a solid choice.

⌘-K is like your central command interface. Once you invoke it, you can then just start typing to find almost anything else you need.

⌘-/ — Show keyboard shortcuts.
/away — Marks yourself away.


Text formatting

One of the simplest (and slickest) things you can do in Slack is mark up your text with formatting. Examples include making it clear that you’re including code, emphasizing things, etc.

text — Bold your text.
_text_ — Italicize your text.
~text~ — Strikethrough your text.
> text — A single line of quoted text.
>>> text — Multiple lines of quoted text.
Wrap a word in a single backtick to make it code sytax.
Wrap multi-line text in tripple backticks for lots of code.


Numbers and bullets


⌘-Shift-7 — to add a numbered list.
* — to add a bulleted list.


IRC Commands

Because all modern chat programs take from IRC to some degree, it’s also possible to do some IRC stuff in Slack as well.

/me tips hat

Slash / commands


/away — mark yourself away
/active — mark yourself active
/dnd — set yourself do not disturb
/msg or /dm — send a message directly to a user
/s — search for stuff
/status — set your new status

—

If you like my ad-free content, you can support it directly for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month.

This is a Member-only episode. Members get the newsletter every week, and have access to the Member Portal with all existing Member content.

Non-members get every other episode.

Sign in

or…

—

If you like my ad-free content, you can support it directly for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month.

Twitter just released a new feature in their mobile app that lets you swipe back and forth between up to five lists.

This is handy, because while Twitter lists have always been interesting, they’ve been pretty hard to get to—especially on mobile.

The update got me thinking a lot about my own list organization, and how I might optimize my lists to make use of it.

Modes of interaction

When thinking about how to redo my lists for swiping, I came up with two different models.

By Topic (Security, Tech, Humans, Politics, etc.)
By Mood (Positive, Serious, Funny)

The question being that when I wanted to switch modes, what mode was I really referring to?

And that question requires you to ask and answer other questions.

What do you use Twitter for?
When Twitter is working well for you, what is it doing?
When Twitter is a dumpster fire, what’s going wrong?
What do you wish it did better?


My use cases

These are my current lists.

I think my use cases come down to:

Follow what my friends are up to, and give them interaction and support online
Track other people in the industry, see what they’re doing, and see if I should check out that thing
Learn about new industry stuff
Follow the news, and hear commentary on it from people I know
Hear the raw wit and humor of people I follow
Broadcast my ideas and get feedback from others on them

If I carve that down, I think I end up at:

Follow/support my friends
Track the industry
Get current events analyzed by people I know
Broadcast my own signal

And actually, those actual match fairly well to the lists I already have.

Signal is people who broadcast strong content of any type (security, politics, etc.), Friends is for people I know closely, Infosec is for security types, and Bay Area is for local folks, because at one point I was trying to reach out to local people for coffee and chat.

This makes me think I’m actually looking for something more extreme.

I think I need a combination of content and mood lists. So maybe:

Home
Friends
Positivity
Curiosity/Learning
Infosec
Politics

This would take me from Home (unfiltered) into my two happy places, then into topics likely to inform/anger me.

I think that’s a good flow.

There’s no place like home screen

There’s also another possibility, but it’s quite extreme. And that’s to turn the home feed into a neutral/positive place, and then add additional content via lists.

So I’d only follow positive/uplifting sources, and then add everyone/everything else via their topic/category. So:

Home (safe/positive)
Friends
Curiosity/Learning
Infosec
Politics

This seems interesting, but it’d be quite an overhaul. And something feels strange about sanitizing my homescreen.

In one mind I think if the world causes me stress then I should fix the world, not look away. But my second mind knows that if Twitter makes me angry/activist/sad multiple times a day, when I accidently find myself in the app, then I should control that input so that it’s positive.

In other words, if I know I tend to automatically walk up to my fridge and eat something inside without thinking, the smart thing would be to stock it with healthy food.

Anyway, those are my thoughts.

I think the swiping gives us a good chance for context switching within the app. We just need to decide what those various contexts should be.

If you’ve thought something similar, or have cool list organization ideas, definitely hit me up or post them somewhere so we can exchange ideas.

—

If you like my ad-free content, you can support it directly for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month.

.errordiv { padding:10px; margin:10px; border: 1px solid #555555;color: #000000;background-color: #f8f8f8; width:500px; }#advanced_iframe {visibility:visible;opacity:1;}#ai-layer-div-advanced_iframe p {height:100%;margin:0;padding:0}

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.

What I like so much about the podcast world is how two shows can cover mostly the same material, but be wildly different.

The world of security podcasts is like this, with my top three recommendations having completely different tastes and textures.

I wasn’t going to recommend my own show, but then I realized that if I wasn’t willing to recommend it then I shouldn’t be doing it.

For podcasts, structure and delivery is just as important as content.

Here are my three go-to recommendations for security-related podcasts. There are many other excellent options; these are just my foundation starters.

Different show, different offerings

As you can see here, it’s not about which show is better—it’s about which show is offering the mix of content and style that you prefer. I created this matrix just now using News, Technical Analysis, Societal Impact Analysis, Entertaining Stories, What’s Coming Next, Hacker History, and Humor as my categories.

Predictable value and timing are about having known sections that you can jump to or skip to hear what you like.

Because the shows are so different, I know many people who love or hate them because of one particular aspect. Some people can’t stand humor, or can’t listen if it isn’t funny. Others tune in or out based on the voices and personalities. Some listen for content alone, and others listen to hear the people.

Here’s more on each of the three.

1. Risky Business

Adam is a long-time pentester with tons of deep knowledge on offensive security.

Risky Business is my favorite technical security news podcast. Patrick and Adam cover a lot of stories in a decent level of technical detail, with a solid dose of humor and snark as well.

They also have the best vendor coverage of any security podcast, with Patrick doing regular (paid but honest) conversations with various handpicked vendors. It’s quality.

2. Darknet Diaries

Darknet Diaries is instantly engaging to almost any audience, kind of like Serial on NPR.

Darknet Diaries is a phenomenon. Despite being around for the shortest amount of time, it has download numbers that mini-me the other two shows on the list.

What does it for me is the way Jack combines extraordinary hacker stories with unbelievable production and style. And when I say production, I don’t just mean audio and such, but a super clean narrative that seriously matches what NPR does with a massive staff.

3. Unsupervised Learning

Patrick calls my show a “thinking” podcast, which I thought was both accurate and a compliment.

Unsupervised Learning is my show, and it’s best described as news and analysis around how security and technology affect us as humans.

So the main themes tend to be security related, but it’s really about humans, society, and how they’re all being affected by all this technology.

Comparisons

This is why I recommend these three in particular—because they offer completely different content, delivered in a completely different way.

Risk Business gives you news, vendors, and humor.
Darknet Diaries gives you entertainment, history, and intrigue.
Unsupervised Learning gives you security, tech, and analysis of how they affect humanity.

Strong endorsement.

If I had to have someone listen to only ONE security podcast, it would be Risky Business.

If I had to give someone a show to get them interested in hacking and security culture, it’d be Darknet Diaries.

And if someone wanted to know what’s happening and coming next in security and tech—and what we should do about it—I’d point them to Unsupervised Learning.

Summary

It really does come down to what you’re looking for in a show, where you are in your career, the types of personalities you like, and what other interests you might have outside of security.

But these three are a great start.

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.

What I like so much about the podcast world is how two shows can cover mostly the same material, but be wildly different.

The world of security podcasts is like this, with my top three recommendations having completely different tastes and textures.

I wasn’t going to recommend my own here, but then I realized that if I wasn’t willing to recommend it in this list then I should stop doing the show.

Here are my three go-to recommendations for security-related podcasts. There are many other excellent options; these are just my foundation starters.

Different show, different offerings

As you can see here, it’s not about which show is better—it’s about which show is offering the mix of content and style that you prefer. I created this matrix just now using News, Technical Analysis, Societal Impact Analysis, Entertaining Stories, What’s Coming Next, Hacker History, and Humor as my categories.

Because the shows are so different, I know many people who love or hate them because of one particular aspect. Some people can’t stand humor, or can’t listen if it isn’t funny. Others tune in or out based on the voices and personalities. Some listen for content alone, and others listen to hear the people.

Here’s more on each of the three.

1. Risky Business

Adam is a long-time pentester with tons of deep knowledge on offensive security.

Risky Business is my favorite technical security news podcast. Patrick and Adam cover a lot of stories in a decent level of technical detail, with a solid dose of humor and snark as well.

They also have the best vendor coverage of any security podcast, with Patrick doing regular (paid but honest) conversations with various handpicked vendors. It’s quality.

2. Darknet Diaries

Darknet Diaries is instantly engaging to almost any audience, kind of like Serial on NPR.

Darknet Diaries is a phenomenon. Despite being around for the shortest amount of time, it has download numbers that mini-me the other two shows on the list.

What does it for me is the way Jack combines extraordinary hacker stories with unbelievable production and style. And when I say production, I don’t just mean audio and such, but a super clean narrative that seriously matches what NPR does with a massive staff.

3. Unsupervised Learning

Patrick calls my show a “thinking” podcast, which I thought was both accurate and a compliment.

Unsupervised Learning is my show, and it’s best described as news and analysis around how security and technology affect us as humans.

So the main themes tend to be security related, but it’s really about humans, society, and how they’re all being affected by all this technology.

Comparisons

This is why I recommend these three in particular—because they offer completely different content, delivered in a completely different style.

Risk Business gives you news, vendors, and humor.
Darknet Diaries gives you entertainment, history, and intrigue.
Unsupervised Learning gives you security, tech, and analysis of how they affect humanity.

Strong endorsement.

If I had to have someone listen to only ONE security podcast, it would be Risky Business.

If I had to give someone a show to get people interested in hacking and security culture, it’d be Darknet Diaries.

And if someone wanted to know what’s happening and what’s coming next in security and tech, and what we should do about it, I’d point them to Unsupervised Learning.

Summary

It really does come down to what you’re looking for in a show, where you are in your career, the types of personalities you like, and what other interests you might have outside of security.

But these three are a great start.

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.

I honestly think Reaction Videos are one of the most beautifully human things happening on the internet.

If an alien race were to show up and ask me for evidence of the human ability to love and understand one other, I’d show them a few of these.

What’s a reaction video?

Fair question.

A reaction video is where we watch people experience something significant for the first time.

Examples might include watching a die-hard Star Wars fan see a new Star Wars trailer for the first time. Or seeing them learn a major reveal or dramatic scene.

But my favorite kind is where someone is being introduced to a new type of art or culture—that millions of other people already love—for the first time. We get to see them fall in love with something we already cherish, and it’s glorious.

A conversion through music

Music is a perfect example of this, where people might go for decades thinking another type of music is little more than noise. Like people who love metal but hate rap, or love rap but hate metal.

Reaction videos are the bridge across. And when someone truly sees the other art form—for the first time—the “aha” moment is truly magical.

Empathy magnified by nostalgia

The other cool thing that happens with these types of reaction videos is that you are getting to hear and experience the music yourself as well, but in completely different ways.

I’ve always been more of a music person than a lyrics person.

Often times you’ll see lyrics in the video that you might not have known before, or the listener will focus on part of the song that you never appreciated as much.

So you’re getting re-exposed to the music you love more than anything at the same time that someone else is being introduced.

It’s spectacular.

The perfect medium

Reaction videos are bottled humanity.

They show us that anything that millions of people love can probably be appreciated by everyone if they were properly exposed.

And the internet is the perfect medium because not only are we getting to watch them experience it, but dozens or hundreds or thousands of other people are also commenting at the same time, telling them what they like about it.

It’s the celebration of passion for a given type of art, but turned into a gifting experience.

Often times the listeners fans are the ones who recommend the song or artist for them to listen to, so they’re deeply invested in the conversion process.

Summary


Humanity is about enjoyment and appreciation of life.
We all have our individual things we love, and other people have theirs.
Reaction videos are a beautifully meaningful way to transfer that enthusiasm and love from one person or group to another.

Go to YouTube. Type in “Reaction Videos _____”, where ______ is something that you love.

You will not be dissapointed.

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.

This is a Member-only episode. Members get the newsletter every week, and have access to the Member Portal with all existing Member content.

Non-members get every other episode.

Sign in

or…

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.