Daniel Miessler's Blog, page 78

.errordiv { padding:10px; margin:10px; border: 1px solid #555555;color: #000000;background-color: #f8f8f8; width:500px; }#advanced_iframe {visibility:visible;opacity:1;}#ai-layer-div-advanced_iframe p {height:100%;margin:0;padding:0}

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.

What I like so much about the podcast world is how two shows can cover mostly the same material, but be wildly different.

The world of security podcasts is like this, with my top three recommendations having completely different tastes and textures.

I wasn’t going to recommend my own show, but then I realized that if I wasn’t willing to recommend it then I shouldn’t be doing it.

For podcasts, structure and delivery is just as important as content.

Here are my three go-to recommendations for security-related podcasts. There are many other excellent options; these are just my foundation starters.

Different show, different offerings

As you can see here, it’s not about which show is better—it’s about which show is offering the mix of content and style that you prefer. I created this matrix just now using News, Technical Analysis, Societal Impact Analysis, Entertaining Stories, What’s Coming Next, Hacker History, and Humor as my categories.

Predictable value and timing are about having known sections that you can jump to or skip to hear what you like.

Because the shows are so different, I know many people who love or hate them because of one particular aspect. Some people can’t stand humor, or can’t listen if it isn’t funny. Others tune in or out based on the voices and personalities. Some listen for content alone, and others listen to hear the people.

Here’s more on each of the three.

1. Risky Business

Adam is a long-time pentester with tons of deep knowledge on offensive security.

Risky Business is my favorite technical security news podcast. Patrick and Adam cover a lot of stories in a decent level of technical detail, with a solid dose of humor and snark as well.

They also have the best vendor coverage of any security podcast, with Patrick doing regular (paid but honest) conversations with various handpicked vendors. It’s quality.

2. Darknet Diaries

Darknet Diaries is instantly engaging to almost any audience, kind of like Serial on NPR.

Darknet Diaries is a phenomenon. Despite being around for the shortest amount of time, it has download numbers that mini-me the other two shows on the list.

What does it for me is the way Jack combines extraordinary hacker stories with unbelievable production and style. And when I say production, I don’t just mean audio and such, but a super clean narrative that seriously matches what NPR does with a massive staff.

3. Unsupervised Learning

Patrick calls my show a “thinking” podcast, which I thought was both accurate and a compliment.

Unsupervised Learning is my show, and it’s best described as news and analysis around how security and technology affect us as humans.

So the main themes tend to be security related, but it’s really about humans, society, and how they’re all being affected by all this technology.

Comparisons

This is why I recommend these three in particular—because they offer completely different content, delivered in a completely different way.

Risk Business gives you news, vendors, and humor.
Darknet Diaries gives you entertainment, history, and intrigue.
Unsupervised Learning gives you security, tech, and analysis of how they affect humanity.

Strong endorsement.

If I had to have someone listen to only ONE security podcast, it would be Risky Business.

If I had to give someone a show to get them interested in hacking and security culture, it’d be Darknet Diaries.

And if someone wanted to know what’s happening and coming next in security and tech—and what we should do about it—I’d point them to Unsupervised Learning.

Summary

It really does come down to what you’re looking for in a show, where you are in your career, the types of personalities you like, and what other interests you might have outside of security.

But these three are a great start.

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.

What I like so much about the podcast world is how two shows can cover mostly the same material, but be wildly different.

The world of security podcasts is like this, with my top three recommendations having completely different tastes and textures.

I wasn’t going to recommend my own here, but then I realized that if I wasn’t willing to recommend it in this list then I should stop doing the show.

Here are my three go-to recommendations for security-related podcasts. There are many other excellent options; these are just my foundation starters.

Different show, different offerings

As you can see here, it’s not about which show is better—it’s about which show is offering the mix of content and style that you prefer. I created this matrix just now using News, Technical Analysis, Societal Impact Analysis, Entertaining Stories, What’s Coming Next, Hacker History, and Humor as my categories.

Because the shows are so different, I know many people who love or hate them because of one particular aspect. Some people can’t stand humor, or can’t listen if it isn’t funny. Others tune in or out based on the voices and personalities. Some listen for content alone, and others listen to hear the people.

Here’s more on each of the three.

1. Risky Business

Adam is a long-time pentester with tons of deep knowledge on offensive security.

Risky Business is my favorite technical security news podcast. Patrick and Adam cover a lot of stories in a decent level of technical detail, with a solid dose of humor and snark as well.

They also have the best vendor coverage of any security podcast, with Patrick doing regular (paid but honest) conversations with various handpicked vendors. It’s quality.

2. Darknet Diaries

Darknet Diaries is instantly engaging to almost any audience, kind of like Serial on NPR.

Darknet Diaries is a phenomenon. Despite being around for the shortest amount of time, it has download numbers that mini-me the other two shows on the list.

What does it for me is the way Jack combines extraordinary hacker stories with unbelievable production and style. And when I say production, I don’t just mean audio and such, but a super clean narrative that seriously matches what NPR does with a massive staff.

3. Unsupervised Learning

Patrick calls my show a “thinking” podcast, which I thought was both accurate and a compliment.

Unsupervised Learning is my show, and it’s best described as news and analysis around how security and technology affect us as humans.

So the main themes tend to be security related, but it’s really about humans, society, and how they’re all being affected by all this technology.

Comparisons

This is why I recommend these three in particular—because they offer completely different content, delivered in a completely different style.

Risk Business gives you news, vendors, and humor.
Darknet Diaries gives you entertainment, history, and intrigue.
Unsupervised Learning gives you security, tech, and analysis of how they affect humanity.

Strong endorsement.

If I had to have someone listen to only ONE security podcast, it would be Risky Business.

If I had to give someone a show to get people interested in hacking and security culture, it’d be Darknet Diaries.

And if someone wanted to know what’s happening and what’s coming next in security and tech, and what we should do about it, I’d point them to Unsupervised Learning.

Summary

It really does come down to what you’re looking for in a show, where you are in your career, the types of personalities you like, and what other interests you might have outside of security.

But these three are a great start.

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.

I honestly think Reaction Videos are one of the most beautifully human things happening on the internet.

If an alien race were to show up and ask me for evidence of the human ability to love and understand one other, I’d show them a few of these.

What’s a reaction video?

Fair question.

A reaction video is where we watch people experience something significant for the first time.

Examples might include watching a die-hard Star Wars fan see a new Star Wars trailer for the first time. Or seeing them learn a major reveal or dramatic scene.

But my favorite kind is where someone is being introduced to a new type of art or culture—that millions of other people already love—for the first time. We get to see them fall in love with something we already cherish, and it’s glorious.

A conversion through music

Music is a perfect example of this, where people might go for decades thinking another type of music is little more than noise. Like people who love metal but hate rap, or love rap but hate metal.

Reaction videos are the bridge across. And when someone truly sees the other art form—for the first time—the “aha” moment is truly magical.

Empathy magnified by nostalgia

The other cool thing that happens with these types of reaction videos is that you are getting to hear and experience the music yourself as well, but in completely different ways.

I’ve always been more of a music person than a lyrics person.

Often times you’ll see lyrics in the video that you might not have known before, or the listener will focus on part of the song that you never appreciated as much.

So you’re getting re-exposed to the music you love more than anything at the same time that someone else is being introduced.

It’s spectacular.

The perfect medium

Reaction videos are bottled humanity.

They show us that anything that millions of people love can probably be appreciated by everyone if they were properly exposed.

And the internet is the perfect medium because not only are we getting to watch them experience it, but dozens or hundreds or thousands of other people are also commenting at the same time, telling them what they like about it.

It’s the celebration of passion for a given type of art, but turned into a gifting experience.

Often times the listeners fans are the ones who recommend the song or artist for them to listen to, so they’re deeply invested in the conversion process.

Summary


Humanity is about enjoyment and appreciation of life.
We all have our individual things we love, and other people have theirs.
Reaction videos are a beautifully meaningful way to transfer that enthusiasm and love from one person or group to another.

Go to YouTube. Type in “Reaction Videos _____”, where ______ is something that you love.

You will not be dissapointed.

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.

This is a Member-only episode. Members get the newsletter every week, and have access to the Member Portal with all existing Member content.

Non-members get every other episode.

Sign in

or…

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.

Back in 2003, right after university, I read a book that completely upleveled my productivity.

The book was called Getting Things Done, by David Allen.

As the image above shows, it’s full system, but I’m going to save you a ton of time and just tell you the most important takeaway.

This is for things you’re worried about forgetting, not for creative contemplation.

Never let tasks or ideas sit in your mind without being captured.

It’s that simple. I’ll explain why.

The system I still use today

Whenever I go somewhere with both old friends and new people, my friends often start with,

Ok, check this out…

…and they look at me and have me pull out my Oxford unruled index cards, and my telescoping Space Pen.

And I do. I pull them out. Because I’ve been using the system faithfully for around 17 years.

The system itself is based on constantly capturing what needs to be done, determining if you can do it immediately, if it should be deferred, delegated, or broken into next actions.

And then you regularly check priorities and refresh accordingly.

But don’t worry about any of that unless you want to read the book and dive all the way in.

The only thing you need to remember

The entire system is based on the idea that your subconscious is built in a certain way. Specifically, it’s built to work on things that it thinks you might need later.

It’s like Clippy being annoying with the popups.

Your subconscious holds onto things it thinks you might be forgetting, and regularly interrupts you about them.

The problem with this is that people are not good at multi-tasking, despite all the hype in previous years, and we really need to be able to focus on a single task to get it done.

But if we’ve burdened our subconscious with tons of tasks that it heard and captured—but we didn’t write down—then it’ll be in perpetual state of panic about them, and it’ll constantly harrass you while you’re trying to work.

That’s the reason for the Prime Directive.

Never let tasks or ideas sit in your mind without being captured.

Capture them. Immediately.

I still keep my index cards and pen with me, because I like to draw as well as capture text, but you can use your mobile device for this as well.

That’s it. Capture. Everything. And then go back later (ever day or two), and put them into order, prioritize, etc.—using whatever system. But always keep your mind clear.

This keeps your mind available to fully immerse in your current task.

Summary


GTD is an awesome system, but you don’t need to do the whole thing.
The most important concept is that the subconscious captures any task that you didn’t properly capture, and then it occupies your mental resouces trying to process and remind you about them.
The way to deal with this is by never letting your subconsious play that role, which you do by capturing everything yourself.
This tells your subconscious to chill—because you have it handled.
This in turn lets you have laser focus when you sit down to do a given task, and you get way more done.

I don’t know all the variables involved, but I’ve used this system for almost two decades, and I have written close to 3,000 essays in that time, read over 1,000 books, and done dozens of other projects.

And I honestly credit my ability to produce this type of output—in large part—to the GTD system.

Try it.

Notes


Image from this excellent GTD summary. More

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.

I’ve always been into vitamins. If I heard that it could make me stronger or faster, I was all about it.

I’m still all about some supplements.

But as I got older my priority moved from being strong to being smart. Back in the day the smart supplement was Ginko Biloba. I’ve probably had 30 lbs. of that stuff.

Not sure if it helped or not. Back then we didn’t really measure such things, or talk about causation and correlation. Placebo was our best evidence. Anyway.

Over the last several years some actual brain drugs have come out, and they’re a whole lot better than Ginko Biloba.

Acetyl L-Carnitine
Adderall
AlphaBrain
Amodafinil
Braingear
NueroPeak
Qualia

I’ve tried probably 10 of these (there are way more out there than I’ve listed or tried) over the last three years, with varying levels of success, and here’s what I’ve learned:

Yes, some actually work—and really well
The prescription stuff is powerful, and I recommend you get it legally through a doctor
Even the lighter, non-prescription options are somewhat effective
They affect people very differently
They all mess with your sleep


My verdict

Seriously talk to a doctor before you listen to anything I say here.

So here are my thoughts, after trying many of these over a long period.

Don’t use nootropics for more than 1-2 days at a time, with many days, weeks, or even months in-between.

I’m not talking about the prescription stuff with the lucid dreaming, but things like Alpha Brain.

The reason for this is that they make your brain active (I’m looking at you Alpha Brain), and they’ll give you lucid dreams. So you’ll spend a lot of time between being awake and being asleep.

It’s kind of fun at first, but after a while it gets annoying.

And even worse, after a few days, you will actually start feeling less sharp because… (drumroll sound)

You get dumber when you’re low on sleep.

This actually happens very quickly.

So nootropics can spike your mental performance for a day or two, if you’re getting good sleep, but if you keep taking them you’ll stop sleeping well and the net effect will be negative.

In short, sleep matters more than nootropics. Way more. So if you’re well rested, have had plenty of exercise, have had a healthy diet, and you take a safe nootropic that your (good) doctor is ok with, it is probably going to be amazing! Like some true Limitless stuff.

But don’t do it too often.

If you do, you’ll very quickly get to a place way worse than taking nothing.

Sleep, diet, and exercise are the sustainable version of what nootropics give you, and you should boost that combination very infrequently.

That’s my non-professional, non-expert summary.

Summary


Yes, they work, but only infrequently, and on top of good sleep, diet, and exercise.
When done properly, they’re pretty unbelievable.
Make sure you get the right stuff, and involve a doctor for any prescription options.
Sleep is everything. The moment you notice them messing with your sleep, it’s time to take a long rest from them.

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.

After too many decades on this planet, I now understand the benefit of studio headphones, and what makes them different than normal (consumer) options.

My old set of Denons just died, so I decided to go with a pair of Audio-Technica ATH-M70’s.

Just to save you some time, the answer is threefold, in order of importance:

Accurate representation of the source audio
Extremely wide frequency range
Higher quality construction

Here’s a bit more on each of these.

Accurate representation of audio

Studio headphones are mostly used by professionals who need to know exactly how their audio sounds as they’re creating it.

So they can’t be getting any sort of help from the speakers or headphones.

You don’t judge voices by listening to them being auto-tuned.

Beats headphones had a reputation for being super bass-heavy, which a lot of consumers loved, but audiophiles hated.

Most headphones impart distortion—modifying the audio in some kind of way that they think makes it sound better.

So that’s the most important aspect of studio headphones: Accurate reproduction.

Frequency range

Because regular headphones don’t have much range they might not be able to detect bad things happening at extreme high or low frequencies. And those artifacts can be picked up by certain peoples’ ears, or magnified by certain equipment.

Studio headphones pull all that garbage out so you can hear it.

Construction quality

This one is minor but definitely present. Top end headphones just feel more sturdy and durable, and they’re likely to last you five years, ten years, or even longer due to their superior materials and construction.

My analysis

Analysis is a strong word; I’m a n00b.

The thing I first noticed with my new Audio-Technicas (playing the new Tool album) was an underlying hiss. That was disappointing, but as I continued to listen I immediately heard way more stuff going on that I’d not heard before.

To me everthing sounded really bright, which based on my research means my previous headphones were probably magnifying the low-end.

Listening to voice

A big reason I got these headphones is because I product a podcast, and I’m getting a bit obsessed with good voice/audio quality for the show.

One of the shows where I really like the audio is Sam Harris’ Making Sense podcast. So I listened to it with these headphones, and wow!

I could hear some clear noise in certain moments after he stopped speaking, which I think is due to a noisebridge. And my own audio sounds really bad under such scrutiny (which has caused a number of tweaks already.

In short, I am hearing way more in everything, from voice to music, than I ever have.

It’ll take some getting used to, but I doubt I’m going back.

Summary


Studio headphones are for people trying to find and fix impurities in source audio, so they focus on being able to hear everything without distortion or bias.
This includes having a much higher frequency range to find issues in strange places in the audio.
Regular headphones have a more limited range, and are generally biased towards low and high-end to give an impressive superficial sound.

I didn’t think the distinction was going to be that significant, but I was wrong.

The next time you consider a headphones purchase—especially if you’re into audio—you should explore some studio-quality options.

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.

.errordiv { padding:10px; margin:10px; border: 1px solid #555555;color: #000000;background-color: #f8f8f8; width:500px; }#advanced_iframe {visibility:visible;opacity:1;}#ai-layer-div-advanced_iframe p {height:100%;margin:0;padding:0}

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.

I am currently experimenting with an idea for the show that I’m calling Product and Service Discovery.

It’s pretty self-explanatory, except that I am fairly anti-ad and my show is subscriber (direct) supported, so I think the concept needs some introduction.

Basically, the idea is that I want to be able to do three things simultaneously:

Surface really cool, hand-picked products and services to readers and listeners
Avoid all the classic issues with having ads and sponsors, such as interrupting shows, having to worry about what you say, etc.
Make some money, from some of the sponsors. Maybe not the same amount as if they were a regular sponsor (because they can’t tell me what to do or how to do it), but to find a way to get some sort of support based on the fact that I’m giving them a shout-out.

I don’t think this is being done anywhere. Most content creators are fully ad-supported, and a few are member supported like I am.

But I find it extremely limiting to not be able to discover and surface cool stuff in my Discovery section. I could (and have), but there’s always a silent question when I read as an outsider:

Why did he mention that? Is he being compensated in some way?

And that’s what I want to (and need to) make very clear.

Basically, if I mention a product or service that’s not in the discover section, or that’s not in the clearly marked-up way that I use to highlight discovery, then it doesn’t matter how much I’m gushing about it—I’m not getting any money for it.

Never. Period. That’s gross.

What’s weird though, is that I will often be including products or services in the Discovery section that I am also not getting anything for.

I’m basically erring on the side of not getting paid but still surfacing really cool stuff.

But some of the things I surface there (hopefully) will eventually give me some sort of support for doing so. And I actually don’t want to call out visually which ones are which because I don’t want that to affect enthusiasm.

You should be confident that if it made it to that section, I’m all about it.

I may have worked something out with them to get supported, or I may not have. And it could be that they didn’t give anything for a while, but then they did, but they have since stopped. But I’m still talking about the product.

What it comes down to is trust. Your trust in me.

I’m telling you now, if it’s in that section I’m legit enthused about it (for real). And I’m going to spend a small amount of effort to get some support from those companies, but if they don’t or can’t pay then I might just feature them anyway.

That’s horrible business to say that in writing, but I doubt their marketing departments will read this anyway. This is for my subscribers, not them.

So that’s the deal. I’m maintaining my direct support model, keeping my complete autonomy, refusing to accept any scripts or rules, and seeing if I can get any support from companies I mention despite all those stipulations.

It’s an experiment, but I just wanted to give you all the thinking behind it in a transparent way.

Please do let me know if you have any questions or issues with this approach, or if you have any ideas on how to do it better.

Thank you!

—

Become a direct supporter of my content for less than a latte a month ($50/year) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month, plus access to the member portal that includes all member content.