Daniel Miessler's Blog, page 8
August 19, 2024
The 4 Components of Top AI Model Ecosystems
Table of ContentsI have been thinking a lot about the competition between OpenAI, Anthropic, Meta, and Google for who has the best pinnacle AI model.
I think it comes down to 4 key areas.
The Model Itself
Post-training
Internal Tooling
Agent Functionality
Let’s look at each of these.
The ModelThe model is obviously one of the most important components because it it’s the base of everything.
So here we’re talking about how big and powerful the base model is, e.g., the size of the neural net. This is a competition around training clusters, energy requirements, time requirements, etc. And each generation (e.g., GPT 3→4→5) it gets drastically more difficult to scale.
So it’s largely a resources competition there, plus some smart engineering to use those resources as efficiently as possible.
But a lot of people are figuring out now that it’s not just the model that matters. The post-training of the model is also super key.
Post-trainingPost-training refines and shapes model knowledge to enhance its accuracy, relevance, and performance in real-world applications.
I think of it as a set of highly proprietary tricks that magnify the overall quality of the raw model. Another way to think of this is to say that it’s a way to connect model weights to human problems.
I’ve come to believe that post-training is pivotal to the overall performance of a model, and that a company can potentially still dominate if they have a somewhat worse base model but do this better than others.
I’ve been shouting from the rooftops for nearly two years that there is likely massive slack in the rope, and that the stagnation we saw in 2023 and 2024 around model size will get massively leaped over by these tricks.
Post-training is perhaps the most powerful category of those tricks. It’s like teaching a giant alien brain how to be smart , when it had tremendous potential before but no direction.
So the model itself might be powerful, but it’s unguided. So post-training teaches the model about the types of real-world things it will have to work on, and makes it better at solving them.
So that’s the model and post-training, which are definitely the two most important pieces. But tooling matters as well.
Internal toolingWhat we’re seeing in 2024 is that the connective tissue around an AI model really matters. It makes the models more usable. Here are some examples:
High-quality APIs
Larger context sizes
Haystack performance
Strict output control
External tooling functionality (functions, etc)
Trust/Safety features
Mobile apps
Prompt testing/evaluation frameworks
Voice mode on apps
OS integration
Integrations with things like Make, Zapier, n2n
Anthropic’s Caching mode
Just like with pre-training, these things aren’t as important as the model itself, but they matter because things are only useful to the extent that they can be used.
So, Tooling is about the integration of AI functionality into customer workflows.
Next lets talk about Agents.
AgentsRight now AI Agent functionality is mostly externally developed and integrated. There are projects like CrewAI, Autogen, Langchain, Langraph, etc., that do this with varying levels of success.
But first—real quick—what is an agent?
So basically, an AI Agent is something that emulates giving work to a human who can think, adjust to the input given, and intelligently do things for you as part of a workflow.
I think the future of Agent functionality is to have it deeply integrated into the models themselves. Not in the weights, but in the ecosystem overall.
In other words, we soon won’t be writing code that creates an Agent in Langchain or something, which then calls a particular model and returns the results to the agent.
Instead, we’ll just send our actual goal to the model itself, and the model will figure out what part needs agents to be spun up, using which tools (like search, planning, writing, etc.) and it’ll just go do it and give you back the result when it’s done.
This is part of this entire ecosystem story. It’s taking pieces that are external right now (Agent Frameworks), and brings that internal to the native model ecosystem.
SummaryWe should start thinking about top AI models as Model Ecosystems rather than just models because it’s not just the neural net weights doing the work.
There are four (4) main components to a Model Ecosystem—the Model itself, Post-training, Internal Tooling, and Agent functionality.
#1 (The model) is the most well-known piece, and it’s largely judged by its size (billions of parameters).
#2 (Post-training) is all about teaching that big model how to solve real-world problems.
#3 (Internal Tooling) is about making it easier to use a given model.
#4 (Agent functionality) emulates human intelligence, decision-making, and action as part of workflows.
The company that wins the AI Model Wars will need to excel at all four of these, not just spending lots of money to have the neural net with the most parameters.
NOTESThanks to Jai Patel for informing many thoughts on this, especially around pre-training.
Powered by beehiiv
August 18, 2024
The Link Between Free Will and LLM Denial
I think a hidden tendency towards a belief in Libertarian free will is at the root of people’s opinion that LLMs aren’t capable of reasoning.
I think it’s an emotional and unconscious argument that humans are special, and that by extension—LLMs cannot possibly be doing anything like we are doing.
But if you remember that humans don’t have free will, and that all of our outcomes are either determined or random, it allows us to see LLMs more like us. Which is to say—imperfect but awesome. And then we can switch to speaking purely in terms of capabilities.
So let us say that we’re both deterministic. Or at least mechanistic and practically deterministic because any quantum randomness collapses to deterministic at large scales.
In this model both humans and LLMs are just processors. We're computational devices. We take in inputs, and based on our current state and the state of the environment and the input, we output something.
Cool. So what’s the real question we’re then asking when we ask if LLMs can reason?
First let's remember something. We’re not taking back the human ability to reason just because we are processors, right? No. Let’s not do that. We're still awesome even if we're mechanistic.
In other words, let’s say for the purpose of this that reasoning is consistent with mechanistic/deterministic processing.
Now, let’s find a good definition. Here are some from Merriam-Webster.
REASONING — The use of reason. especially : the drawing of inferences or conclusions through the use of reason. 2. : an instance of the use of reason : argument.
Merriam-Webster
REASON — The ability to think, understand, and form judgments by a process of logic.
Merriam-Webster
LOGIC — A science that deals with the principles and criteria of validity of inference and demonstration.
Merriam-Webster
Ok, so if we take these all the way down to the base and build back up:
Principles of validity and inference and demonstration
The ability to think, understand, and form judgements based on that
So,
The ability to think, understand, and form judgements around the principles of validity and inference and demonstration.
My smashing these together
Seems pretty good. And then you have a more common definition based on practicality which is something like:
Reasoning is the process of drawing conclusions, solving problems, and making decisions through logic.
A commonly-accepted functional definition
Regardless of which way we go, we have a couple key sticking points. And they're very tied to my main argument here.
First, the words "think" and "understand"—I would argue—are very much tied to consciousness and Libertarian Free Will. I see these as armaments that LLM-Reasoning skeptics would use to show why LLMs can't be reasoning.
I see them saying something like:
Reasoning means feeling through things. Thinking about them. Pondering them. Grappling with them. And then taking all the person's experience, and the rules of logic, and their understanding of things, plus their intuition, and turning that into an opinion, or a determination, or a decision.
A common argument I hear from LLM-Reasoning skeptics
Sounds compelling, but if you break it apart I would argue they're unconsciously binding and confusing experience and understanding vs. actual processing.
In other words, I think they're saying that the thinking and understanding parts are key. As in the human experience of understanding and pondering. They're smuggling these in as essential, when I think they're just red herrings.
Same with "grappling" and "intuition". If we don't have free will, these are all just states of the processing mind that are happening, and our subjective experiences are then being presented with those phenomenon and we're ascribing agency to them.
That's thinking. That's intuition. That's experience. And I think understanding is the same. It's an experience of seeing mappings between concepts and ideas. But in my model the mapping can exist without that subjective experience.
So, I say we take those distractions out of the equation and see what we have left. And what we have left is drawing conclusions, solving problems, and making decisions based on our current model of the world.
The model of the world is the weights that make up the LLM, combined with the context given to it at inference. So it seems to me like we're left with a much simpler question.
Can LLMs draw conclusions, solve problems, and make decisions based on their current model of the world?
I don't see how anyone would say no to that.
Are they perfect? No. Are they conscious? No. Are they "thinking"? I think "thinking" smuggles in subjective experience, so no. But again—those are distractions.
The question is whether LLMs can do this very practical thing that matters in the world, which is drawing conclusions, solving problems, and making decisions.
I think the answer is overwhelmingly and obviously, yes.
As a quick set of examples, we're already using them to:
Identifying dangerous moles on people that otherwise might have gone undiagnosed
Dealing with customer service problems by analyzing cases and tone and coming up with solutions that best help the company and customer
Talking through problems and identifying possible causes and solutions in mental health therapy
Assisting in legal research by analyzing case law and suggesting relevant precedents
Diagnosing diseases by analyzing medical images, such as identifying pneumonia in chest X-rays
Optimizing supply chains by predicting demand and suggesting inventory adjustments
Automating financial trading by making decisions based on market data analysis
Improving cybersecurity by identifying potential threats and suggesting mitigations
Personalizing marketing by predicting customer preferences and tailoring recommendations
Enhancing customer service through chatbots that resolve issues based on previous interactions
Detecting fraudulent transactions by analyzing patterns in financial data
Predicting equipment failures in manufacturing through analysis of sensor data
Assisting in drug discovery by predicting molecule interactions and potential outcomes
And a thousand more that we're already familiar with.
Some might say they're not doing "real" things, but just pattern matching and autocompletion.
That's the whole point of what we've been talking about here. That's the whole reason we've explored the argument in this way. We live in a human world where humans have problems and need to solve them.
That’s what logic and reasoning are for.
So what if it's just pattern matching? So what if it's just input + current_state = output. Are humans really all that different? Are we not just as surprised when inspiration—or the very next thought—pops into our minds?
Either way it's a black box information processor with physical limitations.
I think what matters is capabilities. And where capabilities are concerned, LLMs seem remarkably similar and catching up every day.
Powered by beehiiv
August 13, 2024
UL NO. 445: Vegas Dump, Legal Firm Hacks, AI Agent Ascension
SECURITY | AI | MEANING :: Unsupervised Learning is my continuous stream of original ideas, story analysis, tooling, and mental models designed to help humans lead successful and meaningful lives in a world full of AI .
TOCNOTESHey there!
Can we interest you in a newsletter?
@DanielMiessler@mikepsecuritee@clintgibler
— Matt Johansen (@mattjay)
1:09 AM • Aug 7, 2024
Was super cool meeting up with folks at Blackhat and DEFCON, and getting to meet people like Dhruv at my Recon Village talk.
is one of the awesome folk in the cybersec industry. I love his unsupervised learning newsletter, his work. You should checkout his GitHub too. I had the privilege of meeting him at @ReconVillage, he is an awesome human being.
#Defcon#cybersec
— Dhruv Shah (@Snypter)
2:24 AM • Aug 12, 2024
Now back from Vegas. Sick, as expected. But not bad at all.
Worth it!
The highlight of my 6 months in Vegas was—without question—our in-person UL Dinner. 20-something members all together, talking for 2 hours. Most importantly I got to meet Tim Leonard for the first time. Tim is one of the centerstones of the UL community, and we’ve become good friends over multiple years but never met. Was so great to fix that.
🤯 Ok, TONS OF STORIES to share this week, so it’s going to be kind of a giant DISCOVERY section type of vibe.
Actually, so much so that you might as well just click this button now.
Continue reading online to avoid the email cutoff…Let’s go…
MY WORKLots in the queue…
SECURITYSince 2018, 138 legal firms globally have confirmed ransomware attacks affecting 2.9 million records. MORE
💡Attacking legal firms has always been super interesting to me, just because of the sheer amount of drama they deal with. Mergers, acquisitions, suits, contracts, relationships, fights, disputes, etc. It’s a lot of high-value information.
It also (surprise) highlights a massive attacker use-case for AI.
The problem with compromising a giant law firm’s files is that there could be hundreds of thousands of pages of crap in there. And if you wanted to go through it and look for juicy stuff for extortion, blackmail, ransom, etc.—it’d take a ton of people running grep like 1990’s lawyers with boxes of paperwork and pizza takeout.
But not with AI. Now you can put all those docs into a local Chroma database (vectorized), and ask it questions using an uncensored (and perhaps even fine-tuned) version of Llama 3.1.
So now, with some smart prompting, you can ask a set of 25 questions to such a dataset that pull out ALL your attack use-cases. And hell—even write the attack emails for you.
And for defense the methodology is very similar. Do the same thing—to yourself—and those emails that come out become your likely attack scenarios. So you go and clean them up (prevent) or prepare responses (response) for if they happen.
Thousands of hackers and security pros gathered at Black Hat and Def Con 2024 to share the latest in security research. Highlights included hacking Ecovac robots to spy on owners, Jon DiMaggio doxing the LockBit ransomware leader, and Samy Kamkar's laser microphone that can hear keyboard taps. Other notable research showed how prompt injections can trick Microsoft Copilot and how Vangelis Stykas saved six companies from ransomware by exploiting flaws in leak sites. MORE
Sponsor
2024 Gartner® Market Guide for CNAPP
Find recommendations for evaluating and adopting a CNAPP in the 2024 Gartner® Market Guide for CNAPP
Read the report to learn:
The benefits of a CNAPP solution in your cloud security strategy
Key capabilities and characteristics to look for in a CNAPP, including deep relationship graph analytics expertise
Recommendations for how you should approach a CNAPP evaluation and deployment
wiz.io/lp/2024-gartner-market-guide-for-cnapp
Get the ReportCISA appointed Lisa Einstein as its first Chief Artificial Intelligence Officer to advance cybersecurity efforts in using AI responsibly.
Checkmarx researchers found an infostealer campaign targeting Raydium and Solana blockchain users by spreading malicious PyPi packages through StackExchange answers. MORE
A new Android trojan called BlankBot is targeting Turkish users by posing as utility apps and tricking them into granting permissions. BlankBot can log device information, steal sensitive data, and perform custom injections. MORE
A critical security bypass vulnerability (CVE-2024-6242) has been found in Rockwell Automation ControlLogix 1756 devices, allowing attackers to execute CIP programming and configuration commands. MORE
Sponsor
13 Cybersecurity Tools. One Platform. Built for IT Teams
There are thousands of cybersecurity point solutions. Many of them are good—but managing more than a dozen tools, disparate reports, invoices, trainings, etc. is challenging for small IT teams.
We’ve built a platform that does assessments, testing, awareness training, and 24/7/365 managed security all in a single pane of glass. Because every company deserves robust cybersecurity.
Book A DemoHere’s a 7-stage roadmap for ramping up in AWS pentesting, starting with solving Red Team labs and progressing to automating exploits for CTFs and building secure AWS environments with CloudSLAW. MORE
An argument to use secure guardrails instead of traditional “shift-left” gates. Secure guardrails integrate directly into developer workflows, offering autofixes or advice that aligns with organization policies while empowering developers to write more secure code. MORE
2.7 billion personal records, including Social Security numbers, were leaked from National Public Data on a hacking forum. MORE
A Chinese hacking group named StormBamboo compromised an ISP to inject malware into software updates by exploiting insecure update mechanisms. MORE
A Russia-linked group used a car-for-sale phishing lure to target diplomats with a Windows backdoor called HeadLace. MORE
China-linked hackers known as Evasive Panda compromised an ISP to push malicious software updates to target companies in mid-2023. MORE
INTERPOL recovered over $40 million stolen in a BEC attack on a company in Singapore using a global stop-payment mechanism. MORE
Tavis Ormandy has dissected the CrowdStrike incident, providing a detailed analysis of the vulnerabilities exploited and the attack vectors used. MORE
The U.S. is planning to ban Chinese software in autonomous and connected vehicles due to national security concerns. MORE
Federal prosecutors have indicted North Korean hacker Rim Jong Hyok for ransomware attacks on American health care facilities, using the proceeds to fund espionage against U.S. military and defense contractors. MORE
Trail of Bits performed an audit of the popular macOS package manager, Homebrew and found several issues in the brew CLI that could allow for unsandboxed, local code execution. MORE
The White House is launching a new office under the Department of Homeland Security to study and secure open source software in critical infrastructure. MORE
Former President Trump's campaign confirmed it was hacked, with Microsoft attributing the attack to Iranian cyber-enabled influence operations. MORE
NCC Group researchers found vulnerabilities in Sonos smart speakers that allow remote code execution and potential eavesdropping. Sonos has patched these vulnerabilities, so updating your drivers is recommended. MORE
Some researchers deployed canary tokens (fake AWS credentials) in public online locations to study threat actor behavior. MORE
Russian drones are using fiber-optic cables to avoid radio jamming, a surprising twist in drone warfare. MORE
China is stockpiling critical resources like lithium, copper, and food in preparation for potential conflicts and economic disruptions, especially with the possible return of Trump and his unpredictable policies. MORE
Continue reading online to avoid the email cutoff… AI / TECHAI agents that perform tasks instead of humans are closer than we think. According to Capgemini, by 2025, AI-powered agents will be working together to resolve issues in a multi-agent system. They believe these agents will handle everyday tasks. MORE
💡Um, yeah. This is real AI, as I talk about basically every week.
AI's Predictable Path
Technological progress isn't predictable, but the human desires that drive it are…
danielmiessler.com/p/ai-predictable-path-7-components-2024
Cisco's new State of Industrial Networking Report highlights that AI and cybersecurity are the top investment priorities for industrial organizations. MORE
💡New rule: From now on, whenever you hear someone is “INVESTING IN AI”, replace that in your head with:
"So and so is ‘INVESTING IN TENS OF THOUSANDS OF SMART DEPENDABLE WORKERS THAT DO THINGS AS WELL OR BETTER THAN MOST HUMANS BUT COST A FRACTION OF THE COST’.
Turns out, everyone needs that.
The FCC has proposed new regulations requiring AI-generated voice calls to disclose their artificial nature at the beginning of calls. Cool, but how do you enforce it? MORE
Uber's Q2 results emphasized its growing AV segment, highlighting a 6x rise in autonomous trips year-over-year and partnerships with AV leaders like Waymo and Alphabet. MORE
A bunch of AI startups that raised billions last year are now struggling and looking to Big Tech for bailouts. A lot of people are saying this is the end of AI hype, and that it’s about to crash now. I think they’re very wrong. Those companies will pop, but that has nothing to do with the actual trend. MORE
Meta is reportedly offering millions to celebrities like Awkwafina, Judi Dench, and Keegan-Michael Key to use their voices in upcoming AI projects. MORE
OpenAI guarantees structured outputs in API responses with the latest version of GPT-4o, which now follows the provided schema with 100% accuracy and is 50%/33% cheaper for inputs and outputs. MORE
Microsoft and Palantir have partnered to deliver advanced AI, including GPT-4, and analytics capabilities to U.S. Defense and Intelligence agencies through classified cloud environments. Palantir is a bit radioactive, so I won’t be surprised if this gets a lot of hate / scrutiny. MORE
AWS Bedrock has achieved FedRAMP High authorization, allowing GovCloud users to access managed LLMs. MORE
Sam Altman posted a seemingly innocent picture of strawberries on X, sparking rumors about a new OpenAI foundation model codenamed "Strawberry." Seriously good marketing. MORE
OpenAI just led a $60M funding round for Opal, a startup making high-end webcams. This is fascinating. Like what else is going on there? MORE
Snowflake is looking to boost its revenue by partnering with Canadian AI model developer Cohere. Data + AI? Who knew? MORE
Anduril Industries, the AI weapons startup founded by Palmer Luckey, is now valued at $14 billion after a recent funding round. MORE
WeRide, a Chinese autonomous vehicle startup, is gearing up for a U.S. IPO by registering 1 billion American Depository Receipts (ADRs) at $0.05 each, totaling $50 million. I’m very much pro-competition, but I’d much rather support Tesla, Waymo, Uber autonomous vehicles than a Chinese version. I think we should actively ban them from operating here if they try to. MORE
YouTube is testing a new feature called Brainstorm with Gemini, which integrates Google Gemini to help creators brainstorm video ideas, titles, and thumbnails. MORE
Anthropic is expanding its bug bounty program to crowdsource security for its AI safety systems. MORE
Cloudflare is rolling out Automatic SSL/TLS to enhance security between Cloudflare and origin servers without manual configuration. MORE
Groq just raised $640M in a Series D round to meet the growing demand for fast AI inference, bringing their valuation to $2.8B. MORE
Billions of dollars in venture capital are pouring into defense-tech startups, with a focus on futuristic, AI-enabled weapons. MORE
X (formerly Twitter) is reportedly shutting down its San Francisco office in the next few weeks. It’s moving to the South Bay. MORE
China's total wind and solar capacity has now surpassed its coal capacity, according to Rystad Energy. MORE
The NFL is rolling out facial recognition tech from Wicket across all 32 teams to streamline and secure credentialing for staff, media, and fans. MORE
The "Experts Roundtable" Prompt simulates a consulting session with top experts, helping you make important decisions for free. MORE
Alex Plescan shares his journey from iTerm 2 to WezTerm, highlighting the terminal's powerful API and Lua-based configuration. I might be switching from Kitty myself. We’ll see. MORE
iOS 18 expands its ambient noise lineup with two new sounds: Fire and Night. We sleep with Ocean quite a bit. MORE
HUMANSDell just laid off around 12,500 people, which is about 10% of its workforce. MORE
The US wrapped up the Paris 2024 Olympics with 40 gold medals, tying China for the most golds but leading the overall medal count with 126. The women's basketball team clinched the final gold by narrowly defeating France, marking their eighth consecutive Olympic gold. MORE
Poetry was an official Olympic event for nearly 40 years, starting with the 1912 Stockholm Games, where Pierre de Coubertin's "Ode to Sport" won the first gold medal. MORE
Ukrainian forces have advanced 9 miles into Russia's Kursk Oblast, marking their largest incursion since the war began. MORE
The U.S. is ramping up its military cooperation with Japan in response to rising tensions with China. MORE
Putin has signed a new law that requires bloggers with over 10,000 subscribers to register with Roskomnadzor (RKN) and provide their information. MORE
A Russian chess player, Amina Abakarova, allegedly tried to poison her opponent, Umayganat Osmanova, with liquid mercury during a tournament in Dagestan. MORE
Russia's deep-cover spies, known as "illegals," live under false identities for years, infiltrating target regions and building complete false lives. Like the Americans! Best spy show ever, maybe. MORE
Some companies are using return-to-office mandates to make employees quit, and it’s causing higher-than-expected attrition rates, especially among women and underrepresented groups. Remember what we’ve been saying: companies want all-in cult members. Lower head count is a good thing for them. MORE
Curtis Yarvin, a far-right thinker, has been gaining influence among Silicon Valley's extreme factions, including billionaires Peter Thiel and Marc Andreessen. MORE
The Anatomy of Brainwashing dives into the psychological mechanisms behind brainwashing, exploring how techniques like isolation, repetition, and emotional manipulation can alter a person's beliefs and behaviors. MORE
Susan Silk and Barry Goldman introduce the Ring Theory, a method to help people avoid saying the wrong thing during a crisis. MORE
Andrej Karpathy tweeted that Reinforcement Learning from Human Feedback (RLHF) is only marginally related to actual reinforcement learning. MORE | Comments
Private-equity firms taking over hospitals leads to significant asset stripping, reducing the facilities' ability to care for patients, according to a study by UCSF, Harvard Medical School, and CUNY. MORE
🔭 Set your alarm for 4:00 A.M. on August 14 to catch a rare celestial event: Mars and Jupiter will appear as a double star in the sky, and you might also see some Perseid meteors. MORE
Nepal is deploying DJI drones to transport garbage from Everest, aiming to reduce the risks Sherpas face in the dangerous Khumbu Icefall. MORE
IDEAS
I want to say something about the woman that’s being made fun of for her performance in Breakdancing in the Olympics.
It’s weak sauce to make fun of people for doing a bad job when they’re young, or just starting, or have some sort of disadvantage.
It’s just mean.
What… x.com/i/web/status/1…
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ ⚙️ (@DanielMiessler)
7:52 PM • Aug 12, 2024
Businesses Idea Quality (BIQ) =
(The scale * severity of the pain you are addressing)
X
(The uniqueness * elegance of your solution)
—
There are four values in this equation, and it’s all multiplication.
So as any one of the four goes to zero, so does the whole product.
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ ⚙️ (@DanielMiessler)
6:52 PM • Aug 12, 2024
AI is not a thing itself—it’s a magnifier of human things.
So as an AI enthusiast or investor, don’t look at the tech. Look for magical experiences.
The demo of the product should produce an emotional reaction while the AI itself is completely invisible.
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ ⚙️ (@DanielMiessler)
5:13 PM • Aug 11, 2024
One of my favorite AI/Cyber ideas from my friends Joel Parish and Gabe Bernadette-Shapiro:
Summarization is the most dangerous cyber threat.
In my opinion the most dangerous LLM cyber capability is summarization. It is the most effective, the most affordable, and the easiest to scale and add to existing operations.
Why summarization?
Well there’s a lot bundled in… x.com/i/web/status/1…
— Gabe (@Gabeincognito)
9:31 PM • Aug 11, 2024
lol
DISCOVERY
Currently testing negative, but pretty sure 90+% of us Vegas security peeps will have Covid by Monday.
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ ⚙️ (@DanielMiessler)
4:31 AM • Aug 9, 2024
Huntsman - Helps you gather email addresses, generate usernames, and validate context using popular services like hunter.io, snov.io, and skrapp.io. MORE
"Don't model the problem" is a video that explores an alternative approach to programming by focusing on solving problems directly rather than creating complex models. MORE
The real "Wolf of Wall Street" sales script. MORE
Git-metrics — Lets you attach, replace, or remove metrics for a given commit directly within your Git repository. MORE
Prompt Airlines is an AI Security CTF with 5 levels of increasingly difficult challenges, aiming to manipulate an AI chatbot to get a free airline ticket. MORE
Dioptra is a software test platform for assessing the trustworthy characteristics of AI, ensuring it is valid, reliable, safe, secure, resilient, accountable, transparent, explainable, interpretable, privacy-enhanced, and fair with managed harmful bias. MORE
urlhunter is a recon tool that enables search on URLs exposed via shortener services like bit.ly and goo.gl. MORE
Figure 02 – Figure has released its newest humanoid robot with enhanced intelligence and a sleeker design. MORE
Neighborbrite — Get instant landscaping inspiration for your yard. MORE
LangGraph Engineer — This alpha version agent helps bootstrap LangGraph applications by creating the correct nodes and edges, but leaves the logic to you. MORE
TrailShark – A tool that integrates AWS CloudTrail logs with Wireshark for real-time analysis of API calls. MORE
AWS Reasonable Account Defaults – A CloudFormation template to create reasonable account defaults around Cost Surprise Alerting. MORE
WireGuard-rs – There's now an official Rust implementation of WireGuard, which promises to bring the same secure VPN capabilities with the added benefits of Rust's safety and performance features. MORE
Developing CLIs — A detailed guide on building Command Line Interfaces (CLIs) using Go, focusing on best practices and practical tips. MORE
"Go is my hammer, and everything is a nail" explores the author's journey of using Go for almost every project, regardless of its suitability. MORE
Things I've Learned Building a Modern TUI Framework — Will McGugan shares insights from developing Textual, a modern Text User Interface (TUI) framework. MORE
RECOMMENDATION OF THE WEEKIf / when you feel overwhelmed by content, remember what Riva Tez said on the to David Perell a long time ago:
"You can't necessarily think yourself into the answers. You have to create space for the answers to come to you."
In other words, use one or more of these techniques to clear your mind:
News fast
Physical books only for 2 weeks
Take a nature-only vacation
Information fast
Dopamine fast
Etc.
Then come back fresh and redo your inputs to make sure they’re not overwhelming and/or noisy.
Repeat in 6 months.
APHORISM OF THE WEEK Become a Member to increase your audio reading speed from 1.5x to 1.75xPowered by beehiiv
August 5, 2024
UL NO. 444: Pizza Meter Intelligence, China Bypasses Bans, Securing AWS Secrets...
SECURITY | AI | MEANING :: Unsupervised Learning is my continuous stream of original ideas, story analysis, tooling, and mental models designed to help humans lead successful and meaningful lives in a world full of AI .
TOCNOTESHi!
OSINT is one of my favorite hobbies, and the Pizza Index is one of my best examples of what you can do with it. Basically it’s how much pizza the Pentagon is ordering—with the implication being that they’re working late because something’s going down.
And with the stuff happening between Iran and Israel (and elsewhere), it looks like they’re quite busy. Lots of pizza and empty bars.
🚨Pizza meter is off the charts and the “bars” in DC are empty near the Pentagon. Brace yourselves.
— RealBenGeller (@RealBenGeller)
2:07 AM • Aug 3, 2024
This is why I can’t wait to fully build out my agent framework, and for agent functionality to become integrated with models / platforms (my personal prediction for 2025).
This will allow OSINT experts to take all their various sources and techniques and turn them into continuous data pipelines that they publish via API.
I’ll be publishing many of these myself. Think Pizza Index, but for thousands of different signals around different activities. So, military movements, money transfers, discussion in various forums, etc. And because they’ll be AI Augmented, they won’t just be raw data streams, but actual analysis.
It appears X may be about to initiate an attack against Y. We make this assessment based on the following:
- The following troop and vehicle movements
- The following comments made by experts with an exemplary prediction record
- These moves in the following 3 prediction markets
Based on all three of these, we estimate a 93% chance of this attack taking place within 72 hours.
The type of reports that will be everywhere soon
Anyway, super excited about this.
Already in Vegas and we’re missing my cooled bed surface. And AC. And Neorest. But so worth it to see everyone.
Really looking forward to our UL Member meetup later this week. Going to get to see a few long-time members in person for the first time!
Dont’ forget your primary, secondary, and tertiary burner phones.
—
🚨The State of Things
Ok, given the state of the world right now—and the current stock market crash—I felt inspired to write a long stream-of-consciousness view of what’s happening in the world and how I plan on responding. It’s heavy and political and deep and personal, so only read it if you are interested in thinking and feeling things. READ IT
MY WORK
I don't know two shits about the Yen or the likelihood of a US recession, but what I can tell you is how I see things right now—as someone in the US—and how I am personally going to respond.
First and most obviously—things are a bit crazy. Here’s a short list.
- Riots in the UK… x.com/i/web/status/1…
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ 📚☕️🗣️ (@DanielMiessler)
3:56 PM • Aug 5, 2024
A slightly upgraded version of last week’s main piece on why AI will disrupt business and society.
We've Been Thinking About AI All Wrong
AI is just a way to execute Intelligence Tasks that only humans can do.
danielmiessler.com/p/weve-been-thinking-about-ai-all-wrong
—
I spoke with Christine Gadsby, Head of Product Security Operations Team at BlackBerry and we talked about the Role of AI in Cybersecurity, including:
AI's real advancements, practical applications, and associated challenges, moving beyond the hype.
Enhancing Incident Response and Threat Hunting
Christine highlights AI's significant impact on enhancing incident response and threat hunting, how AI quickly analyzes vast data to identify Indicators of Compromise (IoCs), automates routine tasks, and improves decision-making with actionable insights.
And lots more…
Go check it out. WATCH THE INTERVIEW
SECURITYTwo critical ServiceNow vulnerabilities reported by AssetNote 💪 are being actively exploited. These flaws allow attackers to access databases, exfiltrate data, and read arbitrary files, and they’re currently affecting between 13k to 42k instances. MORE
A company has reportedly paid a new record-high $75 million to a ransomware group. It’s a lot of money compared to anything other than not being able to do business. MORE
DigiCert is revoking 83,000 TLS certificates due to a domain validation bug that could lead to clashes between records and subdomains. MORE
Sponsor
Dropzone AI
Hey, Daniel here.
I've seen a thousand different AI + Security startups at this point. Most are very early and/or theoretical. Some are pretty decent, and a few are impressive.
But the absolute best I've seen so far - by far - is Dropzone.ai. They’re the only company I’ve seen that’s really mastered the agent aspect of doing investigations.
It takes alerts from various tools and just starts working on them—just like a human would. Needs more data, goes and researches that. Needs to find some context? It goes and gets that.
So by the end you have a fully documented set of steps that were taken to research an alert, and a conclusion on whether or not it was malicious—all with full documentation.
I’m so impressed with it that I’m now an advisor as well.
Want to learn more and see Dropzone.ai in action? Come meet the Dropzone.ai team in person at Security Wasteland during Black Hat.
wwv.vulncheck.com/security-wasteland-black-hat-2024
Register HereChina is getting around U.S. bans on advanced AI chips through smuggling, front companies, and loopholes, ultimately allowing restricted Nvidia GPUs to flow into the country despite export controls. MORE
Ransomware attacks are rising with an 18% year-on-year increase reported by Zscaler ThreatLabz, including a record $75 million ransom paid this year. The U.S. faces nearly half of all attacks, with the U.K. being the second most targeted country. MORE
💡I’ve always considered ransomware attacks to be something we’d have to invent as a government service if it didn’t exist in the marketplace. Like as a way to test and punish bad security.
But my intuition was that after a number of years it would get harder and harder because security would increase. So if they’re still increasing, I wonder what the reason is. Are attackers moving to more vulnerable targets after others locked themselves down, or are they just getting better at finding holes, something else, or all of the above.
Probably all of the above.
If someone has more insight—or a write-up on this—on that I’d appreciate it.
A great analysis here of securing secrets in AWS outlines how to improve credentials access incrementally. The post covers using Secrets Manager and KMS to eliminate plaintext secrets from production and enhance credential management in CI/CD pipelines. MORE
A solid blog post discusses creating custom implants for evasion by building them in C, detailing server setup, client functionality, and testing against security tools. MORE
The average cost of a data breach jumped 10% to $4.88 million in 2023 according to the Cost of a Data Breach Report 2024. MORE
China is tightening its civilian drone export rules starting September 1 to prevent their use in military or terrorist activities. The new controls will target drones with IR imaging, laser guidance, and high-precision inertial measurement devices, while lifting restrictions on long-range civilian drones. MORE
AI / TECHOpenAI has started rollout of its new ChatGPT Voice feature for ChatGPT Plus users, enabling real-time conversations with emotion detection. Initially available to a small group, it will expand to all Plus users by fall 2024. MORE
💡I am part of this initial rollout and I can tell you that the conversations with the product are far more natural now.
I talk to AI a lot using the Cove voice on ChatGPT (Cove sounds an awful lot like TARS from Iterstellar btw) and that I have mapped to double-tap and my Action Button on my phone for quick access.
Now it’s just a bit more natural sounding, although I’m getting a lot of weird artifacts in the voice which could be due to load or bandwidth issues. Not sure.
Black Hat USA 2024 Preview: AI, AI, and More AI — Decipher editors Dennis Fisher and Lindsey O'Donnell-Welch, along with Brian Donohue, discuss the upcoming Black Hat talks they're excited about. Highlights include sessions with H D Moore, Sherrod DeGrippo, and Moxie Marlinspike, as well as some intriguing talks with cryptic titles. MORE
California's SB-1047, the "Safe and Secure Innovation for Frontier Artificial Intelligence Models Act," aims to regulate large AI models by mandating safety measures to prevent catastrophic incidents. Critics argue that the bill's focus on existential threats could stifle current AI research and development. MORE
The EU's risk-based AI regulation began on August 1 with staggered compliance deadlines categorizing AI applications into low/no-risk, high-risk, and limited risk tiers. It imposes transparency, risk management, and penalties for violations, with standards for high-risk and powerful general-purpose AI models to be finalized by April 2025. MORE
OpenAI has launched the GPT-4o Long Output model (in limited availability), which extends its output capacity to 64,000 tokens—16 times more than the original GPT-4o. I think the best use cases for this will be things like writing long-form content. MORE
Google's experimental Gemini 1.5 Pro has claimed the top spot on the AI Chatbot Arena leaderboard, surpassing OpenAI's GPT-4 and Anthropic's Claude 3.5 with a score of 1300. I’ve personally not used it yet because I find using Google products to be excrucatingly painful—especially their AI products. MORE
Meta says it will need 10x more computing power to train Llama 4 compared to Llama 3. So impressed with how Mark has gone from Metaverse Failing to AI Winning in like a year. I credit Jujitsu. | MORE
Elliott Management is calling Nvidia a 'bubble' and says AI is 'overhyped'. They argue that the market is overly optimistic about AI's potential and Nvidia's role in it. I think it’s a bubble, but it’s a bubble like the internet in 1995. In other words, there will be a bursting of AI hype, but that’s completely unrelated to the hockeystick AI is about to produce. These are unrelated things. MORE | MY ANALYSIS
Bellingcat has put together a guide on identifying explosive ordnance (EO) in social media imagery. It covers how to verify the authenticity of images, use reverse image searches, and identify EO based on text, colors, shapes, and contextual clues. MORE
CrowdStrike is facing massive lawsuit after Blue Friday crashed over 8 million computers globally. The lawsuit claims the company made "false and misleading" statements about its software testing, leading to a 32% drop in share price and a $25 billion loss in market value. MORE
Intel is laying off over 15% of its workforce as part of a $10 billion cost reduction plan after missing quarterly earnings expectations. The company reported a $1.61 billion net loss for Q2 2024 and will not pay its dividend in the fiscal fourth quarter. MORE
Apple just posted a record-breaking Q3 2024 with $85.78 billion in revenue, surpassing analyst expectations of $84.46 billion. Not sure why Berkshire Hathaway just sold so much of it. People are saying he’s anticipating a massive sell-off and he wants to be in cash. MORE
Apple is ramping up spending to get Apple Intelligence ready for launch this fall. I’m using the beta that has it, and it’s already pretty impressive even without most of the stuff turned on. MORE
Continue reading online to avoid the email cutoff… HUMANSA lot of the world tried to push Huawei out of their infrastructure, but they’re actually getting more powerful, not less. MORE
A software company increased user engagement by 8x by drastically shortening their emails. Netlify's initial 150-word emails had a 1% reply rate, but cutting the text to 37 words boosted replies to 4%, and further reducing it to 14 words doubled that rate to 8%. Insane. Maybe the takeaway is people don’t have much time, and you should respect it. MORE
Last month, Shane Mac offered everyone at his company $25,000 to quit, and six people took it. He did this because he realized he had oversold the culture and needed to reset expectations to align with their ambitious mission of building a decentralized and secure messaging protocol. The move was part of a broader effort to rewrite their values, raise the hiring bar, and ensure only those deeply committed to the mission stayed on board. MORE
💡This is what I’ve been on about with the Alaskan Fishing Boat analogy. Companies only want fully-dedicated murderers now. Entitled people, people who are are C and B players—all of those are going to get increasingly phased out.
And AI will cut even more people who’ve been hiding in middle management and other parts of the org where they get paid tons of money to not add much value.
All the consultancies are going to use AI to come in and evaluate business operations and find all those people, and recommend to the C-team that they be fired and replaced with 1/10th their number of A-players, and AI.
Journalist Evan Gershkovich was among a group of Americans and Russian dissidents released from Russia in a seven-nation prisoner swap, the largest since the Cold War. The US and Europe released eight Russian prisoners, including hitman Vadim Krasikov. MORE
Researchers at the University of California, Santa Barbara have developed an AI model called SharkEye to help prevent shark attacks. The model uses drones to detect sharks with greater accuracy than humans, even spotting those below the water's surface. MORE
Treating failing eyesight and high cholesterol are two new ways to lower the risk of developing dementia, according to a major report. The Lancet Commission's latest findings suggest that addressing 14 health issues could theoretically prevent nearly half of all dementia cases worldwide. MORE
Self-control is about 60% heritable, meaning genes explain roughly 60% of the differences in self-control among individuals. A meta-analysis of 31 studies involving over 30,000 twins showed that identical twins are more similar in self-control than non-identical twins, highlighting the genetic influence. MORE
💡Holy crap this could be devastating if it’s supported in further studies. I worry about the narrative that both IQ and self-discipline are mostly genetic, thus giving people an easy ramp to write off individuals or groups if they have lower averages.
Luckily, even if true, 1) groups don’t define individuals, and 2) there’s likely a LOT of slack in the environmental part that we’re not—as a society—tapping into yet.
A new study reveals that people tend to alter their appearance to match their names. Researchers found that adults' faces often align with social stereotypes associated with their names, while children's faces do not show this pattern. I guess be even more careful what you name your kids? MORE
A key protein called Reelin may help stave off Alzheimer's disease. A number of new studies suggest that Reelin helps maintain thinking and memory in aging brains, and when its levels fall, neurons become more vulnerable. People are starting to work on drugs for this, obviously. MORE
Wizards of the Coast will release the 2024 Dungeons & Dragons rulebooks under a Creative Commons license, fulfilling a promise made after backlash over attempts to change the Open Gaming License. MORE
"If Novelists Wrote Your Bug Reports" imagines how famous authors would describe software bugs in their unique styles. Ernest Cline likens a screen flicker to scenes from "Back to the Future" and "Ghostbusters," while Ursula K. Le Guin philosophizes about the existential pain of coding errors. MORE
IDEASMore analysis on how bad the results were of the recent UBI study done by Sam Altman. It appears to be pretty bad, just like we talked about last week.
A lot happened in July.
But, one event went quietly unnoticed.
The result of largest American controlled experiment in Universal Basic Income (UBI) was released.
You haven’t heard about it because the findings are terrifyingly bad. (1/12)
— Athan Koutsiouroumbas (@Athan_K)
5:23 PM • Aug 2, 2024
—
A really cool idea from Jonathan Haidt about free-range kids, and a cool idea for giving them more freedom.
DISCOVERY
Here's a great collective action solution that you might be able to do in your neighborhood: Create a "play street", once a month: close off a street for 2 hours, for kids to play, for neighbors to meet. It has transformative effects!
theatlantic.com/family/archive…
— Jonathan Haidt (@JonHaidt)
11:54 AM • Aug 3, 2024
🌱Farmbot is an open-source farming machine for growing food in your own backyard. MORE
Supermemory — An AI-powered platform to organize, search, and utilize saved information, acting as a digital second brain. Key features include importing bookmarks from Twitter, saving content from any source, and retrieving info with instant answers. It's open source. | by Supermemory AI | MORE
Friend — Avi Schiffmann's new AI pendant, Friend, is designed to combat loneliness by sending you reassuring or playful texts based on what it overhears. The always-listening device, which doesn't store recordings, has been compared to an adult Tamagotchi and is available for preorder at $99. | by Avi Schiffmann | MORE
Fabric – Daniel Kossmann walks you through installing Fabric, an open-source AI framework by Daniel Miessler, on Ubuntu Linux. | by Daniel Kossmann | MORE
Fleet – An open-source version of FleetDM's tool built on Osquery for vulnerability monitoring, MDM, detection engineering, and more applications. | by Fleet | MORE
SOC2 Policy Templates – A collection of templates for SOC2 policies and procedures that can be outputted as an HTML dashboard or PDF. MORE
Clutch Security – A platform providing visibility into all non-human identities within an organization, helping security teams identify associated risks. | by Clutch Security | MORE
RECOMMENDATION OF THE WEEKIf you’re at Blackhat this week, remember that 10 and 20 years from now you won’t remember the talks you saw this year. But you will remember spending that time with your friends.
Prioritize friend-time over presentation-time.
Not only is the friend time more precious and valuable, but you can get the talks later if you really want to.
APHORISM OF THE WEEK Become a Member to need one less burner phone at DEFCONPowered by beehiiv
UL NO. 444: Pizza Meter Intelligence, China Bypasses Bans, Securing AWS Secrets…
SECURITY | AI | MEANING :: Unsupervised Learning is my continuous stream of original ideas, story analysis, tooling, and mental models designed to help humans lead successful and meaningful lives in a world full of AI .
TOCNOTESHi!
OSINT is one of my favorite hobbies, and the Pizza Index is one of my best examples of what you can do with it. Basically it’s how much pizza the Pentagon is ordering—with the implication being that they’re working late because something’s going down.
And with the stuff happening between Iran and Israel (and elsewhere), it looks like they’re quite busy. Lots of pizza and empty bars.
🚨Pizza meter is off the charts and the “bars” in DC are empty near the Pentagon. Brace yourselves.
— RealBenGeller (@RealBenGeller)
2:07 AM • Aug 3, 2024
This is why I can’t wait to fully build out my agent framework, and for agent functionality to become integrated with models / platforms (my personal prediction for 2025).
This will allow OSINT experts to take all their various sources and techniques and turn them into continuous data pipelines that they publish via API.
I’ll be publishing many of these myself. Think Pizza Index, but for thousands of different signals around different activities. So, military movements, money transfers, discussion in various forums, etc. And because they’ll be AI Augmented, they won’t just be raw data streams, but actual analysis.
It appears X may be about to initiate an attack against Y. We make this assessment based on the following:
- The following troop and vehicle movements
- The following comments made by experts with an exemplary prediction record
- These moves in the following 3 prediction markets
Based on all three of these, we estimate a 93% chance of this attack taking place within 72 hours.
The type of reports that will be everywhere soon
Anyway, super excited about this.
Already in Vegas and we’re missing my cooled bed surface. And AC. And Neorest. But so worth it to see everyone.
Really looking forward to our UL Member meetup later this week. Going to get to see a few long-time members in person for the first time!
Dont’ forget your primary, secondary, and tertiary burner phones.
—
🚨The State of Things
Ok, given the state of the world right now—and the current stock market crash—I felt inspired to write a long stream-of-consciousness view of what’s happening in the world and how I plan on responding. It’s heavy and political and deep and personal, so only read it if you are interested in thinking and feeling things. READ IT
MY WORK
I don't know two shits about the Yen or the likelihood of a US recession, but what I can tell you is how I see things right now—as someone in the US—and how I am personally going to respond.
First and most obviously—things are a bit crazy. Here’s a short list.
- Riots in the UK… x.com/i/web/status/1…
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ 📚☕️🗣️ (@DanielMiessler)
3:56 PM • Aug 5, 2024
A slightly upgraded version of last week’s main piece on why AI will disrupt business and society.
We've Been Thinking About AI All Wrong
AI is just a way to execute Intelligence Tasks that only humans can do.
danielmiessler.com/p/weve-been-thinking-about-ai-all-wrong
—
I spoke with Christine Gadsby, Head of Product Security Operations Team at BlackBerry and we talked about the Role of AI in Cybersecurity, including:
AI's real advancements, practical applications, and associated challenges, moving beyond the hype.
Enhancing Incident Response and Threat Hunting
Christine highlights AI's significant impact on enhancing incident response and threat hunting, how AI quickly analyzes vast data to identify Indicators of Compromise (IoCs), automates routine tasks, and improves decision-making with actionable insights.
And lots more…
Go check it out. WATCH THE INTERVIEW
SECURITYTwo critical ServiceNow vulnerabilities reported by AssetNote 💪 are being actively exploited. These flaws allow attackers to access databases, exfiltrate data, and read arbitrary files, and they’re currently affecting between 13k to 42k instances. MORE
A company has reportedly paid a new record-high $75 million to a ransomware group. It’s a lot of money compared to anything other than not being able to do business. MORE
DigiCert is revoking 83,000 TLS certificates due to a domain validation bug that could lead to clashes between records and subdomains. MORE
Sponsor
Dropzone AI
Hey, Daniel here.
I've seen a thousand different AI + Security startups at this point. Most are very early and/or theoretical. Some are pretty decent, and a few are impressive.
But the absolute best I've seen so far - by far - is Dropzone.ai. They’re the only company I’ve seen that’s really mastered the agent aspect of doing investigations.
It takes alerts from various tools and just starts working on them—just like a human would. Needs more data, goes and researches that. Needs to find some context? It goes and gets that.
So by the end you have a fully documented set of steps that were taken to research an alert, and a conclusion on whether or not it was malicious—all with full documentation.
I’m so impressed with it that I’m now an advisor as well.
Want to learn more and see Dropzone.ai in action? Come meet the Dropzone.ai team in person at Security Wasteland during Black Hat.
wwv.vulncheck.com/security-wasteland-black-hat-2024
Register HereChina is getting around U.S. bans on advanced AI chips through smuggling, front companies, and loopholes, ultimately allowing restricted Nvidia GPUs to flow into the country despite export controls. MORE
Ransomware attacks are rising with an 18% year-on-year increase reported by Zscaler ThreatLabz, including a record $75 million ransom paid this year. The U.S. faces nearly half of all attacks, with the U.K. being the second most targeted country. MORE
💡I’ve always considered ransomware attacks to be something we’d have to invent as a government service if it didn’t exist in the marketplace. Like as a way to test and punish bad security.
But my intuition was that after a number of years it would get harder and harder because security would increase. So if they’re still increasing, I wonder what the reason is. Are attackers moving to more vulnerable targets after others locked themselves down, or are they just getting better at finding holes, something else, or all of the above.
Probably all of the above.
If someone has more insight—or a write-up on this—on that I’d appreciate it.
A great analysis here of securing secrets in AWS outlines how to improve credentials access incrementally. The post covers using Secrets Manager and KMS to eliminate plaintext secrets from production and enhance credential management in CI/CD pipelines. MORE
A solid blog post discusses creating custom implants for evasion by building them in C, detailing server setup, client functionality, and testing against security tools. MORE
The average cost of a data breach jumped 10% to $4.88 million in 2023 according to the Cost of a Data Breach Report 2024. MORE
China is tightening its civilian drone export rules starting September 1 to prevent their use in military or terrorist activities. The new controls will target drones with IR imaging, laser guidance, and high-precision inertial measurement devices, while lifting restrictions on long-range civilian drones. MORE
AI / TECHOpenAI has started rollout of its new ChatGPT Voice feature for ChatGPT Plus users, enabling real-time conversations with emotion detection. Initially available to a small group, it will expand to all Plus users by fall 2024. MORE
💡I am part of this initial rollout and I can tell you that the conversations with the product are far more natural now.
I talk to AI a lot using the Cove voice on ChatGPT (Cove sounds an awful lot like TARS from Iterstellar btw) and that I have mapped to double-tap and my Action Button on my phone for quick access.
Now it’s just a bit more natural sounding, although I’m getting a lot of weird artifacts in the voice which could be due to load or bandwidth issues. Not sure.
Black Hat USA 2024 Preview: AI, AI, and More AI — Decipher editors Dennis Fisher and Lindsey O'Donnell-Welch, along with Brian Donohue, discuss the upcoming Black Hat talks they're excited about. Highlights include sessions with H D Moore, Sherrod DeGrippo, and Moxie Marlinspike, as well as some intriguing talks with cryptic titles. MORE
California's SB-1047, the "Safe and Secure Innovation for Frontier Artificial Intelligence Models Act," aims to regulate large AI models by mandating safety measures to prevent catastrophic incidents. Critics argue that the bill's focus on existential threats could stifle current AI research and development. MORE
The EU's risk-based AI regulation began on August 1 with staggered compliance deadlines categorizing AI applications into low/no-risk, high-risk, and limited risk tiers. It imposes transparency, risk management, and penalties for violations, with standards for high-risk and powerful general-purpose AI models to be finalized by April 2025. MORE
OpenAI has launched the GPT-4o Long Output model (in limited availability), which extends its output capacity to 64,000 tokens—16 times more than the original GPT-4o. I think the best use cases for this will be things like writing long-form content. MORE
Google's experimental Gemini 1.5 Pro has claimed the top spot on the AI Chatbot Arena leaderboard, surpassing OpenAI's GPT-4 and Anthropic's Claude 3.5 with a score of 1300. I’ve personally not used it yet because I find using Google products to be excrucatingly painful—especially their AI products. MORE
Meta says it will need 10x more computing power to train Llama 4 compared to Llama 3. So impressed with how Mark has gone from Metaverse Failing to AI Winning in like a year. I credit Jujitsu. | MORE
Elliott Management is calling Nvidia a 'bubble' and says AI is 'overhyped'. They argue that the market is overly optimistic about AI's potential and Nvidia's role in it. I think it’s a bubble, but it’s a bubble like the internet in 1995. In other words, there will be a bursting of AI hype, but that’s completely unrelated to the hockeystick AI is about to produce. These are unrelated things. MORE | MY ANALYSIS
Bellingcat has put together a guide on identifying explosive ordnance (EO) in social media imagery. It covers how to verify the authenticity of images, use reverse image searches, and identify EO based on text, colors, shapes, and contextual clues. MORE
CrowdStrike is facing massive lawsuit after Blue Friday crashed over 8 million computers globally. The lawsuit claims the company made "false and misleading" statements about its software testing, leading to a 32% drop in share price and a $25 billion loss in market value. MORE
Intel is laying off over 15% of its workforce as part of a $10 billion cost reduction plan after missing quarterly earnings expectations. The company reported a $1.61 billion net loss for Q2 2024 and will not pay its dividend in the fiscal fourth quarter. MORE
Apple just posted a record-breaking Q3 2024 with $85.78 billion in revenue, surpassing analyst expectations of $84.46 billion. Not sure why Berkshire Hathaway just sold so much of it. People are saying he’s anticipating a massive sell-off and he wants to be in cash. MORE
Apple is ramping up spending to get Apple Intelligence ready for launch this fall. I’m using the beta that has it, and it’s already pretty impressive even without most of the stuff turned on. MORE
Continue reading online to avoid the email cutoff… HUMANSA lot of the world tried to push Huawei out of their infrastructure, but they’re actually getting more powerful, not less. MORE
A software company increased user engagement by 8x by drastically shortening their emails. Netlify's initial 150-word emails had a 1% reply rate, but cutting the text to 37 words boosted replies to 4%, and further reducing it to 14 words doubled that rate to 8%. Insane. Maybe the takeaway is people don’t have much time, and you should respect it. MORE
Last month, Shane Mac offered everyone at his company $25,000 to quit, and six people took it. He did this because he realized he had oversold the culture and needed to reset expectations to align with their ambitious mission of building a decentralized and secure messaging protocol. The move was part of a broader effort to rewrite their values, raise the hiring bar, and ensure only those deeply committed to the mission stayed on board. MORE
💡This is what I’ve been on about with the Alaskan Fishing Boat analogy. Companies only want fully-dedicated murderers now. Entitled people, people who are are C and B players—all of those are going to get increasingly phased out.
And AI will cut even more people who’ve been hiding in middle management and other parts of the org where they get paid tons of money to not add much value.
All the consultancies are going to use AI to come in and evaluate business operations and find all those people, and recommend to the C-team that they be fired and replaced with 1/10th their number of A-players, and AI.
Journalist Evan Gershkovich was among a group of Americans and Russian dissidents released from Russia in a seven-nation prisoner swap, the largest since the Cold War. The US and Europe released eight Russian prisoners, including hitman Vadim Krasikov. MORE
Researchers at the University of California, Santa Barbara have developed an AI model called SharkEye to help prevent shark attacks. The model uses drones to detect sharks with greater accuracy than humans, even spotting those below the water's surface. MORE
Treating failing eyesight and high cholesterol are two new ways to lower the risk of developing dementia, according to a major report. The Lancet Commission's latest findings suggest that addressing 14 health issues could theoretically prevent nearly half of all dementia cases worldwide. MORE
Self-control is about 60% heritable, meaning genes explain roughly 60% of the differences in self-control among individuals. A meta-analysis of 31 studies involving over 30,000 twins showed that identical twins are more similar in self-control than non-identical twins, highlighting the genetic influence. MORE
💡Holy crap this could be devastating if it’s supported in further studies. I worry about the narrative that both IQ and self-discipline are mostly genetic, thus giving people an easy ramp to write off individuals or groups if they have lower averages.
Luckily, even if true, 1) groups don’t define individuals, and 2) there’s likely a LOT of slack in the environmental part that we’re not—as a society—tapping into yet.
A new study reveals that people tend to alter their appearance to match their names. Researchers found that adults' faces often align with social stereotypes associated with their names, while children's faces do not show this pattern. I guess be even more careful what you name your kids? MORE
A key protein called Reelin may help stave off Alzheimer's disease. A number of new studies suggest that Reelin helps maintain thinking and memory in aging brains, and when its levels fall, neurons become more vulnerable. People are starting to work on drugs for this, obviously. MORE
Wizards of the Coast will release the 2024 Dungeons & Dragons rulebooks under a Creative Commons license, fulfilling a promise made after backlash over attempts to change the Open Gaming License. MORE
"If Novelists Wrote Your Bug Reports" imagines how famous authors would describe software bugs in their unique styles. Ernest Cline likens a screen flicker to scenes from "Back to the Future" and "Ghostbusters," while Ursula K. Le Guin philosophizes about the existential pain of coding errors. MORE
IDEASMore analysis on how bad the results were of the recent UBI study done by Sam Altman. It appears to be pretty bad, just like we talked about last week.
A lot happened in July.
But, one event went quietly unnoticed.
The result of largest American controlled experiment in Universal Basic Income (UBI) was released.
You haven’t heard about it because the findings are terrifyingly bad. (1/12)
— Athan Koutsiouroumbas (@Athan_K)
5:23 PM • Aug 2, 2024
—
A really cool idea from Jonathan Haidt about free-range kids, and a cool idea for giving them more freedom.
DISCOVERY
Here's a great collective action solution that you might be able to do in your neighborhood: Create a "play street", once a month: close off a street for 2 hours, for kids to play, for neighbors to meet. It has transformative effects!
theatlantic.com/family/archive…
— Jonathan Haidt (@JonHaidt)
11:54 AM • Aug 3, 2024
🌱Farmbot is an open-source farming machine for growing food in your own backyard. MORE
Supermemory — An AI-powered platform to organize, search, and utilize saved information, acting as a digital second brain. Key features include importing bookmarks from Twitter, saving content from any source, and retrieving info with instant answers. It's open source. | by Supermemory AI | MORE
Friend — Avi Schiffmann's new AI pendant, Friend, is designed to combat loneliness by sending you reassuring or playful texts based on what it overhears. The always-listening device, which doesn't store recordings, has been compared to an adult Tamagotchi and is available for preorder at $99. | by Avi Schiffmann | MORE
Fabric – Daniel Kossmann walks you through installing Fabric, an open-source AI framework by Daniel Miessler, on Ubuntu Linux. | by Daniel Kossmann | MORE
Fleet – An open-source version of FleetDM's tool built on Osquery for vulnerability monitoring, MDM, detection engineering, and more applications. | by Fleet | MORE
SOC2 Policy Templates – A collection of templates for SOC2 policies and procedures that can be outputted as an HTML dashboard or PDF. MORE
Clutch Security – A platform providing visibility into all non-human identities within an organization, helping security teams identify associated risks. | by Clutch Security | MORE
RECOMMENDATION OF THE WEEKIf you’re at Blackhat this week, remember that 10 and 20 years from now you won’t remember the talks you saw this year. But you will remember spending that time with your friends.
Prioritize friend-time over presentation-time.
Not only is the friend time more precious and valuable, but you can get the talks later if you really want to.
APHORISM OF THE WEEK Become a Member to need one less burner phone at DEFCONPowered by beehiiv
July 31, 2024
UL NO. 443: North Korean Co-workers, UBI Failure?, AI-Groupthink, GPS Spoofing…
SECURITY | AI | MEANING :: Unsupervised Learning is my continuous stream of original ideas, story analysis, tooling, and mental models designed to help humans lead successful and meaningful lives in a world full of AI .
TOCNOTESHi!
Here’s what’s up:
Gearing up for Vegas. 11 days, assuming I don’t get sick after like 4. 😷
If you see me, please know that I’m shy and awkward like 20-60% of the time. Just say hi anyway. I love people and it’s good training for me for being more extraverted.
I watched a number of videos last night about people losing their jobs, starting a YouTube channel, and just generally struggling. And of course as soon as I watched two of these, my whole feed was this.
So I watched 10 more. It’s very sad.
People are hurting because they’re feeling the ground shifting under their feet and it’s not clear if it’s their fault, what’s going on, or what to do about it.
This is why I’m doing what I do now. To help people like I saw in those videos. I subscribed to all of them to boost their numbers, and I’m going to try to reach out to them and send them encouragement.
Be kind to people. Everyone’s hurting in some kind of way. Especially right now, and hurt people are often more mean than they normally would be. See: politics.
Ok, let’s get to it…
MY WORKThis my absolute best argument for why AI will have an extraordinary effect on the economy and jobs. Send it to your friends who are still skeptical.
We've Been Thinking About AI All Wrong
AI is just a way to execute Intelligence Tasks that only humans can do.
www.danielmiessler.com/p/weve-been-thinking-about-ai-all-wrong
—
I created a full video going through our new Substrate project. If you prefer videos to long articles, this is the way.
SECURITYKnowBe4 accidentally hired a North Korean state actor who tried to install info-stealing malware on their devices. They caught it in time, but it shows how good North Korean hackers are at pretending to be IT staff. | Bill Toulas | MORE
GitHub's repository design flaw allows indefinite access to data from deleted and private repositories, known as Cross Fork Object Reference (CFOR). | by @TruffleSecurity | MORE
A plane’s GPS was jammed on a commercial transatlantic route for the first time, raising fears that thousands of other flights could be at risk of deliberate hacking. The incident happened on a flight from Madrid to Toronto and is suspected to be a targeted attack rather than accidental interference. | MORE
Sponsor
Remove Barriers to AI Innovation with Tines
When it comes to implementing AI, privacy and security concerns make things complicated. It doesn’t help that many AI tools demo well but fall short in real-world deployment, complicating vendor due diligence.
AI in Tines was designed to address your security team’s valid concerns around data privacy, security, and usability, and help you overcome the challenges of inflexible technologies.
Tines makes workflow automation and AI accessible to any member of your team, while supporting your AI guardrails. You’re in control - you decide when and how your workflows interact with AI.
The result: a scalable automation program that drives innovation, and frees up resources to spend on mission-critical, strategic work.
TRY IT FREEThere's been a 400% increase in GPS spoofing incidents, affecting around 900 flights daily. This spike is causing major safety concerns, especially with systems like EGPWS becoming unreliable. A new workgroup has been set up to address these issues and find solutions. | MORE
France's high-speed rail traffic got disrupted due to what officials are calling 'malicious acts' just before the Olympic ceremony. | MORE
Sponsor
Discover, secure and govern genAI use
Nudge Security has discovered over 500 unique genAI apps in customer environments to date, without the need for any prior knowledge of an app’s existence.
Within minutes of starting a free trial, you’ll have a full inventory of all genAI apps in use (along with every other SaaS app) and security profiles for each provider to quickly vet new or unfamiliar tools.
Get your free genAI inventory today.
nudgesecurity.com/use-cases/mitigate-ai-risks
Free TrialGoogle has decided not to phase out third-party cookies in Chrome and will instead offer users more control over how these cookies are used. This move comes after realizing the significant impact on publishers and advertisers. | by Lawrence Abrams | MORE
💡I’m shocked that this company that makes most of its money on advertising—and is bad at rolling out products—cancelled a thing that’s 1) really difficult to do, and 2) would negatively affect advertisers.
An evaluation of Amazon GuardDuty reveals limited coverage and high costs, with significant latency in detecting attacks like S3 ransomware. | by Tracebit | MORE
Google's reCAPTCHA is showing its age and is harvesting user information and labor worth billions while being almost universally disliked and vulnerable to bots. Cloudflare has an alternative, but I’m not sure it’s good enough to fully replace. MORE
The Senate unanimously passed the DEFIANCE Act, letting victims of nonconsensual intimate images created by AI sue their creators for damages. Victims can get up to $150,000, or $250,000 if linked to sexual assault, stalking, or harassment. | by Lauren Feiner | MORE
The U.S. Commerce Department says shipments of high-performance processors from China and Hong Kong to Russia have dropped by 20%, but Hong Kong is still a key hub for smuggling critical components. Despite the decrease, nearly $2 billion worth of goods were shipped from Hong Kong to Russia in late 2023. MORE
AI / TECHWiz turned down a $23 billion acquisition offer from Alphabet and is instead aiming for an IPO. Completely baller move. My thoughts are that they knew they could get more money and they knew that going to Google was basically a move to The Graveyard. MORE
AI is replacing jobs in the video game industry, with major companies like Activision using generative AI tools for concept art. This has led to significant layoffs, with an estimated 10,500 people losing their jobs in 2023 and even more this year. | by Brian Merchant | MORE
A new study shows that while generative AI like ChatGPT makes individual stories more creative and engaging, it also makes them more similar to each other. | by Ben Dickson | MORE
💡I’ve heard a lot of supposed risks from AI, but this one sounds pretty realistic. We’ll need to engineer in mechanisms for exposure to alternative frames, models, and viewpoints to avoid people consolidating and following an AI-powered groupthink on various topics.
And avoiding sentences that are too long.
Switzerland has passed a law requiring all public sector agencies to use open-source software and open-source any code they develop. This move aims to reduce vendor lock-in, foster innovation, and save taxpayer money. | by Dr. Matthias Stürmer | MORE
💡I generally love this. But two things:
Open doesn’t mean secure by itself, without other effort. We’ve seen that multiple times now.
Support has always been an issue for OSS, so they’ll still need to train staff and/or hire companies to maintain the stuff.
Gumloop is a super-slick platform for automating AI workflows. They raised a $3.1M Seed round led by First Round Capital with participation from YC and co-founders at Instacart, Dropbox, and Airtable. MORE
Alphabet is putting another $5 billion into Waymo to push forward its self-driving tech. This investment aims to solidify Waymo's position as a leader in autonomous driving. | by Jonathan M. Gitlin | MORE
💡It’s looking a lot like Waymo vs. Tesla for self-driving taxis. But the approaches are very different. Waymo needs a LOT of time in a city before it’s ready to go, and Tesla is taking the Elon approach of shooting for the moon (Mars?) with tech that may or may not be possible yet.
For example: Elon said full self-driving was pretty easy and would be solved years ago, but it’s 2024 and it’s just now getting good.
Joe Procopio argues that tech companies are struggling to find good employees because they focus too much on credentials and not enough on skills. He suggests that companies should prioritize practical experience and problem-solving abilities over degrees and certifications. | by Joe Procopio | MORE
💡It’ll take a while, but this is precisely the shift that’s happening. And yeah—AI will force the issue.
ASTRA Scores: AI-Powered Assessment and Rating Systems
With AI, hiring, dating, and learning is about to get very strange
danielmiessler.com/p/astra-scores-aipowered-assessment-rating-systems
Apple just launched a beta version of Apple Maps for the web. This means you can now use Apple Maps directly from your browser without needing an iPhone or Mac. | MORE
HUMANSThe Wall Street Journal explores why the U.S. birthrate is declining, citing economic uncertainty, career priorities, and lifestyle choices as key factors. MORE
The idea that Universal Basic Income (UBI) reduces the need to work isn't new, but recent studies show it doesn't lead to better jobs or more education. Instead, people just work less. | by Alex Howlett | MORE
💡I think the issue is that certain people will spend free time and money to better themselves, and certain people won’t. And it’s not clear what that distinction is or how to nurture it.
But the way forward starts with trying to isolate the behavior and its cause, rather than believing in fairytales like “giving away free money will make everyone ambitious”.
This reminds me of a very similar lesson I learned when hiring in cybersecurity over 20 years: exposing people to training and encouragement makes the stars stand out, but it doesn’t turn everyone into stars.
Southwest is ditching its open seating policy after 50 years to boost profits and meet customer preferences. They found that 80% of their fliers prefer assigned seats, and they plan to charge more for premium options like extra legroom. | by Cassandra Cassidy | MORE
Continue reading online to avoid the email cutoff…The Senate's version of the 2025 NDAA doesn't include the 'Countering CCP Drones Act,' which would have banned DJI drone sales in the U.S. This decision came after opposition from over 6,000 public safety agencies and hundreds of thousands of drone pilots. | MORE
💡I’m happy-sad about this. I love DJI drones, but I feel like we need to go without them to instill enough hurt to inspire a friendly competitor.
Nearly 40% of Americans are stressed about making ends meet, up from 28% in 2021. This is similar to Great Recession numbers. | by Matt Egan | MORE
US Economic Growth Hits 2.8% — The U.S. economy grew at a 2.8% annual rate last quarter, driven by consumer and business spending despite high interest rates. MORE
Weight-loss drugs like Ozempic, Mounjaro, and Wegovy are causing people to spend less on groceries and choose healthier options. A new study shows that users buy 52% less snacks and confectionery, 47% less baked goods, and 28% less sugary drinks. | by NY Post | MORE
A new antibiotic from the University of Illinois Chicago disrupts two different cellular targets, making it 100 million times harder for bacteria to evolve resistance. | by University of Illinois Chicago | MORE
One dose of a new nasal spray treatment clears toxic tau proteins from brain cells, improving memory. | by UTMB | MORE
Remember: the bigger the finding the more you should wait for supporting studies. In my mind this stuff isn’t completely real until the drug is available to normal people after being tested rigorously.
Still, very exciting.
Liberals and conservatives are both prone to conspiracy theories; they just prefer different ones. That’s the conclusion of a recent paper by Adam Enders and colleagues, looking at the relationship between conspiracy theories and political orientation. | by Steve Stewart-Williams | MORE
Henrik Karlsson talks about how generating interesting ideas is like building a muscle. He says that the more you write and think deeply, the better you get at coming up with new and meaningful thoughts. | by Henrik Karlsson | MORE
IDEASZuckerberg is arguing that China is going to steal weights anyway, and there’s no way to stop that, so we might as well develop advanced AI as open-source.🧵
DISCOVERY
This is extraordinary.
Here, Zuckerberg argues that we might as well YOLO out advanced AI as open-source since none of the closed-source companies have good enough cybersecurity to keep 🇨🇳 from stealing their weights anyway.
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ 📚☕️🗣️ (@DanielMiessler)
11:02 AM • Jul 25, 2024
SearchGPT — OpenAI just announced SearchGPT, a new tool that integrates search capabilities directly into ChatGPT. It’s still wait-listed tho. | by OpenAI | MORE
I Use Obsidian — Jason Heppler shares how he uses Obsidian for note-taking and knowledge management. He dives into his workflow, plugins, and tips for getting the most out of the tool. | by Jason Heppler | MORE
In the Beginning Was the Command Line — Neal Stephenson's classic essay on operating systems and the cultural implications of technology. It's a deep dive into how we interact with computers and why it matters. | MORE
My Obsidian Note-Taking Workflow — This article dives into the author's detailed workflow for using Obsidian for note-taking, including why they chose Obsidian, how they use Markdown and Vim motions, and the essential plugins that enhance their productivity. | by Simon Späti | MORE
Bash-Oneliners — A collection of terminal tricks for Linux. | by Bonnie I-Man Ng | MORE
DataChain: Unstructured data management for AI projects, reimagined — Iterative's new open-source tool lets you simplify AI projects and scale unstructured data management. | by Iterative | MORE
Llama agent stack — Meta has released an example system for using its Llama models as agents to perform a variety of tasks. | by Meta | MORE
Open-World Exploration in Minecraft — Odyssey is a new framework that equips large language model-based agents with advanced skills for exploring Minecraft. | by ZJU VIPA Lab | MORE
Claude Engineer — An advanced CLI that uses Anthropic's Claude 3 and 3.5 models to assist with software development tasks. | by Pietro Schirano | MORE
Lakera — A low-latency AI application firewall that secures traffic into and out of generative AI applications. | by Lakera | MORE
GPT4-Captcha-bypass — A CLI tool using OpenAI GPT-4 to solve various types of captchas including puzzle, text, and reCAPTCHA. | by Yunus Aydin | MORE
FlowAnalyzer — A tool for understanding OAuth 2.0 Grants/Flows with support for OIDC and JWTs. | by Manuel Berrueta | MORE
Bash Simple Curses — A simple Bash library to create terminal interfaces. | by metal3d | MORE
RECOMMENDATION OF THE WEEKI’m going to try to do something for the next several months. I kind of do this all the time already, but I’m going to emphasize it going into election time.
When someone labels me as super-liberal, I’m going to say something nice about their conservative views. I’m going to humanize them.
When someone labels me as super-conservative, I’m going to say something nice about their liberal views. I’m going to humanize them.
Try it, and see if it opens the conversation at all.
I learned how to do this years ago from Jonathan Haidt’s book, The Righteous Mind.
APHORISM OF THE WEEK Become a Member to Instantly Know KaratePowered by beehiiv
July 29, 2024
We've Been Thinking About AI All Wrong
When I tell people that AI going to separate people into have’s and have-nots, or multiply our global productivity by trillions of dollars, most don’t believe me.
I realize now why that is. It’s because most people don’t have the right mental model for thinking about AI.
When most people think AI they think image generation or chatbots. And understandably so—since those were the first applications of what’s now called GenAI.
But it’s much better to think of AI as an Intelligence Pipeline.
Great question. An Intelligence Pipeline is a series of Intelligence Tasks that result in a useful output. And Intelligence Tasks are functions that can only be done using human intelligence.
Here are some real-world examples.
Intelligence Pipeline ExamplesBefore we get into these, let’s highlight the point by doing something crazy. Let’s completely abandon the word “AI”. It’s a silly word, and it means 100 different things depending on who you ask.
Instead I want you to think about people. Humans. And specifically, human workers.
So imagine a person—let’s call them Chris—who works in a cube with a computer. Chris has a coffee next to him, and a small plant. And a picture of his girlfriend and his dog on the cube wall.
Chris’s jobChris works at a company called CutePup. CutePup finds pictures of cute dogs and puts them on the CutePup website.
Chis is a member of a Process Team that does one part of the company workflow. Here’s the whole process.
Take an uploaded picture and determine if it’s a dog
Determine if the dog is cute
Determine what kind of dog it is
Post all cute dogs on the website in the section for its breed
So the workflow looks like this:
The CutePup Workflow
That’s it. That’s what CutePup does.
Chris is not alone in his building. He’s in a cube farm with 48,912 other people.
Chris is part of the Process 1 team, so his job is to determine whether a picture is a dog or not. Here’s what he sees on his screen all day:
That Chris lyfe
This one is a cat, so Chris clicks on the No button.
Chris’s teammatesCarol sits next to Chris. She works in Process 2. She only gets photos that Process 1 has determined are dogs, and she has a screen that asks her if the dog is cute or not.
Carol has a better job
Next to Carol is Amir who works in Process 3. Amir is an expert on dog breeds.
When a dog pops up, Amir looks at it and types in the breed into a text box.
You’ve got to know a lot of dogs
Why use humans and not just computer code?You might be wondering why we don’t have computers do this.
Well, because they can’t. You can’t ask Python or C++ if something is a dog or not. Or if that dog is cute.
You need a human for that. You need Intelligence.
So, the CutePup workflow looks like this:
Is it a dog?
Is it cute?
What kind is it?
That’s three different tasks that require human intelligence. That’s an Intelligence Pipeline, and each node in the Pipeline is an Intelligence Task.
Let’s look at more complex example.
ClaimRight InsuranceClaimRight is an insurance company that pays people out if their products wear out before they’re supposed to. It’s for all sorts of products, like scooters, tents, baby strollers, etc.
But they don’t pay out if it’s fraud or abuse of the product. Here’s the workflow:
Checking for fraud and abuse of the product
Look at the 50 pictures of the item that are submitted as part of a claim
Determine if the item is covered by ClaimRight
Review the video of the submitter talking through the photos they took
Determine if it’s the same person who took out the policy based on their face and their voice
Determine whether the item in the video is the same as the item in the photos
Determine whether the damage in the photos is from normal wear-and-tear or from abuse
If everything adds up, mark it as wear-and-tear and pay out the policy.
Kira works at ClaimRight, along with 349,219 other people in the Boise office. She has a plaque on her cube for 25 years of service. She’s really good at determining the difference between wear-and-tear and abuse.
And she’s not just good at it—she’s fast. In her 8 hour day, not counting lunch and breaks and stuff, she can get through an average of 29 cases per day!
29!
That’s 11 more than the median, and with an 89% accuracy rating, which is top 2% in the company.
Now let’s look at something even more cognitively difficult.
OverseerKevin works at Overseer. They’re a military intelligence service company that sells intelligence reports to the US government. They specialize in watching all the military bases in a foreign country using satellite images, and then determining what that country is doing militarily.
Here’s the Pipeline.
Lots of analysis and expertise needed in multiple places
Look at the 28,452 satellite images that come in every day
Compare the images to the previous day’s images
Identify everything in the new image
Determine what changed since the last image
Determine the military significance of those changes
Construct a narrative around that significance, framed for a particular customer within the government
Write the report
Submit the report
Kevin is an employee at Overseer, and he’s kind of a genius. Among the 712,309 people who work at his company (there are hundreds of satellites and hundreds of places of interest to monitor), he’s one of the few who can work in Process 2, Process 3, and Process 5. Plus he’s pretty good at 6 and 7. Most people can only do one or two.
And like Carol at ClamRight, Kevin is super fast. He can actually do 9 reports per week! End-to-end if necessary. And his accuracy is off the charts at 86%.
Let’s look at another example—this time in Medicine.
Badspot checks for molesBadSpot is a company that checks for dangerous moles on people. You send in the picture and it determines if it’s something you need to worry about.
Here’s the BadSpot Intelligence Pipeline.
Decades of schooling and experience required
With CutePup and ClaimRight the stakes were pretty low. Maybe you get an occasional cat in your dog pics, or maybe the insurance policy pays out when it shouldn’t have. No biggie.
But with Overseer and BadSpot, we’re talking about military intelligence and health. So we’re potentially dealing with people’s lives.
And as you might expect, the level of expertise required is much higher. Think about the intelligence, knowledge, and experience needed to execute the Intelligence Tasks in these Pipelines:
OverseerKnow thousands of different military vehicles
Know the military history of the target country
Know all their recent military moves
Correlate that data with what’s happening in the news
Correlate that with what’s happening in other intel reports
Experience with analyzing satellite photos
Experience with detecting techniques that attempt to hide vehicles and military activity
Expertise in writing intel reports for different audiences
BadSpotAnyone doing the job must be a Doctor (M.D.)
So that’s medical school, a residency, and then however long they’ve been practicing
The better they are intelligence and creativity wise (think the TV Show, House), and the more experienced, the better they are at finding the Bad Spots.
One thing both of these Intelligence Pipelines have in common is that there aren’t many people who can do the Intelligence Tasks involved. Like, there aren’t many people who can do these things on the planet. We’re talking a few a few thousand at most.
More on that later. First let’s look at how common these types of Tasks and Pipelines are throughout society.
More Intelligence Task and Pipeline ExamplesAs it turns out, business is nothing but collections of these types of intelligence tasks and pipelines.
Here are a bunch more Intelligence Tasks we all recognize from the corporate world.
Office worksummarize_meeting
send_summary_to_stakeholders
read_report
proofread_document
create_meeting
organize_event
Programming worksolve_problem
write_code
research_better_way
check_for_security_issues
check_peers_code
approve_pr
Customer Service workread_complaint
check_customer_history
check_for_fraud
check_current_policy
respond_to_customer
make_customer_happy
Medical workanalyze_mole
diagnose_disease
write_prescription
analyze_xray
assess_patient
analyze_mri
talk_with_family
Researcher workfind_sources
rate_sources
summarize_article
rate_article
extract_key_ideas
synthesize_ideas
perform_analysis
write_report
submit_report
find_funding
Manager workinterview_candidate
give_performance_review
manage_budget
document_program_progress
write_progress_update
create_progress_update_presentation
deliver_presentation
Creative Workbrainstorm
riff_on_idea
expand_idea
write_first_draft
create_art
write_prose
And the list goes on…
The thing that unifies all these tasks is that you can’t give them to a computer program to execute.
These are things that only humans can do. These aren’t just work tasks, they’re Intelligence tasks.
Similarities across tasks and pipelinesNow let’s look at some similarities across all these tasks and pipelines.
Above we looked at four different companies: CutePup, ClaimRight, Overseer, and BadSpot—all doing various thinking-based activities that require human intelligence. And then we looked above at a whole bunch more examples of intelligence-based tasks.
Now that we’ve talked about them, let’s look at what makes someone good or bad at these things.
Traits that make people good at intelligence-based tasksHere are some attributes that make great employees in knowledge work.
Smarts — how sharp are they at finding patterns and adjusting?
Knowledge — how much do they know about the field?
Experience — how many examples have they seen?
Consistency — do they deliver high-quality after 8 hours of doing it?
Attention-to-detail — do they catch the details?
Speed — How many of these tasks can they do in a period?
Dependability — do they call in sick or take lots of vacation?
Autonomy — How independent are they at doing the task?
Trustworthiness — are we sure they haven’t been paid off?
Caution — do they cause problems we have to clean up?
Learning — do they learn new stuff quickly?
I think these are solid attributes. Now let’s collapse them into a few metrics.
ITEM — Intelligence Task Execution MetricsSo the metrics concept we’ll remember as ITEM (EYE-tehm), and the metrics themselves we’ll remember as KISAC (KAI-sack).
📘 Knowledge — The depth of their knowledge about the entire field, it’s history, all the main thinkers in the field, all the seminal works, all the academic theory, all the books, all the papers, etc.
🧠 Intelligence — The ability to hold all that knowledge in their mind at once, find the patterns in the input being evaluated, and come up with insightful analysis.
🕰️ Speed — The number of those tasks they can do—per minute, day, week, etc.—at a given quality level.
🔎 Accuracy — Their accuracy, lack of mistakes, etc.
💶 Cost — The amount of money it costs to hire them, keep them employed, and keep them trained.
These are decent because they capture not only someone’s ability to do a task (knowledge and intelligence), but also the performance of their outputs (speed and accuracy), as well as the cost of execution.
Coming back to AIRight, so that was a lot of setup, and now we’re able to make the main point.
The best way to think about AI—especially as it relates to business, the economy, and productivity—is to realize that AI is simply a way to execute all these various Intelligence Tasks better, more consistently, and cheaper.
Companies are just Intelligence Tasks organized into Pipelines
That’s it. Forget all the other crap about AI.
Forget the chatbots
Forget the image generation
Forget the crazy videos
Those are distractions.
What matters is how AI will help humans do actual work that otherwise humans would have had to do ourselves. And keep in mind—a lot of intelligence-heavy work isn’t being done at all!
There are thousands of intelligence-based tasks that desperately need doing, but there simply aren’t enough people to do them.
Watching all the meteors in the sky (Astronomy)
Tutoring (Education)
Medical Evals (Medicine)
Looking things up (Library Science)
Tracking transactions (Fraud & Corruption)
Investigations (Journalism)
Researching a Topic (Research)
Empathic and Active Listening (Mental Health)
Watching computer logs (Cybersecurity)
Watching security cameras (Physical Security)
Tracking down criminals and corruption (Journalism)
Etc.
There are literally billions of people who don’t have access to teachers, tutors, therapists, nurses, researchers, journalists, etc., and all the wonderful Intelligence Tasks that they are able to do.
The planet needs hundreds of billions of these Intelligence Tasks done every day, and there are very, very few people with the education, training, certification, or availability to carry them out.
And that’s just for the stuff that nobody is doing. Now let’s look at the work that’s actually being done using the KISAC metrics above.
Comparing humans vs. AI on Intelligence TasksHere are the KISAC metrics again.
📘 Knowledge — The depth of their knowledge about the entire field, it’s history, all the main thinkers in the field, all the seminal works, all the academic theory, all the books, all the papers, etc.
🧠 Intelligence — The ability to hold all that knowledge in their mind at once, find the patterns in the input being evaluated, and come up with insightful analysis.
🕰️ Speed — The number of those tasks they can do—per minute, day, week, etc.—at a given quality level.
🔎 Accuracy — Their accuracy, lack of mistakes, etc.
💶 Cost — The amount of money it costs to hire them, keep them employed, and keep them trained.
—
📘Knowledge👥Humans:
📚Reading: A couple thousand books maximum
💼Experience: Let’s say 50 years
🔬Examples: Let’s say hundreds, thousands, or a tens of thousands max
🤖AI:
📚Reading: All the books in the entire field, with perfect recall, and millions of related books
💼Experience: The combined experience of every person who’s ever done that task
🔬Examples: Tens or hundreds of millions, or maybe billions depending on the task
—
🧠 Intelligence👥Humans:
Very few Einsteins or Von Neumann’s in the world
Max I.Q. around 180 or so
Most people at around 100
Not rising very fast at all
🤖AI:
In 2022 it was less smart than a child
In 2024 it’s currently around 100 I.Q., depending on the task
Many experts agree that top models will be genius-level within a few years
In narrow applications, current models are already super-human
It’s improving very quickly
—
🕰️ Speed👥Humans:
Checking Moles — A few hundred a day
Report Writing — 1 to 15 a month
Article Summarization — 5 to 20 a day
Cyber Investigations — 1 to 5 a week
Rating Cute Dog Pics — 200 - 2000 a day
Assessing X-Rays — 100 - 500 a day
🤖AI:
Checking Moles — Millions per day
Report Writing — Hundreds per day
Article Summarization — Thousands per day
Cyber Investigations — Dozens per day
Rating Cute Dog Pics — Hundreds of thousands per day
Assessing X-Rays — Hundreds of thousands per day
Keep in mind—this is just for a single AI instance, and most systems will have a fleet of them performing what a single human or a small human team was doing. So multiply those numbers by 10, 100, or 1000x.
—
🔬Accuracy👥Humans:
Very high accuracy if the human goes extremely slow, depending on the person and the task
Medical errors are the third largest cause of death in the US. SOURCE
🤖AI:
Some studies are already showing AI as equal to, or better than, doctors at identifying diseases, assessing moles, reading X-Rays, etc. SOURCE
Automation allows for faster use of multiple checks and validations to ensure acceptable results
AI’s accuracy within a given pipeline is likely to increase over time due to the Knowledge and Intelligence advantage, whereas humans have a constant cycle of get_smart —> retire —> retrain
—
💶 Cost👥Humans:
Expensive to train
Expensive to retrain
Expensive and time consuming to re-integrate into a team
Expensive to replace
Even more expensive for those with the best results
🤖AI:
Will cost a tiny fraction for most Intelligence Tasks
Will cost a tiny fraction for re-training and re-deployment
Upgrades to general models will often upgrade the entire fleet
The difference in cost between execution at mid-human level vs. high-human-level will likely be negligible
—
In short, humans will beat out AI in a few things for a long time to come—but for most Intelligence Tasks, AI is going to do 10-1000x the amount of work that humans can do—with as-good-or-better quality—for a fraction of the cost.
And again, this is not some theoretical or ambiguous work. This is the work we’re all familiar with. It’s the regular work we get hired at companies to do.
Regular work that humans get hired to do every day
That is what AI is. And that is why it matters.
SummaryPeople are confused about AI becasue they equate it with either chatbots or image generation.
The best way to clarify your thinking on it is to remove the word “AI” from the conversation entirely.
Replace the word “AI” with a unit of work that only humans can do, called an Intelligence Task.
AI is getting extremely competent at executing such tasks, and it’s doing so faster, better, and cheaper every day.
Companies are just sequences of those Intelligence Tasks organized into Intelligence Pipelines that accomplish a given goal.
Which means companies and individuals that intelligently leverage AI will become dominant, while those that don’t will get left behind.
Meanwhile, the Intelligence Pipelines that used to get executed by human workers will soon be mostly be executed by AI.
This is why AI matters, and why it will have such an extraordinary impact on the economy and society.
Powered by beehiiv
July 22, 2024
UL NO. 442: Crowdstrike Analysis, Cannabis=Soma?, NK Github SE, AI Weaponry
SECURITY | AI | MEANING :: Unsupervised Learning is my continuous stream of original ideas, story analysis, tooling, and mental models designed to help humans lead successful and meaningful lives in a world full of AI .
TOCNOTESHey there!
Any sufficiently bad software update is indistinguishable from a cyberattack…
— Leigh Honeywell (@leighhoneywell)
12:36 PM • Jul 19, 2024
Legend post by Leigh Honeywell 👆
Had a wonderful couple days celebrating my best bud’s birthday in Colorado! Happy Birthday, Jason! MORE
I did a presentation for a UN group on the future of AI and employability, and it should be coming out soon on YouTube.
We’re doing another UL Dinner in Vegas. Stay tuned in chat for the deets.
Mad props to all the people who had to hustle and grind this weekend after Blue Friday 👏
Ok, let’s get to it…
MY WORKHeads-down on the AI class, which is on the 26th, 9AM PST. SIGN-UPS CLOSING WEDNESDAY
SECURITYThe Crowdstrike Outage — Banks, airlines, hospitals, media companies, and tens of thousands of other businesses got hit with a global IT outage that locked workers out of their devices. The issue was a bad update to the Crowdstrike client, which prevented bootup and required someone to physically interact with the machine in safe mode. | MORE
💡It appears that this might have been the largest IT outage ever—ironically, even bigger than Y2K, which did mostly nothing.
I’m trying to come up with lessons-learned here, but perhaps the biggest is around PR. The CEO came out and said—basically—”Don’t worry, this isn’t a security problem” (Paraphrasing)
Which is a really bad thing to say when the internet has been turned off. It’s like, I don’t care what you call this thing that’s happening, but it’s definitely bad.
He later apologized fully and put out better language, but I liked my buddy Chris Hoff’s proposed language better, which was something like, “This was not a security attack against Crowdstrike or its customers, but an outage caused by a bad software update.”
Another thought I had was that this would be less likely to happen if Microsoft was performing the EDR function, because—presumably—they would be more familiar with all the moving parts, have more integrated testing, etc.
It just seems to me like the natural evolution here is a lot like Defender, where the platform eventually catches up to the quality of the standalone, and it gets less and less smart to use something not part of the OS.
🔧A new threat actor called CrystalRay is using an open-source tool called SSH-Snake to move laterally across networks, exfiltrate credentials, and deploy cryptomining malware. The malware can modify itself to remain fileless and self-propagating. MORE
GitHub has warned developers about a social engineering campaign by the Lazarus Group (North Korean) targeting developers in cryptocurrency, gambling, and cybersecurity. They gain trust over time and then start submitting malware. MORE
Sponsor
Dropzone AI
Hey, Daniel here.
I've seen a thousand different AI + Security startups at this point. Most are very early and/or theoretical. Some are pretty decent, and a few are impressive.
But the absolute best I've seen so far - by far - is Dropzone.ai. They’re the only company I’ve seen that’s really mastered the agent aspect of doing investigations.
It takes alerts from various tools and just starts working on them—just like a human would. Needs more data, goes and researches that. Needs to find some context? It goes and gets that.
So by the end you have a fully documented set of steps that were taken to research an alert, and a conclusion on whether or not it was malicious—all with full documentation.
I’m so impressed with it that I’m now an advisor as well.
GET A DEMOPalmer Luckey, the guy who created Oculus, is now making AI weapons for Ukraine through his company Anduril. He started Anduril to build AI-driven weapons like drones and submarines, which are now being used by the Pentagon and sent to Ukraine. MORE
China is installing record amounts of solar and wind energy, adding 10 gigawatts of wind and solar capacity every two weeks, which is like building five large nuclear power plants weekly. This really makes me mad. I want the US to do this, and more. MORE
Iran and China are increasing their foreign influence efforts, using social media to stoke discord and promote anti-U.S. narratives. Google blocked over 10,000 instances of Chinese influence activity in Q1 2024 alone. MORE
Sponsor
Discover, secure and govern genAI use
Nudge Security discovers all genAI accounts ever created by anyone in your org, in minutes. No agents, browser plug-ins, or prior knowledge of an app required.
Within minutes of starting a free trial, you’ll have a full inventory of all genAI accounts and security profiles for each provider to help you vet new or unfamiliar apps.
Get your free genAI inventory today.
nudgesecurity.com/use-cases/mitigate-ai-risks
Free TrialThe U.S. Department of Justice seized two domains and searched nearly 1,000 social media accounts used by Russian actors to spread pro-Kremlin disinformation. MORE
Cloudflare says nearly 7% of all internet traffic is malicious, with DDoS attacks making up over 37% of all mitigated traffic. In Q1 2024 alone, they blocked 4.5 million unique DDoS attacks, and the sophistication of these attacks is increasing. MORE
UK police arrested a 17-year-old suspected of being part of the Scattered Spider hacking group and involved in the 2023 MGM Resorts ransomware attack. AKA: The reason DEFCON is way further North in Vegas this year. MORE
AI / TECHRealtime Video Transcription With Timestamps (Whisper Diarization) MORE
Beijing's support has seen China make up ground in the AI race, but it has also handcuffed AI companies with some of the world’s tightest restrictions, many of them political. This dual approach could end up stifling innovation in the long run. MORE
💡I think barring them stealing some pinnacle AI tech that gets them advanced AGI or ASI, their model will ultimately hurt them for two reasons:
When you have to filter everything, you just move slower.
The people who want to move fastest will leave China for the US / Canada / EU.
Kaiser Permanente is using AI, wearables, and other tech to bring healthcare directly to patients. Very AI-forward approach from them. I like it. MORE
Sam Altman revealed that OpenAI’s Voice Mode alpha release is coming later this month.
💡I’m with my bud Matthew Berman on this one:
Let's de-normalize companies demo'ing products earlier than 3 months before release.
* Microsoft: Recall
* Apple: Intelligence
* OpenAI: Sora AND GPT4o Voice
Who else should be called out?
— MatthewBerman (@MatthewBerman)
8:25 PM • Jul 20, 2024
Andrej Karpathy is launching Eureka Labs to create AI teaching assistants for education. The startup aims to leverage generative AI to help students through course materials, starting with an AI course called LLM101n. MORE
Google has launched its Project Oscar, an open-source platform that enables development teams to create AI agents that monitor issues, manage bugs, and handle various aspects of the software lifecycle—all through natural language interactions. MORE
Omega’s AI Will Map How Olympic Athletes Win — Omega is using AI to map out how Olympic athletes win by analyzing their full performance, not just the start and finish times. This includes using motion sensors on athletes' clothing to capture every detail of their movements. MORE
The U.S. is thinking about new trade restrictions that could stop Nvidia from selling its HGX-H20 AI GPUs to China, which might cost Nvidia around $12 billion in revenue. MORE
💡This would hurt me in the stocks for sure, but I’m thinking that’d be temporary. Hopefully. ← Not financial advice.
Beijing scientists have developed the world’s smallest and lightest solar-powered drone, weighing just 4.21g with a 200mm wingspan. It can fly non-stop during daylight thanks to its electrostatic motor, which is 200-300% more efficient than traditional electromagnetic motors. I wants it. MORE
A Florida (it’s either Florida man or DNS) man got arrested for shooting down a Walmart delivery drone, claiming it was spying on him. Shooting at drones is treated as a felony, similar to firing at a passenger aircraft, with penalties up to 20 years in prison. MORE
Waymo Wants to Bring Robotaxis to SFO — Waymo is pushing to get approval for robotaxi pickups and drop-offs at San Francisco International Airport. MORE
Microsoft Lays Off DEI Team — Microsoft laid off its diversity, equity, and inclusion team, saying DEI is "no longer business critical." MORE
Andreessen Horowitz argues that bad government policies are now the biggest threat to tech startups, which they call "Little Tech." They believe American technology supremacy depends on these startups and that the government should support them rather than favoring big incumbents. MORE
Google is shutting down its URL shortening service, so any links created with it will stop working. If you have any important links using this service, you'll need to update them soon. MORE
💡I’m pretty sure Google will soon sell YouTube to Johnson & Johnson and GMail to Luxotica, and then go full speed into the “wtf are we doing” business.
It’s the single most perplexing business I’ve ever seen.
They were first on GenAI. They wrote the paper. And now they’re completely lapped by not just OpenAI but Anthropic as well. How are you in like 5th place when you have all the people and all the money?
They’re like the opposite of Cloudflare, which does small things really well that add up. Google is slowly getting rid of all the best things it has.
The main thing Google is growing is its graveyard.
Such a colossal waste of money and talent. Their failures should be studied for centuries as an example of what happens when you don’t lead with UX-focused product management, rather than “throw shit at wall”-focused engineering.
HUMANSIran-backed Houthi rebels say they were behind a drone attack on Tel Aviv that killed one person and injured several others. MORE
USA Household Income Distribution by State — A Reddit user shared a detailed visualization of household income distribution across different states in the USA. MORE
A new meta-analysis shows that toothbrushing can significantly reduce hospital-acquired pneumonia (HAP) in ICU patients. This simple intervention could lead to 17,000 fewer deaths each year from ventilator-associated pneumonia (VAP). MORE
Young Adulthood Is No Longer One of Life's Happiest Times — Research shows that young adulthood is now one of the most unhappy times in life, with a significant rise in despair among young people, especially women aged 18 to 25. MORE
Most of Gen Z Using TikTok for Health Advice — A new survey found that 56% of Gen Z are using TikTok for wellness, diet, and fitness advice, with 34% relying on it as their main source of health information. MORE
Ask HN: Every day feels like prison — A mid-thirties guy in tech feels trapped in a 9-5 job he no longer cares about and is struggling to build a business on the side. Despite making major life changes, he still feels stuck and unhappy, fearing this might be his life for the next 30-40 years. MORE
Read the full newsletter online IDEASSam Altman is simultaneously building AGI and doing big studies on UBI. It’s super obvious what he’s doing, and I think it’s mostly the right thing.
I mean, all you have to believe for this to be a good thing is that:
AGI will remove a lot of jobs
People will need money to survive while they figure out what else to do
And I think those are really safe bets.
What if Cannabis is Soma from Brave New World?
- Makes people comfortable with mediocrity
- Makes people more accepting of whatever they’re handed
- Makes people less likely to change their situation
And legalization is happening coincident with the rise of AI.
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ 📚☕️🗣️ (@DanielMiessler)
9:59 PM • Jul 21, 2024
Conspiracy culture is getting stupid at this point.
Troubled kid shoots Trump, just like a thousand other shootings. A team did a bad job protecting him. Just like a thousand other bad jobs that were done that day.
-> Must be Deepstate
An old and declining candidate is… x.com/i/web/status/1…
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ 📚☕️🗣️ (@DanielMiessler)
7:21 PM • Jul 21, 2024
One of the security applications of AI I'm most excited about is its use on currently intractable problems.
- Vendor management
- Supply chain management
- Threat modeling software dependencies
Let me explain…
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ 📚☕️🗣️ (@DanielMiessler)
7:51 AM • Jul 19, 2024
The future of security and risk management is to have them disappear into SOPs (Standard Operating Procedures).
A flight checklist and a skyscraper building plan don't have "stay in sky" or "don't fall down" sections.
It's just a process. A process with those lessons built in.
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ 📚☕️🗣️ (@DanielMiessler)
5:55 AM • Jul 18, 2024
DISCOVERY
Hmm. I’ll be watching this closely. 👀
— ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ 📚☕️🗣️ (@DanielMiessler)
3:24 AM • Jul 17, 2024
Llema — A new recon/security tool that runs via Llamda in your browser. MORE
Respotter — A honeypot for Responder that tricks attackers into revealing their presence. | by C.J. May | MORE
Exo — Run your own AI cluster at home on everyday devices. | by ExoLabs | MORE
Why Aren't We Using SSH for Everything? | by Shazow | MORE
Gray Swan AI — Specializes in AI safety and security tools to assess and safeguard AI deployments. | by Gray Swan AI | MORE
Costco's Apocalypse Bucket — Costco is selling a 25-year shelf-life emergency food kit called the "apocalypse bucket" for $79.99. It includes 150 freeze-dried and dehydrated meal servings, ranging from teriyaki rice to apple cinnamon cereal. MORE
RECOMMENDATION OF THE WEEKDon’t ask what someone’s politics are. Ask them what their ideal world looks like, including questions like these:
Are there multiple religions?
Are there multiple ethnic groups?
Are people free to love whoever they want?
Do they all live together?
Who are the most famous people in that world?
Who gets paid the least?
Who gets paid the most?
What happens to someone if they’re truly disabled and can’t work?
What happens to someone if they’re too lazy to work?
What happens to someone who is addicted to drugs?
I think many of our disagreements are about how and not what. I know a lot of people who support Trump, for example, who would say:
You can be gay
There can be other religions
All the ethnic groups should live together
There should be a social safety net
Etc.
So if you are on the left, and you hear someone on the right say those things, that’s an opportunity for a REAL conversation. A conversation about how. Not what. And vice versa.
Bottom line: I think we all in the roughly 80% center agree about a lot more than it feels like right now.
As we go into this election cycle, try to use this exercise to realize this with more people.
APHORISM OF THE WEEK Become a Member to Get 3” Taller and Learn to Speak to AnimalsPowered by beehiiv
July 16, 2024
UL NO. 441: Substrate, OpenAIs AGI Levels, US Literacy Rates
SECURITY | AI | MEANING :: Unsupervised Learning is my continuous stream of original ideas, analysis, tooling, and mental models designed to help humans thrive in a world full of AI.
TOCNOTESHey there!
Wow, so much going on. And only a few weeks until Hacker Camp in Vegas.
Friend of UL, Ray Alner, is looking for a new position as a Systems Engineer. He has experience in DevOps, Cyber, leadership, and a whole bunch of other stuff. Also, on a personal note, Ray is one of UL’s smartest and kindest members, and someone should absolutely snatch him up before they miss out. REACH OUT TO RAY DIRECTLY
I’ve brought back the SECURITY, TECH, and HUMANS sections. I love the idea of just one section, but I found myself wanting to sort them to make it easier to read. Which means you were probably feeling that way too. Sorry. Fixed it.
I added new levels to the AGI definitions (4 and 5) within the RAID AI Definitions Resource. MORE
I feel like Apple Notes is my actual operating system, and macOS is just the window manager.
Ok, let’s get to it…
MY WORK👉This is the big one! I’ve been thinking about and writing this one for months. There’s a high chance that this will be the most impactful project I ever create. READ THE ANNOUNCEMENT
Would really love for you check it out. And even better—get involved.
Introducing Substrate — An Open-source Framework for Human Understanding, Meaning, and Progress
Substrate is a crowdsourced project designed to enhance understanding, communication, and action in order to move humanity forward
danielmiessler.com/p/introducing-substrate
—
My new piece on Dynamic Content Summaries and how I think they’re going to be the way we view content in the future. MORE
Exploring the idea of Personal vs. Business brands, and which is better for different types of creator. MORE
SECURITYKaspersky Shuts Down U.S. Operations — Kaspersky is shutting down its business in the U.S. starting July 20, following sanctions and bans from the U.S. government. | MORE
AT&T says nearly all cellular customers and some landline users have had their data stolen, but now there’s an interesting twist being reported by Kim Zetter at Wired. Evidently AT&T paid a member of the hacking team nearly $300,000 to delete the only copy of all the data. | MORE
Russia is using AI-enhanced software called "Meliorator" to create fake online personas for disinformation campaigns. This tool helps manage these personas and spread false information through social media. | MORE
💡One of the things I’m most worried about from AI is the disinformation bots. Both the sheer number of them, but also their sophistication.
The better AI gets (and especially agent frameworks) the more it’s going to be like our enemies’ intelligence agencies now have millions of employees.
What used to be tens or hundreds of people creating campaigns—slowly, with lots of mistakes—will instead be millions of bots. And they’ll be making far fewer mistakes and adapting very quickly to new narratives and memes.
I think the internet is going to have to switch from a blocklist to an allowlist mentality. It’s just going to be too much to filter.
A new Exim vulnerability with a CVSS score of 9.1 allows attackers to bypass attachment extension blocking and deliver executables. Over 1.5M email servers are affected. | CVSS 9.1 | MORE
Google is now offering passkeys for high-risk users who join its Advanced Protection Program, replacing the previous requirement for a physical security key. | MORE
📢 Calling All Innovators in AI! 📢
🤖 Excited about AI innovation? We are too.
As we gear up for Winter 2024/Spring 2025, we're opening our sponsorship window to companies innovating in Artificial Intelligence.
🚀 Join us in reaching over 94,000 of the sharpest minds in security and tech. Don't miss your chance to showcase your AI project or business to our specialized readership.
Connect now before this season’s sponsorship calendar fills up!
📧 Email us at sponsorship@unsupervised-learning.com to discuss how we can spotlight your AI innovations in upcoming newsletters!
Get Seen by 94,000 of The Best and BrightestA new Exim vulnerability with a CVSS score of 9.1 allows attackers to bypass attachment extension blocking and deliver executables. Over 1.5M email servers are affected. | CVSS 9.1 | MORE
Foreign influence campaign analysis from US Intelligence:
Russia is backing Trump (I’m guessing because he’ll pull us out of Ukraine).
Iran is acting as a "chaos agent," in its influence campaigns, focusing on exploiting U.S. political and social tensions rather than backing a specific candidate.
China is mostly staying out of U.S. elections, seeing little benefit in influencing the outcome. They're more focused on data collection for future influence operations.
Sponsor
PODCAST: Bestselling author Dmitri Alperovitch’s Vision for Cyber Defense
In this episode of Automox’s CISO IT podcast, host Jason Kikta speaks to Dmitri Alperovitch, bestselling author of the new book ‘World on the Brink’ and founder of the think-tank, Silverado Policy Accelerator. They discuss how IT has evolved from very slow deliberate patching to faster cycles and how cloud tech improves cybersecurity. Listen now from wherever you get your podcasts.
automox.com/resources/podcasts/ciso-it-e07
Listen NowGitLab has a critical flaw (CVE-2024-6385) in its CI/CD pipelines that lets attackers run pipelines as any user. Upgrade now. | CVSS 9.6 | MORE
Sponsor
ProjectDiscovery Cloud Platform Asset Discovery
Our latest release includes enhanced tech stack detection and universal asset discovery.
For Individuals & Bug Bounty Hunters: Discover and monitor up to 10 domains daily.
For Organizations: Uncover your external attack surface and cloud assets with automatic asset enrichment and daily monitoring.
Stay ahead with ProjectDiscovery Cloud Platform!
Discover Assets Today AI / TECHOpenAI’s AGI Levels — OpenAI has published their 5-tier ladder for AI progress. I’m honestly not a fan, other than Level 5. | MORE
💡I don’t see how they’re going from chatbots to human level reasoners, and then to agents, and then to innovators that can aid in invention. First, Level 2 and Level 4 are way too close, and both are already possible.
Then you have this really interesting jump at Level 5, to something that can do the work of an organization.
The problem is they’re mixing criteria. 1 is I don’t know what. Reasoners is about thinking quality. Agents is just an attribute: “can take action”. Innovators is just a descriptive output, i.e., “aids invention”.
Huh? Chatbots can aid invention. And that’s Level 1.
Then you have Level 5, which is actually about scale more than thinking quality.
The scale isn’t super useful, IMHO. I am not even perfectly happy with my own attempt, but at least it compares apples to apples.
AI Startups Raising $100M+ in 2024 — Here's the full list of 28 US AI startups that have raised $100M or more in 2024. | MORE
Anthropic has added new features to Claude that help automate prompt engineering. | MORE
💡I’m seeing a lot of my friends in AI switching to Claude over ChatGPT right now. Or more specifically, preferring Claude Aritifacts over ChatGPT, and Sonnet 3.5 over GPT-4o.
But it’s a leapfrog game. Soon we’ll have Opus 3.5, Llama 3.0 300B, and eventually GPT-5 (or whatever they call it).
2025 is going to be nuts, for multiple reasons.
New Fiber Speeds — A new fiber optic network transmits data at speeds above 400 terabytes per second, breaking the current record by nearly 33%. And this is on existing fiber, not some special new stuff. | MORE
YouTube Music Tests AI Playlists — YouTube Music is testing a new feature that lets you use AI to generate a playlist by describing what you want to hear. Premium users in the US can use a chat UI to enter descriptions like "catchy pop choruses" or "upbeat pop anthems." | by Emma Roth | MORE
There's a surge in delivery startups like Hailify, which pivoted from managing Uber and Lyft gigs to delivering thousands of parcels from China-based companies like Shein and Temu to U.S. shoppers. They see an opportunity to take market share from FedEx, USPS, and UPS. | by Ann Gehan | MORE
HUMANSWhy Women Are Disappearing From Tech — The percentage of venture deals for companies with female founders has dropped from 6.5% to 5.7% this year. Companies with at least one female co-founder are also seeing less funding, down from 27% to 16.6%. | by Jessica E. Lessin | MORE
Houston Is on a Path to an All-Out Power Crisis — For the 2.2 million people in Houston who lost power after Hurricane Beryl, the situation is dire. The city's power infrastructure is so fragile that even moderate storms are causing massive outages. And people are getting very angry. | MORE
Tour de France Riders Are Inhaling Carbon Monoxide — Multiple Tour de France teams are using carbon monoxide inhalation to enhance altitude training. This controversial practice involves inhaling a deadly gas to boost performance, and while it's not banned by WADA, it raises serious ethical and health concerns. | MORE
130 Million U.S. Adults Have Low Literacy Skills — Over half of Americans aged 16 to 74 read below a sixth-grade level, impacting their daily lives and families. | by Dr. Iris Feinberg | MORE
Colorado Poultry Workers Test Positive for Bird Flu — Three poultry workers in Colorado have tested presumptive positive for bird flu after an outbreak at a commercial egg facility. This virus has already killed over 6 million birds and is now infecting dairy cattle across the state. | MORE
Just 4 in 10k Galaxies May Host Intelligent Aliens — A new study suggests that intelligent alien life might be incredibly rare because it requires a planet with plate tectonics, oceans, and continents. Only about 0.003% to 0.2% of exoplanets meet these criteria, making the odds of finding such civilizations extremely low. | by Robert Stern and Taras Gerya | MORE
IDEASVCs Are Buying Medical Practices
I’ve got an doctor friend who’s been telling me about how venture capital is moving into medical practices. They’re coming in and doing what you would expect, which is looking for ways to make more money. Except they’re largely doing it unethically, i.e., by having the places sell stuff patients don’t need, request tests that are unnecessary, etc.
I feel like this is another example of like big investors buying up single-family homes and then renting them. Or storage spaces.
It’s like—the people with the money collect all the things, and then they can do whatever they want with them. And the purpose never seems to be to make things better. It’s always to make more money.
What am I missing? And if I’ve got this right, what are we to do about it? Capitalism is the best system we have, so this should be legal I think. But how do we keep the super-rich from just buying everything and making life worse for everyone else?
—
Most Conspiracies Come From Not Realizing How Often Things Fail | MORE
Therapy, Rumination, and Untying Knots | MORE
DISCOVERYffuf on Lambda — ffuf running on AWS Lambda and streamed to a web browser. | by defparam | MORE
Bullfrog — A Github Action that secures your workflows by controlling outbound network connections. You can define allowed IPs and domains or use audit mode to see all connections without blocking them. | by BullfrogSec | MORE
Everything You See Is a Computational Process, If You Know How to Look — Lance Fortnow argues that computation is everywhere if you know how to see it. He compares everyday processes like mailing a letter to computational operations and even describes randomness as a complex computational process. | by Lance Fortnow | MORE
The "Shaan Puri Emotion Eliciter" prompt lets you input your writing and get specific suggestions to make it more emotionally engaging. It maintains the original intent of your writing while enhancing it using each of the seven emotions. | by Moritz Kremb | MORE
WTF Happened to Blogs | by Michal Pándy | MORE
As an Employee, You Are Disposable — The recent tech layoffs have shown that employees are disposable in the eyes of executives. It doesn’t matter if a company is profitable or not; layoffs can still happen, and executives continue to earn huge sums of money amidst these cuts. | by Nelson | MORE
You Never Control the Arc of Your Career — This piece dives into how career paths are often shaped by forces beyond our control, using Bruce Springsteen as an example. | by Michael Eaton | MORE
Smoking vs. Lung Cancer Deaths. MORE
Learning Multiple Concepts from a Single Image — Unsupervised Concept Extraction (UCE) is a new task that extracts and recreates multiple concepts from a single image without any human annotations. | by Shaozhe Hao et al | MORE
Change Detection in Satellite Imagery — This study addresses semantic change detection using satellite image time series (SITS-SCD) by integrating both change detection and semantic segmentation. | by Elliot Vincent, Jean Ponce and Mathieu Aubry | MORE
89 Things I Know About Git Commits — A collection of insights about Git commits gathered over 12 years of experience in both small teams and large Open Source projects. | by Jamie Tanna | MORE
RECOMMENDATION OF THE WEEKCheck on your friends you haven’t heard from in a while.
Send them a text. It’s free, and they will appreciate being thought of.
APHORISM OF THE WEEKHey there,
If you’re not already, I’d love for you to become a member. 🫶🏻
Support My Work and Become a MemberThank you,
-Daniel
Powered by beehiiv
Introducing Substrate — An Open-source Framework for Human Understanding, Meaning, and Progress
Table of ContentsSCIENCE: Automated Hypothesis to Results Workflows
LEADERSHIP: Describing A Comprehensive Plan
PRODUCTIVITY: Optimizing Any Process
IntroductionI’m excited to share a project I’ve been working on for a number of months called Substrate. Fair warning: it’s quite ambitious.
Ok, what is it exactly?
What the hell does that mean?
Yep, fantastic question. The purpose of the project is to make the things that matter to humans more transparent, discussable, and ultimately—fixable.
Interesting. What kinds of things?
Yes, exactly. Here are some of the main ones we’re starting with.
Substrate ComponentsWhen we say “human understanding, meaning, and progress” in the description, we’re talking about these types of conceptual objects:
Ideas — A list of novel human ideas
Problems — A list of our most important human problems
Beliefs — A list of beliefs about the world
Models — A list of models for conceptualizing reality
Frames — A list of narratives/lenses for perceiving reality
Solutions — A list of potential solutions to our problems
Information Sources — A list of sources of data and information
People — A list of humans
Organizations — A list of organizations
Laws — A list of laws that were proposed and/or passed
Claims — A list of truth claims
Votes — A list of votes and results from legislation/elections
Arguments — A list of arguments that have been made
Funding Sources — A list of groups that fund various projects
Lobbyists — A list of lobbyists and their agendas
Missions — A list of human ideas
Donations — A list of donations made from X to Y
Goals — A list of potential human goals
Facts — A list of verified truth claims
Each of these will be an actual list, maintained as a repository within Github. Each list will have a schema, similar to this one for the Problems repository:
Problem Name
Problem ID
Problem Description
Toxic Drinking Water in Poor US Towns
PR-1097
Many towns with populations with low socioeconomic status have water that’s not safe to drink.
Deforestation of Our Rain Tropical Rain Forests
PR-33082
Our rainforests are being destroyed, which will negatively affect humans on Earth.
GitHub - Substrate/Problems: The Problems people consider worth working on.
A collection of the problems people feel need to be tackled.
github.com/human-substrate/Problems
And all of these live within an over-arching Substrate Organization within Github.
Substrate
An Open-source Framework for Human Understanding, Meaning, and Progress
github.com/human-substrate
This structure will allow the entire open-source community (i.e., the world) to contribute their own Problems, Claims, Sources, Frames, Goals, etc., that others can use.
Ok, I think I’m starting to get it, but I need more.
Fair enough.
One way to think about this is as a way to put handles on things that are hard to discuss.
Here are a couple of examples.
Component ExamplesHere are some more examples of Substrate Components in everyday scenarios. Let’s look at an Argument component.
An ArgumentThink of a common argument we might hear on any given day about whatever topic. This one is about recycling.
We’re confronted by this type of thing constantly. About things like recycling, but also about things that matter much more, like politics.
What Substrate will do is take an argument like this recycling example, and turn it into something like this:
A MermaidJS Visualization of this claim (Using Sonnet 3.5) Click for full size.
Each of those objects in that diagram will be Substrate Components! The Claims, the Sources, etc.
Here’s what the Arguments repository might look like:
Argument Name
Argument ID
Argument Description
Recycling Plastic Isn’t Worth The Effort in the US
AR-28445
It’d be good to recycle plastic if it were actually worth the effort, but current systems are so inefficient that they cost more energy than they save.
A Source
Examples of Organizational Sources
When people make truth claims, it’s important that we be able to fact-check or research those claims to see their support. Substrate does this by maintaining a list of Sources that we may or may not trust for new information, such as an Organization, or a Person (both of which are also Substrate Components).
When someone makes an Argument, or a Claim within an Argument, it can be linked to Sources that people can choose to trust or not trust.
But either way, people can see the full argument and its support in one visual!
An example of Argument → Claims → Sources
This is why we’re so excited about Substrate. It is going to make things that used to be murky and opaque into transparent objects that can be inspected, analyzed, and discussed.
OLD: “You’re just not able to counter all my arguments and evidence.”
NEW: “Here’s my argument (throws it up on a shared viewscreen). Show me which claim you disagree with, or which source you disagree with that backs up those claims.”
This will enable far more logical and precise discussions!
Real-world Use CasesOk, sounds really cool. But what do you actually do with it?
Intrigued but practical
Yes, so now we’re getting to the best part—how to actually use this thing!
First, keep in mind that this is very early. We’re just getting started. But we already have many use cases planned that we want to talk about below.
Also, keep in mind that some of these you can do starting immediately, some will take time, and many of them will get magnified significantly by AI.
Let’s take a look.
Describing Yourself
Visualizing Your Being Using Substrate
Many people have trouble describing who they are and what they’re about.
With Substrate you’ll soon be able to just describe yourself in text, audio, or video, or even have a conversation with an AI—and it will be able to both articulate and visualize you.
And if you share your context or Substrate representation with others, they’ll be able to see what you’re about as well.
Learning a Person’s ValuesSubstrate will be a wonderful way to start learning about someone, e.g., what they care about, and how they see the world.
Imagine having something like this available when you look at someone, or research them.
A Visual Conversation Starter
This will be a wonderful way to learn about what someone really cares about, and how they see the world.
They believe the most important Problems are PR-1097, PR-2210, and PR-2231
They believe the best Solutions are SL-1128, SL-3110, and SL-1012 to those Problems.
They intend to track progress using the following KPIs.
Imagine matching up with someone like that across multiple axes:
Values
Goals
Beliefs
Preferences
Etc.
We’re very excited about the potential to spawn more human connection in this way.
Visualize Any ArgumentAnother great use will be when a given narrative, or rumor, or conspiracy theory is going viral. We’ll be able to use Substrate to analyze the Argument or Claim and publish the results.
Here’s an argument that we never went to the moon.
Click for Full Size
Using this kind of visualization, you’ll be able to see (for example) that:
They’re making the following Arguments that SL-19992 and SL-44091 are the best Solutions: AR-7781, AR-9812, and AR-9992.
Which include the following Claims: CL-1111, CL-2309, and CL-0002.
Which we fact-checked using the following Sources.
Which resulted in the following Results (Claim = False / True).
Which—using the following methodology—leads us to this Conclusion.
Think Snopes, but as a graph that everyone can visually explore.
What’s amazing about this is that someone from any political background can now evaluate this with more transparency than has ever been possible. They can SEE the Arguments, the Claims, and the Sources that were used to validate them, etc. It’s all right there.
And, of course, people will be able to add all their favorite sources of ground truth, so they can make sure the Substrate visualization is trustworthy to them. At that point, the question just becomes which sources you trust, but you can then see how the logic and sources flow to the conclusion.
I think this has the potential to significantly strengthen our shared understanding of reality, and will allow us to disagree with each other in a far healthier way.
Here’s one for the claim that there’s a tiny teapot orbiting the sun.
These aren’t using Substrate yet, but they will be soon, making each component of the argument community-sourced and transparent.
Substrate + AI = ActionYeah, yeah, yeah. AI this—AI that.
I hear you, but this is different. This isn’t about AI. It’s about human meaning and progress. AI is just a tool for helping that along.
Consider this about what you’ve heard so far about Substrate, and what’s simultaneously happening with AI:
Context sizes (prompt sizes) are increasing
Inference costs (the cost to run AI) are plummeting
What this means is we can Chocolate-Peanutbutter Substrate with AI’s ability to hold multiple things in its mind at once.
So we can feed AI with our Goals, KPIs, Risks, etc.—and have it help us untangle them and take action.
Here are some examples that we’re most excited about.
SCIENCE: Automated Hypothesis to Results WorkflowsOne big problem with science is that it takes so long. Look at the set of things that have to happen:
It’s hard to come up with ideas.
It’s hard to design experiments.
It’s hard to find funding to do experiments.
It’s hard to interpret results.
It’s hard to publish results.
It’s hard to get the results in front of the right people.
So now imagine we have our list of Problems, a list of Proposed Experiments, a list of Funding Sources, etc. They’re all there.
Now AI can help us do most every step in that chain—completely automated!
Coming up with—or collecting—ideas and hypotheses
Designing experiments
Collecting and evaluating the best funding sources
Requesting funding by writing a perfect pitch
Helping set up the experiments (eventually with robotic help as well)
Running and monitoring the experiments
Interpreting results
Writing the paper
Sharing the paper
So in other words:
Hypothesis ➡️ Proposed Experiment ➡️ Look Up Funding Sources ➡️ Acquire Funding ➡️ Run Experiments ➡️ Publish Results ➡️ Make Progress
In the beginning, this will still require a lot of human help—especially at the idea and the running of the experiments phases. But over time AI will only become more useful in those areas, too.
We’re talking about accelerating science!
LEADERSHIP: Describing A Comprehensive Plan
A visual representation of a political platform (Click for Full Size)
Many leaders struggle with clarity. It’s hard to know what they think the issues are, what they specifically plan on doing, and how they plan to measure progress.
We see this with both business leaders and politicians.
So with Substrate, we intend to make it so that every leader will need to have a full, detailed plan that has the following components:
Here’s what I think the Problems are
Here’s what I think the Solutions are
Here are my proposed Strategies for accomplishing that
Here are the KPIs we’ll use to track progress
Fire me if I don’t get the KPIs to _________ by ___________ date.
Imagine having that level of clarity and accountability for any leader trying to get a job, doing anything.
PRODUCTIVITY: Optimizing Any ProcessOk, I saved the best one for last. This is the one that I’m personally most excited about.
From Companies Are Just Graphs of Algorithms
In a recent piece, I talked about how Companies Are Just Graphs of Algorithms. True, but I don’t think I went far enough with it.
Everything can be conceptualized in this way—as a process.
State of things
Action / Event
Result = New State of Things
And if we add human components in there, like peoples’ jobs, or making decisions—like we do for like running a business, or a country, or a family, we have additional pieces:
People
Decisions
Strategies
Lessons-learned
Conclusions
Reasons
Etc.
And what that results in is a way to tie this all together into much larger graphs. Graphs we can use to describe the operations of a Family, or a Company, or even a Country.
Here’s one for a small company:
A Company Process Flow (Click for Full Screen)
That’s pretty cool that we can create that, but that’s not the full power of Substrate combined with AI.
The smarter AI gets, the better it will get at optimizing flows of any kind.
In other words, this is just the current state. We can now ask AI what it would do to optimize this.
Should this company merge departments?
Where can we add more people?
Which processes here are inefficient?
Which can be replaced by AI?
Where could we use more human decision-making?
If we wanted to grow, where should that happen?
Now imagine this for:
A family
A corporation
A church
A city
A county
Etc.
And keep in mind, the more data you have here the better. You can feed such a system all the various efficiency metrics for the various pieces as well.
A security team analysis exampleIt currently takes 3.5 business days to complete a security assessment
“Delays in Security Assessment Turnaround” are the #1 complaint in the Engineering survey
If we switch to the new FlexScan model using fewer generalist security testers, we’ll be able to complete Type B and C assessments 94% faster.
This will give our senior testers 2 extra days to do high-impact assessments
This will also likely make Engineering much happier with Security, and make them more likely to cooperate on our goals.
So this is really multiple steps here:
The full articulation and breakdown of how a process is currently running
Visualization of that process to help with human understanding
AI analysis of how to optimize the process to optimize the stated goals of the entity
And remember—the AI will also have access to the mission of the organization as well. And its goals. And its strategies. And its team members. And their projects. Etc.
So it will have the full context on how resources are being spent relative to the desired outcomes, and it will be able to see how the actual KPIs are moving.
From there it will be able to make all sorts of recommendations, such as:
Hiring new people
Hiring people with certain skills
Using more AI in high volume and low creativity areas
Adjusting strategies based on goals and market conditions
Cancelling projects X and Y to work on Z instead because it’s more aligned with the goals
Etc.
Ultimately we’re talking about the ability to continuously analyze and optimize any system using full knowledge of its goals and progress.
And the more data about the system it has, the better it’ll perform. And the smarter AI gets, the better it’ll perform.
Insane.
SummaryOk, that was a lot.
Here are the main points.
The world is hard to understand, and things that are hard to understand are hard to discuss and improve.
The goal of Substrate is to address this problem by making the things humans care about more visible, discussable, and improvable.
The framework is open-source and lives on GitHub.
At its core, it’s a collection of crowdsourced lists of the things humans care about, and that make up our discourse and society.
One major problem that people and organizations have is not knowing —and/or being able to communicate—what they are about.
Using the framework, people and organizations will be able to articulate their values and purpose more clearly, which will help not only them but everyone they interact with.
Substrate is magnified by AI because AI can—or will soon be able to—hold all of Substrate in its mind at once.
From there, we’ll be able to ask all sorts of meaningful questions, such as, “What is that person or organization about?”, “Are we pursuing the best path towards our goals?”, or, “What are the most critical mistakes I’m currently making?”
Ultimately this will allow us to take action on these things., e.g., “What actions should I take right now to optimize this workflow?”, or, “What should I do right now to achieve the best possible outcome that’s aligned with my goals?”
In short, Substrate is a way to better understand and optimize the things we care about as humans.
How to Get InvolvedHere are some of my friends and colleagues who have already signed on to help with this project.
Jonathan Dunn — MD, Hacker
Jason Haddix — Cybersecurity Expert, Hacker, Trainer
Clint Gibler — Cybersecurity Expert, Hacker
Joseph Thacker — Cybersecurity Expert, Hacker
Joel Parish — Cybersecurity Expert, Hacker
Robert Hansen — Cybersecurity Expert, Hacker
If you are interested in contributing, you can do so through the Github projects themselves, or you can connect with us directly.
Thanks for your interest, and please share this page with anyone else you think would like to contribute.
Powered by beehiiv
Daniel Miessler's Blog
- Daniel Miessler's profile
- 18 followers
