No. 379 – AI & Transparency, lifeOS, China Model Fears, Data Criticality…
*|INTERESTED:Memberful Plans:UL Subscription (Annual) (53074)|*MEMBER EDITION | NO. 379 | APR 24 2023 | Subscribe | Online | Audio*|END:INTERESTED|**|INTERESTED:Memberful Plans:UL Subscription (Annual) (53074)|**|ELSE:|*STANDARD EDITION (UPGRADE) | NO. 379 | APR 24 2023 | Subscribe | Online | Audio*|END:INTERESTED|*
Happy RSA Monday—I hope you’re having a good one so far!If you see me around RSA this week please come get a wave, fist bump, or hug (your choice). I’d love to say hi! And don’t forget we have a member lunch/meet-up on Thursday!Have a great week!
In this episode:Discover AI’s game-changing role in transparency🌩️ Unravel Microsoft’s stormy threat actor namesExplore China’s AI chatbot rules & secret NYPD basePeek into Apple’s journaling app & savings accountEmbrace psychedelics for mental health in the USGartner’s 2023 guide to cloud-native app protectionAI controls and more!MY WORKAI is a Gift to TransparencyA collection of real-world use cases for what we can do with AI-provided transparency into human challenges. MORESECURITY NEWSMicrosoft will start naming threat actors after weather events. Not the campaigns, but the actors themselves. Interesting concept. Here are the first mappings.Blizzard -> RussiaTyphoon -> ChinaSandstorm -> IranSleet -> North KoreaDust -> TurkeyCyclone -> VietnamRain -> LebanonHail -> South KoreaTempest -> Financially motivatedTsunami -> Private Sector attackerFlood -> Influence operationStorm -> Groups in development China Applies AI ControlsChina proposes new checks on AI chatbots, slowing tech industry’s rollout.• Draft measures require security reviews and user identity verification• AI-generated content must embody core socialist values• Alibaba, SenseTime, and Baidu recently launched ChatGPT-like bots• Regulators and state media warn against speculative frenzy in AI stocks MORESecret Chinese Police StationThe US charged 40 Chinese individuals for running a troll farm and secret NY police station.• Alleged efforts to intimidate, harass, and censor China’s critics overseas• Secret police station in Manhattan’s Chinatown• Massive online troll farm spreading disinformation and harassment• Only two New York-based officers arrested so far MORESponsor Love is UL Love — Sponsors help us produce this newsletter full-time. We spend a lot of time and effort picking the companies we promote here, and we pass on many of them because we care about what we’re showing you.
Do us a favor and explore the sponsors we share
. It helps us keep doing what we love, which is bringing you great ideas and analysis full-time.Sponsor Discover the Future of Cloud Security with the Gartner® 2023 Market Guide for CNAPP As cloud-native applications evolve, so do security threats. Stay ahead of the curve with Gartner’s comprehensive 2023 Market Guide for Cloud-Native Application Protection Platforms (CNAPP). Learn how to protect your cloud infrastructure and applications from development to production with a single, integrated platform.🛡️Key insights include:The increasing attack surface of cloud-native applications How CNAPPs streamline security and risk managementRecommendations for evaluating and deploying CNAPP solutionsDon’t miss out on this essential guide to securing your cloud-native applications! Download the Gartner® CNAPP Market Guide Now wiz.io/lp/gartner-market-guide-cnapp-2023Download NowTECHNOLOGY NEWSLyft announces more layoffs. I am not sure how much longer they’ll last. I used them for a few months when Uber was being gross to female employees, but the Lyft interface and experience was always worse for me. Question is: would the US let them merge? MOREIs Apple launching a journaling app? I’d love to see this. Hope it’s true. MOREGooglers say Bard is worse than useless. MORENiantic is making a real-world Monster Hunter game. MOREGoogle consolidates AI labs into DeepMind. MOREHUMAN NEWSLegalized Psychedelics?In 2023, the US government may approve the use of hallucinogenic drugs for mental illness treatment, with MAPS seeking FDA approval for MDMA as a PTSD treatment.– MAPS has completed two successful clinical trials on MDMA’s effectiveness for treating PTSD.– Australia approved MDMA as a PTSD treatment in February, with restrictions.– There are concerns about how MDMA will be administered and its potential financial incentives.– MAPS envisions global treatment centers where people can safely use psychedelics under therapist guidance.I really hope this happens. Everything I’ve seen and read and seen anecdatally has indicated this will be massive for mental health. And we really need that right now. Combine that with more access to good therapy through AI and I think we could seriously help millions of people. MOREApple Savings AccountApple just introduced a high-yield savings account with 4.15% APY.– Savings account by Goldman Sachs– No fees, minimum deposits, or balance requirements– Manage account directly from Apple Card in Wallet– Savings dashboard for tracking balance and interestI think this is going to be one of those moves where, when people look back, it’s marked as one of Apple’s main milestones towards lifeOS. Tech. Education. Health. Now finance. lifeOS seems imminent. MORETrump Catching DeSantisTrump now has a 13-point lead over DeSantis in a new Wall Street Journal Poll. I keep telling people not to count Trump out. People keep ignoring me. MORETrump Resilience68% of GOP voters support Trump despite indictment and investigations.– 26% of Republicans prefer a less-distracted candidate– 46% would support Trump in GOP primary today– 60% of general voters say Trump shouldn’t run– 70% don’t want Biden to run again MOREIDEAS & ANALYSISAI is a Gift to TransparencyA collection of real-world use cases for what we can do with AI-provided transparency into human challenges. MOREThe CCP and GPTI bet the CCP is super scared of AI models they don’t have explicit control over. Especially local ones! No need to bypass the Great Firewall if you can get honest answers from software running locally. MOREData Becomes Important, AgainWe’ve heard for a long time now that ‘data is the new oil’, and I guess that has been true in many cases. But it’s about to get a whole lot more true when everyone is running an SPQA stack. State requires data. And training large models requires data. People who have more data, and more access to newer and more unique data, will be winners. A big problem we’ll have soon is having tons of the new data coming out being produced by GPTs. It’ll become derivative. So the companies that have access to new, raw, human-generated data will have a major advantage. Think about who those companies might be. Data brokers? MANGA companies? Shadow companies like Palantir? This will be a major battleground.NOTESSuper hyped to share that UL member and buddy in crime Joseph Thacker (@rez0) and another great hacker @rhynorater are launching a new company called WeHackAI (wehack.ai). The service is designed to help companies launching AI-based or AI-augmented products—or that are adding AI to their existing offerings—by finding vulnerabilities throughout their stack. That includes not just the AI components, but the supporting infrastructure as well. I believe so much in the vision and in the pedigree of the founders that I’ll be an advisor for the company as well! Stay tuned for more info from them, and in the meantime go sign up here to get the latest. And if you know anyone building AI stuff, or adding AI to their stuff, point them to wehack.ai.I keep hearing about how Picard Season 3 is a love letter to STTNG, and I can’t wait to watch it. AI has seriously crushed my media consumption, and TV-watching especially, which was already quite minimal. But I make exceptions for Captain Picard and crew.I just got to catch up with a friend I met online in my first online community, DSLR. His name is Steve Friedl, and he’s awesome. He wrote a consulting guide called
So You Want to be a Consultant
way back then that served as the foundation of my consulting philosophy for years, and still does. Talking with Steve on the phone for the first time was fantastic, and I can’t wait to grow the relationship even more. Thanks, Steve, for your mentorship when I was starting out. And I hope to be like Steve when I grow up because he’s still crushing consulting today just like the day I met him almost 25 years ago. Goals. FOLLOW STEVEI’m thinking about trying a new format for news stories. I have some possible format examples here in this episode. It would look something like this:—⛓️ Embedded Supply Chain HacksThe X_Trader software supply chain attack led to the 3CX breach and affected critical infrastructure organizations in the US and Europe.– North Korean-backed threat groups involved– Trojanized installer used for attack– Multi-stage modular backdoor deployed– Victims’ systems compromised– US and European critical infrastructure impactedThis is another example of how deep the rabbithole goes on supply chain stuff. We will never get to the bottom of this until we can clearly 1) see, and 2) understand everything we have installed, everywhere—including its current version, patch levels, and configuration—all at the same time. Until then we’re just grasping and hoping when it comes to supply chain vulnerabilities. MORE | MORE
Follow via RSS*|END:INTERESTED|**|INTERESTED:Memberful Plans:UL Subscription (Annual) (53074)|**|ELSE:|*
Forward UL to friends
Tweet about UL
Share UL with colleagues*|END:INTERESTED|*Refer | Share | Unsubscribe | Update Your PreferencesCopyright © 1999-2023 Daniel Miessler, All Rights Reserved.
Happy RSA Monday—I hope you’re having a good one so far!If you see me around RSA this week please come get a wave, fist bump, or hug (your choice). I’d love to say hi! And don’t forget we have a member lunch/meet-up on Thursday!Have a great week!
In this episode:Discover AI’s game-changing role in transparency🌩️ Unravel Microsoft’s stormy threat actor namesExplore China’s AI chatbot rules & secret NYPD basePeek into Apple’s journaling app & savings accountEmbrace psychedelics for mental health in the USGartner’s 2023 guide to cloud-native app protectionAI controls and more!MY WORKAI is a Gift to TransparencyA collection of real-world use cases for what we can do with AI-provided transparency into human challenges. MORESECURITY NEWSMicrosoft will start naming threat actors after weather events. Not the campaigns, but the actors themselves. Interesting concept. Here are the first mappings.Blizzard -> RussiaTyphoon -> ChinaSandstorm -> IranSleet -> North KoreaDust -> TurkeyCyclone -> VietnamRain -> LebanonHail -> South KoreaTempest -> Financially motivatedTsunami -> Private Sector attackerFlood -> Influence operationStorm -> Groups in development China Applies AI ControlsChina proposes new checks on AI chatbots, slowing tech industry’s rollout.• Draft measures require security reviews and user identity verification• AI-generated content must embody core socialist values• Alibaba, SenseTime, and Baidu recently launched ChatGPT-like bots• Regulators and state media warn against speculative frenzy in AI stocks MORESecret Chinese Police StationThe US charged 40 Chinese individuals for running a troll farm and secret NY police station.• Alleged efforts to intimidate, harass, and censor China’s critics overseas• Secret police station in Manhattan’s Chinatown• Massive online troll farm spreading disinformation and harassment• Only two New York-based officers arrested so far MORESponsor Love is UL Love — Sponsors help us produce this newsletter full-time. We spend a lot of time and effort picking the companies we promote here, and we pass on many of them because we care about what we’re showing you.
Do us a favor and explore the sponsors we share
. It helps us keep doing what we love, which is bringing you great ideas and analysis full-time.Sponsor Discover the Future of Cloud Security with the Gartner® 2023 Market Guide for CNAPP As cloud-native applications evolve, so do security threats. Stay ahead of the curve with Gartner’s comprehensive 2023 Market Guide for Cloud-Native Application Protection Platforms (CNAPP). Learn how to protect your cloud infrastructure and applications from development to production with a single, integrated platform.🛡️Key insights include:The increasing attack surface of cloud-native applications How CNAPPs streamline security and risk managementRecommendations for evaluating and deploying CNAPP solutionsDon’t miss out on this essential guide to securing your cloud-native applications! Download the Gartner® CNAPP Market Guide Now wiz.io/lp/gartner-market-guide-cnapp-2023Download NowTECHNOLOGY NEWSLyft announces more layoffs. I am not sure how much longer they’ll last. I used them for a few months when Uber was being gross to female employees, but the Lyft interface and experience was always worse for me. Question is: would the US let them merge? MOREIs Apple launching a journaling app? I’d love to see this. Hope it’s true. MOREGooglers say Bard is worse than useless. MORENiantic is making a real-world Monster Hunter game. MOREGoogle consolidates AI labs into DeepMind. MOREHUMAN NEWSLegalized Psychedelics?In 2023, the US government may approve the use of hallucinogenic drugs for mental illness treatment, with MAPS seeking FDA approval for MDMA as a PTSD treatment.– MAPS has completed two successful clinical trials on MDMA’s effectiveness for treating PTSD.– Australia approved MDMA as a PTSD treatment in February, with restrictions.– There are concerns about how MDMA will be administered and its potential financial incentives.– MAPS envisions global treatment centers where people can safely use psychedelics under therapist guidance.I really hope this happens. Everything I’ve seen and read and seen anecdatally has indicated this will be massive for mental health. And we really need that right now. Combine that with more access to good therapy through AI and I think we could seriously help millions of people. MOREApple Savings AccountApple just introduced a high-yield savings account with 4.15% APY.– Savings account by Goldman Sachs– No fees, minimum deposits, or balance requirements– Manage account directly from Apple Card in Wallet– Savings dashboard for tracking balance and interestI think this is going to be one of those moves where, when people look back, it’s marked as one of Apple’s main milestones towards lifeOS. Tech. Education. Health. Now finance. lifeOS seems imminent. MORETrump Catching DeSantisTrump now has a 13-point lead over DeSantis in a new Wall Street Journal Poll. I keep telling people not to count Trump out. People keep ignoring me. MORETrump Resilience68% of GOP voters support Trump despite indictment and investigations.– 26% of Republicans prefer a less-distracted candidate– 46% would support Trump in GOP primary today– 60% of general voters say Trump shouldn’t run– 70% don’t want Biden to run again MOREIDEAS & ANALYSISAI is a Gift to TransparencyA collection of real-world use cases for what we can do with AI-provided transparency into human challenges. MOREThe CCP and GPTI bet the CCP is super scared of AI models they don’t have explicit control over. Especially local ones! No need to bypass the Great Firewall if you can get honest answers from software running locally. MOREData Becomes Important, AgainWe’ve heard for a long time now that ‘data is the new oil’, and I guess that has been true in many cases. But it’s about to get a whole lot more true when everyone is running an SPQA stack. State requires data. And training large models requires data. People who have more data, and more access to newer and more unique data, will be winners. A big problem we’ll have soon is having tons of the new data coming out being produced by GPTs. It’ll become derivative. So the companies that have access to new, raw, human-generated data will have a major advantage. Think about who those companies might be. Data brokers? MANGA companies? Shadow companies like Palantir? This will be a major battleground.NOTESSuper hyped to share that UL member and buddy in crime Joseph Thacker (@rez0) and another great hacker @rhynorater are launching a new company called WeHackAI (wehack.ai). The service is designed to help companies launching AI-based or AI-augmented products—or that are adding AI to their existing offerings—by finding vulnerabilities throughout their stack. That includes not just the AI components, but the supporting infrastructure as well. I believe so much in the vision and in the pedigree of the founders that I’ll be an advisor for the company as well! Stay tuned for more info from them, and in the meantime go sign up here to get the latest. And if you know anyone building AI stuff, or adding AI to their stuff, point them to wehack.ai.I keep hearing about how Picard Season 3 is a love letter to STTNG, and I can’t wait to watch it. AI has seriously crushed my media consumption, and TV-watching especially, which was already quite minimal. But I make exceptions for Captain Picard and crew.I just got to catch up with a friend I met online in my first online community, DSLR. His name is Steve Friedl, and he’s awesome. He wrote a consulting guide called
So You Want to be a Consultant
way back then that served as the foundation of my consulting philosophy for years, and still does. Talking with Steve on the phone for the first time was fantastic, and I can’t wait to grow the relationship even more. Thanks, Steve, for your mentorship when I was starting out. And I hope to be like Steve when I grow up because he’s still crushing consulting today just like the day I met him almost 25 years ago. Goals. FOLLOW STEVEI’m thinking about trying a new format for news stories. I have some possible format examples here in this episode. It would look something like this:—⛓️ Embedded Supply Chain HacksThe X_Trader software supply chain attack led to the 3CX breach and affected critical infrastructure organizations in the US and Europe.– North Korean-backed threat groups involved– Trojanized installer used for attack– Multi-stage modular backdoor deployed– Victims’ systems compromised– US and European critical infrastructure impactedThis is another example of how deep the rabbithole goes on supply chain stuff. We will never get to the bottom of this until we can clearly 1) see, and 2) understand everything we have installed, everywhere—including its current version, patch levels, and configuration—all at the same time. Until then we’re just grasping and hoping when it comes to supply chain vulnerabilities. MORE | MORE—
That’s not a great analysis example because it was a made-up one, and some stories won’t have analysis anyway. But the point is that you could get away with just the first sentence. Or you could get the bullets for the second level. Or the analysis for the third level. Finally, you’ll have the MORE links for even more if you want it.I plan on using some of my own custom AI for some of the summary stuff, such as the bullets, and then writing the analysis myself (it’ll be a while before an AI can do that without it being generic). So we get the advantages of both worlds (AI summarization + human analysis).Thoughts? Reply to this email or start a thread in chat.DISCOVERY🤖 ProfileGPT: Reveals user’s personality using ChatGPT data– Analyzes personal data, hobbies, and traits– Assesses mental health and future predictions– Python >=3.8 and ChatGPT data needed– Promotes awareness of data usage MORE | BY SAHBIC bloop: AI-powered code search and understanding tool– Natural language search for internal libraries– Summarizes and explains code intention– Supports 20+ languages and regex matching– Offers precise code navigation and unlimited free tier for self-hosted open source users MORE | BY HAMEL HUSAINMaintaining this site fucking sucks MOREYou can buy a house in Japan for $25,000 MOREWho will you be after ChatGPT takes your job? MORESo you want to start an AI startup MOREWriters are becoming AI Prompt Engineers MORE90% of my skills are now worth $0, but the other 10% are worth 1000x MOREPrompt Injection: What’s the worst that could happen? MORELooks like da Vinci was Jewish. MOREThey’re acquaintances, but they’re still important. MOREWhy people are fleeing blue cities for red states MORERECOMMENDATION OF THE WEEKIf you care about AI’s threat to your business, or you are a builder thinking about the future of applications, you need to be watching Langchain as close or closer than OpenAI. It’s not about the boards and nails and drywall. It’s about the buildings we can build with them. Learn Langchain. LANGCHAIN DOCS | INTRO VIDEOAPHORISM OF THE WEEK“The art of life lies in a constant readjustment to our surroundings.”Kakuzo Okakura*|INTERESTED:Memberful Plans:UL Subscription (Annual) (53074)|*Hey, you. Yes. You. Thank you for being a member. Seriously appreciated.*|END:INTERESTED|**|INTERESTED:Memberful Plans:UL Subscription (Annual) (53074)|**|ELSE:|*Thank you for reading. To become a member of UL and get more content and access to the community, you can become a member.*|END:INTERESTED|**|INTERESTED:Memberful Plans:UL Subscription (Annual) (53074)|*
Follow via RSS*|END:INTERESTED|**|INTERESTED:Memberful Plans:UL Subscription (Annual) (53074)|**|ELSE:|*
Forward UL to friends
Tweet about UL
Share UL with colleagues*|END:INTERESTED|*Refer | Share | Unsubscribe | Update Your PreferencesCopyright © 1999-2023 Daniel Miessler, All Rights Reserved.hts Reserved.
No related posts.
No comments have been added yet.
Daniel Miessler's Blog
- Daniel Miessler's profile
- 18 followers
Daniel Miessler isn't a Goodreads Author
(yet),
but they
do have a blog,
so here are some recent posts imported from
their feed.
