1
00:00:00,050 --> 00:00:03,440
S1: Whether you're starting or scaling your company's security program, demonstrating

2
00:00:03,470 --> 00:00:06,980
S1: top notch security practices and establishing trust is more important

3
00:00:06,980 --> 00:00:12,110
S1: than ever. Vanta automates compliance for Soc2, ISO 27,001 and more,

4
00:00:12,110 --> 00:00:16,070
S1: saving you time and money while helping you build customer trust. Plus,

5
00:00:16,070 --> 00:00:20,329
S1: you can streamline security reviews by automating questionnaires and demonstrating

6
00:00:20,329 --> 00:00:24,050
S1: your security posture with a customer facing trust center, all

7
00:00:24,050 --> 00:00:28,610
S1: powered by advanced AI. Over 7000 global companies like Atlassian,

8
00:00:28,610 --> 00:00:31,770
S1: Flow Health and Quora use Vanta to manage risk and

9
00:00:31,770 --> 00:00:35,730
S1: prove security in real time. Get $1,000 off Vanta when

10
00:00:35,729 --> 00:00:42,150
S1: you go to Vanta comm slash unsupervised. That's vanta.com/supervised for

11
00:00:42,150 --> 00:00:47,370
S1: $1,000 off. Welcome to Unsupervised Learning, a security, AI, and

12
00:00:47,370 --> 00:00:50,099
S1: meaning focused podcast that looks at how best to thrive

13
00:00:50,100 --> 00:00:54,390
S1: as humans in a post AI world. It combines original ideas,

14
00:00:54,390 --> 00:00:57,900
S1: analysis and mental models to bring not just the news,

15
00:00:57,900 --> 00:01:05,429
S1: but why it matters and how to respond. All right,

16
00:01:05,430 --> 00:01:10,800
S1: welcome to unsupervised learning. This is Daniel Miessler. Okay. Pretty

17
00:01:10,800 --> 00:01:13,890
S1: much heads down on doing talks and courses right now. Uh,

18
00:01:13,890 --> 00:01:16,020
S1: a bunch of essays, a bunch of video content. It

19
00:01:16,020 --> 00:01:18,310
S1: feels like I've got a lot of ideas but feels

20
00:01:18,310 --> 00:01:21,759
S1: bad to be behind. Matt Williams put out a quality

21
00:01:21,760 --> 00:01:24,760
S1: introduction to fabric on his YouTube channel, so that was cool.

22
00:01:24,760 --> 00:01:28,840
S1: Really well done. Video got the augmented course is updated. Uh,

23
00:01:28,840 --> 00:01:33,190
S1: so essentially we're expanding it to four plus hours where

24
00:01:33,190 --> 00:01:36,070
S1: it was only three hours before. So it's a lot

25
00:01:36,069 --> 00:01:39,340
S1: more content. Got a whole section on augmenting AI with

26
00:01:39,340 --> 00:01:43,180
S1: personal context, building your own work life workflows, which is

27
00:01:43,180 --> 00:01:45,339
S1: going to be super cool. We're actually going to do

28
00:01:45,340 --> 00:01:48,580
S1: it live with 1 or 2 people in the class

29
00:01:48,580 --> 00:01:51,820
S1: as well, so it's going to be kind of hands on.

30
00:01:51,820 --> 00:01:55,960
S1: We got a full section on obsidian as well, and uh, yeah,

31
00:01:55,960 --> 00:01:58,540
S1: just a whole bunch of fabric uses lots and lots

32
00:01:58,540 --> 00:02:02,080
S1: of examples. And, uh, I really like the cohesive way.

33
00:02:02,080 --> 00:02:06,350
S1: It's kind of pulling together the philosophical versus the technical.

34
00:02:06,350 --> 00:02:09,889
S1: So it's very practical in like, okay, you actually do this,

35
00:02:09,889 --> 00:02:13,460
S1: but it's kind of framed in this philosophical way, or

36
00:02:13,460 --> 00:02:15,530
S1: at least that's what I'm trying to pull off. Okay,

37
00:02:15,530 --> 00:02:18,980
S1: so I think I cracked Trump's popularity. I think unless

38
00:02:18,980 --> 00:02:21,260
S1: the DNC figures this out, it actually doesn't matter who

39
00:02:21,290 --> 00:02:23,870
S1: they run, they have to figure this out. So I

40
00:02:23,870 --> 00:02:25,430
S1: got a post on that. Not going to go into

41
00:02:25,430 --> 00:02:28,820
S1: that because that's politics stories. So there's a new zero

42
00:02:28,820 --> 00:02:32,460
S1: day in OpenSSH that allows remote code execution. It's a

43
00:02:32,460 --> 00:02:35,610
S1: little bit convoluted to sort of attack, and I think

44
00:02:35,610 --> 00:02:38,370
S1: people are figuring that out. One thing to keep in mind, though,

45
00:02:38,370 --> 00:02:40,770
S1: is it always gets easier to attack these things. It

46
00:02:40,770 --> 00:02:43,440
S1: never gets harder to attack these things unless people patch,

47
00:02:43,470 --> 00:02:46,320
S1: of course. But even if it's a little convoluted now,

48
00:02:46,320 --> 00:02:48,570
S1: I mean, you still really need to take a look

49
00:02:48,570 --> 00:02:51,210
S1: at what you have exposed and whether or not your

50
00:02:51,210 --> 00:02:55,230
S1: particular SSH stack is vulnerable. There's a full 10.0 critical

51
00:02:55,230 --> 00:02:59,370
S1: vulnerability in juniper network routers that basically allows you to

52
00:02:59,370 --> 00:03:05,760
S1: bypass authentic full control. Cvss 10.0 snowflake had a breach,

53
00:03:05,760 --> 00:03:09,750
S1: as everyone knows, and it's expanding with over now 165 victims,

54
00:03:09,750 --> 00:03:14,010
S1: including Ticketek and Advanced Auto Parts. And some folks from

55
00:03:14,010 --> 00:03:18,160
S1: the Shiny Hunters are saying that they access snowflake via

56
00:03:18,160 --> 00:03:21,639
S1: third party contractors. And as part of that snowflake incident,

57
00:03:21,639 --> 00:03:25,930
S1: Santander's US branch is notifying over 12,000 people that their

58
00:03:25,930 --> 00:03:28,180
S1: personal info is stolen. So this is one of those

59
00:03:28,180 --> 00:03:31,300
S1: things where it's just, like, contagious because the third party

60
00:03:31,300 --> 00:03:34,030
S1: nature of it, it just keeps spreading. And yeah, like

61
00:03:34,030 --> 00:03:38,140
S1: we said above 165 victims currently read Juliet, a Chinese

62
00:03:38,140 --> 00:03:41,560
S1: state sponsored group, has been exploiting network Edge devices to

63
00:03:41,560 --> 00:03:46,720
S1: target Taiwanese government, academic, technology and diplomatic organizations thanks to

64
00:03:46,720 --> 00:03:51,820
S1: tines for sponsoring. And if everyone remembers that orange R1

65
00:03:51,850 --> 00:03:56,170
S1: I device, well, basically you can you can extract or

66
00:03:56,170 --> 00:03:59,380
S1: it was possible to extract all responses that ever came

67
00:03:59,380 --> 00:04:03,550
S1: back from them and uh, yeah, it basically nightmare fuel

68
00:04:03,550 --> 00:04:06,830
S1: and anything you got back from your personal AI device

69
00:04:06,830 --> 00:04:10,430
S1: visible to whoever. I think this is exactly what most

70
00:04:10,430 --> 00:04:14,750
S1: security experts predicted with regard to AI and security. Specifically

71
00:04:14,750 --> 00:04:19,160
S1: that when startups do security, it's usually really, really bad.

72
00:04:19,160 --> 00:04:21,020
S1: But one, they don't have the expertise, they don't have

73
00:04:21,020 --> 00:04:24,200
S1: the resources, they don't have the time. And they're already

74
00:04:24,200 --> 00:04:28,880
S1: facing existential crises like every day. And security usually isn't

75
00:04:28,880 --> 00:04:31,680
S1: one of them. Another way to say that is startups

76
00:04:31,680 --> 00:04:35,940
S1: generally run with scissors, and AI startups run extra fast

77
00:04:35,940 --> 00:04:38,789
S1: with extra scissors. Like I've been saying, if you think

78
00:04:38,790 --> 00:04:41,220
S1: this is bad, wait. Wait until it's actually days that

79
00:04:41,220 --> 00:04:44,940
S1: are getting compromised where people have uploaded like their traumas

80
00:04:44,940 --> 00:04:48,750
S1: and their journals and their personal conversations and just everything,

81
00:04:48,750 --> 00:04:52,680
S1: their most intimate details. And when those startups start getting breached,

82
00:04:52,680 --> 00:04:55,200
S1: it's going to be way worse. And this is the

83
00:04:55,200 --> 00:04:58,110
S1: attack surface map that I put together a while back,

84
00:04:58,110 --> 00:05:02,040
S1: and I think it's still pretty useful. Russian hacking group Apt29,

85
00:05:02,040 --> 00:05:06,180
S1: also known as Cozy Bear, breached team viewers corporate IT environment.

86
00:05:06,180 --> 00:05:10,800
S1: And this is another. So I've migrated over the years

87
00:05:10,800 --> 00:05:13,650
S1: to a very simple stance on security tooling or really

88
00:05:13,650 --> 00:05:17,370
S1: any core tooling. It is use the official offerings from

89
00:05:17,370 --> 00:05:20,349
S1: big companies whenever possible, and that's because they have giant

90
00:05:20,350 --> 00:05:23,260
S1: security teams, they have giant security budgets, and they have

91
00:05:23,260 --> 00:05:26,410
S1: a lot to lose in terms of PR and market share.

92
00:05:26,410 --> 00:05:28,960
S1: So basically, I only want to trust my data to

93
00:05:28,960 --> 00:05:32,620
S1: companies that have both the incentive and the resources to

94
00:05:32,620 --> 00:05:34,930
S1: protect that data. And those tend to be the big

95
00:05:34,930 --> 00:05:39,010
S1: players like Microsoft, Google, Apple, whatever. Chinese hackers are using

96
00:05:39,010 --> 00:05:42,850
S1: ransomware as a cover for cyber espionage. Perplexity AI is

97
00:05:42,850 --> 00:05:44,620
S1: under fire by a lot of people. A lot of

98
00:05:44,620 --> 00:05:48,100
S1: people are really upset with them because they're essentially scraping

99
00:05:48,100 --> 00:05:52,510
S1: and crawling and, you know, basically feeding their their AI

100
00:05:52,510 --> 00:05:57,039
S1: with tactics that nobody really likes. And it's kind of

101
00:05:57,040 --> 00:06:00,430
S1: turning people off to it. Metaculus is launching a series

102
00:06:00,430 --> 00:06:04,690
S1: of quarterly tournaments to benchmark AI forecasting against human forecasting

103
00:06:04,690 --> 00:06:08,779
S1: on real world questions. So I am really obsessed with

104
00:06:08,779 --> 00:06:13,909
S1: this rigorous predictions basically. So there are groups metaculus is

105
00:06:13,910 --> 00:06:16,940
S1: one where people make specific predictions. And I learned about

106
00:06:16,940 --> 00:06:22,460
S1: this from this book. Superforecasting. And this is now very

107
00:06:22,460 --> 00:06:26,510
S1: similar to Superforecasting, except for it's AI players playing addition

108
00:06:26,510 --> 00:06:29,599
S1: to the human players. And specifically they're competing. So I

109
00:06:29,600 --> 00:06:33,420
S1: can't wait to watch this. It's really, really exciting to me.

110
00:06:33,420 --> 00:06:37,770
S1: I'm actually going to build myself a little intelligence, uh, daily,

111
00:06:37,770 --> 00:06:42,419
S1: daily intelligence, brief product, uh, using substrate and, um, a

112
00:06:42,540 --> 00:06:45,270
S1: bunch of the AI stuff that I'm building. So I'm

113
00:06:45,270 --> 00:06:49,320
S1: essentially going to be capturing a whole bunch of, of

114
00:06:49,320 --> 00:06:52,830
S1: these superforecasters combined with a whole bunch of point sources

115
00:06:52,830 --> 00:06:58,440
S1: like Osint people, national security people, financial information, people capturing

116
00:06:58,440 --> 00:07:01,500
S1: all their point sources, capturing all the experts and what

117
00:07:01,500 --> 00:07:06,089
S1: they're predicting, and then having my AI basically collect all

118
00:07:06,089 --> 00:07:10,020
S1: that together, turn it into stories and narratives, and most importantly,

119
00:07:10,020 --> 00:07:12,960
S1: put like based on these experts, what are the most

120
00:07:12,960 --> 00:07:16,260
S1: likely outcomes over the next six months, 18 months, whatever,

121
00:07:16,260 --> 00:07:19,420
S1: three years. And it won't be perfect, obviously. I mean,

122
00:07:19,420 --> 00:07:22,630
S1: first of all, I is good at, you know, building

123
00:07:22,630 --> 00:07:25,420
S1: narratives when they don't exist or whatever. So there's all

124
00:07:25,420 --> 00:07:28,090
S1: sorts of things I need to be careful of, but

125
00:07:28,090 --> 00:07:32,200
S1: with lots of really, really good input from these different sources,

126
00:07:32,200 --> 00:07:35,290
S1: I think there's a lot of potential here. Uh, first

127
00:07:35,290 --> 00:07:37,840
S1: of all, I can have it. I'll have the history

128
00:07:37,840 --> 00:07:40,480
S1: of these things. So as the AI gets better, or

129
00:07:40,480 --> 00:07:43,750
S1: as I write a better prompt for the eye or

130
00:07:43,750 --> 00:07:46,750
S1: set of prompts for the eye pipeline, all those results

131
00:07:46,750 --> 00:07:48,910
S1: will get better. And either way, I'm going to have

132
00:07:48,910 --> 00:07:52,840
S1: the results of the the point predictions and the expert predictions.

133
00:07:52,840 --> 00:07:55,780
S1: They'll all be stored, so I can always go retroactively

134
00:07:55,780 --> 00:07:58,420
S1: and build a better product. And people are talking about

135
00:07:58,420 --> 00:08:02,500
S1: how to run billion parameter scale llms on 13W of power,

136
00:08:02,500 --> 00:08:04,780
S1: which is 50 times more efficient. And this is what

137
00:08:04,780 --> 00:08:07,760
S1: I call slack in the rope, which is what Leopold

138
00:08:07,760 --> 00:08:10,370
S1: Aschenbrenner calls hobbling. And this is why I think we're

139
00:08:10,370 --> 00:08:13,910
S1: at like 1% of like where we are going. And

140
00:08:13,910 --> 00:08:16,310
S1: that might be way too large, actually. It might be

141
00:08:16,310 --> 00:08:19,640
S1: like 0.001%, who knows? But to me the game is

142
00:08:19,640 --> 00:08:24,440
S1: scale times algorithms, times tricks. So improve scale, improve the

143
00:08:24,440 --> 00:08:30,110
S1: algorithms and find tricks that magnify both of these. So

144
00:08:30,110 --> 00:08:32,550
S1: tricks are finding slack on the rope, which can potentially

145
00:08:32,550 --> 00:08:36,570
S1: massively improve the algorithms or advantages from scale. So these

146
00:08:36,570 --> 00:08:40,080
S1: two get magnified by this one. And Leopold is basically

147
00:08:40,080 --> 00:08:43,380
S1: calling this one removing hobbling. Yeah. And by the way

148
00:08:43,380 --> 00:08:48,179
S1: situational awareness by Leopold. It is like the best discussion

149
00:08:48,179 --> 00:08:51,630
S1: of this particular topic of like why you should believe

150
00:08:51,630 --> 00:08:54,210
S1: that we're going to scale in a certain pace. Businesses

151
00:08:54,210 --> 00:08:57,870
S1: are desperate for AI guidance, and big consulting firms are

152
00:08:57,870 --> 00:09:02,910
S1: stepping in to help. McKinsey says generative AI will be 40%

153
00:09:02,910 --> 00:09:08,160
S1: of its business this year. In 2024, 40% of McKinsey's

154
00:09:08,160 --> 00:09:12,570
S1: business is AI, and this basically started like three days

155
00:09:12,570 --> 00:09:14,910
S1: ago or 18 months ago. I mean, it's a blink

156
00:09:14,910 --> 00:09:18,120
S1: of an eye and it's almost half of their business.

157
00:09:18,120 --> 00:09:20,319
S1: And so here's a question how much of their business

158
00:09:20,320 --> 00:09:23,140
S1: is crypto related? Okay. If you're trying to compare, you're

159
00:09:23,140 --> 00:09:26,860
S1: trying to be like, oh, they're both hype. Uh, huge difference.

160
00:09:26,860 --> 00:09:31,870
S1: Alibaba's coin models take the top three spots on hugging face.

161
00:09:31,870 --> 00:09:35,740
S1: And a lot of us competitors are lagging behind. And

162
00:09:35,740 --> 00:09:40,179
S1: this new leaderboard is testing models on tasks like solving

163
00:09:40,179 --> 00:09:43,959
S1: 100 word murder mysteries and high school math equations. I

164
00:09:43,960 --> 00:09:48,730
S1: love the more practical and real and not trackable or

165
00:09:48,730 --> 00:09:53,079
S1: hackable or cheat able. These benchmarks are, and I don't

166
00:09:53,080 --> 00:09:56,440
S1: like the fact that these Chinese models are doing so well.

167
00:09:56,440 --> 00:09:59,410
S1: I think it's disturbing. AI and drone tech are two

168
00:09:59,410 --> 00:10:03,190
S1: places we absolutely need to be beat. China. People in

169
00:10:03,190 --> 00:10:08,180
S1: high income democracies are increasingly satisfied with how democracy dissatisfied

170
00:10:08,179 --> 00:10:12,800
S1: with how democracy is working. Since 2021, satisfaction has dropped

171
00:10:12,800 --> 00:10:16,460
S1: significantly in countries like Canada, Germany, Greece, South Korea, the UK,

172
00:10:16,490 --> 00:10:20,180
S1: the US and this is fine. A study showed that

173
00:10:20,179 --> 00:10:24,050
S1: loneliness in midlife is linked to believing in conspiracy theories.

174
00:10:24,050 --> 00:10:26,420
S1: And if I design an education curriculum, one of the

175
00:10:26,420 --> 00:10:29,090
S1: main themes will be hard work is leads you to

176
00:10:29,090 --> 00:10:32,100
S1: an easy life. Laziness leads you to a hard life

177
00:10:32,100 --> 00:10:35,339
S1: and the concept of resilience. And honestly, I would focus

178
00:10:35,340 --> 00:10:37,770
S1: a lot on the Stoics, but let me just pull

179
00:10:37,770 --> 00:10:41,430
S1: it up. Yeah, I love this graphic. Absolutely love this graphic.

180
00:10:41,429 --> 00:10:43,679
S1: It's just great. I'm gonna zoom in, look at this,

181
00:10:43,679 --> 00:10:47,970
S1: make hard decisions. Really, this kind of means discipline, right?

182
00:10:47,970 --> 00:10:51,900
S1: If you climb this mountain, you're you're doing self-discipline. And

183
00:10:51,900 --> 00:10:54,780
S1: you get to an easy life, easy decisions like, okay,

184
00:10:54,780 --> 00:10:58,500
S1: we're watching Netflix, we're doing cannabis, and boom, you slide

185
00:10:58,500 --> 00:11:01,530
S1: down here and now you're so far away from an

186
00:11:01,530 --> 00:11:04,290
S1: easy life. Now you have a hard life. Really powerful. Okay,

187
00:11:04,290 --> 00:11:08,340
S1: discovery project Nap time, Google's new AI framework for vulnerability

188
00:11:08,340 --> 00:11:12,630
S1: research lets humans take regular naps while it mimics human

189
00:11:12,630 --> 00:11:15,420
S1: security researchers. So it's just going to go off and

190
00:11:15,420 --> 00:11:18,150
S1: do its thing. The human could go away and it's

191
00:11:18,150 --> 00:11:21,370
S1: working on its whole thing. These frameworks just keep getting better.

192
00:11:21,370 --> 00:11:24,790
S1: So remember when we saw Will Smith eating the spaghetti

193
00:11:24,790 --> 00:11:26,709
S1: and it was like rah rah, rah. His mouth was

194
00:11:26,710 --> 00:11:29,080
S1: like giant. It was like totally messed up. The same

195
00:11:29,080 --> 00:11:32,199
S1: thing is going to happen with hacking frameworks, but there's

196
00:11:32,200 --> 00:11:34,660
S1: going to be a place at the top. Top 5%,

197
00:11:34,660 --> 00:11:38,020
S1: top 10%, top 1%. Depends where you cut it. But

198
00:11:38,020 --> 00:11:41,469
S1: either way, it's a small percentage, but still quite a

199
00:11:41,470 --> 00:11:45,760
S1: bit of room that basically only the really, really advanced

200
00:11:45,760 --> 00:11:49,990
S1: human testers can do right. If you find the top 1%

201
00:11:49,990 --> 00:11:54,160
S1: of pen testers bug bounty people or say, the 1%

202
00:11:54,160 --> 00:11:56,290
S1: or 1%, right? Which is still a lot of people,

203
00:11:56,290 --> 00:11:59,320
S1: keep in mind, 1% of 1% is still a lot

204
00:11:59,320 --> 00:12:02,530
S1: of people in in a very large space. Okay. And

205
00:12:02,530 --> 00:12:05,319
S1: bug bounty is pretty small, but pen testers are much,

206
00:12:05,320 --> 00:12:09,690
S1: much larger. But either way, let's just call it manual testers. 1%

207
00:12:09,690 --> 00:12:13,440
S1: of 1% of manual testers. They are doing things that

208
00:12:13,440 --> 00:12:16,980
S1: automation can't really do, and most manual testers can't really do,

209
00:12:16,980 --> 00:12:19,260
S1: and it's going to take a very long time. I

210
00:12:19,260 --> 00:12:22,290
S1: don't know how long maybe it's going to take full

211
00:12:22,290 --> 00:12:26,610
S1: AGI and possibly ASI and a whole lot more tricks

212
00:12:26,610 --> 00:12:30,000
S1: or anti hobbling in terms of the tool sets to

213
00:12:30,000 --> 00:12:32,880
S1: be able to replicate what they do. but the other

214
00:12:32,880 --> 00:12:36,929
S1: 90 to 90 5% or 99% or whatever it is

215
00:12:36,929 --> 00:12:41,400
S1: that is work that an average manual tester is doing.

216
00:12:41,400 --> 00:12:45,300
S1: Those frameworks will these frameworks will be able to copy

217
00:12:45,300 --> 00:12:47,910
S1: that very soon, I would say, in the next couple

218
00:12:47,910 --> 00:12:51,959
S1: of years, even now and even next year. And, you know,

219
00:12:51,960 --> 00:12:55,890
S1: it's just kind of spinning up. So imagine manual testing

220
00:12:55,890 --> 00:12:58,770
S1: massively being attacked. But does that mean it could do

221
00:12:58,770 --> 00:13:02,459
S1: everything that a really advanced attacker can do? No. And

222
00:13:02,460 --> 00:13:05,160
S1: that won't happen for quite some time. And the final

223
00:13:05,160 --> 00:13:07,530
S1: thing I say on this is these frameworks will be

224
00:13:07,530 --> 00:13:11,280
S1: used by all attackers and defenders, because you'll have to.

225
00:13:11,280 --> 00:13:14,790
S1: And the window between new vulnerabilities and either exploitation or

226
00:13:14,790 --> 00:13:19,650
S1: mitigation will shorten dramatically. So basically when everyone's running these

227
00:13:19,650 --> 00:13:23,290
S1: tools and they're constantly going, and the moment you have

228
00:13:23,290 --> 00:13:26,410
S1: a new name published, it's instantly going to go find

229
00:13:26,410 --> 00:13:28,540
S1: all the subdomains. It's instantly going to go find all

230
00:13:28,540 --> 00:13:30,339
S1: the hosts. It's going to look at the hosts, it's

231
00:13:30,340 --> 00:13:32,560
S1: going to fingerprint them. It's going to do that. And

232
00:13:32,559 --> 00:13:35,110
S1: the defender needs to be doing that because the attacker

233
00:13:35,110 --> 00:13:37,479
S1: is going to be doing that right. And if there's

234
00:13:37,480 --> 00:13:41,050
S1: something vulnerable, oh, it's an open Postgres or whatever it

235
00:13:41,050 --> 00:13:44,230
S1: is and there's data in there. Well that is just

236
00:13:44,230 --> 00:13:46,510
S1: going to kick off an agent framework. It's going to

237
00:13:46,510 --> 00:13:48,550
S1: go download the stuff, it's going to parse the stuff.

238
00:13:48,550 --> 00:13:51,130
S1: It's going to turn it into a ransomware email. It's

239
00:13:51,130 --> 00:13:53,260
S1: going to find the people it should send that ransomware

240
00:13:53,260 --> 00:13:55,569
S1: email to. And like all this is just going to

241
00:13:55,570 --> 00:13:58,480
S1: be automated with AI. And so the defenders have to

242
00:13:58,480 --> 00:14:01,240
S1: be doing the exact same thing so they can block

243
00:14:01,240 --> 00:14:04,359
S1: it and do it beforehand. And importantly, when a new

244
00:14:04,360 --> 00:14:07,480
S1: vuln pops up or a new attack surface pops up,

245
00:14:07,480 --> 00:14:12,110
S1: the time between it coming available and either defense moving

246
00:14:12,110 --> 00:14:15,439
S1: on it, or attacker moving on, it is going to become,

247
00:14:15,440 --> 00:14:19,460
S1: you know, minutes or seconds instead of hours or days

248
00:14:19,460 --> 00:14:22,430
S1: or weeks or years. Extending Burp Suite for fun and

249
00:14:22,430 --> 00:14:27,860
S1: Profit a guide by Federico Dota 11 labs text, audio.

250
00:14:27,890 --> 00:14:31,130
S1: They've launched a new iOS app that sounds really good.

251
00:14:31,130 --> 00:14:34,650
S1: I mean, it sounds exactly like real people. I can't

252
00:14:34,650 --> 00:14:37,680
S1: tell the difference. Claud projects new feature in Claude. That's

253
00:14:37,680 --> 00:14:42,780
S1: Anthropic's answer to OpenAI assistance DApp, your new platform where

254
00:14:42,780 --> 00:14:46,620
S1: publishers set a price for using their content in model training.

255
00:14:46,620 --> 00:14:49,440
S1: Kind of like selling your medical data or something. A

256
00:14:49,440 --> 00:14:53,880
S1: Better Paradise Absurd ventures new podcast looks to elevate a

257
00:14:53,880 --> 00:14:58,380
S1: fictional episodic series with a billionaire leading the world towards

258
00:14:58,380 --> 00:15:01,050
S1: a digital dystopia. I actually want to go listen to

259
00:15:01,050 --> 00:15:03,150
S1: this and recommendation of the week. As soon as you

260
00:15:03,150 --> 00:15:05,190
S1: get a chance, go for a ride in a Waymo

261
00:15:05,190 --> 00:15:09,450
S1: in San Francisco. It is. It's open to everyone. Now

262
00:15:09,450 --> 00:15:11,250
S1: you basically just go get the app and you pay

263
00:15:11,250 --> 00:15:13,350
S1: for it or whatever. But it used to be a

264
00:15:13,350 --> 00:15:17,790
S1: closed like alpha or beta, but it is a remarkable experience.

265
00:15:17,790 --> 00:15:20,040
S1: And what I want you to do when you're in

266
00:15:20,040 --> 00:15:22,660
S1: there is watch the screen in the vehicle and look

267
00:15:22,660 --> 00:15:27,100
S1: at all the dozens or hundreds of things that it

268
00:15:27,100 --> 00:15:30,640
S1: is tracking. So you will see the dog across the street,

269
00:15:30,640 --> 00:15:33,610
S1: you will see the bicyclist. You will see the bicyclists,

270
00:15:33,610 --> 00:15:37,359
S1: multiple bicyclists moving in different directions. You will see people

271
00:15:37,360 --> 00:15:38,770
S1: on the side of the road. You will see when

272
00:15:38,770 --> 00:15:41,380
S1: they cross over into the street. And what you realize

273
00:15:41,380 --> 00:15:43,780
S1: is like, that's a lot of stuff to be tracking

274
00:15:43,780 --> 00:15:47,620
S1: all at once. And then you realize how distractible you

275
00:15:47,620 --> 00:15:51,280
S1: are as a human. You realize how distractible most drivers

276
00:15:51,280 --> 00:15:54,580
S1: are as humans. You realize the statistics of how many

277
00:15:54,580 --> 00:15:58,720
S1: bicyclists get hit constantly, every single year and, you know,

278
00:15:58,720 --> 00:16:02,980
S1: either injured or sometimes killed. And the reason isn't like

279
00:16:02,980 --> 00:16:06,580
S1: evil drivers. The reason is humans are bad drivers. I mean,

280
00:16:06,580 --> 00:16:08,770
S1: there's going to come a point at some point in

281
00:16:08,780 --> 00:16:11,030
S1: the future where it's like, you mean you really just

282
00:16:11,030 --> 00:16:15,500
S1: had people and they were manually controlling these cars right

283
00:16:15,500 --> 00:16:19,700
S1: next to pedestrians and right next to bicyclists? Like, how

284
00:16:19,700 --> 00:16:23,510
S1: were they watching everything? Well, well, the idea is the

285
00:16:23,510 --> 00:16:26,810
S1: human driver would look forward and they would just watch everything.

286
00:16:26,810 --> 00:16:30,260
S1: It's like, yeah, yeah, but but they can't see behind them. Well,

287
00:16:30,260 --> 00:16:33,090
S1: you just you just look behind you. That's all you do.

288
00:16:33,120 --> 00:16:35,310
S1: You just look behind you. Well, yeah, but then you're

289
00:16:35,310 --> 00:16:38,190
S1: not looking forward. Well, well yeah. But but when you

290
00:16:38,190 --> 00:16:40,110
S1: need to look forward, you just turn around again. And

291
00:16:40,110 --> 00:16:42,270
S1: then you look forward and you can look side to side.

292
00:16:42,270 --> 00:16:45,540
S1: It worked, it worked. It worked for a while. It's

293
00:16:45,540 --> 00:16:49,890
S1: like explaining that to somebody who has who's been driven

294
00:16:49,890 --> 00:16:54,060
S1: around in automated vehicles that watch everything all the time

295
00:16:54,060 --> 00:16:58,170
S1: and never blink, never get tired, never get sleepy. Never

296
00:16:58,170 --> 00:17:01,590
S1: check text messages. They just watch everything all the time

297
00:17:01,590 --> 00:17:05,550
S1: and can instantly, like swerve the car, stop the car,

298
00:17:05,550 --> 00:17:08,430
S1: do whatever. If someone does something stupid on a bike,

299
00:17:08,430 --> 00:17:10,770
S1: they hit a pothole. They fall in the road in

300
00:17:10,770 --> 00:17:12,840
S1: front of you. Like what are the chances? You're just

301
00:17:12,840 --> 00:17:16,080
S1: going to miss that because it's dark, or because you're tired,

302
00:17:16,080 --> 00:17:18,630
S1: or because you've been working three jobs and you're falling

303
00:17:18,630 --> 00:17:21,580
S1: asleep or whatever the reason. So think about that when

304
00:17:21,580 --> 00:17:23,709
S1: you're looking at the screen in a Waymo and the

305
00:17:23,710 --> 00:17:27,070
S1: aphorism of the week, every event has two handles, one

306
00:17:27,070 --> 00:17:29,140
S1: by which it can be carried and one by which

307
00:17:29,170 --> 00:17:32,140
S1: it can't. Every event has two handles, one by which

308
00:17:32,170 --> 00:17:35,530
S1: it can be carried and one by which it can't. Epictetus.

309
00:17:36,850 --> 00:17:39,970
S1: Unsupervised learning is produced and edited by Daniel Miessler on

310
00:17:39,970 --> 00:17:44,590
S1: a Neumann U87 AI microphone using Hindenburg. Intro and outro

311
00:17:44,590 --> 00:17:47,920
S1: music is by Zomby with the Y, and to get

312
00:17:47,920 --> 00:17:49,990
S1: the text and links from this episode, sign up for

313
00:17:49,990 --> 00:17:55,630
S1: the newsletter version of the show at Daniel miessler.com/newsletter. We'll

314
00:17:55,630 --> 00:17:56,470
S1: see you next time.