Unsupervised Learning: No. 185
Unsupervised Learning8 Heinä 2019

Unsupervised Learning: No. 185

The Telegraph has found strong links between Huawei employees and Chinese intelligence agencies. The Huawei counter was that this was extremely common among telecom companies, and that it wasn't a big deal. The counter to that counter was, basically, "Well, then why did you try to hide it?" /gg More

The NPM security team caught a malicious package designed to steal cryptocurrency. A lot of these packages work by uploading something useful, waiting until it's used by lots of people, and then updating it to have the malicious payload. My buddy Andre Eleuterio did the IR on the situation there at NPM, and said they're constantly improving their ability to detect these kinds of attacks. Luckily NPM's security team had the talent and tooling to detect such a thing, but think of how many similar companies aren't so equipped. I think any team that's part of a supply chain should be thinking about this type of attack very seriously. More

Federal agents are mining state DMV photos to feed their facial recognition systems, and they're doing it without proper authorizations or consent. To me this has always been inevitable because—as Benedict Evans pointed out—it's a natural extension of what humans already do. You already have wanted posters. You already have known suspects lists. And it's already ok for any citizen or any cop to see any person on that list and report them. In fact it's not just possible, it's encouraged. So the only thing happening here is that process is becoming a whole lot more aware (through more sensors), and therefore more effective. Of course, any broken algorithms that identify the wrong people, or automatically single out groups of people without actual matches, those issues need to be snuffed out for sure. But we can't expect society to not use superior machine alternatives to existing human processes, such as identifying suspects in public. That just isn't realistic. Our role as security people should be making sure these systems are as accurate as possible, with as little bias as possible, by the best possible people. In other words, we should spend our cycles improving reality, not trying to stop it from happening. More

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(541)

UL NO. 485: STANDARD EDITION: Netflix RCE, My Current AI Stack, All-in on Claude Code, and more...

UL NO. 485: STANDARD EDITION: Netflix RCE, My Current AI Stack, All-in on Claude Code, and more...

STANDARD EDITION: Netflix RCE, My Current AI Stack, All-in on Claude Code, and more... You are currently listening to the Standard version of the podcast, consider upgrading and becoming a member to u...

19 Kesä 202536min

UL NO. 484: STANDARD EDITION: OpenAI's Malicious AI Report, Disappointed with WWDC, AI's First Actual Science Breakthrough, and more...

UL NO. 484: STANDARD EDITION: OpenAI's Malicious AI Report, Disappointed with WWDC, AI's First Actual Science Breakthrough, and more...

UL NO. 484: STANDARD EDITION: OpenAI's Malicious AI Report, Disappointed with WWDC, AI's First Actual Science Breakthrough, and more... You are currently listening to the Standard version of the podca...

12 Kesä 202543min

UL NO. 483 | STANDARD EDITION: A Chrome 0-Day, Meta Automates Security Assessments, New Essays, My New Video on Hacking with AI, Ukraine's Asymmetrical Attack, Thoughts on My AI Skeptical Friends, The Dangers of Winning the Wrong Game, and more...

UL NO. 483 | STANDARD EDITION: A Chrome 0-Day, Meta Automates Security Assessments, New Essays, My New Video on Hacking with AI, Ukraine's Asymmetrical Attack, Thoughts on My AI Skeptical Friends, The Dangers of Winning the Wrong Game, and more...

A Chrome 0-Day, Meta Automates Security Assessments, New Essays, My New Video on Hacking with AI, Ukraine's Asymmetrical Attack, Thoughts on My AI Skeptical Friends, The Dangers of Winning the Wrong G...

5 Kesä 202531min

The Future of Hacking is Context

The Future of Hacking is Context

Sponsored by Vanta. Vanta takes the busywork out of GRC so you can focus on what actually matters—improving your security, not chasing compliance. https://ul.live/vanta This isn’t just another AI podc...

3 Kesä 202533min

UL NO. 482 | STANDARD EDITION: AI Finds an 0-Day!, Postman Leaking Secrets, High Agency Mental Model, My Unified Entity Context Video, Github MCP Leaks Private Repos, Google vs. OpenAI vs. Apple on AI Vision, and more...

UL NO. 482 | STANDARD EDITION: AI Finds an 0-Day!, Postman Leaking Secrets, High Agency Mental Model, My Unified Entity Context Video, Github MCP Leaks Private Repos, Google vs. OpenAI vs. Apple on AI Vision, and more...

AI Finds an 0-Day!, Postman Leaking Secrets, High Agency Mental Model, My Unified Entity Context Video, Github MCP Leaks Private Repos, Google vs. OpenAI vs. Apple on AI Vision, and more... You are cu...

30 Touko 202531min

Unified Entity Context

Unified Entity Context

🔹 Thanks to ProjectDiscovery for sponsoring today’s video. I've been using their tools like Nuclei and Subfinder for years, and now they’ve brought that power to the cloud with a full vulnerability m...

15 Touko 202530min

Reviewing RSA 2025 with Jason Haddix

Reviewing RSA 2025 with Jason Haddix

What really happened at RSA 2024? Daniel Miessler and Jason Haddix break it down. Fresh off a whirlwind RSA week, Daniel sits down with Jason Haddix (Arcanum Information Security) to talk about what m...

8 Touko 20251h 21min

A Conversation with Bar-El Tayouri from Mend.io

A Conversation with Bar-El Tayouri from Mend.io

➡ Get full visibility, risk insights, red teaming, and governance for your AI models, AI agents, RAGs, and more—so you can securely deploy AI powered applications with ul.live/mend In this episode, I ...

6 Touko 202545min