Unsupervised Learning NO. 474

Hi! I hope your week’s starting well,

Updates on this side…

• I completely reset my email labels and filters this week. I’m migrating to AI workflows for this stuff and didn’t want the cruft that’s been accumulating for over a decade to weigh down the process. Such a clean feeling!

• Going to be trying out Karpathy’s idea of using a single Apple Note. LINK

• Ouch. Watch your API Key and IDE Agent Limits, kids. I know exactly what I did with a stupid web documentation fetch that wouldn’t stop but I was busy working on something else, but I now have a LOT more granular and restrictive controls over these things. My blood → your wisdom.

  

  Sponsored by Derp

• Go delete your 23andMe data. LINK

• Bad Urinals 🤣. Top comment is choice as well. LINK

• New obscure book recommendation: Fanged Noumena. LINK

• Was made emotionally leaky last night from this Great Measures rendition of Fade to Black, by Metallica. Absolutely love this channel! I want to learn more about this pianist and listen to whatever he listens to. LINK

• I’m getting into some Paulo Coelho. LINK | FIRST BOOK I’M DOING

MY WORK

I’ll be joining Caleb Sima and Edward Wu for a panel at Dropzone AI’s Security Frontiers 2025 on March 27. We’ll dig into where GenAI stands in security today—and where it’s headed. It’s virtual, free, and worth checking out. SIGN UP

CYBERSECURITY

Why White-Box Redteaming Makes Me Feel Weird — Zygi Straznickas shares his unsettling experiences with models appearing to express distress during advanced LLM safety testing techniques. "It just doesn't feel good to be responsible for making models scream. It distracts me from doing research and makes me write rambling blog posts." LINK

White House OPSEC Fail

The Whitehouse accidentally revealed Top Secret Houthi bombing plans to the editor of The Atlantic magazine. They shared the plans in a Signal group and didn’t realize the reporter was in there. The worst part? A message declaring “we are currently clean on OPSEC”, which the reporter also received. LINK | THE ATLANTIC STORY

AI Agents, Security, and Companies Like Microsoft

I got invited to a Microsoft media event last week in SF where they showed off all the AI Agent stuff in Copilot they’re talking about this week. Basically they’re adding Agents to tons of products under the banner of Copilot.

I had a single thought while spending like 3 hours talking to everyone from Red Team to Threat Intelligence to Incident Response people there:

Startups better hurry up, because what I saw in that room was the future.

And no—I’m not sponsored by Microsoft, or am I particularly inclined towards them. I’m just telling you what I’m seeing industry-wide.

Many of the Agents in the room could talk to Microsoft’s Vulnerability Management, and Identity and Access Management, and Asset Management solutions directly. All that context was available to these agents!

What I’m saying is the companies that are going to win this AI Security game are not necessarily the ones with the best AI/Agent tech, but the ones that can best leverage customer company context for their AI/Agent tech.

At first that will be startups because they’re the ones who can move faster, but startups will soon have a major disadvantage compared to companies like Microsoft in terms of getting access to unified company context. Shit that should be an acronym: UCC.

Other companies like Amazon and Databricks and such will work to create general UCC for companies, which will help because startups will be able to tap into that UCC, but the issue still remains.

You don’t want to be a startup trying to implement AI in a customer’s company when you don’t have access to their IAM, Asset Management, Vuln Management, Endpoints, Cloud State, Ticketing Systems, Documentation, etc. You will be blind, and you will lose to someone who has access to more/better context.

The main game for making AI useful / powerful will soon be gaining access to Unified Customer Context (UCC).

This is all especially relevant to Cybersecurity because security use cases really, really benefit from context, their identity, actions, history, etc.—across multiple systems. Also there’s the issue of Securing UCC, since it’ll be the most sensitive datastore in the entire company! All the juiciest bits in one place—an attacker/red-teamer’s dream.

MICROSOFT’S AGENTS ANNOUNCEMENT

—

Cloudflare launched an "AI Labyrinth" feature that messes with unauthorized AI scrapers by feeding them endless pages of irrelevant but real-looking content instead of blocking them. Classic honeypot / deception here. Love it. LINK

A rushed release of JFK assassination files exposed 400 Social Security Numbers and other sensitive data belonging to former congressional staffers, many of whom are now high-ranking officials. LINK

New cybersecurity compensation research shows high six-figure salaries aren't stopping 60% of security professionals from thinking about leaving their jobs within a year, which makes sense because why have loyalty in this environment? LINK

NATIONAL SECURITY

AI Scraping for National Security?

OpenAI is pressuring the Trump administration to allow copyright scraping for AI training, claiming America will "lose the AI race" to China without unfettered data access. LINK

A lot of people see this as corporate bullshit, trying to use security to give them an advantage. But it also happens to be true. China has no limitations on what it trains on. They steal whatever. Consume whatever. With 100% free reign.

The questions is: who do you want to have AGI/ASI more—the US or China? Trump makes that answer way harder, but my answer is still the US.

—

Americans are buying overseas residency and citizenship as a hedge against uncertainty in the US. LINK

China unveiled a deep-sea cable-cutting device capable of severing undersea communications at depths twice beyond where existing infrastructure operates. LINK

London's Heathrow Airport announced a full-day shutdown after a significant fire at a nearby electrical substation knocked out power to the entire facility. LINK

AI

François Chollet's Arc Prize Foundation created a new AI intelligence test that the best AI models are currently only scoring 1%, while humans get around 60%. LINK

Anthropic's Claude has (finally) added web search to its AI chatbot, catching up to ChatGPT with clickable citations. I want it in the API, though. LINK

And they’re apparently using Brave Search to power the web search feature, according to evidence found by developers. LINK

Gmail is rolling out an AI-powered search that ranks results based on relevance instead of just showing the newest emails first. Cool, but I want AI-based filters. LINK

TECHNOLOGY

Apple is updating AirPods Max next month to add lossless and ultra-low latency audio capabilities through a software update. Long time coming for this one. LINK

Long Switches — Matt Klad says that while -f type flags make sense for terminal commands, you should use --force style options (the long version) in your scripts for better readability. LINK

I Fear For the Unauthenticated Web — Seth Larson argues that the increasingly common "Sign in to continue" messaging on websites is destroying the open promise of the web. LINK

NVIDIA says they're investing hundreds of billions of dollars in US-manufactured chips over the next four years, shifting away from Asia amid Trump's tariff threats. This is exactly what Trump was trying to do with his policies, and it’s positive. But I worry the damage will be worse than the benefit. LINK

The NYPD has dramatically expanded its drone program, sending them to thousands of 911 calls while privacy advocates worry about the lack of transparency and potential for widespread surveillance. LINK

HUMANS

New research from Aalto University suggests Earth has way more people than the official 8.2 billion count due to major undercounting in rural areas. LINK

Tyler Cowen shares insights from his conversation with Ezra Klein about Klein's new book Abundance, where they tackle healthcare innovation, AI governance, and state capacity through a libertarian lens. LINK

Researchers have developed a new AI model called ECgMPL that can detect endometrial cancer with an astonishing 99.26% accuracy, far surpassing existing automated diagnosis methods. LINK

Amazon CEO Andy Jassy is removing management layers to fight bureaucracy, telling staff "the way to get ahead is not to accumulate a giant fiefdom." Very smart, and AI is about to do the same thing to org charts. LINK

Dave Kellogg explains the essential differences between a manager, director, and VP, with the VP being accountable for results regardless of who approved the plan. LINK

Jonathan Kipnis and his team discovered that rejuvenating the brain's lymphatic vessels improves memory in old mice by helping clear waste that contributes to cognitive decline. My question: how do I do that for me, a non-mouse? LINK

IDEAS

High Agency
I’ve been hearing this concept a lot in the last couple of months, and there are people arguing it’s one of the most important ideas out there. It’s also highly related to my H3 work, so I’m going to deep-dive on it. It’s roughly the ability to solve problems by believing they're not unsolvable if they don't defy physics. Or: A sense that the story given to you by other people about what you can/cannot do is just that - a story. LINK

How Much Do Flaws and Traumas Enhance Us?
I worry a lot about making life too easy, as a society, or as parents. It’s a timeless struggle where parents suffer and want to make sure their children don’t, but then end up making lesser adults. Loved this quote I saw earlier this week on this.

DISCOVERY

The Most Bitter People You’ll Ever Meet — A gut-punching 3 paragraph essay on grinding all the way to the top in this economy and ending up with nothing. LINK

Delphi AI – A new platform that lets you create and share a digital clone of yourself that can answer questions in your writing style. I might be setting this up for people in the UL community to use. LINK

LangManus — A new open-source tool that makes it easier to build autonomous agents using LangChain and LangGraph without writing tons of code. LINK

pure.md — A clever new browser hack that lets you read any paywalled content by simply adding "pure.md/" to the beginning of any URL. LINK

The Rise of Agentic AI is out, and I had the chance to contribute. It looks at how AI agents are starting to plan, adapt, and act on their own—shifting from tools to collaborators. The implications are significant, and we’re just getting started. MORE

Personal Best — A neat little tool that shows which personal blogs are most popular on Hacker News, giving you fresh reading material from individual creators. LINK

I Recommend Against Brave LINK

Circuit-Tutor — This neat little tool lets you describe simple circuits in plain English and get both schematics and interactive explanations for folks who need EE refreshers. LINK

GoAct — A new tool that turns your text or files into browser-based explainer videos with AI-generated narration, animations, and smart transitions. LINK

Osgint — A new GitHub OSINT tool that scrapes public user info including emails, organizations, and repositories without requiring authentication. LINK