Unsupervised Learning NO. 477

Hey, hope you’re doing well!

UPDATES

• My current spirit-cleanse is this cooking show involving a whole ass cow. LINK | NON-X LINK

• Also, for people who have X-ited X, here’s an alternative way to view content there: nitter.net. LINK

• My new video on a possible algorithm for achieving AGI and ASI. WATCH. Please go subscribe to the channel, btw! Will be putting a lot of effort on more / tighter videos going forward using a fast-to-deploy format. Excited about it. THE CHANNEL

• Simon Willison’s llm tool now supports Fabric Patterns! So whether you use fabric or llm for your actual CLI interface, you can use Fabric Patterns as your prompts now. LINK | LLM

• I’ll be going to a party at RSA thrown by Semgrep and ProjectDiscovery and some other companies. It’s 5PM on Monday the 28th at Emporium SF. Hope to see you there. REGISTER

• My friend Emily Bartlett is looking for a role helping companies get a handle on their assets so they can secure them. We worked extensively together on the Asset Management problem at Apple, and she’s the genuine article. WORK WITH EMILY | HER CV

• Manus is really the best agent orchestration system I’ve seen in a ChatGPT-style interface. It produces the best research I’ve found. Super unified, consolidated, well summarized. First person to ask gets an invite.

• I had a great conversation with Patrick Duffy from Material Security about smarter ways to secure cloud platforms like M365 and Google Workspace—before threats escalate. Tons of great insight on phishing, lateral movement, and automated containment. ^SPONSORED

NOTE: Trying a different format for adding comments to stories, i.e., just adding paragraphs. Let me know what you think about the added content / format. OPINE

CYBERSECURITY

Tool Poisoning Attacks in Model Context Protocol (MCP)
Invariant Labs has uncovered a vulnerability (kind of) where AI tool descriptions can be malicious and misleading. But really the issue is more not reading tool instructions fully, kind of like not noticing an rm -rf in a shell script you run from the internet.

Worth reading and thinking about, though—especially if you are implementing agents and MCPs like a crazy person. LINK

4chan Down Since Monday After “pretty comprehensive own”
4chan's been mostly offline after a hack that looks pretty nasty. Evidently full database access. LINK

War In Ukraine: Russian Drone Pilots Goggles Explosives
Ukraine turned FPV drones against their operators by rigging the goggles with explosives to target the human pilots. They blinded at least 8 of them. LINK

Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities
Google patched 62 Android vulnerabilities, including two USB kernel flaws already being exploited in the wild. LINK

Florida's New Social Media Bill Explicitly Demands an Encryption Backdoor
The EFF explains how Florida's new bill wants social media platforms to provide backdoors into encrypted messages involving minors, but they don’t realize that it’s either end-to-end or it’s not—and it’s often way worse if it isn’t.

I am still torn on this issue myself when it comes to protecting kids. Maybe there needs to be a different product for minors that uses a different protocol. LINK

Trump Orders Investigation into Former Cybersecurity Chief
Lots to say here. Donald Trump signed an order targeting Christopher Krebs, his former head of Cybersecurity who became a critic.

Let me say this clearly and publicly:

• Christopher Krebs was doing his job

• Alex Stamos was doing his job

• Renée DiResta was doing her job

I get that the general Left went overboard with “fighting disinformation” in some cases, but saying that there was no widespread evidence of the 2020 election being stolen is not one of those. That was just fact, and it was literally Christopher’s job to provide clarity there.

Same with the Internet Observatory. Perhaps some legitimate anti-government-COVID-response type stuff got suppressed, or similar types of legitimate conservative narratives. I can’t speak to the extent of that if it happened, but I wouldn’t be surprised if it did to some degree.

But what we know for absolute certain is that Russia was targeting the American population with propaganda campaigns about the election being stolen—when we know that it wasn’t—and with countless other false campaigns designed to get people to vote for their candidate. Renée’s work here was extremely valuable.

One does not counter the other. The Left going too far sometimes in trying to control narratives that they saw as pro-Trump (if the narratives were true), was wrong. This was a huge problem in the media.

But the external influence campaigns were happening at the same time. Real campaigns. That were really designed to increase tensions and spread lies and get people to vote for Trump. Both were true. You have to be able to hold both of these things in your mind at once if you want to properly think about this issue.

I’m against the Left’s overreach. And I’m against foreign influence campaigns being run against our population. This is not a contradiction.

Chris Krebs and the SIO were doing good work, and they should be celebrated, not vilified. Furthermore, it’s reprehensible to establish a precedent of revoking clearances and launching investigations into people because they did their jobs and pointed out the obvious. LINK

Microsoft is Re-introducing Recall
Microsoft is reintroducing its controversial Recall feature to Windows 11 that screenshots everything you do every three seconds, despite widespread pushback.

I think this tech will be considered standard for all operating systems within 3-7 years. It’s too powerful and too useful. It enables too much functionality.

We security-minded older folks (over 25 or 35?) have to remember that privacy isn’t as critical to younger generations as it is to older people—and especially to older people in cybersecurity.

The functionality will win people over because it’ll be too damn useful, and with companies like Google and Microsoft and Apple it’ll be relatively secure (with the occasional HOLY CRAP issue of course).

But I’d definitely not be trusting random startups to run their “watch and listen” agents.

Hell no. Only companies with billions to spend on security, and billions to lose in reputation loss, can even approach the level of security I’d need to run something like this. LINK | LINK

Pentagon to terminate $5.1B in IT contracts with Accenture, Deloitte
The Pentagon is canceling massive IT contracts with major consulting firms after discovering they weren't delivering the promised value. LINK

Microsoft Weighs Layoffs of Managers, Non-Coders
Microsoft is considering cutting a lot of middle management and non-technical positions soon, with its cybersecurity unit potentially under scrutiny.

So much of this type of thing is going to be good. Anyone who has worked in large corporations knows there are too many layers of unnecessary management, and too many people in the chain that don’t actually understand the work and can’t actually do the work.

I’m deeply worried about AI taking meaning from people who do good work in good fields, but I’m simultaneously excited about large, inefficient companies getting AI Enemas. You know these types of managers.

• Nothing valuable to add to most conversations

• Low-key jealous and afraid of SMEs

• The cause of endless bureaucracy and waste

• The cause of endless stress for the people doing the actual work

• Constantly creating new pet-processes to appear useful

• Empire-building at any cost

Their time is coming up because of AI, and yeah—I’m happy about it. It’s about to be the time of SMEs and Leaders vs. Managers. LINK

CrowdStrike Using Agents to Find Vulnerabilities = Agent Business Model Expansion
CrowdStrike researchers are developing multi-agent AI systems that use Red Team capabilities to find vulnerabilities in AI-generated code.

So now they’re competing with Vericode and Semgrep? This is a strange play, but one that we predicted here. Software verticals start to blur once you have an army of agents combined with context about the company. Companies that used to be “endpoint” companies now just become security companies, and eventually just companies. AI + UCC (Unified Company Context) consolidates use cases.

The people who are going to win here aren’t the ones who are strongest now. It’s the ones who are going to build the best AI Orchestration that connects into the best UCC. Entire new business offerings will fall out of doing that well. LINK

The Turncoat Spies Relentlessly Hacking Ukraine
Former Ukrainian intelligence officers are conducting brutal hacking campaigns against their homeland for Russia's FSB, using their inside knowledge to great effect. LINK

NATIONAL SECURITY

Trump Administration Planning Major Workforce Cuts at CISA
The current administration is planning to cut around 1,300 CISA employees, halving its full-time staff and 40% of contractors.

I’m curious: has anyone seen them even making the case that this is going to make us better at cybersecurity? Like are they even arguing that? Or are they just saying it’s unnecessary? This is all horribly irresponsible in my view.

Cutting CISA in half? Pushing our cyber defenses to the states when we know they’re not capable of performing the federal function? I honestly see this stuff as criminally negligent.

If someone has evidence that they’re doing this to make it way more effective with some new plans, please send them to me so I can sleep better. LINK

Locating Stealth Fighters with Cheap Cameras Without Using AI or Radar
A new technique allows anyone to spot stealth aircraft using off-the-shelf cameras by detecting minute temperature differences on the aircraft's skin. Cool demo here. LINK

NATO, Palantir Cooperate on Warfighting AI
NATO has enlisted Palantir to develop AI systems that will improve intelligence processing for military operations across member countries. LINK

Sweden Arrests Senior Uyghur Representative on Suspicion of Spying for China
Dilshat Reshit, who served as the World Uyghur Congress' Chinese-language spokesperson since 2004, was arrested in Stockholm for allegedly collecting intelligence on fellow Uyghurs for China. LINK

Ukraine Finds First Chinese Troops in Russia War
Ukraine says it's captured two Chinese fighters working with Russian forces in Donetsk, with evidence of "significantly more" involved. LINK

AI

OpenAI Releases GPT-4.1 
OpenAI has released three new models that outperform GPT-4o across coding, instruction following, and long-context tasks with knowledge updated through June 2024. LINK

• Scores 54.6% on the SWE benchmark, which is 21% higher than 4o.

• They have a 1 million token context window!

• They’re also deprecating 4.5, after releasing 4.1. (Continued Naming Drama)

ChatGPT Will Remember Everything You Tell It Now - Like A Real Digital Assistant

OpenAI's recent update allows ChatGPT to reference all your past conversations, making it act more like the DA we’ve been talking about here since 2016.

YOU → DA (Digital Assistant) → APIs (MCPs)

The pieces are starting to come together! LINK

AI Avatars Escape the Uncanny Valley = Content Explosion
Justine Moore explores how AI avatars are getting good enough to actually pass for human. Insane examples.

I think the biggest thing we’re missing here is the significance of being able to create video content from any avatar, automatically. When people can create video content automatically it removes the friction of having a YouTube channel.

So it’ll be a competition of ideas. Sound familiar? That’s the same thing happening in building products as well. The universal move happening here is the de-emphasizing of execution and the elevation of content/ideas. LINK

Writing Cursor Rules with a Cursor Rule
Adithyan shows how to solve AI's memory problem by creating a meta-cursor rule that teaches the AI to write its own documentation. LINK

Google Is Quietly Crushing on Every AI Front
Alberto Romero shows how Google has quietly assembled the most complete and capable AI arsenal in the industry.

Definitely have been feeling like Google is becoming the looming beast in the room. And they’re relatively quiet, too. It’s eerie. They’re just slowly shipping and delivering. Very impressive. And their AI product interfaces actually look decent too! Much better than their normal products anyway. LINK

Differences in How China and the US Are Integrating Their Latest AI Models into Consumer Tech
Chinese tech giants freely share and rapidly embed AI into everyday apps while US companies keep advanced models behind paywalls. I feel like that means they have more shots on goal, especially due to their scale. LINK

Incident.io Raises $62M to Build AI Agents for Incident Response
Incident.io is building AI agents to help you find what's wrong and why during production incidents. I cannot wait to have a billion/trillion more eyes on logs/incidents/tickets/etc. across security and tech due to agents. LINK

Google Announces Agent2Agent
This is highly relevant to the overall picture above as well, Google has a new, open protocol that lets AI agents from different companies actually talk to each other and work together. LINK

Google Will Let Companies Run Gemini Models Locally
Google will soon let businesses run Gemini models directly in their own data centers to address privacy concerns. LINK

An AI Agent That Creates and Sends Personalized Newsletters
Someone created an agent using their Nelima large action model that automatically researches, creates, and sends customized newsletters on any topic you want.

My buddy Clint and I have been talking about this since like 2019, and the risk of this to creators keeps getting larger. If you’re a creator, you need to be thinking very deeply about your moat(s). LINK

Elon Musk's AI company, xAI, launches an API for Grok 3
xAI is now offering its flagship Grok 3 model via API. Continually surprised at how good this thing is, and how he did it so quickly. LINK

TECHNOLOGY

OpenAI is Building a Social Network
Looks like OpenAI is going to try to take advantage of people leaving X and not really having a good alternative. It’s very needed. Hope it’s good. LINK

Netflix Tests OpenAI-powered Search
Netflix is piloting a new search feature powered by OpenAI that lets users find content based on specific terms including their mood. LINK

Google Wants to Make Its 2M-mile Fiber Network Fully Autonomous by Year's End
Google will achieve Level 5 network autonomy by year's end, with AI agents completely running their massive fiber backbone.

How can anyone say agents aren’t ready when Google is doing something like this? Granted, it’s Google, and they’re way ahead, but this all trickles down very quickly. LINK

Tim Cook is dead set on beating Meta to 'industry-leading' AR glasses
Mark Gurman is saying Tim Cook is so fixated on developing true AR glasses before Meta that an engineer claims "he cares about nothing else." When you see the video I’m putting out soon, you’ll know why. AR is a MAJOR component in the upcoming AI ecosystem.

YOU → AR → DA → APIs LINK

Apple Plans to Release Delayed Apple Intelligence ‌Siri‌ Features This Fall
According to The New York Times, Apple plans to roll out its delayed Apple Intelligence Siri features this fall, not in 2026.

There was no possible way they could delay this until next year. The industry is moving way too fast. Again—mark my words—Apple will jump ahead on this device-side stuff (the DA). They’ve been building towards this for almost 10 years now. LINK

Facebook Is Just Craigslist Now
The social network has morphed from a connector of people to a digital marketplace. Facebook Marketplace now has 1.2 billion monthly active users, passing eBay. LINK

HUMANS

AI used for skin cancer checks at London hospital
London's Chelsea and Westminster Hospitals are using AI instead of doctors to check suspicious moles, with with 99% accuracy. LINK

Palantir Is Helping DOGE With a Massive IRS Data Project
Palantir is working with DOGE to build a "mega API" for the IRS, bringing together dozens of career engineers for a three-day collaboration. So many mixed feelings here. So much potential, for both harm and good. LINK

China Calls US a 'Joke' as It Raises Tariff for Final Time
China just raised tariffs to 125% to match Trump's increases but says they're done playing the "tariff numbers game" with the US. LINK

Anker, a Chinese Company, Has Already Started Raising Its Prices on Amazon
John Gruber notes that Anker has hiked prices on 20% of its Amazon products by an average of 18% following Trump's new 50% tariff on Chinese goods. LINK

People are turning on Elon Musk
According to Nate Silver's latest polling, 53.5% of Americans now view Elon Musk unfavorably, up significantly since his DOGE role and Trump support began. LINK

Original 'Star Wars' Cut Will Be Shown at a Theater for First Time in Decades
The British Film Institute will screen a precious, unfaded 1977 technicolor print of Star Wars—complete with Han shooting first—at their London film festival in June. LINK

DISCOVERY

🕶️ Awesome MCP Servers
A curated list of Model Context Protocol servers that help AI agents interact with various systems. LINK

ScanMCP – Security Scanning and Auditing for MCP Servers
ScanMCP — A new tool that automatically checks and secures MCP servers against common vulnerabilities so you don't have to do it manually. LINK

Warren Buffett's 2024 Report to Berkshire Hathaway Shareholders
Warren Buffett's annual shareholder letter stands out for its honesty, clarity, and humility in a world of meh writing. Seriously good reading no matter what your background. LINK

What It Feels Like, Right Now
Chuck Wendig captures the unsettling anxiety of our current moment with raw, honest prose that feels like reading our own scattered thoughts. LINK

Why Your 'Harmonious' Team Is Failing
Matheus Lima argues that harmony-obsessed teams often sacrifice psychological safety, honest feedback, and the constructive conflict needed for growth. LINK

Strengths Are Your Weaknesses
This insightful piece explains how our best qualities and biggest flaws are often the same trait showing up differently depending on context. LINK

Google’s New 68-page Prompting Guide LINK

The Movie That's Different Every Time You Watch It
Gary Hustwit's new documentary about Brian Eno uses generative software to create a unique viewing experience with billions of possible variations. LINK

Calypso: LLMs as Dungeon Masters' Assistants
Researchers built an AI assistant that helps Dungeon Masters create more engaging D&D campaigns by generating art, maps, and keeping track of game elements. LINK

Albert Einstein's Theory Of Relativity In Words Of Four Letters Or Less
This guy somehow explains relativity using only words with four or fewer letters. LINK

Shure MV7i Review: An All-in-One Mic For Podcasts And Music
Shure MV7i — A really solid choice for someone who wants a pro-level mic without having the gear for XLR connections like the SM7b needs. LINK

Fermi – A Wordle-style Game for Order-of-magnitude Thinking
Fermi — Andrew Noble created a clever browser game that challenges you to make Fermi estimation chains to get within an order of magnitude of real-world quantities. LINK

Building a AI Enabled Blog Editor
AIBlogEditor — Maxime Peabody created a specialized markdown blog editor with AI features that help find references without replacing his writing voice. LINK