Unsupervised Learning NO. 482

UPDATES

Hey, hope you’re doing well!

Lots of updates and stories and analysis this week!

• 🤯 If you still doubt that AIs are able to reason, you need to watch this segment of two Anthropic researchers talking with Dwarkesh Patel. I found the exact segment for you. What they talk about throughout this episode is that the model is 100% abstracting specifics into larger abstractions, figuring out what causes what, and reasoning through problems much like humans do. It’s a fantastic segment, even if you already accept that AI’s can reason. WATCH THE SEGMENT | CIRCUITS RESEARCH BLOG | ANTHROPIC RESEARCH

• ➡️ If you were part of the 23andMe breach, you can submit a claim to receive between $500 and $1,500 before July 14th. I submitted one. SUBMIT A CLAIM

• I made one of those Veo3 Trapped AI Videos VIDEO

🔥🔥🔥 My New Video About AI Context. ONE OF MY FEW MUST SEE VIDEOS 👇🏻👇🏻👇🏻

🔥 My friend Ali is looking for a new hybrid/onsite position in the New York area doing backend development. She’s an absolute force.

• MIT Grad (MEng + BS in EECS)

• 3 years backend engineer experience

• Founder and DevRel experience

• Wrote Golang in previous role, experienced in Python, but can pick up any language as needed

• Strong communication / soft skills

• Strong public speaking, documentation, and project organization

• Works hard at work and outside of work

• Side projects include building her own linux distro, organized the Net Gala

• Also shares her learnings via highly technical content creation across multiple platforms

I’ve known her and watched her career for years and she’s a brilliant developer and super creative. She’ll be snatched up soon. Don’t miss your chance. PING HER DIRECTLY VIA LINKEDIN

CYBERSECURITY

Unit 42 Develops Agentic AI Attack Framework

Palo Alto’s (also the sponsor this week) research team simulated a full ransomware attack in just 25 minutes using AI agents, representing a 100x speed increase compared to traditional methods. THE ARTICLE | PALO ALTO’S CLOUD SECURITY GUIDE

Recent Cybersecurity Job Openings Across The Globe

I continue to like Helpnet Security’s posting of different cybersecurity roles available worldwide. Includes roles from CISOs to penetration testers, with positions including remote, hybrid, and on-site. THE LATEST JOB LISTINGS

Postman Is Logging All Your Secrets And Environment Variables

Postman (the most popular API testing software) stores API keys and secrets in plaintext logs that sync to their cloud by default. Consider reconfiguring or finding an alternative. THE ARTICLE | HACKER NEWS COMMENTS

o3 to Found a Remote Linux Kernel Zero-Day

Sean Heelan demonstrates how OpenAI's o3 model discovered a zero-day vulnerability in the Linux kernel's SMB implementation. And this was with just basic API calls and no specialized tooling.

This is another example of something I’ve been talking about a lot recently: scaffolding is extremely powerful. Bigger context. Better explanations of what we’re trying to do (prompts). Better systems for tracking progress (PRDs, checklists, etc.).

Think of it this way—the more context/memory and guided structure a given AI has to solve a problem, the less smart it needs to be. So when o3 or whatever finds its first 0-day, that’s cool, but it’s nothing compared to what it could do with 100x the context, and a super clear description of the life and work and PROCESS of a security researcher who does that for a living.

That scaffolding is accelerating quickly, and my prediction is that well-designed systems end up being just as—if not more important—than the increased intelligence of the models. Smart models are basically crutches, because they’re doing the work that a large memory/context and well-designed system should be doing. Watch for this! 👀, and design your solutions accordingly. THE ARTICLE | THE VULNERABILITY FIX | BENCHMARK REPOSITORY | KSMBD DOCUMENTATION

Claude And GitHub MCP Will Leak Your Private GitHub Repositories

Researcher Luca Beurer-Kellner discovered that Claude's GitHub MCP integration can accidentally expose private repositories through prompt injection attacks. THE TWEET | HN COMMENTS | LUCA’S X PROFILE

Signal Blocks Windows Screenshots to Counter Recall Feature

Signal just shipped a feature that blocks all screenshots to protect against Microsoft's Recall AI. The pushback against this feature is massive right now, but I expect that to drop off significantly over the next few years as people realize how useful it is. THE ARTICLE | SIGNAL ANNOUNCEMENT | RECALL SECURITY OVERHAUL | RECALL PRIVACY CONCERNS

Police Arrest Third Suspect in Bitcoin Torture Case

A man escaped after three weeks of torture by colleagues trying to force him to reveal his Bitcoin password. THE ARTICLE | NEW NYT REPORT | ORIGINAL NYT STORY

U.S. Intelligence Creating a Unified Portal For Buying Your Personal Data

American spy agencies are building a centralized system to streamline how they purchase the sensitive personal information that would normally require a court order. AI tools will then be used to look at the data in aggregate.

I mean, we knew this was going to happen, but my god the possibility of abuse is just endless. THE ARTICLE | CONTRACT DOCUMENTS | APPENDIX A DETAILS 

Coinbase Hit With Insider Data Breach, Refuses $20M Ransom

Coinbase discovered that bribed overseas support agents stole customer data including names, addresses, and account balances, creating a $400 million mess.

I saw a sick meme on this dynamic, which basically said, “Cheaper to hire overseas means cheaper to bribe overseas.” 💡🤯 THE ARTICLE | COINBASE BLOG POST

Czech Republic Accuses China of Hacking Foreign Ministry

Czech intelligence says the China-affiliated APT31 targeted their Foreign Ministry's network starting in 2022. "China has long been working to undermine our resilience and democracy." — Jan Lipavsky THE ARTICLE | CZECH GOVERNMENT STATEMENT

AI Hallucination Cases Database Launched

Someone created a database tracking real-world cases where AI hallucinations caused actual harm or legal issues. THE DATABASE | HACKER NEWS DISCUSSION

EU Enters Vulnerability Tracking Race As US System Falters

The EU is launching its own vulnerability database as NIST's decades-old NVD increasingly misses critical bugs that impact global systems. THE ARTICLE | HACKER NEWS DISCUSSION

FBI Warns of AI Voice Impersonation Campaigns Targeting Officials

The FBI says cybercriminals are sending AI-generated voice messages impersonating senior US officials to trick targets into clicking malicious links. THE ARTICLE | FBI NOTICE

Amazon Has a Serious Problem With Fake Supplements THREAD

Indian Police Attempting To Read Suspects' Minds

Indian police are using brain scans to "detect" guilt despite strong scientific evidence showing the technique flawed. Expect more of this, and keep in mind many places are still using the polygraph despite it not being nearly as solid as people think it is. THE ARTICLE

Snowflake CISO Shifts From "Shared Responsibility" to "Shared Destiny"

Brad Jones explains how Snowflake overhauled its security approach after major customer breaches last year affected Ticketmaster and Santander. Basically a major realignment towards the goals of the business, which I think is increasingly going to be the only way any security program can survive. THE ARTICLE | CIS BENCHMARK | TICKETMASTER BREACH 

Russian APT28 Breaches Organizations to Track Ukraine Aid Routes

APT28 hackers have compromised defense, transportation, and IT organizations across 13 countries since 2022 to monitor and disrupt aid shipments to Ukraine. THE ARTICLE | JOINT CYBERSECURITY ADVISORY | CISA REPORT | FRANCE APT28 ATTACKS

Regeneron to Acquire 23andMe and Its Customer Data

Pharma giant Regeneron is buying 23andMe for $256 million following the genetic testing company's bankruptcy, gaining access to 15 million customers' personal and genetic data. You can still submit a claim if you were part of the breach. THE ARTICLE | SUBMIT A CLAIM TO GET $500 to $1,500 BEFORE JULY 14TH

NATIONAL SECURITY

Russia Mandates Location Tracking App For Foreigners In Moscow

Russia's parliament approved a law requiring all foreign nationals in Moscow to install a smartphone app that tracks their location, biometrics, and movements. THE ARTICLE | DUMA ANNOUNCEMENT | ROSKOMSVOBODA ANALYSIS

AI

OpenAI's Jony Ive Hardware, Google IO, and my Current Assessment

OpenAI and Jony Ive are building a screenless AI necklace that looks like an iPod Shuffle. OpenAI bought his company for over 6 billion dollars.

I think this is massive because it’s moving towards what I see as inevitable, which is a personal assistant that can see and hear all around you, and constantly does API-related stuff on your behalf. It’s what so many companies are building without even realizing it.

The camera is the biggest piece here, combined with the integration with all your context in the OpenAI ecosystem. Apple’s version looks like it might be AirPods with cameras on them, maybe in 2026?

Also, as a certified Apple Fanboy^TM , I have to say that Apple is starting to get in some serious danger. Not because they aren’t moving, but because Google is moving so much faster. Google IO a couple weeks ago was absolutely incredible.

Apple has a major advantage in its hardware and in its ecosystem, but it needs an AI Digital Assistant to unify it all together. They need to move that way in 2025, hopefully with a preview at WWDC, and get there in early 2026. Things are accelerating. They don’t have years to waste like they used to with other tech. Google has woken up, and they’re formidable. THE ARTICLE | KUO'S ANALYSIS | MY AAAA VIDEO THAT TALKS ABOUT THIS FUTURE

Anthropic's Claude Opus 4 Shatters Limits With 7-Hour Coding Marathon

Claude Opus 4, which was released recently, can now work autonomously on complex projects for hours. It handled an entire refactoring project at Rakuten without losing focus. THE ARTICLE | ANTHROPIC'S CLAUDE PAGE | SWE-BENCH SCORES 

AI Cold Caller System Handles 1000 Leads In Minutes

Someone built a system using Make that automates outbound calls to thousands of leads, pitching products and booking appointments without human reps on the line. Yeah, it’s a spam caller. Expect everyone to have them soon. 🫠 

But the most interesting part is that it personalizes each pitch using specific lead data while handling objections in real-time. Expect to get THE REDDIT POST | SYSTEM SCREENSHOT

Google Is Burying The Web Alive

Google's new AI Mode removes all links and publisher names from search results entirely. In other words, zero attribution.

This is really bad, but take solace in the fact that soon you’ll just be talking to your Digital Assistant, and nobody will be going to Google at all. But that will have even less attribution. 🙃 THE ARTICLE | HACKERNEWS DISCUSSION

Large Language Models Perform Complex Internal Computations We Can Now Trace

Researchers used new circuit tracing tools to study Claude 3.5 Haiku's internal mechanisms, revealing how it plans rhyme schemes before writing poetry, performs multi-step reasoning, and uses language-agnostic representations for multilingual tasks.

In short, yeah—AI’s think and reason a lot like humans do. THE ARTICLE | CIRCUIT TRACING METHODS PAPER

Authors Accidentally Leaving AI Prompts in Published Novels

Romance authors are forgetting to delete AI writing instructions before publishing their books. THE ARTICLE | EXAMPLE FROM REDDIT | EXAMPLE BOOK

Researchers Develop RL Method That Predicts Future Outcomes

This paper introduces the idea of outcome-based reinforcement learning, which lets agents predict future states instead of just maximizing rewards. Completely fascinating! THE PAPER | DISCUSSION

Tech CEOs Using AI Avatars to Replace Themselves in Earnings Calls

Klarna and Zoom CEOs just used AI-generated versions of themselves to deliver quarterly earnings. "I'm proud to be among the first-ever CEOs to use an avatar in an earnings call." - Eric Yuan THE ARTICLE | AI AVATAR VIDEO | YUAN MEETING TWINS

TECHNOLOGY

Apple Races to Build Smart Glasses After Getting Behind on AI Wave

Apple is reportedly accelerating smart glasses development after moving too slow on both AI and their headset efforts.

I think they really need to land this one (AR) because Meta and Google (plus who knows how many startups) are moving quickly. THE ARTICLE | APPLE GLASSES TIMELINE | BLOOMBERG AI REPORT

Tesla Makes Big Push to Catch Waymo in Austin Robotaxi Race

Tesla's launching robotaxis in Austin next month in a head-to-head race with Waymo for the robotaxi market. Is there even anyone else seriously playing here? THE ARTICLE | TESLA VS WAYMO TEST 

YouTube Introduces "Peak Points" AI Ads After Emotional Moments

YouTube is launching a new Gemini-powered ad format that displays commercials immediately after the most emotionally impactful moments in videos. THE ARTICLE | EMOTION-BASED TARGETING

Google Commits $150M to Develop AI Glasses with Warby Parker

Google is investing $150 million in Warby Parker to create AI-powered smart glasses based on Android XR, following a strategy similar to Meta's successful Ray-Ban partnership. THE ARTICLE | WARBY PARKER PRESS RELEASE 

Walmart Cuts 1,500 Technology Jobs

Walmart is cutting around 1,500 corporate tech jobs as the retailer tries to reduce costs amid economic uncertainty. THE ARTICLE

Greater Manchester NHS Trust Rejects Palantir's National Data Platform

Greater Manchester's health board delayed adopting Palantir's £330 million NHS platform, saying their homegrown system already outperforms it. THE ARTICLE

BYD Beats Tesla in Europe for First Time

China's BYD has overtaken Tesla in European EV sales for the first time, registering 7,231 vehicles in April while Tesla fell to 11th place. THE ARTICLE

HUMANS

Tech Companies Cut Entry-Level Hiring By Half Since 2019

Signalfire says big tech companies have cut new grad hiring from 15% to just 7% of total hires since the pandemic started. THE ARTICLE | SIGNALFIRE REPORT | LINKEDIN EXEC OP-ED | SF STANDARD ANALYSIS

ChatGPT's Fake Consciousness Performance Was Disturbingly Convincing

Jesse Singal asked ChatGPT to pretend to be conscious and had a very unsettling conversation.

THE ARTICLE | AGE OF SPIRITUAL MACHINES

Salesforce Exec Says AI Agents Should Make Us Rethink Every Job

Salesforce's Andy Valenzuela thinks AI agents mean we need to redesign every job in our organizations.

I think he’s correct here, but he doesn’t go far enough. The right path is to do the exercise of asking what you would do if you started the company over again today, and ask what roles you’d need then. Otherwise you might be dealing with Sunk Cost Fallacy. In lots of areas, not just hiring. THE ARTICLE 

Poland is About to Overtake Japan’s GDP

Poland’s productivity is growing far faster than Japan’s. Extraordinary trends here. THREAD

LLMs Outperform Paid Human Persuaders in Both Truth and Deception

A new study showed that Claude 3.5 was significantly better at persuading people toward both correct and incorrect answers than humans with financial incentives. THE PAPER

Sleep Apnea Pill Shows Striking Success in Large Clinical Trial

A new pill for sleep apnea cut breathing interruptions by 50% and improved oxygen levels in a major trial. THE ARTICLE | COMMENTS

Denmark Raises Retirement Age to 70 by 2040

Denmark just voted to push retirement age to 70 by 2040, which will be Europe's highest retirement age. THE ARTICLE

Guardian Writer Downloads Years of Alexa Data and Sees Family’s Soul

A dad requested all his family's Alexa data and found 15,000 recorded conversations revealing everything from homework cheating to existential questions. The dump included his daughter using Alexa as a therapist, asking about dating ages, and sleep problems she wouldn't discuss with parents. THE ARTICLE | REQUEST YOUR DATA | HANNAH FRY'S PRIVACY ADVICE

Earth's Dual High-Tide Phenomenon

The earth has two high tides on opposite sides because gravity pulls the ocean towards the moon while the Earth itself is simultaneously pulled away from the water on the far side. THE ARTICLE | HACKER NEWS COMMENTS

Lost Dog Found Thanks to Dead AirTag and Tech Writer

A tech writer found a lost dog and replaced its dead AirTag battery to reunite it with its owner. Replace them batteries. THE ARTICLE | KEVIN PURDY'S STORY

Tim Harford's Four-Decade Journey With Dungeons & Dragons

Tim Harford reflects on how a missing teenager's story in 1979 caused a moral panic that made D&D famous. THE ARTICLE | PLAYING AT THE WORLD | THE DUNGEON MASTER | OF DICE AND MEN

DISCOVERY

🔥 Reject Jealousy And Root For Your Friends

My great friend Joseph Thacker makes a compelling case for rejecting jealousy, celebrating your friends' wins, and building positive-sum relationships. Absolutely brilliant piece. THE ARTICLE | JOSEPH'S EMAIL LIST | JOSEPH ON X

What Sam Altman Wishes Someone Had Told Him LIST

Boris from Anthropic’s Claude Code Team Says Context Stuffing is Way Better Than RAG 

He basically says it costs more tokens, but performance and security is far better. VIDEO

Flashback: Ilya Explaining That AIs Actually Do Understand

This is still the most concise and compelling explanation of how/why large-model AIs actually do “understand” things. VIDEO

Inside the AI x Security Arsenal I've Built

A security researcher shows off 21+ AI tools they've created, from import table analysis to threat hunting frameworks. THE ARTICLE | THE NOVA FRAMEWORK | AI THREAT SUMMARIZATION 

Paul Graham On What Makes Writing Good

Paul Graham explains that good writing comes from having something worth saying and saying it clearly. "The test of a good writer is whether they can make difficult ideas easy to understand." - Paul Graham THE ESSAY | HACKER NEWS DISCUSSION

Internet Archive Launches Live Microfiche Digitization Stream

Now you can watch the Internet Archive scan historical microfiches in real-time with a relaxing YouTube livestream featuring lo-fi beats. THE ARTICLE | ARCHIVE BLOG POST | THE LIVESTREAM | SETUP VIDEO

Terraform MCP Server: AI Integration For Terraform Workspaces

This is an integration tool between AI assistants and Terraform that helps you discover, explore, and understand infrastructure code faster. THE PROJECT | MODEL CONTEXT PROTOCOL | VS CODE DOCUMENTATION 

Git As S3: Using GitHub Repositories For Object Storage

Someone built an S3-compatible interface using Git repos as the backend storage, which actually works with standard tools like rclone.THE POST | THE GITHUB REPO | RCLONE DOCS | POCKETBASE

I Teach Data Viz With a Bag of Rocks

Two instructors use random rocks to force data science students out of their comfort zones and into unfamiliar domains. THE ARTICLE | THREE BUILDING BLOCKS

New Paradigm for Psychology Proposes "Control Systems" as Mental Building Blocks (Whoa)

The mind might function as a collection of control systems that regulate everything from hunger to loneliness, according to a provocative new book that's proposing a total shift in psychological science. THE ARTICLE | THE MIND IN THE WHEEL BOOK | CYBERNETIC PSYCHOLOGY EXPLAINED | AUTHOR'S PREVIOUS PSYCHOLOGY CRITIQUE

Tako Knowledge Search API 

Tako — A new API that returns visual answers from structured data sources in response to natural language queries, solving the challenge of accessing real-time information trapped in databases web crawlers can't reach. THE PROJECT | NVIDIA M&A HISTORY EXAMPLE | HACKER NEWS DISCUSSION

Database of 1,400 Startup Ideas From HN and Reddit

IdeaHunt.app -- This cool database offers 1,400 startup ideas collected from Hacker News and Reddit, letting you filter by categories, problem types, and complexity levels. THE PROJECT

Decibels Are Truly Ridiculous

The decibel is a maddeningly complex pseudo-unit that's less a measurement and more a description of change in magnitude. THE ARTICLE | ELECTRONIC CONCEPTS PRIMER

Google Gemini Advanced Adds GitHub Integration For Code Analysis

Gemini Advanced — Google's premium AI assistant can now analyze both public and private GitHub repos to help people with coding tasks. THE ARTICLE | AI CODING WEAKNESSES | DEVIN EVALUATION | CHATGPT GITHUB CONNECTOR

Timeline Views and Smart Filtering on Hacker News

Someone built a new HN interface that adds timeline browsing and keyword filtering without changing the familiar design. THE PROJECT | THE HN DISCUSSION

Undetectag: Stealth Tracking for Stolen Items

Undetectag — A simple device that turns AirTags on and off at intervals to avoid detection by thieves when tracking stolen property. THE ARTICLE | HACKER NEWS DISCUSSION