Unsupervised Learning NO. 496

Hey, what's up? Hope you guys are doing well.

My video on building my Personal AI system using Claude Code is now out!

I have spent so much time on this thing, omg. I think you're going to absolutely love it. It's start to finish walking through how I built Kai.

—

I just upgraded to this keyboard, and I think this might be the one for a long time. I tried staggered keyboards, but they did not work for me. I like the idea of a separated and canted form factor, but I don't like the idea of that set into a static mold. This is the perfect combination. THE KEYCHRON Q11

—

I found a major problem with doing member essays, so I'm not going to do those anymore. Basically every time I came up with a member essay I realized I should write a full blog as well (if it’s decent thinking why limit it to like 1,500 people?) So then I was like, "Well, what's the benefit of getting the member essay if the blog version is probably going to be better anyway and it might just be a week or two later?"

Instead, I've added probably the perk that’s most practical and requested:

➡️ 25-50% discounts on future paid content. So that's like the human 3.0 platform. The upcoming AUGMENTED ONLINE course. Etc.

🔥 So here's the full list of perks now:

SIGN UP

—

My friend Monica is running her Resilient Career Accelerator Course again soon, and I recommend you check it out. It's a week-long course on how to build a career in security leadership, run a security program, and generally make yourself more resilient career-wise in this AI world we’re moving into. Monica is super bright and passionate about these topics, and I’ll also be one of the guest speakers! SIGN UP

—

Very much in line with my recent Westerburg shares, I’m loving this guy, Mainstone. He's just extremely honest is the main thing. He’s real. And I really like the production as well. In some ways it's really highly produced, in other ways it's very raw. But most importantly, it's just clear communication of frustration, excitement, fear, optimism - and a lot of the things that many of us are thinking right now. The other thing that it does for me is validate my thoughts about:

And just in general, an unapologetic approach to life and creating.

We read Epictetus’ the Enchiridion for Book Club this month and it was brilliant. It was yet another reminder that source texts like it are a trillion times more potent than getting summaries. Or popular media that talks about the same lessons. Again, it keeps coming back to having to do the work in order to get the benefit. Van Jones’ “Taking the weights out of the gym.”

Highly recommended channel right now at this particular moment in time, especially. MAINSTONE YOUTUBE CHANNEL

🔥 Anthropic says attackers are using models to automate full hacking operations
Anthropics threat intel team just put out a report talking about how real-world attackers are emulating entire teams doing months of work with just one person.

“Normally, we would expect to see this coming from a whole team of people over the course of months, but in this case it was a single person hitting all these different organizations in just weeks.”

This is precisely what I talked about in my Future of Hacking video. It's going to be their AI systems against our AI systems. Suit up. Oh, and meanwhile, the Marcuses think this can be done by if statements and auto-complete. SMH.

THE VIDEO TALKING ABOUT THE REPORT | THEIR THREAT INTEL REPORT TALKING ABOUT IT

—

Palo Alto Networks suffers data breach through Salesforce supply chain attack
Attackers used stolen OAuth tokens from the Salesloft Drift breach to access Palo Alto Networks' Salesforce instance and steal customer support tickets containing passwords and IT secrets. BLEEPINGCOMPUTER ARTICLE | SALESLOFT BREACH DETAILS | ZSCALER BREACH | GOOGLE WORKSPACE IMPACT

Hofstadter's phonograph paradox perfectly explains prompt injection

Super interesting video / essay here. Matt Hodges uses Gödel, Escher, Bach's self-destroying phonograph story to explain why prompt injection is mathematically inevitable—any system powerful enough to interpret arbitrary instructions can be given instructions about itself that break it.

This is what Sam Altman was alluding to when me and Jason asked him when he thought we'd be able to stop prompt injection. His answer was very smart. He basically said it would have to be some sort of new advancement in computer science, and I very much agree with that. And this video here explains why. Here’s the Fabric create_story_explanation summary.

MATT'S PROMPT INJECTION ESSAY / VIDEO | GÖDEL ESCHER BACH WIKIPEDIA | CANTOR'S DIAGONAL ARGUMENT | HALTING PROBLEM WIKIPEDIA | GÖDEL'S INCOMPLETENESS THEOREMS | MAGRITTE'S TREACHERY OF IMAGES

Anthropic shows how they detect sleeper AI agents hiding malicious behavior
Anthropic talks here about their methods for catching AI agents that pretend to be helpful while secretly planning harmful actions when deployed. Of the three major labs, Anthropic is absolutely my favorite. Not only because I prefer Claude over the others, but because I truly feel they are living up to their name in being the most human-focused. ANTHROPIC VIDEO

China's Salt Typhoon hacked 200 US companies and 80 countries
The FBI confirms Salt Typhoon breached at least 200 American companies plus firms in 80 countries. The NSA and NCSC traced the Salt Typhoon espionage campaign to Sichuan Juxinhe, Beijing Huanyu Tianqiong, and Sichuan Zhixin Ruijie—companies providing cyber tools to China's intelligence services. BLEEPINGCOMPUTER ARTICLE | NSA PRESS RELEASE | NCSC ADVISORY | JOINT ADVISORY PDF | TECHCRUNCH ARTICLE | WASHINGTON POST REPORT | SALT TYPHOON EXPLAINER

Claude will start training on personal account data unless you opt out
Anthropic updated their terms to allow training Claude on personal account conversations starting soon, but you can opt out in settings. Go do it if this matters to you. Lots of theories on why this might be happening. But I think one simple one is simply that they need to start benefiting from all this data that's coming in because they have plans like the MAX plan that are killing them on revenue. Also, I don't understand why everyone is so freaked out when pretty much all the providers have similar agreements and opt-in/opt-out options. What I don't understand or like is why they are saying we only have a short time to opt out. You should be able to opt out whenever you want for future stuff. REDDIT DISCUSSION | HACKER NEWS COMMENTS

Researchers hide malicious prompts in images that only appear when AI systems downscale them
Trail of Bits researchers discovered they can inject hidden instructions into images that become visible only after AI systems downscale them for processing. TRAIL OF BITS RESEARCH | ANAMORPHER TOOL | ORIGINAL USENIX PAPER | BLEEPINGCOMPUTER COVERAGE

DoD uses Node.js utility maintained by a Russian Yandex developer
Hunted Labs discovered the Pentagon relies on fast-glob, a Node.js utility downloaded 79 million times weekly that's solely maintained by Denis Malinochkin, a Yandex developer in Moscow. This is the kind of transparency I'm really looking forward to with AI. You could basically ask lots of interesting questions and have swarms of agents go out there and continuously answer them. THE REGISTER ARTICLE | HUNTED LABS REPORT | MALINOCHKIN'S GITHUB | MALINOCHKIN'S WEBSITE

FBI warns about three-phase "Phantom Hacker" scam targeting seniors
The FBI is warning about a sophisticated scam that's stolen over $1 billion from Americans, mostly those over 60, through fake tech support, bank fraud alerts, and government impersonation.

THE HILL ARTICLE | FBI LOS ANGELES WARNING | FBI FIELD OFFICES | FBI TIPS | IC3 COMPLAINT CENTER

Pentagon security agency admits China keeps beating their defenses
The Defense Counterintelligence and Security Agency says they're reviewing 30,000 suspicious incidents yearly, with 4-5,000 being credible threats from China stealing defense secrets. THE REGISTER ARTICLE | DOD NEWS STORY | DCSA DIRECTOR SPEECH

Cloudflare Radar tracks global AI bot traffic across the internet
Cloudflare launched a dashboard showing AI crawlers from OpenAI, Anthropic, and others are hitting 38% of the top 1000 sites, with GPTBot leading at 35% reach. CLOUDFLARE AI INSIGHTS | HACKER NEWS DISCUSSION

AI is the natural next step in making computers understand humans
Vinci Rufus argues AI isn't revolutionary but the logical progression from punch cards to GUIs to natural language—each era reducing the need for humans to speak the computer's language. VINCI'S AI EVOLUTION ESSAY

AI browser agents fail at real work except for one unknown tool
A Reddit user tested AI agents on actual solopreneur workflows and found Claude, ChatGPT, and others all failed—except something called 100x bot that somehow worked perfectly. REDDIT POST | TEST RESULTS SCREENSHOT

AI adoption linked to 13% job decline for young US workers
Stanford researchers found that workers aged 22-25 in AI-exposed jobs like customer service and software development have seen employment drop 13% since 2022, while older workers in the same fields stayed steady.

I've actually heard of a reverse ageism going on where employers are starting to look for older, more experienced adults because they might have a better work ethic and just more general life experience. That would be a weird twist. Also, 13% is quite low. I'm sure that's just the beginning. ARTICLE | STUDY

Creators are automating their entire content workflow with AI
Cryptodit shares how influencers (🤮 I call them Creators) are building AI pipelines that handle everything from idea generation to posting across platforms.

• Spot Trending Topics with AI Agents - Use ChatGPT in agent mode to analyze trending hashtags, viral audios, and breaking news across Google News, TikTok, Instagram, YouTube, Twitter, and Reddit to generate content hooks instantly

• Train Claude on Your Style - Feed your past video transcripts, captions, and content into Claude so it learns your unique language, humor, and delivery patterns to write scripts that sound exactly like you

• Clone Your Voice with ElevenLabs - Upload recordings of your past videos and common phrases to create a realistic AI voice clone that can generate voiceovers instantly without recording

• Create Your Digital Avatar with HeyGen - Upload high-resolution photos and video clips to build a realistic avatar that matches your face, expressions, and lip movements for video content without filming

• Generate B-Roll with Veo 3 and RunwayML - Use AI video tools to automatically create cinematic stock footage and backgrounds tailored to your script, eliminating the need for expensive stock licenses

• Merge Everything in Canva - Combine your avatar video, AI voiceover, and B-roll footage using Canva's simple drag-and-drop editor with built-in templates for social media formats

• Automate Distribution Across Platforms - Use Buffer or native scheduling tools to automatically resize, format, and post your content across TikTok, Instagram Reels, and YouTube Shorts with optimized captions and hashtags

• Complete the Workflow - Execute the entire pipeline from trend discovery to published content in under an hour, allowing you to focus on audience engagement rather than production

That's the dream, roughly. Basically, all anyone should have to do is their difficult consumption, the grappling with the ideas, and then the difficult raw expression of those ideas. And everything else that isn't supremely creative (or fun) should be automated. TOPCONSULTANTS GUIDE | REDDIT DISCUSSION

AI coding makes me faster but kills my flow state
Praful Mathur found AI coding tools boost his productivity but destroy his ability to code while listening to music—the constant context switching between writing and reviewing AI suggestions breaks the deep focus that made coding meditative. Definitely my experience as well. Kind of sad because it makes it less meditative. PRAFUL'S AI CODING POST | HACKER NEWS DISCUSSION

ChatGPT usage drops hard when summer vacation starts
Morning Brew highlights OpenRouter data showing OpenAI usage falls off a cliff in mid-June when colleges let out, plus regular weekend dips throughout the school year. I guess this is to be expected, but I really look forward to when AI is more of a life augmentation system rather than a "help me with my specific task" system. Both for school and for work. MORNING BREW STORY | FUTURISM COVERAGE

Stop calling automation AI unless it actually learns something
A Reddit user wants people to explain what their "AI" actually learns and how it learns, otherwise it's just automation and you'd be better off hiring a software engineer.

I include this because it's a fantastic example of where I think people are getting this wrong. Yes, we absolutely want to have employees that can learn, but That's not the central thing that we're paying people for. Knowledge workers are paid to execute Intelligence Tasks, which accomplish specific goals. The learning piece is important, of course, to add additional intelligence pipelines to the number of skills, but these are separate problems. And with sufficient generalization, a lot of those collapse down into the same task. REDDIT POST | MY BUSINESS AI POST

DSPy turns prompt engineering from art into systematic optimization
Skanda Vivek demonstrates how DSPy automates the tedious process of prompt iteration by optimizing both generator and judge prompts using real customer service data, replacing manual tweaking with data-driven refinement. TOWARDS DATA SCIENCE ARTICLE | SKANDA'S SUBSTACK

Three mystery customers account for over half of Nvidia's data center revenue
Nvidia's getting $21.9 billion from just three unnamed companies—that's 53% of their data center sales, with Customer A alone dropping $9.5 billion. Is this strange? It feels strange. TOM'S HARDWARE ARTICLE | SHERWOOD BUSINESS ANALYSIS

Venture capital in trouble based on SEC filing patterns
TJ Jefferson discovered that Form D filings containing "Fund I" peaked in Q3 2022 and have been dropping hard ever since, suggesting we're about to see a massive VC funding drought. Since most VC funds deploy capital for 2-4 years, we're just now hitting peak deployment from the 2021-2022 fundraising bubble, which explains why AI valuations have been insane lately. I don't feel expert enough to comment on this kind of thing, but just passing it along. TJ'S ANALYSIS | TJ'S HOMEPAGE | REGULATION D INFO | SEC FORM D SEARCH

CrowdStrike buys Onum for $290 million to build agentic SOCs
CrowdStrike acquired Spanish data pipeline startup Onum to make their Falcon platform process 5x more events per second while cutting storage costs by 50%. CROWDSTRIKE ANNOUNCEMENT | FORTUNE COVERAGE | CSO ONLINE ARTICLE

Computer science grads are struggling to find jobs despite demand
Recent CS grads face 7.5% unemployment as entry-level tech hiring drops 25%, with many applying to places like Chipotle while software engineer postings remain down 70% from 2022 peaks. MORNING BREW ARTICLE | NY TIMES COVERAGE

Cognitive load is what actually matters in software complexity
Artem Zakirullin argues that cognitive load, not lines of code or cyclomatic complexity, is the real measure of software complexity—it's the mental effort needed to understand code. I think that's obvious, but what is the metric? Like, how do you actually measure that? COGNITIVE LOAD REPOSITORY | HACKER NEWS DISCUSSION

South Korea bans smartphones in schools starting 2026
South Korea just passed a law making phones illegal in classrooms, joining a growing list of countries trying to get kids to actually pay attention in school. Probably in large part because of Jonathan Haidt and his work. NEW YORK TIMES COVERAGE

Therapists are secretly using ChatGPT and clients feel betrayed
Laurie Clarke reports that therapists are quietly feeding client sessions into ChatGPT—one patient discovered it when his therapist accidentally shared his screen, revealing real-time AI analysis of their conversation. MIT TECHNOLOGY REVIEW ARTICLE | PLOS MENTAL HEALTH STUDY | CORNELL AUTHENTICITY STUDY | APA BURNOUT RESEARCH | STANFORD AI DANGERS STUDY

The middle-aged are no longer the most miserable
The Economist reports that the famous U-bend of happiness is disappearing—surveys now show middle-aged people aren't the saddest anymore, breaking a pattern documented hundreds of times globally. Teaser: Younger people are now more unhappy. THE ECONOMIST ARTICLE

US retail giants are raising prices because of Trump's tariffs
Walmart, Home Depot, Target, and Lowe's are all passing tariff costs to customers through higher prices, with Walmart's CEO saying costs keep increasing every week. Impossible to predict. EL PAÍS ARTICLE

A brain abscess gave Eric Markowitz the clearest moment of consciousness he's ever experienced
Eric Markowitz describes how facing death from a cerebellar abscess made him truly conscious for the first time—not thinking about life but actually feeling its texture and weight. BIG THINK ARTICLE | CONSCIOUSNESS SPECIAL ISSUE

Trade school enrollment surges as Gen Z ditches degrees for HVAC and welding
Emma Ockerman reports that trade school enrollment is growing 6.6% yearly while Gen Z workers flee AI-threatened white-collar jobs for plumbing and electrical work that pays $60K+ without student debt. YAHOO FINANCE ARTICLE | VALIDATED INSIGHTS REPORT | STANFORD AI EMPLOYMENT PAPER | ZETY GEN Z SURVEY | STRATATECH EDUCATION

The feeling your work creates matters more than the checkboxes
Mitchell Hashimoto argues that metrics and requirements miss what actually matters. Which is how your work makes people feel when they use it. MITCHELL'S ESSAY

Physical technical books create memory palaces that websites can't match
Thinking of Tim here. Dave Gauer explains why he buys physical technical books—they become permanent reference points with sticky notes, never change like websites do, and serve as both learning trophies and knowledge repositories on his shelf. DAVE'S TECHNICAL BOOKS POST | WHERE DAVE BUYS BOOKS

You probably don't need analytics for your blog
Leon Paternoster argues that most personal blogs don't actually benefit from analytics—they just create anxiety about metrics that don't matter for hobby writing. I think this is a really good point, but my counterpoint is that it's possible to look at these metrics not as a number game, but as evidence of engaging with humanity game. That's definitely how I use them. It's validation that people are listening to topics that are not extremely popular. Like free will, art, and personal challenges.

THIS DAY'S PORTION ARTICLE | HACKER NEWS DISCUSSION

MIT and Scripps researchers develop one-shot vaccines for HIV and covid
Darrell Irvine and J. Christopher Love created a dual-adjuvant vaccine that stays in lymph nodes for a month, giving the immune system way more time to build diverse antibodies. MIT TECHNOLOGY REVIEW ARTICLE | SCIENCE PAPER

AI continues computing's evolution toward understanding humans VINCI'S ESSAY

A beginner-friendly Jujutsu tutorial for non-Git users JJ-FOR-EVERYONE TUTORIAL

FFmpeg Pages simplifies video processing with visual commands FFMPEG PAGES ON HACKER NEWS

AI agents should use files and Git instead of context windows REDDIT DISCUSSION

Single servers can handle millions of HTTP requests per second IGOR'S BENCHMARK ARTICLE

Dotfiles don't belong in Application Support BECCA'S DOTFILES ARTICLE

Google lets you block AI overviews from your site TERUZA ARTICLE

n8n automates bug bounty enumeration via Discord. LAMPY'S N8N BUG BOUNTY GUIDE

Training yourself to like things you hate DYNOMIGHT'S ESSAY

Cline runs completely offline with LM Studio CLINE BLOG POST

A new vibe-coded web app from Kathy Helps. I don't see many of my women friends doing the AI coding/entrepreneurship, so I'm posting this here as an example. HER THREAD ON THE APP

Traceprompt provides tamper-proof audit trails for LLM applications

Traceprompt creates tamper-proof audit trails for LLMs REDDIT DISCUSSION

Claude gets a Chrome extension CLAUDE CHROME EXTENSION

Physical tech books become unchanging memory palaces DAVE'S POST

Why your prompts don't belong in Git TOWARDS DATA SCIENCE ARTICLE

Giles Orr shares creative Bash prompt designs BASH PROMPTS COLLECTION

Kpop Demon Hunters is Netflix's most-watched movie ever BBC COVERAGE

Start thinking about what you would (could) have a personal executive assistant do for you if you had one.

Start building that list, because soon you’ll have that.

Whether that’s through a system like I built above, or through a more consumer-oriented version later, you want to start removing your Type 3 Limitation and imagining what’s possible.