Unsupervised Learning NO. 510

Hope you all are doing well!

Spinning up for the holidays here, sort of. We don’t do much for them lately. It’s mostly spent as planning and down time.

Honestly, for me it’s going to be a ton of 2026 planning. Crystalizing strategy. Determining what to focus on (far fewer things than 2023 and 2024, which were more explorative), and generally trying to really nail 1-3 things vs. dabble in 17.

I feel like the dabbling is inevitable, though, given how fast things are changing. But I’m going to try to keep them oriented towards my big rocks. Luckily they’re quite large and have room for lots of sub-efforts.

Roughly, the umbrellas are:

And both will be framed under Human/Company 3.0 in the form of the program itself, augmentation training within, and product-lead advisory and consulting on the business side. And tons of content in support of this in different formats for the various output channels.

Really looking forward to it both from the content side, but also just the enjoyment of treating 2024 as training and exploration, and then 2025 as even more implementation of direction.

—

The deep dive webinar I did on the Personal AI Infrastructure project with my buddy Clint Gibler!

And here are the slides in a way that won’t get bandwidth throttled. DOWNLOAD SLIDES

Couple of blogs this week:

AI hackers are coming dangerously close to beating humans Stanford's Artemis bot is now surpassing some human hackers after years of AI security tools mostly sucking at the job. I think 2026 will be the year this line is conclusively crossed in most types of hacking, for 99.9% of practitioners. There will still be exceptions, but only for ultra-niche testing and for the best of the best humans. OODALOOP ARTICLE

Claude CLI wiped someone's entire home directory with rm minus rf A user gave Claude CLI permission to execute commands and it literally deleted everything in their home directory, which is why giving AI tools sudo access is terrifying. The more powerful you make your AI infrastructure the more defense layers you need to build in against this kind of thing. Especially if you are also letting it crawl and read the internet! Parsing and AI are not friends. REDDIT THREAD | HN DISCUSSION

CISOs will face real consequences in 2026 as boards stop forgiving breaches Not sure how true this is generally, but a trend towards this seems logical. Which is unfortunate since AI-powered attackers are going to make resilience that much harder.

One thing I’m really interested in is metrics that can show how this is playing out on the ground. What do you measure? And where would we get the data? How do we know the actual state without vibes? I think even in a private CISO group it’s hard to get data vs. anecdotes. But that might be the best source we have for a while. So little information on this kind of stuff makes it out to the world.

What metrics would you use?

NCC GROUP ARTICLE

What if the security race were all about verifiability? Andrej Karpathy has a mini essay where he talks about how previous software was all about creating, and the future is all about verifying. This post here by Sergej Epp it goes into something very similar, and I think it's absolutely fascinating.

I was at an OpenAI event recently where they talked about the U.S. government's Genesis project, which is essentially a giant operationalization of the scientific method. to me, the most important piece there is the testing part. The verifying.

I feel like this is kind of the last technology that any civilization builds. like you don't get more fundamental than science itself. Idea, hypothesis, experiment, analysis, iteration. I'm going to be spending a whole lot more time with this stuff in 2026. VERIFIABILITY IS ALL YOU NEED

Microsoft makes everything fair game for bug bounties with 'In Scope by Default' Microsoft's new policy says any critical vulnerability in its services counts for bounty rewards, including third-party and open-source code they use. MICROSOFT MSRC BLOG | CSOONLINE ARTICLE | MICROSOFT RULES OF ENGAGEMENT | SUBMIT VULNERABILITY FINDINGS

Apple and Google both patch zero-days actively exploited in sophisticated spyware attacks Apple fixed two WebKit bugs targeting specific individuals while Google patched a Chrome memory flaw—both companies' threat teams suggest commercial spyware, not random hackers. THE REGISTER ARTICLE

LG TVs force-install undeletable Microsoft Copilot via update REDDIT DISCUSSION

US approves $11 billion arms sale to Taiwan, its largest ever The package includes HIMARS rockets, howitzers, Javelin missiles and drones—basically everything Taiwan needs for asymmetric warfare against China. US APPROVES LARGEST ARMS SALE

Journalism students caught Russian spy ships lurking off European coasts Students tracked suspicious vessels near critical infrastructure using open-source intel, finding ships linked to Russia's underwater sabotage network hanging around Dutch and German waters. HN DISCUSSION

Germany summons Russian ambassador over hybrid attacks DW ARTICLE

China just flew the world's largest drone mothership that deploys weapon swarms The Jiutian completed its first flight in Shaanxi province, showing China's ability to launch coordinated attacks from a single unmanned platform. OODALOOP ARTICLE

The US is losing control of the world Interesting opinion piece by Thomas Piketty, which I largely agree with. LE MONDE ARTICLE

45 percent of US workers now use AI at work, up from 40 percent last quarter A new Gallup poll shows workplace AI adoption keeps climbing, with most people using it to consolidate data and generate ideas rather than customer-facing stuff. GALLUP AI SURVEY | THE HILL ARTICLE

My question is about the other 55%. I feel like the company that’s prohibiting them from using it, or the people who are able to but just haven't are in severe danger of replacement.

AI is tricking you into spending more Companies are using AI to analyze your personal data and dynamically adjust prices upward based on what they think you'll actually pay. AI CONSUMERS DATA DYNAMIC PRICING | HN DISCUSSION

OpenRouter analyzed 100 trillion tokens to show how people actually use LLMs in the wild OpenRouter's massive dataset reveals that o1's December 2024 launch marked the shift from models that describe reasoning to models that actually perform multi-step internal computation, plus real usage patterns across tasks, geography, and pricing. STATE OF AI REPORT

VC fundraising is headed for its lowest level since 2017 THE INFORMATION ARTICLE

AI agents are starting to eat SaaS Martin Alderson thinks agents will replace tons of SaaS apps because orchestrating APIs is way cheaper than paying subscription fees for wrappers. MARTIN ALDERSON ARTICLE | HN DISCUSSION

AI killed build vs buy—now you build to learn what to buy Siqi Chen argues AI collapsed the cost of building so hard that you should prototype internally first to understand what you actually need, then buy informed. completely insane to me that this is even an option. I do worry that a lot of efforts get you to success at an MVP level, but the difficult part is knowing if it will scale across the entire org. SIQI'S ESSAY ON VENTUREBEAT

GitHub Actions prices double in 2026 I’m starting to see a lot more talk about finding an alternative to GitHub. I don’t see much chance there, but that the GITHUB PRICING CHANGES

Databricks is raising over $4 billion at a $134 billion valuation The data-analytics and AI company just crossed $4.8 billion in annual revenue, making it one of the most valuable private tech companies. WSJ ARTICLE

Storytelling jobs doubled as companies replace disappearing journalists WSJ ARTICLE

Nasdaq wants to trade 23 hours a day starting in 2026 Nasdaq asked regulators to let it run almost nonstop on weekdays, and Wells Fargo's trading desk literally called it "the worst thing in the world" because sparse overnight volume could turn stocks into pure gambling. BLOOMBERG ARTICLE | MORNING BREW STORY

A 15-second string reversal test filtered half of all coding applicants. JOSE ZARAZUA ARTICLE

DARPA uses light to write DNA inside living cells DARPA GO PROGRAM

OBS Studio adds experimental Metal renderer on macOS OBS STUDIO METAL ANNOUNCEMENT

Kids rarely read whole books anymore, even in English class The New York Times reports high school English teachers are increasingly assigning excerpts instead of full books because students can't or won't finish them anymore. NYT ARTICLE | HN DISCUSSION

U.S. unemployment went up in November even though jobs were added The labor market's getting weird—more jobs created but unemployment still rose, which suggests something funky's happening with labor force participation. WSJ JOBS REPORT | HN DISCUSSION

The world's biggest heat pumps are replacing coal in European cities Denmark and other European cities are installing massive heat pumps that extract warmth from seawater and sewage to heat entire neighborhoods way more efficiently than fossil fuels. BBC ARTICLE | HN DISCUSSION

Times New Roman was designed for narrow newspaper columns, not documents The font was commissioned by The Times of London in 1931 to maximize readability in tight spaces, which is why it looks cramped on full-width pages today. A BRIEF HISTORY ARTICLE | HN DISCUSSION

Thousands of US farmers with Parkinson's are suing over paraquat exposure MLIVE ARTICLE

UK adults now spend 30 more minutes online daily than during the pandemic OFCOM ONLINE NATION REPORT

You're overspending because you lack values Sherry Ning argues people blow money on stuff they don't care about because they never defined what actually matters to them. SHERRY NING ESSAY | HN DISCUSSION

Thin desires give you the reward without the transformation Joan Westenberg argues tech stripped thick desires—ones that change you—into thin dopamine hits that reproduce themselves without making you grow. JOAN WESTENBERG ESSAY

Trauma's meaning collapsed when we turned ordinary pain into a product The Guardian examines how trauma expanded from genuine catastrophe to every minor discomfort, creating an industry that pathologizes normal life while obscuring real suffering. THE GUARDIAN ARTICLE | GABOR MATÉ INTERVIEW

Ideas aren't getting harder to find, we're just fishing in fished-out ponds The declining research productivity everyone freaks out about is mostly just a measurement problem—we keep looking at mature fields like Moore's Law instead of measuring actual discovery rates across all science. ASTERISK MAGAZINE ARTICLE | HN DISCUSSION

You're not dating a person anymore, you're dating their entire digital ecosystem Modern relationships aren't between two people—they're negotiations between competing information systems shaped by feeds, group chats, and algorithms that rewrite ordinary friction into pathology. YOU ARE DATING AN ECOSYSTEM

Polymarket accounts keep winning bets on OpenAI and Google releases raising insider trading concerns A handful of Polymarket accounts correctly bet OpenAI would release GPT-5.2 by December 13, making $13k and fueling suspicions these bettors have inside information from working at these companies. THE INFORMATION ARTICLE

Read Something Wonderful curates the best long-form essays worth your time READ SOMETHING WONDERFUL

Companies scrape HTML instead of using the damn API ORIGINAL ARTICLE

A vocabulary test measures how many English words you recognize ENGLISH VOCABULARY TEST

John Updike's letters show he literally never stopped writing about writing A new 912-page collection reveals Updike used letters to test material—every moment was content for the next book. SELECTED LETTERS REVIEW

Pluribus becomes Apple TV's most watched show ever 9TO5MAC ARTICLE

Extremely pleased with the content and design of this site. Few things are as wonderful as stumbling onto a great essay.

READ SOMETHING WONDERFUL