Unsupervised Learning

Unsupervised Learning

A Political Discussion with Jeremiah Grossman

Apr 14 • 105 min

Today’s standalone episode of Unsupervised Learning is a political conversation with Jeremiah Grossman, who many of you will know as the founder of Whitehat Security, current CEO of BitDiscovery, Jujitsu Blackbelt, and all-around great individual. In this…

173

Apr 14 • 24 min

Amazon has many thousands of people doing quality control on Alexa, meaning that they’re listening to incoming audio captured on Echo devices. This shouldn’t be surprising. The question is how they’re doing it, and what policies they have around privacy…

171

Apr 1 • 19 min

Mastercard is looking to create a Digital ID service that can bind your digital presence to your mobile device, which will be able to verify you to various services. Link Palantir has won an $800 million contract to build the next combat intelligence…

169

Mar 18 • 18 min

Multiple governments have now blacklisted Huawei, which Huawei seems very confused by. The best explanation I’ve heard so far about why this move makes sense for western countries came from Rob Joyce of NSA. He basically said that just like Kaspersky in…

167

Mar 3 • 34 min

This is a description of cyberwar that sounds quite realistic to me, and it’s based around the thousand-cuts idea. Ring Doorbells have a vulnerability that allows one to capture clear-text videos and other data from the cameras if you can get on the…

165

Feb 21 • 23 min

OpenAI text spoofing, Twitter DMs, Chinese tracking database, Ponemon Cyber Risk Score, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…

163

Feb 4 • 16 min

My takeaways from ENIGMA 2019—one of my two favorite conferences in the world. The US has charged Huawei with stealing trade secrets, money laundering, and fraud. This escalates the already tense situation with China on a number of fronts. An engineer…

An Overview of the OWASP IoT Top 10 for 2018

Jan 7 • 14 min

We just released the 2018 version of the OWASP Internet of Things Top 10, and in this episode I talk you through the list and give the philosophy, methodology, and next steps for the project.

159

Jan 7 • 28 min

German politician hack, NSA’s new RE tool, Weather Channel tracking, sick TSA agents, Facebook dust tracking, Technology, Humans, Ideas, Recommendations, and the weekly Aphorism…

155

Dec 11, 2018 • 16 min

Google+ breach, Android flaws, China’s long game against the US, Australia’s encryption blunder, NYPD drones, and more…

153

Nov 26, 2018 • 14 min

Ukraine malware, China’s Black Mirror, DARPA’s Mosaic, FBI trolling, Silicon Valley jobs, Technology News, Human News, Ideas, Trends, & Analysis, Discovery, Notes, Recommendations, and the weekly Aphorism!

147

Oct 25, 2018 • 12 min

OWASP IoT Top 10 Draft, Facebook compromise, Fornite cheating, Pentagon weapons, spam calls, technology news, human news, ideas, discovery, recommendation, and the weekly aphorism… Support the show.

141

Sep 4, 2018 • 58 min

AMA Summer 2018, Security News, Technology News, Human News, Ideas, Discovery, and the weekly Recommendation and Aphorism…

139

Aug 20, 2018 • 17 min

TLS 1.3, BurpSuite Improvements, Google Ad Database, Russian Attack Sattelites, Amazon Theaters, Google AI Cooling, Wheat Genome, Giant Magellan Telescope, Carb Ratios, Leg Exercise and Cognitive Health, Ideas, Discovery, Notes, Recommendations, and the…

135

Jul 22, 2018 • 27 min

GRU ATT&CK analysis, Assange to the UK, Cisco backdoors, DARPA electronics, faces from genomes, viz.ai, open plans are bad, Best Buy consulting, ultrasound vs. dementia, 4 day work weeks, ideas, recommendations, and the aphorism of the week!

133

Jul 11, 2018 • 34 min

Twitter deleting accounts, deepfakes, location leaks, Rekognition, bio databases, juggalo makeup, iOS 12 security, Siri upgrades, and more…

131

Jun 26, 2018 • 29 min

Predicting your credit rating based on the tech you use, Russians attack Germans, WPA3, China bird drones, AT&T and Verison to stop selling our location data, Facebook red team, Twitter Smyte, plus tech, humans, discovery, and more…

129

Jun 12, 2018 • 11 min

Reboot your router, China hacked a U.S. Navy contractor and stole around 600GB of top secret data. Newark, NJ is monitoring much of the city with surveillance cameras, and they’re making the camera footage available to the public. Facebook also shared…

128

Jun 4, 2018 • 10 min

Pentagon background checks, China using machine learning in schools, Rusian ethnicity detecting AI, US Military presence in Africa, Atlanta lost dashcam footage, Kidnapping insurance, Technology News, Ideas, Recommendation, Aphorism, and more…

127

May 29, 2018 • 9 min

VPNFilter botnet, Echo private convo, Ghostery GDPR fail, PornHub VPN, Technology News, Human News, Ideas, Trends, & Analysis, Discovery, Recommendations, the weekly Aphorism, and more…

126

May 25, 2018 • 9 min

VPNFilter botnet, LA + Palantir, Amazon Surveillance, Momentum report, Clapper says Russia turned the election, Chinese supply chain attacks, Tech News, Human News, Ideas, Discovery, Recommendation, the Aphorism, and more…

125

May 17, 2018 • 12 min

Regulators aren’t staffed to audit you on GDPR, inaudible Siri and Alexa commands, iOS 4 is bringing lots of privacy updates, California DNA storage, technology news, human news, Ideas, recommendation, the weekly aphorism, and more…

If You’re Not Doing Continuous Asset Management You’re Not Doing Security

May 16, 2018 • 7 min

How enterprises are completely ignoring the security activity that could help the most.

120

Apr 9, 2018 • 19 min

It’s 2 billion users now, Liinux beep, Digital Shadows finds fail files, cloud misconfiguration, AlterEgo, AI applications, Alexa sending payments, Tech, Ideas, Recommendation, Aphorism, and more…

119

Apr 2, 2018 • 27 min

Atlanta disabled, MyFitnessPal hacked, Cambridge Analytica election tampering, Drupal, Saks, DARPA drones, Cloudflare 1.1.1.1, Slack bosses, Democratic Chinese AIs, Georgia facepalm, tech, humans, ideas, and more…

116

Mar 13, 2018 • 17 min

Chinese at CanSecWest, Applebees POS, Palantir, Poisoning, TensorFlow DoD, Amazon laughing, Google 72-qbits, Amazon FinTech, Android P, and more…

115

Mar 6, 2018 • 12 min

GitHub DDoS, Celebrite Attacks, AI warnings, Palantir in New Orleans, Grub Backspace, 4G attacks, Space Corps, Amazon wins Defense Department deal, tech news, human news, discovery, notes, recommendation, aphorism, and more…

113

Feb 20, 2018 • 51 min

Parkland tampering, Avoid Huawei, Bongo S3, Facebook 2FA Spam, Android Cryptojacking, Spyware Hacking, Password Dating, Technology News, Human News, Trends, Ideas & Analysis, Data & Statistics, Discovery, Recommendations, Aphorism, and more…

112

Feb 12, 2018 • 22 min

Chinese AR glasses, Cisco ASA flaws, Russian Nuclear Cryptomining, Marine quadcopters, POS Skimmers, Chrome HTTP, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…

111

Feb 5, 2018 • 14 min

Olympic security drones, Alexa trickery, Chinese quantum satellite, Audio Adversary Examples, BeeToken Ethereum theft, App Store Security, Cryptomining, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…

109

Jan 22, 2018 • 14 min

Social engineering, breach impact, Chinese turncoat, Android spy kit, Hawaiian OPSEC, Russian cables, bypassing CloudFlare, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…

107

Jan 8, 2018 • 30 min

Meltdown & Spectre, India’s Database, Criminals and Monero, Equifax Non-action, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…

The Biggest Advantage in Machine Learning Will Come From Superior Coverage, Not Superior Analysis

Jan 3, 2018 • 8 min

Many people, in many fields, think Machine Learning won’t replace their analysts because their humans are better than an algorithm. But it’s not just about side-by-side comparisons. The bigger question is, “what percentage of the data can humans actually…

It’s Wrong to Fear-monger on IoT Security

Jan 3, 2018 • 5 min

How it’s shortsighted and irresponsible for InfoSec professionals to fear-monger on IoT Security, and what we should be saying instead.

106

Jan 3, 2018 • 28 min

Swatting death, Ethereum kidnap, Chinese dystopia, Alteryx S3 bucket, Starbucks Monero, Forever21, Microphone ads, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…

105

Dec 18, 2017 • 23 min

TRITON, 1.4 billion credentials, HP keyloggers, iTunes Bitcoin laundering, removing credit card signatures, technologgy news, human news, discovery, notes, recommendations, and the aphorism of the week…

104

Dec 12, 2017 • 25 min

NiceHash hacked, Apple bugs, Stealing Cars via Relay, Crypto Collusion, technologgy news, human news, discovery, notes, recommendations, and the aphorism of the week… Support the show.

103

Nov 27, 2017 • 28 min

Uber’s mess, Google tracking users, AI finding missiles, drone disclosure, net neutrality, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

102

Nov 20, 2017 • 26 min

Github security, China IW, Brexit IW, S3 again, Quad9 DNS security, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

101

Nov 13, 2017 • 35 min

Verizon’s DBIR Report, sleeping fingerprints, IoT legislation, S3 security tools, AI tricks scammers, SEALs kill Green Beret, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

100

Nov 6, 2017 • 23 min

Russian IW memes, POTUS Twitter, Texas Attack, Silence Trojan, NotPetya Damages, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

99

Oct 31, 2017 • 29 min

Information Warfare, AI vs. CAPTCHA, Google Bug Bug, DARPA Drone Swarms, USB Fail, Medical Extortion, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

InfoSec Needs to Embrace New Tech Instead of Ridiculing It

Oct 26, 2017 • 6 min

The InfoSec community needs to learn how to shepherd the public through new technology instead of joining them in fleeing from it. Support the show.

The Difference Between Violence and Terrorism

Oct 25, 2017 • 4 min

The ways that terrorism and violence are different, and why it’s important that we don’t confuse them. Support the show.

98

Oct 22, 2017 • 32 min

The Reaper botnet, Google Advanced Email Protection, Bitcoin Over $6,000, Duo’s $70 million, Dubai going to facial recognition, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

97

Oct 16, 2017 • 36 min

Major WPA2 Flaw, Suburu hack, Vulnerable Container Ships, F-35 Data Stolen, Accenture S3 Buckets, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

96

Oct 11, 2017 • 34 min

Russians vs. NSA, ArcSight vs. Russia, DISQUS breach, TrendMicro vulnerability, Stamos, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

95

Oct 2, 2017 • 11 min

IE leak, Whole Foods, Sonic, Apple Open-sources Kernels, Equifax $15 million retirement, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

94

Sep 25, 2017 • 33 min

Deloitte hacked, Equifax fumbles, SEC hacked, iCloud ransom, Adobe PGP facepalm, Verizon S3 buckets, CCleaner, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

93

Sep 18, 2017 • 42 min

Equifax fallout, BlueBorne, Microsoft RCE, iPhone X, Dumping AWS, Cassini, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

92

Sep 10, 2017 • 29 min

Equifax, Hutchins got Krebs’d, Russia used Facebook, Energy hacking, Anti-protester AI, High-pitched Assistant hacking, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.

91

Sep 4, 2017 • 37 min

465K pacemaker patches, instagram leak, DJI bounty, Marketing departments messing up security news, false dichotomy in complex issues, IRS social media mining, death of the Sun, more fake Wells Fargo accounts, human echolocation, facial gestures as…

90

Aug 28, 2017 • 30 min

Swedish gov leak, OPM hacking arrest, cybersecurity spending $1T, Oreo, Whole Amazon Foods, intelligence genes, false dichotomy of conflicting ideas, OPSEC obscurity, discovery, aphorism, and more… Support the show.

89

Aug 20, 2017 • 35 min

Serious CANBUS issue, Cyber as a branch of the service?, iOS 11 Cop Mode, biometric wearables, Bill Joy battery, bitcoin forking again, ideas, discovery, aphorism, and more… Support the show.

88

Aug 15, 2017 • 22 min

Amazon Macie, APT28, Cuba sonic attacks, Palantir and police, DNA malware, confusing self-driving cars, ideas, discovery, aphorism, and more… Support the show.

85

Jul 10, 2017 • 26 min

The future of security testing, nuclear plant hacks, Android malware, satellite decryption, wildcard certs, military encryption, gsuite protections, WWE S3, tesla 3, jawbone, drone hacking, mental aging, millionare GPAs, discovery, recommendations, the…

83

Jun 27, 2017 • 26 min

Petya ransomware worm, RNC breach, Anthem settlement, Russians want source code, risk ratings, patching, ICOs, ideas, discovery, recommendation, aphorism, and more… Support the show.

82

Jun 12, 2017 • 19 min

Live from London, Gamestop hacked, PowerPoint malware, Chinese Apple Hack, XSS, WWDC summary, FDA approves cancer drug, heroin $51B, ideas, discovery, recommendation, aphorism, and more… Support the show.

81

Jun 4, 2017 • 27 min

OneLogin, Extortion, Coinbase, Pandemic, Booz, Mobile Apps, Electricity, AI voices, Sheets, Walmart, Karoshi, APIs, discovery, aphorisms, and more… Support the show.

Unsupervised Learning: No 79

May 23, 2017 • 32 min

WannaCry, Intel leaks, DocuSign phishing, cockpit codes, Delta facial recognition, China vs. CIA, WordPress bug bounty, Marines and drones, HPE R&D, Watts, graduates only making 40K, China’s DNA project, honeymoons vs. rings, Sherrif Eli, retirees…

78

May 14, 2017 • 30 min

The WannaCry ransomware worm, the president’s EO, Macron hacking, HP backdoors, laptop bans, Amazon releases, Chinese online commerce, CRISPR, Germany and renewable energy, beetles, dental health as social indicator, Reading superpowers, Net Neutrality,…

Unsupervised Learning: No.76

May 2, 2017 • 17 min

Verizon’s DBIR report, Chipotle (again), USAF bounty, NSA surveillance hampered, Android hacks, Taser and computer vision, Google fights fake news, Exercise types & mental skills, Perfect pitch recording, Lifecasting, RF X-Ray, discovered links, and more……

75

Apr 23, 2017 • 34 min

DoublePulsar in the wild, vigilante IoT worms, Bose listening headphones, PoS hacking sentence, Google ad blocking, best anti-aging exercises, unqualified Indian engineers, , discovered links, and more… Support the show.

Unsupervised Learning: No 74

Apr 17, 2017 • 52 min

Shadow Brokers, fingerprinting Netflix traffic, Magneto vuln, Juniper advisories, Amazon speaker tech, Facebook’s 100Gbit optical switches, Google Hire, Minecraft currency, a solar-powered water harvester, OWASP Top 10 draft comments, remote SSH, EC2 and…

Unsupervised Learning: No 73

Apr 10, 2017 • 76 min

Word 0-day, BrickerBot, iOS GIF, Russian arrested, Tizen, OilRig, APT10 MSPs, Dallas sirens, ATM drilling, Watson golf, Uber Italy, AI memory, links, projects, and more… Support the show.

72

Apr 3, 2017 • 63 min

Apple fixed tons of bugs, hacking smart TVs over DVB-T, gift card bots, handgun AIs, Uber manipulations, AI vs. jobs, how to read more, cloud secret management, OPSEC and phishing, links, projects, and more… Support the show.

71

Mar 26, 2017 • 42 min

Half of Android devices haven’t been patched in over a year, Tavisclosure, NEST camera flaws, senate vs. privacy, electronics ban, bad Let’s Encrypt certs, Moodle SQLi, infosec venture capital drying up, IBM employees heading into the office, Twitter…

70

Mar 19, 2017 • 24 min

Russians at it again, Microsoft and Adobe updates, PoS breaches, US-CERT throws TLS shade, epilepsy tweet stalking, Tesla’s billion, lip-reading AI, autonomous BMWs, Fiber Lasers, taxing robots, Green Zones and Red Zones, AI disruption of healthcare,…

69

Mar 13, 2017 • 27 min

The Vault7 CIA dump, Russian shenanigans, Dahua, Verifone, mandatory genetic testing, Wordpress, atomic storage, Google Kaggles, presenting at HouSecCon, fasting research, data wars, chaos, voice interfaces, tools, projects, and more… Support the show.

68

Mar 6, 2017 • 37 min

Amazon’s S3 outage, Uber greyballing, fooling AI, DNS RATs, automating human jobs, suicide and ML, post-work IQ and creativity, greatness vs. imperfection, media choice, tools, projects, and more… Support the show.

67

Feb 27, 2017 • 31 min

CloudBleed, SHA1-1, White House Leaks, Planets, Satellites, Drones vs. Eagles, InfoSec Jobs, ExFil, IQ and Creativity in a Post-work World, Weaponized Narrative, Security Tools, Tons of Great Links, and more… Support the show.

66

Feb 21, 2017 • 29 min

My recap of RSA 2017, Google’s zero-trust implementation, Trump domain hacked, robots doing your taxes, the IoT Security train analogy, the future of authentication, toolswatch best tools of 2016, and more… Support the show.

64

Feb 7, 2017 • 22 min

Tax phishing, Microsoft SMB vulnerability, Cellebrite tools released, Computer interfaces, Centrism, Mobile 2.0, new projects, more… Support the show.

The Experience of Free Will is Not Free Will

Feb 1, 2017 • 5 min

A short essay on how it’s possible to experience free will without it being real. Support the show.

63

Jan 30, 2017 • 46 min

Peak Prevention at AppSec Cali, Austrian Hotel Ransomware, Russian FSB Drama, WordPress Issues, AV Conflicts, Uber Pays Another Company’s Bounty, Data Science, Rules for Rulers… Support the show.

62

Jan 22, 2017 • 28 min

An OWASP Gaming Security Framework, infosec news, OPSEC is obscurity, AMP is a horrible idea, the End of Twitter, the Sound of Silence, chaning your Echo wake word, RAWGraphs, Ask Lesley, and more… Support the show.

61

Jan 16, 2017 • 39 min

Nasty new GMail phishing bug, Microsoft kills security bulletins, ShadowBrokers go dark, Cellebrite hacked, Combining sensor data with machine learning, the tradeoff between privacy and IoT functionality, and more… Support the show.

Gratitude is the Epicenter of Happiness

Jan 14, 2017 • 4 min

The elusive center of happiness is gratitude, and the reason seems to be evolution. Support the show.

If You Believe Nothing You Can Be Convinced of Anything

Jan 13, 2017 • 12 min

An essay about the Russian hacking attribution issue, and how people who cannot differentiate the credibility of information sources are ultimately set to believe anything rather than nothing. Support the show.

60

Jan 11, 2017 • 31 min

How we know Russia did it, the FBI using Best Buy, an IBM study on ransomware, MongoDB hacks, and more… Support the show.

4 Things To Do in the First Week of Every January

Dec 27, 2016 • 2 min

A short piece on why I don’t like New Years resolutions, and the four things I prefer to do instead. Support the show.

58

Dec 19, 2016 • 14 min

This week’s topics: Yahoo!, Shadowbrokers, Building Your Own Honeytrapping Infrastructure, The Power of Newsletters, Project Aristotle, and more… Support the show.

57

Dec 12, 2016 • 29 min

This week’s topics: Russia gave us attribution for Christmas, the NSA is shedding talent, the evilest ransomware, how to raise someone’s IQ in 2 minutes, and more… Support the show.

56

Dec 4, 2016 • 14 min

Gooligan, Korean Game Hacking Law, DoubleFlag Experian Hack, Georgia Tech Attribution Research, Amazon’s re:Invent Conference Highlights, recommended links, and more… Support the show.

55

Nov 27, 2016 • 24 min

Biowarfare defenses, AI advances, mergers and acquisitions, Facebook and censorship, IoT definitions, the philosophy of Westworld, and more… Support the show.

The Difference Between Threats, Threat Actors, Vulnerabilities, and Risks

Nov 26, 2016 • 5 min

My essay that clearly separates the differences between the core infosec terms of threat, threat actor, vulnerabilty, and risk. Support the show.

The Difference Between Existentialism, Nihilism, and Absurdism

Nov 22, 2016 • 4 min

An essay on the differences in approaches when dealing with the intrinsic lack of meaning in the universe.

Stop Being Proud of Complexity

Nov 22, 2016 • 3 min

An essay on how complexity often communicates the exact opposite of its desired effect.

54

Nov 20, 2016 • 14 min

Britain’s new surveillance law, CRISPR biotech, the Army’s new Phaser, NIST’s new IoT Security guidelines, ML-based facial recognition, and more…

52

Nov 7, 2016 • 40 min

Infosec, technology, and human news. Ideas, trends, and statistics. Recommended links. Tips and miscellanea.

51

Oct 31, 2016 • 60 min

Infosec news, technology news, human news, trend analysis, recommended links, and more…

50

Oct 24, 2016 • 37 min

MadCOW, Mirai, Resilience, Crowdsourced Policing, Security and Obscurity, News, More…

49

Oct 18, 2016 • 47 min

Russia, Election, Deepmind, AI, Verizon, and more…

Unsupervised Learning: Episode 46

Sep 27, 2016 • 30 min

Yahoo breach, Blind and Out of Band Vulns, DDoS, Authentication, more…

Unsupervised Learning: Episode 45

Sep 19, 2016 • 57 min

DDoS, Auto Vulns, State Actors, Hacking Elections, Vulnerability Naming, Meaning and Music, Fear of AI, and more…

Unsupervised Learning: Episode 44

Sep 11, 2016 • 34 min

Major new Android vulnerability, OPM report, OS X backdoor, USB Kill Device, Kill Decision, and more…

Unsupervised Learning: Episode 43

Sep 7, 2016 • 42 min

InfosSec News, Bounties/Pentests/Red Team, from Apps to APIs, Gaming Microservices, and more…

Unsupervised Learning: Episode 42

Sep 1, 2016 • 64 min

InfoSec News Analysis, CSRF vs. XSS, Unbranded Future Vision, Unsubscribe Risk, Security Matrices in InfoSec Projects, and more…

Unsupervised Learning: Episode 41

Aug 18, 2016 • 34 min

Back after a break, InfoSec News, NSA hack, Red Blue and Purple Teams, and more!

Unsupervised Learning: Episode 40

May 31, 2016 • 54 min

Infosec, technology, Apple, tools, analysis, and more…