Unsupervised Learning

Unsupervised Learning

danielmiessler.com/podcast
Content Curation as a Service, at the intersection of security, technology, and humans.


206
Dec 9 • 21 min
Vietnamese BMW APT, Defense Contractor Prep, China replacing a culture, HackerOne Cookie Snafu, Chinese Also Worried About Privacy, China Mobile Face, CDC Flu Warning, AWS Sagemaker, Technology News, Human News, Ideas Trends & Analysis, Discovery,…
205
Dec 2 • 34 min
Spam trends, CWE’s latest 25, Uber audio recordings, Uber unauthorized drivers, Chinese research theft, Google state-actor notifications, bluetooth burglars, Nixon deepface, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations,…
203
Nov 18 • 18 min
Google health care, Google checking, Github open source, China policy hack, Hactivist bounties, healthcare attacks, facial protests, OSINT CTF, surveillance robots, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the…
202
Nov 11 • 14 min
Capital fired, DHS biodata, Twitter insiders, Baltimore Cyber Insurance, Airbnb Assessment, Google Play Malware, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…
201
Nov 4 • 19 min
Unify drama, Fancy cheating, NSO lawsuits, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…
200
Oct 28 • 17 min
200th episode!, White House cyber vacancies, AT&T SIM bribery, South Africa ultimatum, climate change power crash, Bahgdadi dead, RuNET, NYT insanity, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly…
199
Oct 21 • 18 min
Stolen Cards Stolen, Autoclerk Hacked, TeamViewer Hacked, Russia Pretending to be Iranian, JackSpotting, Pixel4 Faces, FrenchFacRec, Samsung Fingerprints, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly…
198
Oct 14 • 18 min
Eye reflection EXIF, WiFi gait, Russian Cyber Clusters, Russia African Americans, China Pressure, VPN drama, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…
197
Oct 7 • 24 min
Yahoo creep, DarkNet, E2E encryption, Cyber talent, RandomDeath, Private Data Property, Eyeballer, plus Technology News, Human News, Ideas Trends and Analysis, Updates, Discovery, Recommendations, and the Aphorism for the week!
196
Sep 30 • 24 min
New York is suing Dunkin (Donuts) for not revealing breaches in a timely manner (going all the way back to 2015), which is says jeopardized their customers. Good for New York. It’s one thing to be breached: it’s much worse to try to pretend it didn’t…
195
Sep 23 • 26 min
Here’s the new MITRE 2019 25 Most Dangerous Software Errors. Memory corruption bugs are huge right now. More There’s a ton of recent DDoS activity that’s leveraging IoT devices for UDP amplification attacks. Specifically, the WS-Discovery service (WSD) is…
194
Sep 15 • 24 min
Not sure how this isn’t bigger news, but Saudi Arabia shut down half its oil production after a number of drones attacked the largest oil processing plant in the world. Yemeni rebels claimed credit, but the US blames Iran. More DNS over HTTPS is coming to…
193
Sep 8 • 22 min
AIG says BEC has overtaken ransomware as the primary claim type against their cyber insurance policies in EMEA, accounting for 23% of claims. More Paper The NSA Cyber Chief wants to share digital threat information early and often. I like the fact that…
192
Sep 2 • 35 min
Ring has already partnered with over 400 police departments. As you know, I’m torn on this kind of tech. Neighborhood watch can be a good thing, and it can also be a bad thing. Technology tends to magnify both weaknesses and strengths, so it can make…
191
Aug 26 • 25 min
Protestors in Hong Kong are physically attacking and destroying facial recognition cameras. More Palo Alto says 7 out of 10 new domain registrations (NDRs) are either malicious or not safe for work, and they encourage companies to block them. More Lt.…
The Difference Between Data, Information, and Intelligence
Aug 18 • 5 min
The terms intelligence, information, and data are thrown around pretty loosely in most tech circles, and this inevitably leads to people confusing and/or conflating them. What follows is a simple explanation of how the related terms are different from…
190
Aug 18 • 22 min
There are some seriously nasty Windows RDP bugs out there. If you have RDP facing the internet, make sure you’re patched. And try to get to VPN as soon as possible. More A huge survey of firmware security has found virtually no improvement over the last…
189
Aug 13 • 8 min
Ring is developing two-way relationships with hundreds of police departments in the US. This allows Ring users to be alerted to crime in their area via 911 data, and police departments to pull video from participating Ring devices. This is the type of…
188
Jul 29 • 19 min
Marcus Hutchins got off with time-served, and people have feelings. The range basically goes from ‘he did nothing wrong’, to, ‘he should rot in prison’. In my mind this outcome was close to perfect. Remember, he went through two years of hell since being…
Humans Are Genebots
Jul 26 • 7 min
Unpacking the evolution-granted bliss of prep schools and elite institutions, and why they resonate so much with us.
Machine Learning Doesn’t Introduce Unfairness—It Reveals It
Jul 25 • 8 min
The difference between unfairness and bias in machine learning.
187
Jul 21 • 35 min
Lots of people in the security community went silly over the FaceApp application last week, basically saying that you shouldn’t be using the application because they’ll steal your face and then be able to impersonate you. Oh, and then it turned out to be…
Time Speeds Up When You’re Wasting It
Jul 20 • 4 min
An essay on why time can feel like it’s speeding up when you get older, and how to slow it back down. Support the show.
186
Jul 14 • 20 min
Parts of Manhattan had a power outage Saturday night, which happened to be the anniversary of another power outage in 1977. The power company apologized but didn’t explain what happened. The hacker in me thinks this could easily be a probing shot by a…
185
Jul 8 • 21 min
The Telegraph has found strong links between Huawei employees and Chinese intelligence agencies. The Huawei counter was that this was extremely common among telecom companies, and that it wasn’t a big deal. The counter to that counter was, basically,…
The World is Collapsing Into Two Countries—Green and Red
Jul 3 • 8 min
The world being sorted into two different countries—a Green country of the top 10% of income/wealk, and a Red country that’s everyone else. These countries are separated not by geography, but by class. Support the show.
184
Jul 1 • 18 min
I created a new tutorial on OWASP Amass, and just joined the team as a contributor as well. Tutorial Chinese hacking groups have been embedded deep inside multiple major US tech firms for many years, including Fujitsu, Tata, NTT, Dimension Data, and HPE.…
183
Jun 24 • 13 min
There’s a Linux vulnerability called SACK Panic (among other names) that takes advantage of a kernel feature called Selective ACK. The feature lets systems tell the other side of the conversation how much data it’s received, and it turns out it can be…
182
Jun 18 • 10 min
The US is supposedly ramping up attacks against Russian power grid through the use of new cyberattack powers granted by Trump. I am happy to hear of this, but it’s an example of where we as outsiders can only know a tiny fragment of the story. But any…
181
Jun 11 • 24 min
Some absolutely fascinating research has just come out on what percentages and types of vulnerabilities are actually exploited in the wild. It found that only 5.5% of vulnerabilities discovered between 2009 and 2018 were actually exploited, with most of…
Grit is the Ultimate Privilege
Jun 8 • 6 min
An argument that we should acknowledge grit as one of the most powerful causal factors in success, and figure out ways to bring its benefits to everyone.
Why Software Remains Insecure
Jun 6 • 4 min
A concise explanation of why software continues to have security and quality problems after decades of supposedly trying to address the problem.
179
May 28 • 17 min
The Deepfakes thing is already starting to have an impact, and it didn’t even involve actual Deepfake (GAN ML) technology. A video was spread of Nancy Pelosi speaking very slowly and seeming to stumble over her words, which made her look quite bad. The…
178
May 24 • 23 min
Trump has semi-banned the use of foreign telecom gear, which is really a direct shot at Huawei and China. more Baltimore’s IT systems are still being held hostage after 2 weeks. Of all the cities in the world that I could imagine this happening to,…
177
May 14 • 22 min
My Takeaways from the 2019 DBIR Report My Summary The Report The DOJ has unsealed the indictment against those who they believe hacked Anthem in 2015, and they are Chinese Nationals. They didn’t reveal the suspected motive, however. But as I wrote about…
Finding Clarity on the Exodus of the New Left
May 3 • 10 min
A short essay that attempts to wrap a simple narrative around what’s currently happening with the exodus of the New Left, and what it’s doing to the moderate left, center, and right that they left behind.
175
Apr 30 • 36 min
Deepfakes are about to seriously erode our collective ability to tell truth from fiction, and this is already a big enough problem without them. Think of every problem you care about, and realize this represents an exponent on each one. This video…
A Political Discussion with Jeremiah Grossman
Apr 14 • 105 min
Today’s standalone episode of Unsupervised Learning is a political conversation with Jeremiah Grossman, who many of you will know as the founder of Whitehat Security, current CEO of BitDiscovery, Jujitsu Blackbelt, and all-around great individual. In this…
173
Apr 14 • 24 min
Amazon has many thousands of people doing quality control on Alexa, meaning that they’re listening to incoming audio captured on Echo devices. This shouldn’t be surprising. The question is how they’re doing it, and what policies they have around privacy…
171
Apr 1 • 19 min
Mastercard is looking to create a Digital ID service that can bind your digital presence to your mobile device, which will be able to verify you to various services. Link Palantir has won an $800 million contract to build the next combat intelligence…
169
Mar 18 • 18 min
Multiple governments have now blacklisted Huawei, which Huawei seems very confused by. The best explanation I’ve heard so far about why this move makes sense for western countries came from Rob Joyce of NSA. He basically said that just like Kaspersky in…
167
Mar 3 • 34 min
This is a description of cyberwar that sounds quite realistic to me, and it’s based around the thousand-cuts idea. Ring Doorbells have a vulnerability that allows one to capture clear-text videos and other data from the cameras if you can get on the…
165
Feb 21 • 23 min
OpenAI text spoofing, Twitter DMs, Chinese tracking database, Ponemon Cyber Risk Score, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…
163
Feb 4 • 16 min
My takeaways from ENIGMA 2019—one of my two favorite conferences in the world. The US has charged Huawei with stealing trade secrets, money laundering, and fraud. This escalates the already tense situation with China on a number of fronts. An engineer…
An Overview of the OWASP IoT Top 10 for 2018
Jan 7 • 14 min
We just released the 2018 version of the OWASP Internet of Things Top 10, and in this episode I talk you through the list and give the philosophy, methodology, and next steps for the project.
159
Jan 7 • 28 min
German politician hack, NSA’s new RE tool, Weather Channel tracking, sick TSA agents, Facebook dust tracking, Technology, Humans, Ideas, Recommendations, and the weekly Aphorism…
155
Dec 11, 2018 • 16 min
Google+ breach, Android flaws, China’s long game against the US, Australia’s encryption blunder, NYPD drones, and more…
153
Nov 26, 2018 • 14 min
Ukraine malware, China’s Black Mirror, DARPA’s Mosaic, FBI trolling, Silicon Valley jobs, Technology News, Human News, Ideas, Trends, & Analysis, Discovery, Notes, Recommendations, and the weekly Aphorism!
147
Oct 25, 2018 • 12 min
OWASP IoT Top 10 Draft, Facebook compromise, Fornite cheating, Pentagon weapons, spam calls, technology news, human news, ideas, discovery, recommendation, and the weekly aphorism… Support the show.
141
Sep 4, 2018 • 58 min
AMA Summer 2018, Security News, Technology News, Human News, Ideas, Discovery, and the weekly Recommendation and Aphorism…
139
Aug 20, 2018 • 17 min
TLS 1.3, BurpSuite Improvements, Google Ad Database, Russian Attack Sattelites, Amazon Theaters, Google AI Cooling, Wheat Genome, Giant Magellan Telescope, Carb Ratios, Leg Exercise and Cognitive Health, Ideas, Discovery, Notes, Recommendations, and the…
135
Jul 22, 2018 • 27 min
GRU ATT&CK analysis, Assange to the UK, Cisco backdoors, DARPA electronics, faces from genomes, viz.ai, open plans are bad, Best Buy consulting, ultrasound vs. dementia, 4 day work weeks, ideas, recommendations, and the aphorism of the week!
133
Jul 11, 2018 • 34 min
Twitter deleting accounts, deepfakes, location leaks, Rekognition, bio databases, juggalo makeup, iOS 12 security, Siri upgrades, and more…
131
Jun 26, 2018 • 29 min
Predicting your credit rating based on the tech you use, Russians attack Germans, WPA3, China bird drones, AT&T and Verison to stop selling our location data, Facebook red team, Twitter Smyte, plus tech, humans, discovery, and more…
129
Jun 12, 2018 • 11 min
Reboot your router, China hacked a U.S. Navy contractor and stole around 600GB of top secret data. Newark, NJ is monitoring much of the city with surveillance cameras, and they’re making the camera footage available to the public. Facebook also shared…
128
Jun 4, 2018 • 10 min
Pentagon background checks, China using machine learning in schools, Rusian ethnicity detecting AI, US Military presence in Africa, Atlanta lost dashcam footage, Kidnapping insurance, Technology News, Ideas, Recommendation, Aphorism, and more…
127
May 29, 2018 • 9 min
VPNFilter botnet, Echo private convo, Ghostery GDPR fail, PornHub VPN, Technology News, Human News, Ideas, Trends, & Analysis, Discovery, Recommendations, the weekly Aphorism, and more…
126
May 25, 2018 • 9 min
VPNFilter botnet, LA + Palantir, Amazon Surveillance, Momentum report, Clapper says Russia turned the election, Chinese supply chain attacks, Tech News, Human News, Ideas, Discovery, Recommendation, the Aphorism, and more…
125
May 17, 2018 • 12 min
Regulators aren’t staffed to audit you on GDPR, inaudible Siri and Alexa commands, iOS 4 is bringing lots of privacy updates, California DNA storage, technology news, human news, Ideas, recommendation, the weekly aphorism, and more…
If You’re Not Doing Continuous Asset Management You’re Not Doing Security
May 16, 2018 • 7 min
How enterprises are completely ignoring the security activity that could help the most.
120
Apr 9, 2018 • 19 min
It’s 2 billion users now, Liinux beep, Digital Shadows finds fail files, cloud misconfiguration, AlterEgo, AI applications, Alexa sending payments, Tech, Ideas, Recommendation, Aphorism, and more…
119
Apr 2, 2018 • 27 min
Atlanta disabled, MyFitnessPal hacked, Cambridge Analytica election tampering, Drupal, Saks, DARPA drones, Cloudflare 1.1.1.1, Slack bosses, Democratic Chinese AIs, Georgia facepalm, tech, humans, ideas, and more…
116
Mar 13, 2018 • 17 min
Chinese at CanSecWest, Applebees POS, Palantir, Poisoning, TensorFlow DoD, Amazon laughing, Google 72-qbits, Amazon FinTech, Android P, and more…
115
Mar 6, 2018 • 12 min
GitHub DDoS, Celebrite Attacks, AI warnings, Palantir in New Orleans, Grub Backspace, 4G attacks, Space Corps, Amazon wins Defense Department deal, tech news, human news, discovery, notes, recommendation, aphorism, and more…
113
Feb 20, 2018 • 51 min
Parkland tampering, Avoid Huawei, Bongo S3, Facebook 2FA Spam, Android Cryptojacking, Spyware Hacking, Password Dating, Technology News, Human News, Trends, Ideas & Analysis, Data & Statistics, Discovery, Recommendations, Aphorism, and more…
112
Feb 12, 2018 • 22 min
Chinese AR glasses, Cisco ASA flaws, Russian Nuclear Cryptomining, Marine quadcopters, POS Skimmers, Chrome HTTP, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…
111
Feb 5, 2018 • 14 min
Olympic security drones, Alexa trickery, Chinese quantum satellite, Audio Adversary Examples, BeeToken Ethereum theft, App Store Security, Cryptomining, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…
109
Jan 22, 2018 • 14 min
Social engineering, breach impact, Chinese turncoat, Android spy kit, Hawaiian OPSEC, Russian cables, bypassing CloudFlare, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…
107
Jan 8, 2018 • 30 min
Meltdown & Spectre, India’s Database, Criminals and Monero, Equifax Non-action, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…
The Biggest Advantage in Machine Learning Will Come From Superior Coverage, Not Superior Analysis
Jan 3, 2018 • 8 min
Many people, in many fields, think Machine Learning won’t replace their analysts because their humans are better than an algorithm. But it’s not just about side-by-side comparisons. The bigger question is, “what percentage of the data can humans actually…
It’s Wrong to Fear-monger on IoT Security
Jan 3, 2018 • 5 min
How it’s shortsighted and irresponsible for InfoSec professionals to fear-monger on IoT Security, and what we should be saying instead.
106
Jan 3, 2018 • 28 min
Swatting death, Ethereum kidnap, Chinese dystopia, Alteryx S3 bucket, Starbucks Monero, Forever21, Microphone ads, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…
105
Dec 18, 2017 • 23 min
TRITON, 1.4 billion credentials, HP keyloggers, iTunes Bitcoin laundering, removing credit card signatures, technologgy news, human news, discovery, notes, recommendations, and the aphorism of the week…
104
Dec 12, 2017 • 25 min
NiceHash hacked, Apple bugs, Stealing Cars via Relay, Crypto Collusion, technologgy news, human news, discovery, notes, recommendations, and the aphorism of the week… Support the show.
103
Nov 27, 2017 • 28 min
Uber’s mess, Google tracking users, AI finding missiles, drone disclosure, net neutrality, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.
102
Nov 20, 2017 • 26 min
Github security, China IW, Brexit IW, S3 again, Quad9 DNS security, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.
101
Nov 13, 2017 • 35 min
Verizon’s DBIR Report, sleeping fingerprints, IoT legislation, S3 security tools, AI tricks scammers, SEALs kill Green Beret, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.
100
Nov 6, 2017 • 23 min
Russian IW memes, POTUS Twitter, Texas Attack, Silence Trojan, NotPetya Damages, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.
99
Oct 31, 2017 • 29 min
Information Warfare, AI vs. CAPTCHA, Google Bug Bug, DARPA Drone Swarms, USB Fail, Medical Extortion, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.
InfoSec Needs to Embrace New Tech Instead of Ridiculing It
Oct 26, 2017 • 6 min
The InfoSec community needs to learn how to shepherd the public through new technology instead of joining them in fleeing from it. Support the show.
The Difference Between Violence and Terrorism
Oct 25, 2017 • 4 min
The ways that terrorism and violence are different, and why it’s important that we don’t confuse them. Support the show.
98
Oct 22, 2017 • 32 min
The Reaper botnet, Google Advanced Email Protection, Bitcoin Over $6,000, Duo’s $70 million, Dubai going to facial recognition, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.
97
Oct 16, 2017 • 36 min
Major WPA2 Flaw, Suburu hack, Vulnerable Container Ships, F-35 Data Stolen, Accenture S3 Buckets, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.
96
Oct 11, 2017 • 34 min
Russians vs. NSA, ArcSight vs. Russia, DISQUS breach, TrendMicro vulnerability, Stamos, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.
95
Oct 2, 2017 • 11 min
IE leak, Whole Foods, Sonic, Apple Open-sources Kernels, Equifax $15 million retirement, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.
94
Sep 25, 2017 • 33 min
Deloitte hacked, Equifax fumbles, SEC hacked, iCloud ransom, Adobe PGP facepalm, Verizon S3 buckets, CCleaner, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.
93
Sep 18, 2017 • 42 min
Equifax fallout, BlueBorne, Microsoft RCE, iPhone X, Dumping AWS, Cassini, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.
92
Sep 10, 2017 • 29 min
Equifax, Hutchins got Krebs’d, Russia used Facebook, Energy hacking, Anti-protester AI, High-pitched Assistant hacking, tech news, human news, ideas, discovery, recommendations, aphorism, and more… Support the show.
91
Sep 4, 2017 • 37 min
465K pacemaker patches, instagram leak, DJI bounty, Marketing departments messing up security news, false dichotomy in complex issues, IRS social media mining, death of the Sun, more fake Wells Fargo accounts, human echolocation, facial gestures as…
90
Aug 28, 2017 • 30 min
Swedish gov leak, OPM hacking arrest, cybersecurity spending $1T, Oreo, Whole Amazon Foods, intelligence genes, false dichotomy of conflicting ideas, OPSEC obscurity, discovery, aphorism, and more… Support the show.
89
Aug 20, 2017 • 35 min
Serious CANBUS issue, Cyber as a branch of the service?, iOS 11 Cop Mode, biometric wearables, Bill Joy battery, bitcoin forking again, ideas, discovery, aphorism, and more… Support the show.
88
Aug 15, 2017 • 22 min
Amazon Macie, APT28, Cuba sonic attacks, Palantir and police, DNA malware, confusing self-driving cars, ideas, discovery, aphorism, and more… Support the show.
85
Jul 10, 2017 • 26 min
The future of security testing, nuclear plant hacks, Android malware, satellite decryption, wildcard certs, military encryption, gsuite protections, WWE S3, tesla 3, jawbone, drone hacking, mental aging, millionare GPAs, discovery, recommendations, the…
83
Jun 27, 2017 • 26 min
Petya ransomware worm, RNC breach, Anthem settlement, Russians want source code, risk ratings, patching, ICOs, ideas, discovery, recommendation, aphorism, and more… Support the show.
82
Jun 12, 2017 • 19 min
Live from London, Gamestop hacked, PowerPoint malware, Chinese Apple Hack, XSS, WWDC summary, FDA approves cancer drug, heroin $51B, ideas, discovery, recommendation, aphorism, and more… Support the show.
81
Jun 4, 2017 • 27 min
OneLogin, Extortion, Coinbase, Pandemic, Booz, Mobile Apps, Electricity, AI voices, Sheets, Walmart, Karoshi, APIs, discovery, aphorisms, and more… Support the show.
Unsupervised Learning: No 79
May 23, 2017 • 32 min
WannaCry, Intel leaks, DocuSign phishing, cockpit codes, Delta facial recognition, China vs. CIA, WordPress bug bounty, Marines and drones, HPE R&D, Watts, graduates only making 40K, China’s DNA project, honeymoons vs. rings, Sherrif Eli, retirees…
78
May 14, 2017 • 30 min
The WannaCry ransomware worm, the president’s EO, Macron hacking, HP backdoors, laptop bans, Amazon releases, Chinese online commerce, CRISPR, Germany and renewable energy, beetles, dental health as social indicator, Reading superpowers, Net Neutrality,…
Unsupervised Learning: No.76
May 2, 2017 • 17 min
Verizon’s DBIR report, Chipotle (again), USAF bounty, NSA surveillance hampered, Android hacks, Taser and computer vision, Google fights fake news, Exercise types & mental skills, Perfect pitch recording, Lifecasting, RF X-Ray, discovered links, and more……
75
Apr 23, 2017 • 34 min
DoublePulsar in the wild, vigilante IoT worms, Bose listening headphones, PoS hacking sentence, Google ad blocking, best anti-aging exercises, unqualified Indian engineers, , discovered links, and more… Support the show.