I spend 5-20 hours a week consuming books, podcasts, and articles, and I curate the best of what I find into a concise format for your convenience. It's Content Discovery and Analysis as a Service — by Daniel Miessler
🛡️ Security News

There's a Linux vulnerability called SACK Panic (among other names) that takes advantage of a kernel feature called Selective ACK. The feature lets systems tell the other side of the conversation how much data it's received, and it turns out it can be overflowed or fuzzed. The former creates a crash, and the latter creates a slowdown. You should patch. And if you have any services facing the internet running Linux, you should definitely patch. More

A Florida city paid $600,000 in bitcoin to get access to their data back from a ransomware gang. More

Magic Leap is suing former engineer Chi Xu for allegedly using his knowledge of the headset to make a version for China. More

The average security group is running over 50 security tools. As my friend Jeremiah once said when looking at a Momentum Partners slide, "Are we secure yet?" More

Amazon just got a patent for using delivery drones for surveillance. I don't necessarily think that means they'll use delivery drones for surveillance though. That's what a lot of the conspiracy theorists will say, though—just based on them getting a patent for using delivery drones for surveillance. Actually, the patent is a bit more benign than my joke implies. It's designed to monitor opted-in people's property, a lot like a house camera or a Ring device. Makes sense. But still. More

The US has attacked Iran using the cybers. I tried to write this sentence 12 different ways, and it's still cumbersome. Basically, Iran is suspected of attacking us in numerous ways recently so we struck back in cyberspace. I'm really trying, but it's still so hard to use the word cyber without irony. More

Researchers at USC have developed a tool to spot deepfakes, which are created by GANs. Ironically, that is also how GANs work. They work by engaging in multiple sessions of dueling banjo between creating something realistic and then detecting whether it's fake or not. GANs are awesome. GANs are scary. More

Hypersonic missiles are becoming a popular new weapon concept, and it's potentially starting a new types of arms race. The idea is to use pure speed to both avoid interception and to penetrate defenses, and the use cases being proposed include taking out enemy weapons, debilitating major weapon systems like carrier fleets, and even assassination. More

⚙️ Technology News

Facebook is launching a cryptocurrency called Libra. Many people in tech—and especially in security—are laughing about how stupid they are, since nobody will use it. Yet almost everyone they know uses Facebook, Instagram, and WhatsApp. Also, have you seen Facebook's stock recently? I think it'd be foolish to bet against this play, since they're looking to do the one thing that crypto-currencies have so far lacked—ease of use and marketing. I've not done a deep-dive on it yet, but I'd be very skeptical of the naysayers. Don't let your security bias dim your understanding of the regular world. More

CloudFlare has launched its own NTP service, including a secure version of the daemon. I'm a bit of an NTP fanboy, actually. Actually I'm a time fanboy, and NTP is a time protocol. Anyway, I love a lot of what CloudFlare is doing. I do have questions about their policies regarding who they host and don't host, but I'm not sure where I fall on that issue yet. Free speech is hard. More

Microsoft is banning its employees from using Slack, Google Docs, and other competing software. I suppose it could be annoying for employees, but I don't see how it's surprising. If you have a product you need to get behind it as a company as well. More

Google isn't making tablets anymore. More

Windows is getting a new Terminal app. The cool thing about this commercial is that it's in their own voice, and doesn't look precisely exactly like any other company's marketing. More

Gates says his biggest regret is not making sure Microsoft had made Android instead of Google. More

👧🏼  Human News

San Francisco is looking to create a 24/7 mental health service, and they want to pay for it by taxing CEOs. I fear the only thing they're going to accomplish is getting companies to move out of San Francisco. More

London is about to have 627,000 security cameras. That's a lot of security cameras. I wonder if there are any metrics on how much safer people feel, or how much safer people actually are. Those would be good things to track given what's being sacrificed. More

Avengers: Endgame is getting re-released with more scenes added. More

It appears Fibromyalgia may have a link with the presence and absence of certain gut bacteria. More

💡 Ideas, Trends, & Analysis

Machine Learning Doesn't Introduce Unfairness—It Reveals It More

The World is Collapsing Into Two Countries—Green and Red More

🔭 Discovery

Atrium is a company that simplifies dealing with lawyer stuff for your startup. More

Awesome-Yara — a collection of awesome YARA rules for various purposes. More

L2Inc's look at the Amazon customer. More

DNSilvery — DNS data transfer using scapy. More

GoBuster 3.0 has been released. More

📓 Notes

Lots of tech news this week.

I'm almost done with Mistborn, and can't wait to get to something else. Really looking forward to some great nonfiction, but I think I'm still going to at least try to get into Fall, by Neal Stephenson.

I was excited for the Harry Potter AR game launch, but it turns out that it's much different than Pokemon GO. I'm going to wait it out and see if they make it more similar. For now it's too much bloat and annoyance, and not enough exploration and dueling. 

🖊️ Recommendations

How to Get Rich Without Getting Lucky More

Amazon's leadership principles. More

🦉 Aphorism

“One arrives as a novice to each age of their life”.

~ Nicolas de Chamfort

Help me on the path to 1,000 subscribers …

I spend around 20 hours on the show every week, and if you get value from it, please consider becoming a supporting member for just
$5/month (or $50/year). Members get the newsletter every week instead of twice a month.


Thank you,

: :



: :

Copyright © 2015-2019 Daniel Miessler, All Rights Reserved

Click here to stop receiving the Unsupervised Learning Newsletter