New Active 0-day Exploitation, AI That Sees Your Open Apps, The RebootAI Project – Go Health Pro

SECURITY | AI | PURPOSE
UNSUPERVISED LEARNING is a newsletter about upgrading to thrive in a world full of AI. It’s original ideas, analysis, mental models, frameworks, and tooling to prepare you for the world that’s coming.

• Had a great conversation with Rob Allen from ThreatLocker about their Zero Trust approach: deny-by-default, dynamic ACLs, and blocking ransomware at every stage.

The UL Black Friday Membership window is now open. GET IT

This one didn’t get nearly enough coverage last week. ChatGPT has a new feature that can read code from MacOS apps like VS Code, Xcode, and Terminal, making it easier for people to use AI in a live way without copy-pasting. The new feature called, “Work with Apps,” uses MacOS’s Accessibility API to read text right from your screen. MORE 

Something—or some one—has cut the data cable between Finland and Germany. Finland’s internet access is currently routed through Sweden. Many are assuming shenanigans. MORE 

Palo Alto Networks has released Indicators of Compromise (IoCs) for a new zero-day vulnerability affecting their firewalls. MORE 

VMware confirmed that threat actors are exploiting two vCenter Server vulnerabilities, CVE-2024-38812 and CVE-2024-38813, which were first disclosed at the 2024 Matrix Cup hacking competition. MORE 

Anthropic has a new Prompt Improver, that takes a given prompt and writes a better one. This is an example of ecosystem improvement I’ve been talking about. MORE

OpenAI might launch an “AI agent” tool called “Operator” in January. Operator will compete with Anthropic’s “Computer Use” and Google’s rumored agent. MORE 

Sam Altman and Arianna Huffington’s Thrive AI Health is an AI assistant that aims to offer personalized advice on sleep, food, fitness, and more. MORE 

Google.org is putting $20 million in cash and $2 million in cloud credits into a new initiative to help researchers use AI for scientific breakthroughs. MORE

Apple’s M4 Max CPU transcribes audio twice as fast as Nvidia’s RTX A5000 GPU while using significantly less power. In a user test, the M4 Max completed an audio transcode in 2:29 minutes using Whisper V3 Turbo, consuming just 25 watts, compared to the RTX A5000’s 4:33 minutes and 190 watts. MORE 

iOS 18.2’s Music Recognition feature now logs where you were when you heard a song. This new “Musical Memories” feature geotags songs, so you can remember the exact location you discovered them. MORE 

Pharma stocks have crashed due to RFK Jr. taking over Health and Human Services. Moderna is down close to 40%, and other stocks are suffering in a similar way. Not sure how this isn’t a buy opportunity, though. I don’t see how most people (and RFK) don’t figure out how to tell the difference between good and bad stuff these companies are doing. MORE 

Netflix hit a record 65 million concurrent streams during the Mike Tyson vs. Jake Paul fight, reaching 60 million households worldwide. But there were over 100,000 complaints about buffering and connection problems. MORE 

A new study shows that treating bullying as a collective issue rather than an individual one can significantly reduce its occurrence in primary schools. The approach involves engaging the entire school community, including teachers, students, and parents, to address and prevent bullying. MORE 

RebootAI — An Offline AI Oracle for Emergencies
I want to build a local AI that can run offline in bad situations like earthquakes, meteor strikes, and any other scenario where we might have power (like from solar), but no internet. So the idea is that I want something I can ask how to do anything! Tourniquets, sterilizing water, building shelters, identifying edible plants, etc. So ideally this would be both text and image capable, and just as resilient an implementation as possible.

Who wants to help me build it? Or does anyone know of one already out there? Even better if it’s its own standalone box, and you can just update the model used every once in a while.

Cloudflare’s robots.txt file is a mix of ASCII art and directives for web crawlers. It allows Twitterbot and DemandbaseWebsitePreview to access specific language pages, but blocks many others from accessing various parts of the site, like search results and feedback pages. MORE 

Managing High Performers — A guide on how to effectively manage high-performing employees. It covers strategies for keeping them motivated, providing the right challenges, and ensuring they feel valued within the organization. MORE 

Ian’s Secure Shoelace Knot is the best shoelace knot I know of. I actually tie this for my sneakers and mostly leave them that way and slip them on and off. MORE 

1. Check out the Aphorism of the Week below.

2. Focus your efforts on being flexible after wrong notes, as opposed to being able to play perfect notes all the time.

2025 and the next few years are likely to be so crazy that we won’t be able to plan or play the right notes.

But what we can get good at doing is adapting once the wrong note is played.

Thank you for reading. Please forward to a friend and/or share on socials to help support the work.