Happy Conflu week,Well, I got sick (again) from RSA. The swag at these cons continues to decline. Still shipped an abridged newsletter though.Have a better week than me,In this episode: Pre and Post-LLM Software: Adapt or be replaced
🎙️ RSnake Show Appearance: AI-focused conversation
RSA Live Podcast: Industry insights and advice
Palantir AI: Automated war and terror
New Apple Update Mechanism: Rapid Security Response
🧠 LLM Mind-reading: Extracting text from brain activity
Chatbanning: Samsung’s response to data leak
VMware & Zyxel Patches: Addressing vulnerabilities
Google Security AI: Cloud Security AI Workbench
🦀 Sudo Rust: Safer sudo and su in Rust
Palo Alto Cameras: License plate tracking
♂️ Apple Coach: AI-powered health app
First Republic Falls: FDIC intervention
Eliezer Bitterness Theory: AI doomsday predictions
🤖 Prompting Superpower: Advanced AI prompting techniques
🛠️ ShadowClone & FigmaChain: Useful tools
Recommendation: Learn Python and Langchain
Aphorism: Carl Jung on creativity MY WORK Pre and Post-LLM Software If you’re not transitioning your software and business to the post-LLM model, you’ll be replaced by someone who has. MORE My Appearance on the RSnake Show I recently had the chance to do the RSnake show in Austin. Robert (RSnake) Hansen is a good friend of mine and he’s been doing an amazing podcast for 5 seasons now. He does long-form conversations similar to Lex Fridman, and I was honored to be asked on. We spent close to 3 hours talking mostly about AI. Highly recommend taking a look. WATCH ON YOUTUBE | LISTEN TO THE PODCAST Live at RSA with Phillip Wylie, Jason Haddix, and Ben Sadeghipour While at RSA I was lucky enough to get to do a podcast with Phillip, Jason, and Ben. We talked all about getting into the industry and content creation, and advice for people looking to do the same. It was tons of fun. WATCH ON YOUTUBE | LISTEN TO THE PODCASTSECURITY NEWS Palantir AI Those are scary words to put together. Peter Thiel just announced the Palantir Artificial Intelligence Platform (AIP) that uses LLMs to do things like fight a war. The demo shows a chatbot to do recon, generate attack plans, and to organize communications jamming. I am not sure people realize that Langchain Agents can execute actions using a set of defined Tools, and that those tools can include any APIs. APIs like /findtarget and /launchmissile. We’re a lot closer to automated war and terror than people think, and Palantir ain’t helping. MORE | DEMO | KILL DECISION New Apple Update Mechanism Apple has created a new way to issue security patches out of band from large software updates. They’re called Rapid Security Response (RSR) patches, and they’re much smaller than normal updates. The first one was attempted a couple of days ago and had some trouble rolling out. You check to see if they’re available the same way as any update: General -> Software Update. Also check Automatic Updates to make sure “Security Responses & System Files” is turned on. MORE LLM Mind-reading Researchers at University of Texas, Austin successfully extracted actual text interpretations from fMRI data. In other words they had someone consume media that had dialogue in it, and they read their brain activity, and reversed it back to the text. It wasn’t perfect, but it was damn good. And yeah, of course it used LLMs to do this. MORE Chatbanning Samsung is preparing to ban generative AI tools due to a data leak incident in April. This will include non-corporate devices on the internal network, as well as any site using similar technology—not just OpenAI’s offerings. MORE
Sponsor
Compliance That Doesn’t SOC 2 Much
vanta.com/downloads/tour
VMware Patches If you run VMware Workstation or Fusion, you need to patch. There are multiple vulnerabilities and one of them allows local attackers to run arbitrary code. CVSS 9.3. MOREZyxel Patches Zyxel firewalls are vulnerable to RCE. Patch them immediately. 9.8. MOREGoogle Security AI Google just launched Cloud Security AI Workbench for Cybersecurity (could it use more names?) that uses a custom model called Sec-PaLM. It includes AI-powered tools like Mandiant’s Threat Intelligence, and VirusTotal and Chronicle will be using it soon as well. MORE Sudo Rust The Prossimo project is rewriting sudo and su in Rust to make them safer. They’re currently written in C, which is nightmare fuel. MORE Palo Alto Cameras Palo Alto is installing 20 new cameras to track license plates. They’re hoping it’ll help stop smash and grab incidents, catalytic converter thefts, and various other property crime. This is part of the trend of Bay Area Red and Green Zones I’ve been talking about for like 15 years. It’s tiny rich zones protecting themselves from the criminal elements in the poor zones. And the more income inequality grows, the smaller the rich zones and the larger the poor zones become. Not good. MORETECHNOLOGY NEWS Apple Coach Apple seems to be working on an AI-powered health app. Rumors say it’ll help you track your workouts, diet, and sleep, and who knows what else. This is just another step towards lifeOS, which is what I’ve been predicting for years. They already own the device, and they’re pushing into Finance, and this is more advancement into Health. I personally can’t wait for it, and wouldn’t trust any other company to do it for me. MOREHUMAN NEWS First Republic Falls The FDIC took over First Republic to prevent a complete failure. JP Morgan Chase is taking things over, and the messaging is that things will just continue as normal. I’m not an expert on this, but it sure feels dangerous for only a few banks to be “safe” for customers because they’re too big to fail. How does a new bank compete in that market? I suppose new laws guaranteeing solvency could help. MOREIDEAS & ANALYSISEliezer Bitterness Theory I heard a theory from a smart guy in AI about Eliezer Yudkowsky. The theory says that Eliezer has always believed his own brain (and the brains of other super-smart people) would be the model for superintelligence. So because the solution came out of LLMs, he’s super bitter. And this is what’s leading him to say we’re all doomed. I don’t know if this is right, but I hope there’s some truth to it. It’d make me sleep better. Unfortunately, even if it is true, it doesn’t fully remove all the good points Eliezer is making about the dangers of AI. But it would lower the odds of guaranteed destruction significantly, at least in my mind. It pushes me more towards Altman’s mode of optimism, which his my desired state. NOTES Sick for the last few days. Basically oscillating between Langchain hacking and sleeping. Still had to get a newsletter out though! DISCOVERY 🤖Prompting Superpower
The best way to do advanced prompting is to combine two techniques: 1) Few-shotting, and 2) Thinking Step by Step. Few-shotting is where you give multiple examples of good answers, and then leave the last one unfinished so it’ll know exactly what you want. Telling the AI to “think step by step” tells AI to break the problem down and solve each piece in a sequence. These are ultra-powerful by themselves, but if you COMBINE THEM, it gets silly. It basically unlocks Theory of Mind (ToM) within LLMs, which is where an entity can understand how another entity thinks. BTW, I have been worried for a while that this is how we’re going to wake up AI. I feel like ToM is like the gateway drug to consciousness. But that’s another post. Here’s the chart on how to do this: CHART ⚒️ ShadowClone — Distribute your long-running tasks (Recon, OSINT, Vuln Scanning, etc) across multiple systems using Lambda/Containers instead of VPSs! MORE ⚒️ FigmaChain — Generate a working website using GPT and Figma. You do the mockup in Figma and it gives you the actual code to implement it. MORE [Sponsor] Vanta – Take a self-guided product tour to see how you can save up to 400 hours of time and 85% of compliance costs using Vanta. 20 of the top AI companies in Y Combinator’s latest batch. MORE Banana Equivalent Dose MORE Using Notion to Manage Your Entire Life MORERECOMMENDATION OF THE WEEK If you have any loved-ones in school, retraining, or wondering what they should do in life, make sure they have one thing covered. Python. The language doesn’t matter that much, but Python is it right now. And this includes you. If you don’t know Python to some level of competence, I implore you to get that way. Python is the language, and Langchain is the framework. To be competent in the world that’s coming, you need to be able to magnify your efficacy using AI, and these are the tools for doing that. LEARN PYTHON | LEARN LANGCHAINAPHORISM OF THE WEEK “The creative mind plays with the objects it loves.” Carl Jung
Thank you for supporting this work. I’m glad you find it worth your patronage.
Thank you for reading. To become a member of UL and get more content and access to the community, you can become a member.