UL NO. 463 | Launching 2025, US Soldier Data Leak, AI Agents Emerge, China's Global Spy Network, Robotaxis Now Safer Than Humans

Published Jan 11, 2025, 3:33 AM

Navigating AI's impact on work, the rise of transnational threats, a grim new reality in air travel, and how to harness the chaos of 2025 for personal and professional growth.

Subscribe to the newsletter at: 
https://danielmiessler.com/subscribe

Join the UL community at:
https://danielmiessler.com/upgrade

Follow on X:
https://twitter.com/danielmiessler

Follow on LinkedIn:
https://www.linkedin.com/in/danielmiessler

See you in the next one!

All right. Welcome to unsupervised Learning. This is Daniel Miessler. And this is the first podcast for the new year 2025. And I wanted to just do a quick overview of what exactly it is that we do here. So I slightly upgraded or modified the tagline for the show as being a newsletter and podcast around trends and ideas in cybersecurity, national security, AI, technology and society, and how best to upgrade ourselves to be ready for what's coming. And I think that captures this well because obviously I'm talking about security. Obviously I'm talking about AI, but really what I'm talking about is trends in those things and ways to sort of improve ourselves. Right? This is about self-improvement, but it's about self-improvement within the context of what is going on in the world. And obviously it's future stuff. Right? So you can't predict this perfectly. I'm not claiming I can predict anything like this perfectly. Nobody knows what's going on, and you should be afraid of anybody, or you should avoid anybody who thinks they have a perfect bead on anything. Nobody knows. Like too many variables. So basically what we try to do here is figure out trends. Figure out what's interesting and then figure out how to upgrade ourselves. How to improve ourselves. To be in the best possible position to basically thrive as a human going forward. So one of the things I want to talk about is, like, I always leave the newsletter with security stuff and my focus on security. Cyber security, really all types of security, but especially cyber, is to essentially figure out what the new and interesting things are, not necessarily a dump of every single breach that happened or every single vulnerability that happened. I used to do a lot more coverage of that, but I just everybody's being hacked, right? Everybody's being hacked, and everybody has vulns in pretty much everything what I care about are like. First of all, what are the criticals like? If there's if there's something really crazy happening right now, like you, you really need to check your gear, get it offline, put a firewall rule in place, put a WAF in place, change a config, something like that, like a log forge type situation, those types of situations. I would say I'm still going to largely still cover. Right. Because because I think those are topical. They're trend based. It's important to know and I would like to still be that person who lets you know about that thing. But the other 700 things that happened or the other 50 things that happened, or the other 25 things that happened, you're going to find out about it another way. You're going to get an email at work, like there are other ways to find it out. And I just feel like it's kind of noise to just constantly report about things being broken and people being hacked and breaches happening and leaks happening. But what I want to do is surface like the top ones from those and what I especially want to surface. And my favorite thing and really the focus of the security section and really all the sections here is what is a changing trend. How are attackers or defenders doing things differently? What is a new technique? Right. That's really the focus here is like what is a new technique and how do we change as a result of that. So not necessarily every single bullet story, but changes that are interesting that we should potentially look out for. So that's that's kind of the vibe for the year. Um, not really the year just going forward. And I feel like I've been doing this already, but I just wanted to tighten that up with, uh, capturing that in the tagline. So, uh, relaunch my website. Let me open a tab here. So I also switched to AAC which is pretty interesting. So this is the new website. And this is uh, these are my tabs over here on the left. So AAC is a Chrome based browser and it does tabs on the left instead of at the top. But, uh, this is the new website. This is, uh, something I've been working on for a very long time. It might look very similar to previous versions of the website. It kind of does. But what I did was break the website out separate from the newsletter. So the newsletter, instead of being Daniel Miessler, whatever it's newsletter.com/whatever. So kind of still the same. And you could also get to there by going to uh, unsupervised learning. You can find it lots of different ways, but bottom line is the newsletter is now a sub domain under Daniel Comm, and the main site is just a core site. So I'm working on getting my ideas up here. I got the blog already somewhat working, got a new post here which I think I talk about in the newsletter and all my study articles. These are all my articles going back. And these are essentially this is all my content going back to like 1996. So um, got predictions I'm going to put up here soon. But if you're a typography geek, hopefully you really love this. Um, I want to give a shout out to Matthew Butterick, who I got a lot of the site design from. I purchased his his paid fonts like six times now, I think like 4 or 5, six times, something like that. And I purchased them again, uh, in this update. So these are all custom fonts. Like this is not stuff you can get anywhere else. And, uh, yeah, really, really cool stuff. Uh, so I'm excited about that. Um, next thing, let's see here. Yeah. So I've just spent like 60 hours. It's probably more like 80 hours, honestly, at this point, Optimizing my workflows. Tooling. Operating system. Notes. Techniques. Procedures. Calendar. Everything that I do to, like, stay aware. Um. How I take notes. My operating system. My keyboard shortcuts. My text editor. Everything has been optimized. I've basically spent, I don't know how many other separate hours watching video on Neovim, on raycast, and and basically tons of different tools that I use to be able to optimize things. So just a slight teaser on this if you see in my upper right hand bar here. So this is Riverside, which we're recording in right now. This is a little active thing, but I've got CPU, GPU here. Um, I've got my network, but um, look at this one. If I pull this down, look, you can see all my different things that I have going on today. I could see. Um, this is heads down. Work that I'm doing right now. Should actually say recording a podcast, but whatever. Um, I could see my month here. This is how many people are currently on my website. Uh, so this is like a live fathom analytics thing. Got my current temperature. Got my notes here. Um, so this is called hidden bar. And this really tightens up my menu bar. Uh, because there's a whole lot of other stuff. If I click here, this is all the stuff it wanted to present to me. Right. So I've got it locked down to just this. And that's just one of the things that I'm working on. In fact, I'm doing a member, uh, episode, not an episode. A mid-month meetup is actually Thursdays, uh, the second Thursday of the month, which I think is today. And we get together. Oh, actually, I mentioned right here. So, um, I am covering everything that I did. I've got this massive document over here, and I'm covering everything that I've done for these optimizations, and I'm just going one after another in that thing. And that's going to be released as a video for members. So yeah, looking forward to doing that later on today. And I might put that out or put it partially out on YouTube. I'm not sure what I'm going to do with that, but members are definitely getting it for free. Uh, let's see here. More focus, more discipline. Primary projects for 2025 launching same page which is commercial offering and then human 3.0, which is more of a community humanity benefit type thing, as well as working on my, uh, technology stack, building out Damon, doing all the stuff that I've been talking about in my other posts. Substrate. Telos. Um, all that different stuff is basically what I'm building out as tech stacks. So they're actually going to live on my domain. So damon.com is actually going to be broadcasting a live API of what I'm finding It's interesting. My favorite preference is, um, my favorite books. What am I currently reading? This is something I did in the early 2000 with a tool called Friendfeed, and I'm now going to be doing with new technology, with API technology, with AI. Um, and yeah, it's just it's going to be absolutely insane. And it's all part of the same thing, which is H3, which is human 3.0. Um, now I'm also launching, which I've talked about before in a bunch of people have pinged me about, I'm launching a platform that you can actually sign up for, and it's got a membership, uh, which will be a whole lot cheaper for people who are already part of, uh, UL. But but anyway, there's a paid offering that, like, curates the content that you get to move through H3. There's a maturity model for H3. It's going to show you exactly where you are. It's going to show you where you need to go. Um, and I'm going to keep releasing content into there. And that's basically like a it's a managed platform for upgrading yourself to human 3.0. Okay. But I want to make very clear most of the content that's going to be in there. It's all on GitHub, right? The whole point of human 3.0 is to upgrade everyone, give everyone these tools. Right. So the stuff that I'm putting in the platform, that's just going to look prettier, it's going to have the maturity model. It's going to have like a lots of extra things like ratings and grades and like it's going to move you through like a curriculum, things like that. But the content itself I'm going to be talking about on YouTube for free, I'm going to be releasing on the blog for free. I'm going to be putting in social media for free, like all, and it's going to be in GitHub for free, because I want this to apply to everyone. I'm not trying to get everyone on some platform, like the whole thing is not a trick. To get people into a platform, is what I'm saying, right? I want to make money. I'm trying to find a way to make some kind of money off of this thing, but it is like the 19th goal of this project. The goal of the project is to get people freaking out. Not not a panic, not FUD, but I want them to be like, oh crap, this thing is coming. I need to get ready. What do I do right now? You can watch the videos, you can go to GitHub. You can just do those things and you get to the same place that you get by using the paid platform. You do not need to use my paid platform or any other paid platform. You could just follow the stuff that I'm talking about and do it. And you're going to be, you know, pretty much there. Um, that being said, people are still saying, look, tell me exactly what to do. Where do I sign up? What do I do? So that that's the reason I'm making the paid offering, but it's all the same stuff. That's the whole point here. All right, got some items here. Uh, what I expect for 2025, a lot of chaos, which comes with opportunity, a bias towards action. So I think people who see chaos as an opportunity to just move and build and create, they're going to have a massive advantage in 25. I companies move towards agents. Everybody's saying that, uh, many AI companies start falling. So you're going to see the crash and the rise, which I talked about last year. Um, oh, is our AI companies going to crash or are they going to, like, thrive? The answer is both. The answer is yes. Both are going to happen a whole lot. Millions and millions of dollars of AI companies are just going to go out of business because they were just like it was a gimmick, or they hadn't thought of a long strategy or they got eaten up by the platforms. Right. So a whole bunch of that's going to go down. But the really smart AI companies and the platforms and the big tech who's actually using the stuff, they're going to go up that that's my guess. Yeah. Big tech and truly innovative AI companies start to hockey stick. Developers switch from minor assistance to largely AI based dev. That's a huge one. Becomes more obvious that AI will replace lots of knowledge work. AI discourse switches from AC to human work replacement. So instead of us talking about oh, how good is AI going to be or whatever, I think we're going to start talking about, Holy crap, this thing is taking jobs. Now Salesforce. Benioff he just said he's not hiring any more developers. Going forward, I would say that would be a stronger signal if somebody like Google said that or if somebody's like, I don't know, said that somebody normal who's not building AI products, right. It's it's a little bit less believable if they're also building a product that replaces humans. So essentially he's talking his own book. That being said, I think there is something real and worth listening to in what he said. Like, I mean, I don't think he's lying and he's saying his productivity from AI is way up, but you got to take it with a little bit of a grain of salt. Given the fact that he's selling a product that replaces workers, right? So he's basically saying, my product is so good that I'm using it and I don't have to hire developers. So it's a little bit of marketing. Um, all right. Next one. More people start asking what humans are supposed to do post work. Right. And that's what I've been getting in front of for the last few years. Okay. Security. U.S. Army soldier was arrested for allegedly selling AT&T and Verizon customer data as the cyber Phantom. Yeah. 20 year old communications specialist in the Army. Allegedly stolen leaked sensitive call records. Okay. Uh, there's a critical release for item two fixes. Um, but you should not be messing with that. You should be messing with this. Oh, this is so good. Um, hopefully it comes up. Ghosty site. Where are you? What are you doing? Where's the site? There we go. A glitch in the matrix. All right, this is the website. So, documentation. Um, you can get it from source on GitHub. Ghosty is the best shell. I'm telling you, it is extraordinary. Um, yeah. Let me, uh, let me just show you what it looks like. Well, it looks like a shell. It looks very similar to my kiddie setup. It looks very similar to my other stuff. Let me just tell you, it's from this guy named Mitchell Hashimoto. And, uh, this guy who's a co-founder of HashiCorp, and he is extraordinarily bright, uh, forward thinking. And he basically figured out how to get all three things. Um, I forget all the three things. It's like speed, uh, compliance and, like, usability or something like that, but basically all the different um, yeah. Compliances like standards following essentially. So what do you figure out how to do is he's building this thing to be the most standards compliant, the most fast and the most fun to use and the most easy to configure. And, uh, so if I do gconf, this is what, uh, yeah. I'll just expand this out. Oh, by the way, maximize. Oh, look at that. All right. Maximize. Boom boom boom boom. So this this is what the config looks like. It's kind of similar to kiddie config, but, um I've got my Tokyo night theme going here. Uh, I've got a whole bunch of work I put into configuring this after watching, like, 25 videos from people who've done their various things. Uh, shout out to link Arzu on YouTube. Okay. He was a big influence on my configs. Uh, one of the first videos I looked at for go see config. He was one of the people who was beta testing it earlier. And in general he's just been doing some pretty cool stuff, so I would definitely recommend checking him out. In fact, I'm going to pull him up right now. Link carzou. I think that's how you pronounce it. YouTube. Oh, look at this, I switched. I did something crazy. I switched my main browser, uh, search engine. In fact, my main search engine. Overall to perplexity. I'm trying it. I know Google is probably going to come out with perplexity killing features soon, and I might switch back at that point, but I'm trying to use Link Perplexity as my main browser search engine, and it's going pretty well. So this is the thing. Link carzou. That's how I'm saying it. He's, uh, Latin, so I don't know. I'm not sure how he says it, but anyway, uh, this guy has a bunch of cool videos about basically terminal configs. Um, kind of like super nerdy stuff. And I like it. There are good videos, and also it's very geeky and in the weeds. And this is why I've spent probably 60 to 80 hours messing around with my terminal config and raycasts and stuff like that. Not sure if he uses raycast, but anyway, uh, worth looking at. And then command S to get rid of the sidebar. All right. Where are we at? Um, yeah. Use ghost instead of Iterm. Uh, that's where we're at. Uh, basically iterm major problem. I went from Iterm2 to alacrity to kitty, and then to ghosty. I think that was my, uh, movement. So it was terminal iterm alacrity, Kitty. Ghosty. And I think I'm going to be on ghosty for a very long time. Uh, assuming he maintains that project, which that's why I think I'm likely to stay with them, is because it is likely to maintain it for a very long time. He's just putting that sort of future work into it. China's turned one of its most prominent pro-democracy dissidents into a spy by threatening his sick parents. Okay, so this calls attention to China's use of emotional pressure and family ties to coerce members of its diaspora into becoming intelligence assets. Hard to say how big this problem is, but I'm definitely worried about it. They could basically activate millions of people in their diaspora by leveraging nationalism, political pressure, threats to family or whatever. Right. And it doesn't mean like, oh, anybody who's Chinese works in a tech company. Like you need to worry about them because they're a spy. That's not the case, right? Uh, vast majority of anybody in any company who's, you know, from another country, they're just there to do their thing. Right. They've bought into the US. They bought into the company. They're doing their thing. The problem is, China is so controlling and so powerful. They could just be like, look, you are a Chinese citizen. Like, I don't care where you live, you are a Chinese citizen. And by the way, um, I hope your Aunt Nancy is doing well. Um, yeah, we just paid a visit to her. It looks like she needs groceries. Um, hope she doesn't get sick or something. That kind of pressure coming from China when if you if you know about Chinese citizens, they are really afraid and really respectful of their government. They do not talk bad about it. They do not acknowledge many, many of them do not even acknowledge Tiananmen Square. I mean, we're talking about extreme pressure, which has been drilled into them for their entire education, right? Their entire lives. And that pressure is dangerous, is what I'm saying. It doesn't mean everyone's going to automatically just be like, okay, of course I'm going to do what I'm going to do. But it's something to consider and consider, and it's something that not enough people are talking about. The trick is you want to be as a company. You want to be able to understand this. See it as a problem. Acknowledge it as a threat, but not switch into some racist mode where you're like, oh, all Chinese people are, you know, foreign government agents of, you know, the CCP. So the question is, how can you maintain vigilance and maybe have a threat, internal threat, uh, program without being, uh, basically racist and biased and like, nasty, right? That that's the trick. And it's really difficult to pull off. And I think very few companies are doing that. First of all, most people don't have an insider threat program. It's hard to run, and it's hard to run without getting sued. Right. Because it tends to be nasty by its very nature. If you're doing this and you're not doing it well and very careful to avoid bias. You are going to do it improperly and you're going to get sued. And so a lot of companies are just like, hey, look, don't look at that stuff, because that's going to get us in trouble. And the fact that people are taking a hands off approach to this is going to put more people at risk. So this is a huge problem. A lot of people don't want to talk about it. A lot of people can't even do it even if they wanted to. And they had the right morals and the right ethics. It's still technically very difficult. You need a large. It's difficult to pull off. Right? You need someone who's with a lot of expertise to run the program. Then you need the right tech to be able to do it. So, I mean, Google is doing this obviously, because they found a whole bunch of, uh, threat actors this way. Not not just Chinese, but lots of different threat actors using their insider threat program. So it's very, very mature. But that's Google. I mean, they they've got billions of dollars to throw around. Amnesty International says attackers use a HomeKit vulnerability to deploy Pegasus spyware on Serbian journalist and activist phones. And holy crap about this one. Russia is using Ukrainian kids to help them target airstrikes, so they're basically giving them these quest games that involve taking photos of military targets as part of a game. They go and take pictures of it. They get like whatever, they get points. And then the Russian military uses those pictures as Intel for where to launch strikes. That's diabolical. Microsoft says it's going to delete passwords for a billion users as a password. As password attacks double every year. They're now blocking 7000 password attacks per second. Treasury Department got hacked through their Beyond Trust remote support software by Chinese state actors. Hackers combined two words cool vulnerability and nuclei lets attackers bypass template signature verification to execute malicious code. This was actually fixed back in September. And just as a reminder, I am an advisor there. Just disclosure this is a solid breakdown of how to use any runs threat intelligence lookup for proactive threat detection. So talking about regional threat monitoring, artifact verification, TTP tracking, threat evolution monitoring, and report enrichment. Congressman Mike Waltz says the incoming administration plans to shift from defense to offense in cybersecurity, especially against Chinese threat actors. Happy to hear it. Missile attacks have now become the leading cause of commercial airline passenger deaths. 926 people have been killed by missile strikes since 2014. So nine? Yeah. 926 in 2014 or no? Since 2014, compared to 458 during, uh, for traditional accidents during the same period. So like double traditional accidents for 458. Missiles. 926. That's still a low number, but that's concerning. And a wilderness survival instructor spent two years infiltrating multiple militia groups, including becoming a top leader in AP three and gaining access to Oath Keepers leadership. It turns out to be someone named John Williams. Not sure if that's their full name definitely isn't anymore. I could tell you that and surveilled a student journalist ultimately going public with what he learned. And that report was fairly disturbing. All right. AI and tech Sam Altman claims in a new blog post, came out end of last year that they figured out how to create AGI. And I want to reiterate why I think this is the case. Um, it's because AI deploys as systems, not models. Right. You don't need the perfect model to come out. That is AGI, and it just does everything. Competent AI that's going to get rolled out and replace human jobs is actually dozens of models or dozens of versions of models, all working together as like agents passing off to other agents with a bunch of glue and plumbing and duct tape all around it. And the whole thing works the same way. Human brain does a similar way as the human brain does. We've got multiple things going on in our in our brains, uh, some of which evolved way longer ago than other parts. And if you disconnect different pieces from each other, none of it works. You can't have consciousness and rational thinking and logic and stuff like that. If you mess with different parts of the brain, it's the same way with an AI system. Okay, sure, you need the model, but you also need, um, supporting models. You also need the context. You also need the memory mechanism. You also need to be able to store long term memory and use short term memory and move things out of memory when they're all used up. Right. Just like garbage collection in the in the human brain. So the thing is a giant mess of lots of legacy traditional tech and automation and programming combined with all these different AI components. And that giant thing rolls out as something that can actually replace a human worker. So you shouldn't be thinking, oh, Claude four is going to come out and it's going to replace humans. No. Somebody's going to release a product around cloud. Cloud four. And those models and that product as a giant amalgamation is what's going to be able to do some damage in terms of human work replacement. Um, the second point here, replacing most human knowledge work jobs is easier than most think. if you if you think about what an average person does day to day with like, you know, collecting emails, doing, uh, reading a summary, creating a summary, sending out an email, uh, setting up meetings, uh, writing a report about, uh, security assessments, um, finding vulnerabilities in a thing. These things are not ultimately that difficult. And it doesn't mean the far edge of those things aren't difficult because they they very much are. And they might stay difficult for a long time. But if we could do the easy stuff much, much better, that would move the economy forward in a massive way. Okay. And that's what companies are going to go for. They're going to go for the 95% being done 10,000 times faster for 100 times cheaper, and for that last 5%, guess what? They'll hire experts. They'll hire human experts, along with the AI team, which is designed to whittle down that 5%. Right. That's why I'm so worried about this. And that's why this is such a threat in my opinion. Um, because we're not talking about ACI, right? ACI is like, that's the supercomputer. That's the thing that OpenAI is now talking about, where it could do it better than Einstein or whatever. Well, fine. Cool. Keep working on that. What I care about is human work replacement because that is a human thing. Humans are what I care about, not this tech. So the bar for doing this decently well is not that high. And that's what I think. AGI is a system good enough to replace an average knowledge worker. And I think it's a good definition because it deals with the thing we're actually concerned about, which is human worker replacement. AGI is not or should not be about benchmarks or lab results. What matters is humans and how humans are affected by technology. That's why I use a human definition of AGI. So given that, I think we'll get there in 25 or 26, I'd say 40% likely in 2025 and like 50% likely in 2026. And I would say like 10% in 2027 or beyond. CIA built a tiny robot dragonfly spy in the 1970s that could fly 200m to deliver a miniature laser reflectors for eavesdropping. In the 1970s. 50 years ago. Insects. No. Insects. Orthoptera. Insect. Orthoptera. That's actually a pretty cool name. Could flap its wings 1800 times. They're doing that in the 70s. Waymo's autonomous vehicles are showing they're significantly safer than human drivers. Accident rate 6.7 times lower than human drivers. United Airlines is rolling out Starlink. I cannot wait to get this. Cannot wait. Vision Pro just got a planetarium experience. I still haven't set haven't set this up. It's downstairs. I need to update it and get this going. I love planetariums. I grew up going to the planetarium in San Francisco on field trips. It's probably why I love astronomy so much still today. And I cannot wait to check out this planetarium thing on Vision Pro. All right. Uh, den makes a compelling case for owning your own corner of the internet. Argues that while big platforms like YouTube and Reddit are useful, they increasingly, increasingly optimize for engagement and monetization. This is, uh. This is what I've been saying. You got to have a website. This is why, uh, I made the upgrade to my current website. It's like you got to broadcast. You got to broadcast yourself. You got to be yourself. Full spectrum self. Put yourself out there and have it on your own domain. Using your own tech. YouTube can go away. You don't think it can, but it can. It's probably the least likely one, honestly. Um, but anyway. uh, look at medium. Look at, uh, so many different blogging, Tumblr, uh, so many different blogging platforms. Myspace that used to be around, they were the only thing going for a long time, and then they just disappeared. You need to have it yourself. Not in some platform. Look, I see people putting amazing stuff into LinkedIn and LinkedIn could just change their algorithm. The stuff disappears and you're like, where did that go? How many hours did you spend putting stuff into LinkedIn? And now it's just that that's gone. Your your thoughts are gone. Your ideas are gone. It lives in their infrastructure somewhere. It's no longer useful to them, so they won't service it anymore. You need to have your ideas captured. This is part of Telos. It's part of human 3.0. You need to have your list of ideas available to yourself. Okay. You put them online because it helps you track them, but it also helps other people find you so you can have meaningful human conversations about those topics. You cannot do that if the stuff lives inside of medium, or it lives inside of Facebook or X or wherever. Get the stuff where it where it needs to be as your own stuff. Okay. So look, I'm going to have all my stuff here as ideas. I've already got this. I just need to move it over. Right? I just need to go and collect the stuff. But that's where it's going to be. My list of predictions from, like, the book Super Forecasting, which you need to check out. Um, my predictions are going to be labeled, listed and labeled in the kind of the style of super forecasting which talks about making good predictions. But you don't want to be making this prediction on LinkedIn and having it disappear. And you can't even remember. I had to write a rag for myself, which I just recently did. That allows me to query any content that I've made I've made since 1996. Right. Um, and you want to be able to do that for yourself? You want to be able to say, what was that thing I was talking about that about, uh, that pizza recipe or woodworking or, um, how to play the guitar a certain way. Right. These these are all deeply human things. You need to have access to them. This is like a second brain. This is the augmentation of your brain with tech around you that helps you remember who you are and what you are. Continuing on here, the chart of everything economists created a stunning visualization to show how literally everything in existence emerged from the Big Bang. This one was really cool. How do you fit everything in the universe on a chart? Okay. That one, that one's paywalled. I need to log in. Paul Cohen makes a compelling case for universities to start training polymaths again instead of specialists arguing that modern problems like climate change and sustainability require broad systems level understanding 100% agree. Massive 40% 44% of US unicorn founders between 97 and 2019 were born outside the US. That's half guys. Half. Half of unicorn founders from the last 20 years are foreign born. That is how crucial immigration is. Survey of 86 convicted burglars confirms that security cameras and alarms actually do work as deterrents. Ideas I as founder augmentation and bet on doers that treat failure as fuel. This is why I'm so big on, uh, Jensen Huang and Elon is because they just push, push push push wake up in the morning. Similar to myself. I wake up in the morning and I'm just like massively excited. I'm like, oh, there's so much I need to do. I've got to fix the website. I've got to do all these things. I've got all these cards in front of me, I've got my projects list for the year. I'm just like, boom, boom, boom, Go. You want to bet on people like that? I'm actually betting on people like that because I'm in Tesla and I'm in Nvidia. In terms of stocks, the point is it's not because of the model Y or the 4090 GPU. It's because of the person. So that's the point there. Discovery. New Kaido Kaido plugin product by my buddies Joseph Thacker and Justin Rhino Rader. Basically, this is a new plugin for using AI to help you do security assessments, especially on web apps within Kaido, which is a burp competitor. And Joseph launched this as a product. Well, both of them launched it as a product. So it's a plugin inside of Kaido and you should check it out. Joseph is a close friend and super cool and you should go check it out. Brand AI Analysis Tool. Someone made a cool agent that shows you how ChatGPT perceives and recommends different brands. This is becoming huge. Okay, you ask I to compare brands. And if you are a brand and I says something about about you, guess what? That's the new SEO. That is the new SEO. Because guess what? The AI presumably has looked at thousands of different forum posts or whatever it is representing reality. If you score worse than something else or it says something about about you. If the AI is decent, which it probably is, that thing that's negative that was said about you is probably true. So this is a way of getting to ground truth about how you are perceived. You could do this for people. You could do this for countries. You could do this for whatever. In this particular thing it's looking at brands. But this is the this is kind of the way things are going is you ask AI what the current state of the world is. That's what this comes down to. And then if you don't like that Like that state, you do something about it hitting OKRs versus doing your job. Great explanation of how OKRs should focus on new initiatives and changes rather than duplicating regular work tracking. Amen to that. Amen not amen. I say amen at the table. I'm an atheist, by the way, so you do the calculus on that. But I think anyway, it doesn't matter. Raspberry shake a line of professional grade seismographs for home and educational use. It can detect ground movements smaller than 1/100 of a human width of hair. So it's going to hear me listening to music in this studio. I didn't buy one yet, but oh man, I really want one. You know what? I'm just going to get one. See what you made me do. See what you made me do. All right, 25 Useful Ideas for 2025. This guy Gurwinder is one of my favorite thinkers right now. This is an extraordinary list. You should have gotten the newsletter already. By the way, if you're not getting the newsletter, you go to Daniel newsletter and sign up for it. That is the way to get all these show notes because I'm jumping around all over the place. It's very clear right here in the newsletter, which is the thing that I'm reading, right. So go check that out. Okay. Uh, let's see here. SF purity test. Someone made a hilarious checklist scoring system for how deep you are in SF tech culture. Which items like apply to OpenAI switch from ChatGPT to cloud and back. Uh, told somebody you won't date because AGI is coming. Those are accurate and they shouldn't be. YOLO security. Somebody made a parody Pentesting company website that generates empty pen test reports to make management happy. Yep. Python one shot tools by Simon Wilkinson CF hero new tool for finding real IP addresses behind Cloudflare. Technical debt is entropy in software. The title itself is good. I mean, yeah, types make hard problems easy. I am a TypeScript convert. I'm learning it. I'm using it. I'm not learning it deeply. Honestly, I'm just using it more as I'm building things. And I'm especially telling my AI to use TypeScript when I'm having it build things for me. But in the process, I'm slowly converting over. Oh, by the way, whenever I do anything with Python, I'm using UV now. And this is actually in my cursor notes. In fact, I'm going to show my cursor notes real quick. Oh yeah. Look at this. Uh, look at that. I almost showed a whole bunch of keys. And that's specifically what I was trying not to do. And I'm almost dragged the window over and showed a whole bunch of keys. Um, I don't think I am now. So I'm going to drag this over. Look at this. This is my rules for AI. This tells it exactly how to build things for me and how to interact with me, and how to modify my code when I change code. I tell it not to do certain things to it. I tell it all my preferences. I tell it only use UV to do dependency management, and this is within cursor, where you can essentially talk to your agent and tell it how to work with you. All right. Hopefully I didn't dox myself with anything in there. Hopefully the team will clean it up if I did. Jetson. Um, okay. Yeah. Speaking of Nvidia. Nvidia just released a $249 AI computer. It's half the price of the previous model aimed at hobbyists. I'm getting one of these, I think. Raspberry Pi, but, like, way better and cooler. And Nvidia and GPU and AI based. So I'm getting one and I want one of these too, but I'm not sure if I'm going to get it. Project digits you you can develop and run inference on models using their own desktop system. Hours guide to mechanical Keyboards. I have the old 75, which I highly recommend, and Lobn. Nice little tool that shows you which stories are being discussed on both Lobsters and Hacker News. Recommendation of the week. When dealt chaos, find a way to benefit from it. 2025 might be completely insane, but like Littlefinger said, chaos is a ladder. He actually died in the end, but I think it's still a good lesson. Seriously though, it's a tremendous opportunity when change is happening. The more chaos, the more opportunity. And like I was saying in the very beginning, the more chaos, the more I think the bias moves towards people who take action. There is something to be said for like being cautious and just like going into a bunker and not doing anything. I think that is sometimes a way to go. So you have to use your judgment here. But I would say doing that too much while there's chaos happening. It means you're not evaluating the situation and looking for leverage opportunities. Okay, when there's chaos happening, it means there are new needs rising up, unfulfilled needs from large user bases, and that is an opportunity for you to jump in, boom, build a service, build an application, launch it, put stripe on it, and boom, you just made a ton of money off of that and and helped a bunch of people. And you made it from nothing. You made it yourself from nothing with I probably, but, um, I would say use the positive framing for the chaos that is coming. Um, I'm using this to help myself. I mean, I'm just as sad about the current state of the events as anyone else. South Korea is in chaos. Hoo hoo! Guest 3 to 5 years ago, South Korea would be in chaos. That makes no sense to me. Like, things are absolutely crazy. But I'm asking you to use a stoic mindset to basically say, okay, cool. Lots of chaos. Awesome. That's time for me to read. That's time for me to read even more and join book clubs and focus on my own projects. Oh, and by the way, there's going to be lots of business opportunities. Cool. I'm finding the positive, if I can, as much as I can, as often as I can. And this is a technique for doing that. And the aphorism of the week when tomorrow is uncertain, it's often dangerous to be exactly the same person you were yesterday. Chaos makes it risky to not take risks. When tomorrow is uncertain, it's often dangerous to be exactly the same person you were yesterday. Chaos makes it risky to not take risks.