I’ve written my own RSS feeds, by hand. A long time ago now. I still like the idea of not having to visit a website to look for articles of interest, to have everything from your favourite sites all in one place, updated in near real time fed straight into my phone.
There can be too much noise though. I find myself refining often, like an OCD minimalist. Sorting, organising, refining. Ensuring that there is less noise and more signal. Until nothing gets through and you miss stuff. So you add it all in again and start refining once again. Repetitive.
Interests change, so you have to cull what was once interesting but is now dull. You add new content. Browse today’s trending topics. Anything worth adding? Adding and refining.
RSS. Refining Signal Streams.
Category: learning
Thinking about Agentic AI
I’ve been thinking about Agentic AI.
Essentially it’s similar to other AI but with a focused knowledge area, capable of making its own decisions based on the knowledge it has and the ability to learn and reason without human intervention. It gathers data, processes it, makes decisions based on that data and its assumptions, then learns from feedback. Try try and try again and mae changes based on your failures.
It is generally tasked towards a specific function such as event planning, task scheduling, predicting something, etc.
It’s used in self-driving cars, supply chain management, cybersecurity, healthcare, financial services, and anything that can be automated.
Concerns range from data handling, privacy, to replacing humans.
Speed reading
I have this rule with books; If it’s boring and doesn’t entertain, inform, or grip you in the first 5 chapters or around 30 pages, bin it. That is to say don’t continue reading just for the sake of it. Just because your favourite aunt bought it for your birthday or your sister bought it for you for Christmas. Sell it, donate it to charity, or re-gift it to someone you think is more likely to appreciate it.
That was my rule.
I’ve slightly modified this rule for where the book contains content or information that you need to know, or you have been asked to read it for work, a book club, or another reason whereby you will be asked questions later. In this scenario I speed-read it.
Speed-reading is an artform in itself and each individual undertakes it differently. For me it depends on whether the book is fiction or non-fiction.
For fiction I kind of stare at the page unfocused picking out key-words and following the gist of the story. I look for any change in pace or emphasis on something important in the text. I take around 5-seconds a page this way, taking longer when I find something worth reading. I can guarantee that after some considerable practice I can finish most fiction books in an hour or two max.
For non-fiction I’ll read the back-cover, the inside jackets, and scan the table of contents. Then I’ll flick through each page only stopping if anything of interest catches my eye. I’ll have already noted sections or pages that I want to take a little more time with from reading the TOC. This way I’ll have gotten what I wanted from the book.
Not every book should be read from cover-to-cover. True, you may have your favourites, well worn copies that you’ve read many times. But you will encounter tomes that are just dull, badly written, with no life in them. And the older you are the less time you are willing to waste on bad prose. In fact feel free to speed-read these posts or skip them all together. I’m not writing them to make money. I’m writing them for me. But they may contain some nuggets of wisdom, so feel free to practice your speed-reading.
The Matrix of the brain
There’s a line in The Matrix that escapes me, it’s where Neo or someone asks Trinity if she knows how to pilot a specific type of helicopter. She replies that she will in a moment as that knowledge is downloaded directly into her brain. If only.
The real world doesn’t work like that. Not quite. But you can still download knowledge into your brain, only it takes a little longer. Yet it amazes me how many people don’t bother learning stuff any more. To actively seek out new knowledge.
I enjoy learning. I’m an autodidact. I think that’s the right word. Essentially I just keep teaching myself stuff. I love the process. You can teach an old dog new tricks and I teach myself every day.
I love comparing the me after to the me before. This morning I know nothing about a particular subject but I’ve gathered some books, articles, or web resources together and I’m ready to learn. Then at the end of the day, or week, or however much time I’ve allocated to learning about the new subject, I look back at what I now know that I didn’t before. I’ve downloaded new knowledge and information into my head. Stuff I didn’t know before that I do now. I think that’s cool.
I’ll think about what I’ve learned and combine it with other things I know and my brain will sort out all the connections like a Neo4J database. Only this database is big with limitless capacity. At least I’ve not hit any discernible limits yet.
What shall I learn today?
Who called me
Who called me
When you work with computers and possess at least one certification in cyber security, you tend to have friends or family that call or message you on occasion asking you to trace a phone number for them as if you are some form of digital private eye.
The truth is that only the authorities with the assistance of the telecom providers can legally do that. All these websites that say they can trace any number in the world for you are lying. They are just scams after your money. At best they have scraped open source content for numbers and can tell you the network provider, country of origin, and anything that is available online for free. Maybe they’ve concatenated and absorbed phone directories and public domain phone number repositories. They certainly can’t trace an unlisted number for you.
That said, if the number does have a footprint of some kind in the public domain then there are ways of finding it. Using Google Dorking to scour search engine data may uncover something useful. Governmental company registration databases that are open to the public may also reveal data. Whois records, club memberships, company websites, etc.
The phone number is just a character string. Play with the format when searching. For example if you were called by 07709 123456 and you are in the UK you could search for exact string matches of:
07709 123456
07709123456
7709 123456
7709123456
44 07709 123456
44 7709 123456
4407709123456
447709123456
Google for OSINT tools and techniques related to phone numbers for more suggestions.
OSINT yourself
When learning anything new, knowing where to start can prove a challenge. Do you pay for a course, buy a book, or maybe look online?
With OSINT I recommend starting with yourself. Imagine you are an in-house digital private detective hired by yourself to investigate, well, yourself. Maybe you are about to apply for a high-profile job or are about to be security vetted for some reason. Either way, the client, you, wants to know what information is out there in the wide world about you.
OSINT stands for Open Source INTelligence and relates to the accessing of freely available information sources in order to process the data retrieved in order to obtain some form of intelligence, in this case learning what information is available about your subject online. The subject being you.
It’s a great way to learn OSINT techniques and it can be both fun and illuminating. Good or bad, whatever you find will be useful. If you find good things that you are happy to be out there then great. If you find bad things then at least you now know about them and can do something about them.
Start with search engines like Google. Search for all variations of your name. If you find images of yourself, paste them into reverse image search engines to see where else they may appear. Log and record everything you find. URLs, images, text, everything. Map out your findings and follow every lead. Leave no stone unturned. Your job as an OSINT investigator is to find everything about your client that is publicly available.
Carry out web searches for OSINT tools and techniques. Have a play with the tools as part of your endeavour. Note what is useful and what is not. Start creating your own playbook and make lots of notes. The deeper you dive the more you learn.
Take your time, don’t rush things. Learn how to look up company information, property details, employment history, social network accounts, and so on.
Search for report templates and create something that suits you. Write up your findings with recommendations.
Congratulations! You just got started in OSINT and you had fun doing it. You learned new tools and techniques and you also learned what information about you is freely available. Now action any recommendations and run a periodic check. Plus sign up to OSINT groups, newsletters, and websites and keep learning!
Hack your home network
A great way to learn ethical hacking in the comfort of your own home, is to hack your own home.
When asked how I got started and which courses I recommended, I always suggest to start at home.
Most people have internet access served by a home router, with at least one computer, maybe some tablets, mobile phones, smart TVs, set-top boxes, and possibly some IoT devices connected in order to receive updates and serve content.
Why not learn the tools and techniques of hacking by running a security test on your own home network? Start by using a tool like nmap to scan your network and see what devices you can find. Map out the connected devices by IP address and try to fingerprint each. Look at open ports. Is the device located at a particular IP address a printer or mobile phone? How can you tell? Probe the device further. Is the operating system and software being reported out dated? Are there known vulnerabilities and exploits for your device? Google the versions being reported by nmap.
Once you have mapped out your network, run periodic scans to see if new devices connect. Walk around your house and turn things on that you know will connect to the home network or wait for other occupants of your household to enable their devices. Let them know what you are doing. Remember, you are scanning not exploiting!
Next use a packet sniffer like Wireshark to inspect the traffic between your devices and the router and the internet. Are there any security holes you can see? Use an application programming interface (API) tool to try to communicate with your devices. Understand how they work. Probe for weaknesses.
Once you are done write a report for yourself on your findings along with recommendations. Look online for vulnerability analysis or penentration test report templates. What could you do to improve the security of your home network and home devices? Maybe change some settings on the router? Remove permissions granted to devices that you no longer own. Maybe you added a port-forwarding rule for a games console that is long gone. Delete the rule if still present.
Congratulations. You have learned how to scan a network, probe for weaknesses, and compose a report on your findings with recommendations, and all from the comfort of your own home with no cost to you other than your time. Next, fix the problems that you found and action any recommendations.
Museums
I love museums.
My friends and family get bored easily when I drag them around yet another museum or art gallery. But I love them. They transport me back in time into history. They bring what I have read in books alive. I can see the objects, clothes, furniture, and rooms from different periods, cultures, and countries.
I can get lost in a museum. The bigger the better. I’ve spent many hours in the British Museum and The Louvre. I’ve stood beneath objects so big in the Cairo museum, and stared at the small Mona Lisa as tourists walk by, snap a pic, then keep on walking. Did they really see it or did their phone see it for them?
I’ve been in museums in the Americas, Australasia, Africa, and Europe. I’ve been invited into archives and restoration rooms, been to early screenings, grand openings, and closings.
I love museums.
Overwhelmed
Ever get that feeling of just being overwhelmed?
There’s just too much to learn.
There’s too many jobs to do.
There’s too many people to fit into the schedule.
I can’t read everything by then.
We can’t fix everything.
There’s not enough time.
It can all be.. overwhelming.
Sometimes you just have to take a moment, think, get perspective, and work out what you can achieve in the time available. Then communicate that to whomever. Maybe yourself.
The world is full of things to learn, things to do, people to see, places to be. Time is precious; spend it wisely. Don’t get overloaded by the noise. Make wise choices and just do what you can. Choose quality over quantity, expertise over generalist, friend over networker.
Don’t let the noise drown your signal.
Using OSINT to locate old friends
As you get better at OSINT you start to wonder what else you can do with these skills. Like maybe locating old friends.
I’m not talking about stalking here, to be clear. I’m talking about seeing if you can use OSINT to research an old friend to see what they are up to and if they are ok. Maybe you worked with someone day in and day out twenty years ago and you haven’t heard from them in decades. Are they ok, what are they up to these days? Not to say hi but just to know that they are ok and doing well.
I’ve worked with many people for many years and on occasion I often wonder what they are up to and if they are well. Using OSINT you may just obtain the answer. Hopefully a positive one.
OSINT, reconnecting people.