Three Buddy Problem cover image

Three Buddy Problem

Latest episodes

undefined
Apr 25, 2025 • 1h 34min

Thomas Rid joins the show: AI consciousness, TP-Link's China connection, trust in hardware security

Three Buddy Problem - Episode 43: Director of the Alperovitch Institute for Cybersecurity Studies Thomas Rid joins the show for a deep-dive into the philosophical and ethical considerations surrounding AI consciousness and anthropomorphism. We dig into the multifaceted implications of AI technology, particularly focusing on data privacy, national security, and the philosophical questions surrounding AI consciousness and rights. Plus, TP-Link under US government investigation and the broader issues of consumer trust in hardware security, the need for regulation and inspectability of technology, and the struggles with patching network devices. Cast: Thomas Rid, Juan Andres Guerrero-Saade and Ryan Naraine. Costin Raiu is away this week.Links:Transcript (unedited, AI-generated)Anthropic: Exploring AI model welfare, consciousnessDavid Chalmers: Taking AI Welfare SeriouslySam Altman: AI privacy safeguards can’t be established before ‘problems emerge’TP-Link router pricing and China ties under US gov probeBloomberg: TP-Link’s US Future Hinges on Claimed Split From ChinaVerizon DBIR 2015 (full report)Mandiant M-Trends 2025 ReportFBI seeking tips about China's 'Salt Typhoon' hackersNorth Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ FeatureDan Geer on the realpolitik of cybersecurityLABScon 2025 CFP is openRansom War by Max Smeets
undefined
26 snips
Apr 17, 2025 • 1h 39min

China doxxes NSA, CVE's funding crisis, Apple's zero-day troubles

The discussion kicks off with China's surprising revelations about alleged NSA cyber operatives and the geopolitical fallout of these cyber accusations. They dive into the mounting concerns surrounding Apple’s critical zero-day vulnerabilities and the shaky ground of the CVE funding crisis. Listeners gain insights into the balance between enhanced security features and user convenience, and the challenges faced by the tech community amidst rising costs of mobile exploits and external dependencies. The episode wraps with reflections on personal connections and resilience in the cybersecurity world.
undefined
Apr 4, 2025 • 1h 37min

NSA director fired, Ivanti's 0day screw-up, backdoor in robot dogs

Join a lively discussion on the NSA director's unexpected firing and its implications for national security. Delve into Ivanti's critical mismanagement of a VPN vulnerability that a Chinese APT exploited. Discover the fascinating keynote about trust in hardware supply chains and the risks of undocumented chip areas. Laugh at the idea of a backdoor found in a popular Chinese robot dog while pondering China's robotics market dominance. Moreover, gain insights into AI's role in identifying software vulnerabilities and Russian operatives impersonating the CIA.
undefined
43 snips
Mar 28, 2025 • 1h 53min

Signalgate and ID management hiccups, PuzzleMaker and Chrome 0days, Lab Dookhtegan returns

The podcast dives into the risks of using Signal for sensitive communications, highlighting its vulnerabilities and ethical dilemmas. There's speculation about Kaspersky's 'Operation Forum Troll' and discussions on mysterious APT campaigns. The return of Lab Dookhtegan sparks conversations about hack-and-leak strategies related to Iranian cyber operations. The hosts also debate the implications of lifting sanctions on Tornado Cash, touching on privacy concerns and cryptocurrency regulation. Expect humor and light-hearted tech banter throughout!
undefined
32 snips
Mar 21, 2025 • 1h 56min

China exposing Taiwan hacks, Paragon spyware and WhatsApp exploits, CISA budget cuts

Katie Moussouris, CEO of Luta Security and a pioneer in vulnerability disclosure, joins the conversation to shed light on crucial cybersecurity topics. They delve into China's recent exposure of Taiwan's APT actors and the implications of naming such entities. The discussion also covers the troubling rise of spyware, particularly relating to Paragon and WhatsApp. With a nod to the fragmented exploit markets, Moussouris highlights the urgent need for budget support for CISA amidst tightening financial constraints, emphasizing the broader impacts on cybersecurity.
undefined
Mar 14, 2025 • 2h 6min

A half-dozen Microsoft zero-days, Juniper router backdoors, advanced bootkit hunting

This discussion dives into a trove of Microsoft zero-day vulnerabilities and Apple's security flaws in iOS. The hosts explore the implications of AI competition, particularly around OpenAI's stance on foreign AI technologies. They also dissect Juniper router backdoors and the challenges of detecting UEFI bootkits. In the crypto realm, the dangers of MEV sandwich attacks come to light, highlighting the chaotic dynamics of decentralized finance. Finally, they touch on the pressing issue of press freedom, spotlighting the challenges faced by journalists amid governmental pressures.
undefined
57 snips
Mar 8, 2025 • 1h 40min

Revisiting the Lamberts, i-Soon indictments, VMware zero-days

Explore the humorous challenges of cybersecurity naming conventions and the significance of International Women's Day in Eastern Europe. Dive into the complexities of U.S.-Russia cyber operations, the layered dynamics of political messaging, and the unique identifiers of the Blue Lambert malware. Discover the implications of recent VMware vulnerabilities and the ethical dilemmas surrounding state-sponsored hacking linked to private contractors. Conclude with a look at Apple's shift in spyware notifications and the alarming lessons from a massive cryptocurrency hack.
undefined
40 snips
Mar 1, 2025 • 1h 53min

Lazarus ByBit $1.4B heist was supply chain attack on developer

Dive into the thrilling world of cybersecurity as experts discuss the art of bug hunting, highlighting the mental resilience needed in the face of setbacks. Explore the shocking $1.4 billion Bybit heist linked to the Lazarus Group, examining the mechanics of supply chain attacks. The impact of AI on vulnerability discovery sparks debate on the balance of technology and human storytelling. Ethics in exploiting vulnerabilities and the changing U.S. cyber policy landscape are also key topics, revealing the complex interplay between security, privacy, and global dynamics.
undefined
32 snips
Feb 23, 2025 • 2h 7min

North Korea's biggest ever crypto heist: $1.4B stolen from Bybit

Dive into the staggering $1.4 billion Bybit heist, orchestrated by North Korea's Lazarus Group, raising serious questions about cryptocurrency security. The turmoil leads to humorous discussions on power outages and AI privacy policies. Explore Microsoft’s breakthrough in quantum computing and the implications of AI-driven privacy erosion. Discover how historical financial crimes relate to today's crypto dilemmas and hear about the challenges of detection in the face of evolving cyber threats. It’s a rollercoaster of tech, security, and geopolitical intrigue!
undefined
17 snips
Feb 15, 2025 • 1h 25min

An 'extremely sophisticated' iPhone hack; Google flags major AMD microcode bug

Discover the astonishing hack that bypasses iPhone's USB Restricted Mode, unveiling complexities in smartphone security. Learn about a severe AMD microcode vulnerability that poses risks to cloud providers. The discussion dives into the challenges of defending against escalating cyber threats, including atrocious phishing campaigns by Russian actors. With a lighthearted twist, explore the importance of fitness in tech and celebrate the unsung heroes keeping us safe in cybersecurity. Tune in for a mix of critical insights and amusing anecdotes!

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner