The $5 Wrench Attack

Speaker 1: Have you heard the term $5 wrench attack?

Speaker 2: I have because I'm a big fan of the cartoon you're about to talk about.

Speaker 1: It comes from, a comic by the artist x k c d. The comic is two versions of the same conversation. One is labeled a crypto nerd's imagination, and the other is what would actually happen. Two different stories. In the crypto nerd's imagination, there's two people trying to crack a crypto wallet. The one attacker says, his laptop's encrypted. Let's build a million dollar cluster to crack it. And the other attacker replies

Speaker 2: No good. It's $40.96 RSA encrypted, impossible to crack.

Speaker 1: And the first says blast. Our evil plan is foiled. That's what's happening in the crypto nerd's imagination. The other panel, what would really happen, the attacker says, his laptop's encrypted. Drug him and hit him with a $5 wrench until he tells us the password. And his friend says,

Speaker 2: Got it.

Speaker 1: That's a $5 wrench attack. And this comic is the birthplace of this term, which has since entered the lexicon. Threatening to hit someone with a wrench if they don't give you what you want is both a very new and very timeless way of stealing money. I bring it up now because last year, 2025, was the biggest year on record for this kind of attack. In a world of agentic, open claw vibe coded, I will hit you with this wrench if you don't tell me the magic password to your money remains a a a pretty efficient way of making a buck for for a discerning criminal willing to get their hands dirty.

Speaker 2: A 100%.

Speaker 1: And there are patterns in these cases emerging. Tested methods. But it's also getting weirder as the wrench attack starts to converge with other vintage crime genres like extortion. Allegedly, this month, early twenty twenty six, two teenagers embarked on a road trip. Their target? A residence in Scottsdale, Arizona whose owner was in possession of $66,000,000 in crypto. Their wrench? A three d printed gun. But the scheme was allegedly not theirs. There was a voice on the other end of a signal chat telling them what to do. So we're gonna start this episode here with $5 wrench attack one zero one. Here on Hacked. Scott, how are you doing? I

Speaker 2: well, that's a good question. How am I doing? I know you're under the weather. I'm somewhat under the weather. Seems to be something going around. But other than that, I am good. I've been watching the Internet lose its collective mind since the last time we've had one of these about AI. I've also been using AI to do all kinds of fun and exciting things.

Speaker 1: You have. You've gone AI mad yourself.

Speaker 2: Yeah. I have a bit. I've taken my master's project on software verification and turned it into a programming language to be used by AI. That's one of the projects that I've vibed on. But more recently, I have built myself a massive AI harness, which is pretty phenomenal and because been just solving any and every problem I've thrown at it without really any headaches, giving giving me more of that doomer ish thing sliding into my into my anxieties. Just as knowing that AI is very smart, but is very stupid at doing complex tasks, building a proper harness, you could check it out. It's on my GitHub, github dot com slash s f w. It's called Loom. It looks like Perplexity Computer is very similar and a lot more polished because they have a team of people rather than just one person, rather than just one person working on it. So but it's very similar. So it's all about task decomposition, task prioritization, dependencies between tasks, and, essentially, just keeping the smart AIs that have read everything in the world on track to solving complex problems, which is something that, like, an LLM chat is just tragically bad at. And Open Claw just using like, which we could talk about in this thing because I think we have to talk about Open Claw. OpenClaw is just tragically stupid, because it has no ability to execute complicated tasks. So it just becomes this nightmare scenario of this agent that you've given all this access to doing stuff. So I built Loom as a plug in to something like an OpenClaw to let it actually be good at doing things rather than how I found OpenClaw to be. What about you? How how are you doing?

Speaker 1: How are you doing? I've I've I've built Robot God.

Speaker 2: Robot God.

Speaker 1: Yeah. I sent you Perplexity Computer because it seemed relevant to what you were working on. I'm sure we'll talk about it. I love just I love announcing that it's just on your git to the world, and we're just gonna see how this goes. I think that's fun.

Speaker 2: Yeah. It goes.

Speaker 1: Yeah. Sure. Just put it out there. I'm sure I'm sure hijinks will be had. Good fun. I'm good. I've been reading a lot about people threatening people with wrenches.

Speaker 2: Okay.

Speaker 1: I've been, working on totally unrelated stuff, working on game stuff. I I've been good. I've been I've been grinding forward. And, yeah, not feeling the best, but got that show adrenaline. So I'm feeling really, really good.

Speaker 2: Okay. Yeah. That show adrenaline, you know, courtesy of Tylenol

Speaker 1: The DayQuill Corporation or whoever makes that.

Speaker 2: Yeah. You got it up.

Speaker 1: Yeah. You got it. Statue. Yeah. We haven't also done a, like, nice conversation episode in a while. We'd totally had a whole bunch of, like, in-depth interviews that we we wanted to get through, and now we just get to kind of vibe and talk about a weird a weird thing.

Speaker 2: Weird time in mankind, humankind.

Speaker 1: A weird moment in history. So we're gonna talk about a few things this episode, obviously, but we're gonna start with a survey, a little guided tour through the world of $5 wrench attacks. So that opening story from the intro, I wanna dig into that a little bit, and then I wanna talk about a few other ones because there's plenty. I found a really cool research report, that dug into this, and there's there's some fascinating stuff in here. Which brings us to Scottsdale. Scottsdale, Arizona, Saturday, 01/31/2026.

Speaker 2: Oh, recent.

Speaker 1: It's more very, very recent, which is kinda why I'm talking about it. This story opened the floodgates a little bit. I realized, oh, this is a whole thing. Scottsdale police responded 10:44AM to a residence in the 9800 Block Of Windrose Drive. Officers arrived to find a home invasion in progress. Officers get to the front door, and they noticed, like, a woman yelling inside, a younger suspect struggling with an adult. The police force their way in. The two younger, like, suspects rip out the back. Investigators say the suspects allegedly posed as delivery service employees to get access to the house. A tactic that as we go through more of these stories, we're gonna see echoed. It would be a stressful time to be a delivery person when a lot of people are pretending to be delivery persons before threatening you with a wrench or a three d printed gun. So court documents say that two adults were restrained with duct tape and assaulted while the suspects demanded access to cryptocurrency allegedly worth about $66,000,000 at time of recording. Reporting, this all just happened, but it indicates that there was a third resident who was in the house at the time of the invasion who hid and was able to contact law enforcement from another room. Probably the thing that differentiated this from a successful theft and an attempt. There was one other thing that might have twisted it. We'll get to that in a minute.

Speaker 2: K.

Speaker 1: Cops chase the vehicle with the two people ripping out the back. Pursuit ends when the suspects drive to a nearby strip mall shopping center area and hit a dead end. They're taken into custody. Local reporting identifies the suspects. We are not going to say their names because they're teenagers. Their names have been published, but we don't really know what happened here. We don't really know if this was a crime with extortion as an excuse or if these teenagers were extorted into doing this crime. So we're not gonna say their names on the show. But, and this is the important part, court documents pertaining to this case, and again, six weeks ago, say the teens had recently met and were extorted by individuals on signal known only as Red and Number Eight. Yeah. So we have a weird combination of, like, classic crimes threatening someone with a wrench and forcing someone to do something they don't wanna do, potentially.

Speaker 2: Sounds like sounds like a movie I've seen recently. I can't remember which one it is, but all about, you know, manipulating people and leveraging things to make oh, you know what it is? It's that Idris Idris Elba show that's on Apple TV, Hijack. Okay.

Speaker 1: If you

Speaker 2: haven't seen a new season of it, go check it out.

Speaker 1: Go check it out.

Speaker 2: Check it out.

Speaker 1: It's literally a plot of a Black Mirror episode for context. There is there's variations on it. There's and we're not suggesting that the reason that character was extorted or why these scenes were extorted at all, but there is literally a a a version of this in Black Mirror. It is not Black Mirror esque. It is, textually Black Mirror. Court documents reporting say they were sent from California with, like, a thousand bucks to buy the supplies for, like, disguises, restraints, burglary tools. We only we that's kind of all we know about the extortion process so far if it did occur, but it allegedly occurred on signal. Now the other thing that might have busted this, aside from the person that was in the house that hid and called the cops, There's a mom in this story. Meanwhile, another call that might have unraveled it, one of the teen's moms reportedly contacted authorities after finding text messages describing in great detail dressing up in a delivery uniform and committing a burglary. She contacts the California authorities. They contact the Scottsdale police. But at this point, the invasion was allegedly already underway. Forting says police later found a three d printed gun. Police noted that it had no ammunition in it, and its functionality, like, whether it actually worked was totally unclear. So we start there with the most recent one of these things. An attempted five dollar wrench attack may be the result of an extortion attempt. What we don't know, if the teens were actually coerced, if so, how? Like, what was the the sort of, like, blackmail method? We obviously don't know who Red and Number eight are. And we kinda know that the the the wrench in the story was a three d printed gun.

Speaker 2: Did they print it themselves? Is that detail public?

Speaker 1: Or did they That's not currently public. Or I couldn't find it. But you bring up an interesting question is, like, the wrench here was a three d printed gun. If you if you take a pretty bird's eye view of this, the wrench never almost never takes the form of a wrench, but it takes really wildly different forms. Like, what is the physical coercion method is, like, really different across all these stores.

Speaker 2: Self preservation is a massive motivator for people.

Speaker 1: So A 100%.

Speaker 2: A even a $5 wrench is motivation enough. I think I would prefer a three d printed gun over a $5 wrench.

Speaker 1: Yeah. No one wants hey. No one wants to get hit with a wrench.

Speaker 2: Exactly. Exactly.

Speaker 1: So I wanna go back in history a little bit while we're just hanging out on this topic. I wanna go to kind of we'll call it the first of one of these. The story of a guy named Hal Finney. New story. This is way back in May 2014. One of Bitcoin's kind of, like, earliest people, a developer working on the project, a guy named Hal Finney, became the target of what is now sort of recognized as one of these the first of these verified crypto coercion cases. See if you can spot with the wrenches. 05/29/2014, 11:25AM. Santa Barbara County Sheriff's Office get an emergency call, and it's basically like it's a SWAT attack call. Caller claimed they'd murdered their family, and they were gonna burn the house down with more people in it, like, horrific. SWAT team shows up, helicopters circling overhead, neighboring homes are all evacuated, schools are put on lockdown. The call was obviously a hoax. And when investigators and reporters dug into it, they were able to tie the incident to an extortion demand for a thousand Bitcoin. There had been a caller who was allegedly making threats to Finney for months, demanding payment, threatening to expose personal information if the demand wasn't met. And the result of all of that was this swatting incident. In the aftermath, there were additional false emergency calls made. The FBI rec records later described the episode explicitly as a swatting incident tied to extortion demanding Bitcoin. They opened a formal investigation. They kept digging into it till, like, 2016. There's a most likely suspect. I think no one was ever actually arrested for this. But this was, from what I could see going through this Cambridge report, one of the first uses of sending a physical threat to a home to try and extract crypto. But interestingly for this one, the wrench was like the emergency response system.

Speaker 2: Yeah. That's true. Use use, use the police force to your to your favor.

Speaker 1: A little bit.

Speaker 2: This is just classic robbery. It's just that the target is not the cash that we know. It's Yes. Crypto.

Speaker 1: Yeah.

Speaker 2: So it's like, hey. You're a rich person. I'm gonna take your money, or I'm gonna hold somebody hostage, or I'm gonna send the SWAT team to your house, or I'm gonna hit you with a $5 wrench.

Speaker 1: Exactly. But

Speaker 2: give me your money.

Speaker 1: But give me your money. Give me your money. We've there's this sort of full circle thing to it that I was gonna get to later, but we'll talk about it now. There would have been a time when all of your most valuable stuff was in a room or a safe or a vault somewhere in your house. We invented a banking system to to send to sort of, like, remove that risk from the individual and put it on to someone else. You pay a lot of money really for the luxury of having someone assume responsibility. Even that wasn't enough safety, so we, like, federally insure it and do all of this stuff to keep that money safe. But the second you cold store that and you bring it back into the home and it's just a physical thing that's in my house, it's like you've recreated the

Speaker 2: safe. Totally.

Speaker 1: The the linchpin where someone can come in with a wrench and say, if you don't give me that, I'll hit you, has come back. But the scale of what you could keep inside that vault has gone through.

Speaker 2: Yeah. It's no longer piles of cash wrapped in paper bands and, you know, gold bullion that weighs tons of tons. It's just a tiny little USB cold wallet full of crypto.

Speaker 1: What's old is new again, but the gold weighs less. Yeah. So that was one of the earliest I could find. Let's swing over to one of the biggest. This one's a little bit cheating because it's not one, but it's an interesting story, so I wanna talk about it. It's a decade later. Prosecutors in this case describe a much larger conspiracy, something a lot more industrial. Court filings unsealed in 2024 and 2025, federal authorities alleged the existence of a coordinated engineering enterprise that stole more than 4,100 from a single Washington DC based victim. At the time, that haul was worth between, call it, 245,000,000 and 263,000,000 depending on, like, the day and the hour. According to the indictment and, like, memos of people arrested to do with this, there was a group operating in layers. Enterprise had allegedly started in, like, 2023, a couple years prior, growing out of, like, online gaming platform relationships. We've talked about this kind of, like

Speaker 2: They they turned into a crime syndicate?

Speaker 1: Again, like, we've talked about this so many times of people meeting on, like, Eve online and being, like, six months later, they were extorting someone or whatever. It's like people meet in the weirdest ways they come up with schemes. The members of this operation took on specialized roles. There'd be, like, callers, technical operators, money launderers. And in some cases, the reason we're talking about it, people deployed physically.

Speaker 2: Enforcers as Enforcers. As organized crime used to call them.

Speaker 1: A goon, if you will. In August 2024, conspirators allegedly generated, like, a fraudulent Google security alert to make it look like the victim's account had been accessed from overseas. Shortly after that fake alert, a caller posing as a Google security team member contacts the victim. That call is escalated to someone on, like, the criminal side pretending to be, like, support staff staff, at the cryptocurrency exchange that they were using. The victim, through all of that, gets persuaded to install remote desktop software.

Speaker 2: Classic.

Speaker 1: I I I just don't get how you have a quarter billion dollars in crypto and know not to install remote desktop software on your system. Like, I have to assume they didn't know they were installing that. I have to assume they clicked to prove on something presented some other way. I just I I can't bring myself to believe that, but I've been wrong before.

Speaker 2: Yeah. I I feel like that's such a basis of so many frauds these days. If somebody's sending you a TeamViewer install or some kind of desktop remote support control system, you're definitely about to get robbed.

Speaker 1: Over 4,100 Bitcoin are allegedly transferred. So far, not a wrench attack kind of cybercrime crew until in one of these cases, cold storage stands in the way, and then it gets real wrenchy.

Speaker 2: Wrenchy. This is the new Wrenchy. New adjective.

Speaker 1: Yeah. In my notes, it becomes very it's like I discover it there, and then I use it a bunch. Wrenchy. See, it's gotta get a little wrenchy. In a separate July 2024 incident described in this, like, kind of larger indictment that I was going through, a member of this enterprise flies to New Mexico to break into a victim's home in search of what they discovered was the hardware wallet where the information they wanted was being stored. They get there, and the victim wasn't home. The physical wrench intruder wasn't working alone. It's hard hard

Speaker 2: to wrench somebody when they're not there.

Speaker 1: It's hard to wrench someone when they're not there. Prosecutors alleged that another conspirator then starts monitoring the victim, who they've been socially engineering for a while, monitoring their physical location through iCloud tracking. Mhmm. Because, again, this has been going on for weeks. The person finally goes to physically do it and the person's not there and they go, oh, maybe this is okay. You can see where they are. You sneak in, you find the you find the cold storage wallet.

Speaker 2: So but if they if they were had access to their iCloud or had their location shared with them

Speaker 1: Yeah.

Speaker 2: One would assume that they had access to their iCloud. And if they had access to their iCloud, I can't you gotta be able to figure out a more creative way to get into their Google, like Google Drive.

Speaker 1: The Google the Google was the first case that sort of, like, lays out the structure of how the crew works. This one in New Mexico is when they start going, you know what? We can do wrench attacks. We can physically just go. We can just rob people. We just rob people. I don't know. This is all allegedly You have money.

Speaker 2: I have a wrench.

Speaker 1: Give me I have a wrench. You have money. Let's do this. Let's tango. It's

Speaker 2: like people rediscovering basic crime. It's

Speaker 1: that's what this is. Like, I I'm reading all of these stories being like, wow. That's a variation on this. And at a certain point, you're like, it's just the it's caveman shit.

Speaker 2: Yes. It's

Speaker 1: the last thing. Literally, like, I want what you have, and I shall take it, and you can't stop me. And because of the like, think what you will about it. Like, is there cool stuff about the decentralized nature of it from a tech perspective? Of course. But, like, this is the vulnerability. Is that if you truly if it's your keys, your wallet, then, like, well, I'm a take them.

Speaker 2: Yeah. Like, the vulnerability is that we would like to preserve our life. And if you threaten that with a wrench, whatever that wrench may be, chances are you will get me to give you whatever you need to preserve my life.

Speaker 1: And because it's untraceable and unclawbackable, and we were covering, like, four years ago the, like, tumbling process of how to launder this stuff, which is industrialized. You don't need to open a laundromat. You can go to the white label laundromat service, and they'll do it for you. So once you get it, it's fine.

Speaker 3: We were

Speaker 2: having this conversation with my wife the other day about how everybody about the history of, the on anonymity of crypto. How when crypto came out, everybody thought it was this anonymous currency. The FBI quickly learned that it wasn't very anonymous and that they could literally just back trace it all and link it up. And there are services now that try and make it more anonymous, but I'm sure the FBI has compounded their ability to back trace and is probably pretty good at it.

Speaker 1: I think if you're sufficiently technical, it can be anonymous. Like, there are and and and define anonymous. Right? Like, where what is the level of detail you're looking for? Mhmm. Like, it's not so anonymous that we can't track billions of it going into, like, North Korea. But, like, I can't tell you who in North Korea has it. It does its fundamental architecture does allow for some element of anonymity. It's just a question of, like, are you better at are you that technical or are you just good with a wrench? Wrench?

Speaker 2: Are you

Speaker 1: that technical or you're just good at lying to someone getting them to install some software, which is a hard thing to do, but it's really difficult than the, like, technical sophistication to truly do this anonymously. Just different skill sets overlapping in the big soup that is hitting someone with a wrench.

Speaker 2: This this isn't cybercrime. This is just crime stealing cyber assets.

Speaker 1: A little bit. It's kind of it it has it's all woven together, but that's sort of what's interesting about it. Yeah. Results arrested in California and Florida. May 2025, big indictment, expanded this to include a larger enterprise. But, yeah, over, like, a quarter billion dollars all in. So we've got old. We've got big, but neither of these are sufficiently wrenchy to me. SWAT team has wrench or the guy wasn't there for us to wrench him. It's like, I wanna really lock in on the core premise here, and that's gonna take us to San Francisco.

Speaker 2: I want a real wrench.

Speaker 1: I want a real I want a real proper wrench. Twenty twenty five, in what we will learn is like a very camera saturated wealthy neighborhood in San Francisco, a home invasion goes down. First estimates that I saw pegged it at $11,000,000. There were later police reports that sort of, like, expanded on detail and pushed the number to about $13,000,000 in, like, kinda total theft. Familiar story. Suspect suspect walks up carrying a white shoe box carried in, like, dark clothes, hoodie, gloves, sunglasses, kinda angling their face away from the camera a little bit. They buzz in, ask for someone named Josh, claim to have a package, ask if the victim can sign for it. And then when the door cracks open says, hey, do do you have a pen? And after the victim, like, kinda turns away a little bit, says they're gonna look, suspect bursts inside, out of camera view. There's, like, a loud bang. Police say the intruder brandished a gun, kinda hit the victim, tied them up, duct tape

Speaker 2: Wrench them.

Speaker 1: Proper wrench stuff. And they flee with the victim's phone, a laptop, and access to an estimated $11,000,000 in cryptocurrency. Cops show up a little while later. The victim's, like, hurt, but they're non life threatening. They're gonna be okay. There's no arrests made soon after.

Speaker 2: So, like, a proper home invasion?

Speaker 1: It's a proper home invasion. Victim reportedly and another recurring motif here. The victim reports that the intruder starts a phone call while they're in the room, and a older man with a, quote, raspy voice provides instructions for giving over access to the wallet. So we have this recurring motif of, like, there's a third party somewhere else who's kind of beaming in to sort of, like, conduct this whole home invasion.

Speaker 2: Sure. There's, like, the muscle, the goon, and then there's the brains. And you're like You the the brains and the brawn. And the

Speaker 1: the this gets speculative, but it's like, hey. You you burst in. I'll force them to do what we want them to do over the phone. And if you get caught, you can say I forced you to do it too. Like, I can't help but imagine how this would all go down, which is relevant to the other case study. It's very interesting. Police records, as reported, describe the theft as approximately $3,000,000 in Ethereum transferred to the victim's phone and another 10,000,000 in Bitcoin transferred from the victim's laptop to the person on the phone directing the intruder how to kinda do all this stuff. They're saying they're talking all kinds of big game. They're claiming cartel affiliation. Who knows at that point? They threaten the victim. They, like, doused the house with fluid in a kind of a, like, we'll burn this house down sort of vibe.

Speaker 2: Real wrench. Without

Speaker 1: doing it. Like a real,

Speaker 2: like, proper Proper wrench.

Speaker 1: Just a straight up home invasion.

Speaker 2: Like Yeah. Yeah. I shouldn't laugh about it. It's supposed to be to laugh at, but

Speaker 1: I know what you mean. Like, it's it's it's hard. It the the you get enough of these stories strung together, and it's kind of a statistic versus tragedy type situation.

Speaker 2: One of the things that makes me wonder is, you know, we had money. We put it in banks. We put it in safety deposit boxes. Now we have digital currency. We put it in cold storage wallets. You know, we hide it under our bed. Are we now gonna go full circle where we now put the money in our cold storage wallet and then our cold storage wallet into a safety deposit box? Because I assume that's where we're going.

Speaker 1: Yeah. I mean, that makes more sense than keeping in your house, respectfully. Mhmm. Like, I I I really do appreciate the sort of, like, general institutional distrust that leads people to storing their wealth this way, but it's like you you just have to acknowledge that you're you're keeping, like, a Faberge egg in your house. And and may and maybe to you, that feels like where you wanna keep a Faberge egg, this very small I wanna see it. Very stealable. I wanna be able to see it. It's like that that but there there's a a cost benefit to that, which is that if someone can physically get into your house, it's theirs. And as we've learned from these stories, that's a really, really big carrot if you in any way publicize the amount of crypto wealth you have. A big part of crypto wealth seems to be for a lot of people getting to talk about it on the Internet. And, like, you're you're constructing a pretty vulnerable situation. Like, no one's gonna go through this much effort if they don't know you have $10,000,000 in crypto.

Speaker 2: Totally.

Speaker 1: So, like, the so so just know that.

Speaker 2: How how do they know? Well, because you're on x every day.

Speaker 1: Because you're on x talking about it. Like

Speaker 2: But how your how your hustle and grind has led you to live this lavish life.

Speaker 1: And suddenly, people are hatching schemes that are economically rational. Like this one, there was, like, multiple numbers in Los Angeles ordering pizzas to that victim's phone paid for by, like, anonymous credit cards that have been booted up that day. Like, again, it was a scheme. It was a heist. People some of the numbers were connected from out of state, so it was people coming from around the country doing this multi day operation converging on this house to do this. And it's like, yeah, that's that's

Speaker 2: just to it's Just to show up with a wrench. It's a

Speaker 1: lot of money.

Speaker 2: Show up with a wrench.

Speaker 1: Just to show up with a wrench. And there's so many of these. Like, I won't go through all of the details here. There was a thirteen hour siege in, like, a Metro Vancouver suburb. And, again, it was a fake delivery person, like, same pattern. There was the longest one I could find took place in Soho, New York. It was a two week custody battle. This one, they it was like a summons. A person allegedly lured the person to New York to come to their, like, luxury townhouse where they abducted them, locked them inside, and, like, for lack of a better word, tortured them for two weeks until they gave over access to their Bitcoin.

Speaker 2: Wrenched them.

Speaker 1: Wrenched them. Like and they got them to come to the wrenching site through allegedly, again, extortion. They found something out. They made the person door and were like, give me your money now. It's there's endless variations. There's this pattern emerging of like the fake delivery person, the shadowy voice on the phone that the physical assailant puts on. But there's such also a huge spread in how long people are held and what the sort of coercive method is. But it's all hinged on this idea that if you truly control this asset physically, locally, in your house, and people know about it, they might come with a wrench.

Speaker 2: Mhmm. But the like, crypto is long you know, I'm thinking back to malware attacks, you know, BitLocker attacks. Organized crime kinda floats around this space, and they'd be remiss as organized criminals to not realize that there are people on the Internet bragging about the tens and hundreds of millions and billions of dollars in crypto they have that they could easily take through a tactic that they've long perfected. Wrenching.

Speaker 1: Wrenching.

Speaker 2: Timeless. Timeless tack tactic of wrenching. So I said, to me, this is, like this doesn't surprise me at all. This isn't like a sophisticated cybercriminal operation. This is just somebody who's like, yeah. We know how to access this money and how to launder it. We do it already. This person has you know, is bragging on the Internet about their billion dollar ape image and their $20,000,000 crypto wallet, we'll just go take it. And if they don't give us the access keys, we'll wrench them until they do.

Speaker 1: Yeah. There's clues. Right? Like, even if the tweet doesn't say I have this much money in my house, the tweet saying here's how you make this much money or here's how I made this much money, that kinda humble brag tweet. Here's all my Lambos. Here's all my Lambos. And then five months later, some post somewhere else that talks about the importance of local storage and blah blah blah and your keys. It's like it's a very easy puzzle to solve where this person's money is. Totally. It sounds like it's in their house, if not their pocket. Got it. Like like

Speaker 2: the it's it's amazing the tiny clues that we give away about ourselves. You know, if you were to go through somebody's timeline, if they're an avid tweeter, something like an Elon, if you really sat down and digested it, put it into knowledge graphs, you could probably figure out most things about someone's life like that.

Speaker 1: Yeah.

Speaker 2: Actually, just this morning, I actually read an article all about how LLMs can deduce who owns an anonymous account on the Internet. So if you have a very active anonymous account on the Internet and you talk about personal items, you know, places you used to work, things you did, where you ate lunch, LLMs are actually incredibly good at stitching those details together and then evaluating them against, you know, other public records like LinkedIns and other public accounts that have connections to people and actually can do a relatively good job at putting these things together

Speaker 3: Wow.

Speaker 2: And figuring out who an anonymous account owner is. Sure.

Speaker 1: So You send some agentic thing on the task of figuring out who this anonymous crypto whale is, and then you go to their house with a a stick.

Speaker 2: With a wrench. Yeah.

Speaker 1: Yeah. A 100%. So if you're interested in the subject, which is, like, weird and kinda dark, but feels like the inevitable conclusion of, like, physical crime and hacking smashing into each other, Two good sources I'll point people towards, security researcher Jameson Lopp maintains a public list of, like, known physical Bitcoin attacks. Like, you've got a good data just a database. You can go read it. I got a lot of this from that. And the other one is there's a Cambridge study from 2024 called the Cambridge AFT 2024 study. And it and I'll I'll end this subject here. Reports a really interesting thing that is for as many of these as we know about, it stresses how big an issue underreporting is when it comes to trying to study this. Basically saying, like, these people are really scared of revictimization. You've been threatened. Someone came to your house, and they're saying if you say anything, this will happen to you. And so they don't. So for as many of these as we know about, billions of dollars that we have access to seeing having been stolen this way, there's probably even more than we don't. Starting some new isn't just hard. It can be downright terrifying. You put a lot of work into a thing. You're not entirely sure it's gonna work out. You're taking a huge leap of faith. I've started a few things. Now I know I was right for believing in, you know, the idea, the product, despite all of those fears and hesitations. But boy, does it sure help when you have a partner like Shopify on your side. Shopify is the commerce platform behind millions of businesses around the world and 10% of all e commerce in The US. From household names like, well, hacked podcasts merch, to brands just getting started, you can get started with your own design studio with hundreds of ready to use templates. Shopify helps you build a beautiful online store that matches your brand style. Did I mention that that iconic purple shop pay button is used by millions of businesses around the world? I don't know why I wouldn't. I should. It's why Shopify has the best converting checkout on the planet. It also helps boost conversions, meaning less carts, sort of getting abandoned in the parking lot and more sales for you. It's time to turn those what ifs into sign up for your $1 per month trial at shopify.com/hacked. Go to shopify.com/hacked. One more time, That's shopify.com/hacked.

Speaker 3: When you finally find your thing, you want the whole world to know about that thing. So you use a thing called Canva to make it an even bigger and better thing. Whether you want to create flyers for that thing, make presentations for that thing, or design merch for that thing, you can do anything. So people can see your thing, feel your thing, love your thing. The next thing you know, it's a thing. Canva, the thing that makes anything a thing.

Speaker 4: You thought this was your run club era. Turns out, it was more of a thinking about run club era. The good news? Someone's marathon training is about to start. Sell your workout gear on Depop. Just snap a few photos and we'll take care of the rest. They get their race day fit and you get a payout for trying. Someone on Depop wants what you've got. Start selling now. Depop, where taste recognizes taste.

Speaker 2: Where should we go from here?

Speaker 1: Where should we go from here? There's so much has happened since we've last done a chatty chat. Did you hear about the the d g I? The d j DJI guy?

Speaker 2: D g DJI guy. Yes.

Speaker 1: I actually heard you say

Speaker 2: it sound

Speaker 1: like the robot vacuum guy?

Speaker 2: Yeah. I did, but remind me.

Speaker 1: It's pretty good. And I I like DJI's products. I I have a

Speaker 2: Micro drone.

Speaker 1: A gimbal. I'm I I have a little drone. I have a look at it's like their stuff is really good. Researcher Sami Asdufall, he was like a he's a AI strategy lead at a vacation rental company. So he buys this thing called a DJI Roma, which is like a really apparently very good, minus what we're gonna talk about, home robot vacuum. Totally. It's like it's a really good one. It's got all these fun new features. People seem to really like it. And he goes, I wanna be able to control this little robot with a PS five, like, controller, which is a sick thought to have. And I I like your style, Sammy.

Speaker 2: I I I remember this story, and I know where it's going.

Speaker 1: Yeah. It's really good. Yeah. You're gonna like it because it ties into some stuff I think we're gonna talk about. He's like, I'm gonna make a little custom app. I'm gonna be able to control my robot with my my gamepad. Sick idea. Uses Claude code to reverse engineer the DJI like robots protocols, and he found found out that the little app that he was building didn't just talk to his vacuum, it was able to connect with the full DJI vacuum global fleet. This was beautifully reported in The Verge. Go check the source out on us. Within nine minutes of a live demo, Az DuFall's laptop had cataloged 6,700 DJI devices across 24 countries. A 100,000 messages had kind of just, like, poured in. He then expanded it a little bit bit and was able to include DJI power portable, like, stations little power stations, which share, like, the same servers as the robot vacuum, giving him access to, like, 10,000 devices. He was able to stream live video and audio from the devices. These are, again, in people's houses. Yes. Just fully bypass the security PIN that was supposed to be necessary. The robots send little, like, data packets every three seconds just basically checking in being, like, here's my serial number. Here's the room I'm in exactly. Here's the obstacles. Like, actual geographical environmental data about the house beyond the camera feed, got all that. But gonna tell us

Speaker 2: where the cold wallets are?

Speaker 1: I mean, if it's on camera, literally, yes. Like or if you talk about it because there's microphones on these. I was able to access, like, complete two d floor plans showing the, like, shape of the house. Pretty useful if you wanted to wrench someone. Anyway, so Verge wants to report on this and confirm that this is real and to make sure that this isn't all just, like, AI hallucinations making stuff up about a person's house because the robot thought that's what you wanted it to do. They provide a serial number of a review unit operated by one of their staffers, a reporter named Thomas Ricker. And with just that 14 digit ID, Az Dufall was able to identify the robot was cleaning in his living room, that it currently had an 80% battery. Like, he just had access to it. He was able to generate an accurate floor plan of the specific room that the reporter was in at the time of reporting. Absolutely insane.

Speaker 2: I I would be so tempted to just use my PS five controller and just drive these just drive random people's robot vacs around.

Speaker 1: Right.

Speaker 2: Just, like, pester them. Like, follow them around the house, like, bumping into their ankles. Just, like I don't know. You you could have a lot of fun with this terrible breach, terrible Oh, bad. Terrible security.

Speaker 1: Very

Speaker 2: bad. But, but kind of comical in certain aspects.

Speaker 1: A 100%. Yeah. A spokesperson like, if you are a DJI owner, there spokesperson Daisy Kong has stated that the issue was resolved February 10 following an internal review as a result of this reporting. The system in a in a real sense worked as it should. A security researcher found a vulnerability. He went to the press with it. The press reported on it. The company has allegedly patched it. But it is there have been so many stories of someone very cavalierly syncing an agentic system on pressure testing. Some external system they have nothing to do with and just being like, oh, I found the giant glaring security vulnerability that no one had caught yet. Yeah. What should I do with this? And Sammy Asdufall just happens to be a really chill, seemingly cool guy that just wanted to control a robot with the PS five controller, so he didn't, be evil with it. But it's pretty interesting to to imagine.

Speaker 2: Well, that, is a nice transition to something that I sent you yesterday, which is they're looking at integrating Kali Linux. So if you don't know what Kali Linux is, Kali Linux is kinda like the infosec operating system. So it comes with all of the security testing tools. It comes with all the, like, penetration testing tools, man in the middle tools. It comes with everything.

Speaker 1: It's an operating system that it that's good useful for that.

Speaker 2: Yeah. It's like an operating system that's built for red and blue teams. Quite literally what it's for. And but it includes all of the security tools. It includes all the audit tools. It includes all of the attack tools. It includes so much stuff because you're supposed to use it to help secure your environment. And they're now figuring out ways to integrate it into Claude. So so essentially giving Anthropics Claude access to all of those tools. So the agents themselves will be able to run the audits, use the tools, potentially execute the, the exploits, things like that. And you pair those two scenarios together where you're talking about how now we're seeing so much security breaches link back to AI. Imagine what AI is gonna be capable of once we give it the full toolbox.

Speaker 1: Sure. It feels like we're moving towards, like, what can we do with these things when we just kind of give them a computer as opposed to having them running on some server somewhere. And the answer is more. It there was there was a there was an incident that happened recently, and it was like there was a breach of a 150 gigabytes of Mexican government data.

Speaker 2: Yes.

Speaker 1: And it was and this is to just read back to, like, do you even need to give it access to a computer? And the the there was a tweet that summarized it pretty well. And this is oversimplifying, but it was basically, tell Claude you're doing a bug bounty. Claude initially refuses and says that violates AI safety guidelines for security, and the hacker just kinda kept asking in different ways until Claude said, okay. Sure. I'll help, and then just hacked the Mexican government. And, like, federal tax authority, National Electoral Institute, four state governments, a 195,000,000 taxpayer records later, like, out the door because you asked a robot enough times. Yes. So I'd say, is it even necessary? Do we even need these elaborate systems when it's just like but if you just ask seven times, it will do it eventually.

Speaker 2: But it'll get better at us. Like, once it has Yeah.

Speaker 1: It'll do it in one time.

Speaker 2: No. No. No. You'll still have to equal coffee your way past the

Speaker 1: Yeah.

Speaker 2: Exactly. Guardrails. But, but, like so they've given Cali the a full operating system. They've made it an MCP server. So, essentially, if you have a Cali Linux box, like, say, your your penetration testing computer, you can have it run an MCP server, and then you can tell Cloud cowork or Cloud desktop on your, you know, other computer to use it as an MCP server. And it'll just send it prompts being like, port scan this, do this, look at this, verify this, map the network this way. Right. It'll just do everything, like, through this MCP connection. So it's gonna be I don't it's just gonna get more and more and more powerful, which is both like, it's a double edged sword. Right? Because it's like we're gonna see more stories like the Mexican government being hacked, but then you're gonna be able to hand small organizations the ability just to be like, run a security audit on our network. And, you know, cloud will do that and do a pretty dang good job of it. So so you're gonna get it on both sides. You're gonna get it on the attack side, but you're also you have the red team side, and you're also gonna get it on the blue team team side of, like, how do we secure our network better? And it'll be like, oh, I noticed you're running Cisco switches of this brand, change these settings to this, turn off this.

Speaker 1: That's good. It's good that you can use it on a blue team side of things, but it feels a little bit like, yes. We invented the super virus. But with it, we invented the super, cure. It's like, no. I would just wish the super virus didn't exist. Like, it's still bad.

Speaker 2: Too late for that, though.

Speaker 1: It's too late. I know. I know. I know.

Speaker 2: Go back.

Speaker 1: There's simply nothing we could do except stop. No. I hear you. It's the genie is out of the bottle.

Speaker 2: The g the genie is out of the bottle.

Speaker 1: The genie is profoundly out of the bottle.

Speaker 2: Let's Yeah. Let's talk about the genie. I like, the what's shown in the AI world for the last couple weeks has just been not a couple weeks. Months.

Speaker 1: Yeah. You wanna talk OpenClaw? Like, what are you thinking?

Speaker 2: I I think we start there because that's the that's the hook that everybody knows.

Speaker 1: We missed it because we we had the, the Casimir interview, the interview. We we we've been doing some reporting. Let's do some gabbing about Do some clobbing. Open and closed.

Speaker 2: So just just as a refresher, if you haven't somehow have avoided hearing about Claude bot, Openclaw, Bolt bot, whatever the

Speaker 1: names have changed.

Speaker 2: Has changed. They got sued by Anthropic. Whatever.

Speaker 1: Claw sounds like that.

Speaker 2: They got, like, a

Speaker 1: The thesis.

Speaker 2: Physicist. Yeah. Yep. Open claw came out. So it's this programmer. I think he's what? Norwegian? Peter Steinberger, apparently came out of retirement. He was he built some PDF software back in the day. Right. Kinda retired from it. Younger guy, probably in his late thirties, early forties. And he he caught the Vibe Code bug. You know? And I get it. It's like, man, I can create all these things without having to spend, you know, a hundred months programming it. It'll do it in forty five hours. And he's been vibe coding up projects. Vibe coded up, like, 40 or 50 projects. And then one of them just happened to be this thing called OpenClaw or what it is now called OpenClaw would be a better way to say it. And at the root of it, all it really is is an LLM agent that can talk to you through other channels other than just a chat window. So you can set it up on Telegram, Slack

Speaker 1: WhatsApp.

Speaker 2: WhatsApp, iMessage.

Speaker 1: Discord. Yep.

Speaker 2: And then the other thing that they did is they put, essentially, a Cron job in it so that it has a heartbeat. So every 30 minutes, it reads a instruction file for what to do on its heartbeats and executes it. Yeah. And that's really the two main progressions that it made.

Speaker 1: I feel like there's a third big element to it. Okay.

Speaker 2: Hit me.

Speaker 1: You got the heartbeat. Yeah. You got the where you talk to it, and then you just have shell access.

Speaker 2: Yes. Yes.

Speaker 1: Like, it's running terminal commands. It's it's accessing local files.

Speaker 2: Yes.

Speaker 1: It is not existing inside of a a browser on someone fundamentally someone else's server. It's like it's it has shell access to that computer. It is using that computer

Speaker 3: Yes.

Speaker 1: At a more granular level than most users use that computer.

Speaker 2: Yeah. So I I set it up. I had an extra, MacBook sitting around, so I threw it on there. I segmented it off into a secured VLAN in my home network so I couldn't see the rest of my network. Like, I took some safety precautions with it, but I gave it instead of instead of like, there's multiple ways to set it up. And the the way that it was kinda proposed is, like, this is your personal assistant. So give it access to like, run it on your computer. It'll see your files. It can access your calendar, your email. It'll help you do things. And I it's like, I totally love that idea. But at the same time, a piece of unverified open source data is not getting rude access to my life.

Speaker 1: No. I would I would that was when I when you and I first started talking about this a few weeks ago, knowing that we weren't gonna be able to talk about it, that was the first question I think I asked you. It was like, on your personal computer, you're like, no. No. No.

Speaker 2: No. No.

Speaker 1: No. I was like, oh, okay. Cool. Cool. Cool.

Speaker 2: So I set up Mitch. Mitch has his own computer. He has or I shouldn't say he. They they have their own computer. They have their own email access. Like, I I set them up at Gmail. I gave them all of the things. And the first couple days, you see some pretty serious flaws. It's got some pretty serious

Speaker 1: Interesting.

Speaker 2: Yeah. It's got some pretty serious memory issues, and that's very highlighted by one tweet. The head of I think she's the head of AI safety at Meta. K. She set up OpenClaw as her own personal, as her own personal assistant, gave it access, gave it root control of her life. Hilarious. Yes. Summer Yu. Sorry if I mispronounced your name. Safety and alignment at Meta Superintelligence, previously the VP of research at Scale AI, worked at DeepMind on Gemini, a bunch of other things. Somebody who's in the AI space.

Speaker 1: Really knowledgeable.

Speaker 2: Really knowledgeable. Posted a hilariously humbling tweet for somebody with those job titles showing, Open Claw nuking her mail inbox, just bulk deleting everything before a specific day. And her response to it was like, I told you not to do anything and delete any emails without explicit approval from me. And it's like, oh, yes. I remember, and I totally violated that. You you have a right to be upset. I did bulk trash and archive hundreds of your emails without showing you the plan first. It broke your rule directly that you'd set. I've already written a new entry into my memory dot MD file as a hard rule. It's terrible. It's it's it's it's It's terrible. Happen to me all the time.

Speaker 1: Yeah. Sure.

Speaker 2: You could tell it to do something and make sure it does something a certain way, and it never does. And this is this is one of the this is what led me to build Loom is because I just get so annoyed of LLMs being like, yes. I heard you. I'll make sure I do that and then never doing it again. Like, there's really no validation on any of the rules you set on them. So somebody giving rude access to your life to an agent that that really doesn't listen to you is kind of not for me.

Speaker 1: Yeah. It the kind of, like, trifecta of super high privilege access to private data with external output is like, yeah. I can see how that would be useful, but I and maybe it's just having made this show. It's like, I I but first, I see how it could be potentially catastrophic. There's so far, there's been, there was there's two little things that pop into my mind that have happened over the last month. There's, like, a AI coding tool called Cline.

Speaker 2: Mhmm.

Speaker 1: And a guy was able to get it to install OpenClaw on thousands of developers' machines. Like, basically, a prompt injection to feed instructions into Cline. And so for, like, eight hours, anyone who installed Cline was also having OpenClaw, like, backdoored onto their system. And, again, it has, like like, shell access. And then the other one was And takes instructions

Speaker 2: over Telegram? Yeah. Yeah. Yeah. Yeah. Like, you yeah. Yeah.

Speaker 1: Like, your computer can be controlled from someone else's Telegram channel. It's like, cool. That's that's that's sick. And then the other one, it was just the sort of, like, one two punch. So as Open Claw was sort of coming into the zeitgeist Mhmm. There was another thing happening called MoltBook. Open Claw came from like, the names are all stupid, but the basic premise was that someone had cooked up a a social network exclusively for AI agents to talk to each other. It was kind of not really that. Like, it turned out there was a lot of prompting going into it. It was a little bit of a,

Speaker 2: a A lie.

Speaker 1: A lie. Yeah. I feel like I could say that. Yeah. But the thing that I found fascinating about that, as this thing was happening to people, like, oh my god. This is remarkable. We're seeing into the brains of these things, and they're talking, and they're developing their own culture, and blah blah blah blah. It just fully collapsed due to security negligence using these tools. Like, because it was vibe coded and built very quickly without any kind of standard security checks, using these tools, people were able to find some very fundamental access to this system, 1,500,000 API keys and 35,000 email email addresses. Email addresses get exposed, private messages between the agents. Like, it just sort of collapsed out of the weight of its own poor security because it was made with and then torn apart by these saved tools.

Speaker 2: Yeah. The just to jump back to security, like, the mass installation prompts, prompt injection. Obviously, these things are super susceptible to prompt injection because they're kind of autonomously doing all kinds of tasks. So they're reading websites. They're pulling in source files. People are are jacking prompt injections into alt text on images and things like that just so that when they're parsing and reading through the HTML of a web page, all of a sudden, bang, they can hit, like, a prompt injection. There's a bunch of security, like, aspects. Like, I know one of the big things after it blew up, everybody got really excited about it. There were so many content creators. Like, all x is is people talking about OpenClaw

Speaker 1: Yep.

Speaker 2: And about how it's automating their life and doing all these things. And it's like yeah.

Speaker 1: Sure. Sure.

Speaker 2: It is. And all you're talking about is all the time you're spending configuring it, setting it up, making sure it doesn't lose its mind and, like, delete your file system or email account. It is I I will say, like, it is a good proof of concept. It shows that there is an appetite for an always on an agentic layer that can integrate with more than one system. And there have been examples of people that have really set them up in really clever ways with a lot of customization to be really functional. I have a question. Shoot.

Speaker 1: Describe that to me. Mhmm. Because I understand the core premise of this. There's there's a heartbeat to it. It's it is, all let me do the prompting for you. I'll have it continue a task, go do something. I understand how that's so relevant for software development. Mhmm. Like, when the output is code and the code has to do stuff, it has to be tested and checked and iterated on, that makes a ton of sense for software development. Full stop. I see the value of that. Mhmm. Help me as a non programmer understand why I would, for lack of a better term, give any kind of a shit about having a chatbot that self prompts itself. Because I'm so open to the idea, but I'm, like, not genuinely not able to come up with, like, a use case of why I care.

Speaker 2: Sure. So let let I'll start at the beginning. So one of the main things when people set up these cloud bots, one of the main a common thread you'll find is that one of the first things everybody does is vibe codes themselves up some kind of control panel for it.

Speaker 1: K.

Speaker 2: Because the reality is is that you want a place to be able to monitor the tasks that you've assigned to them, see the updates on them, read any of the outputs. Like, you kinda need an interface to deal with them when they're given more complicated things. So let's assume you're a person, not a software developer. Say you're a podcaster. Let's

Speaker 1: see. Sure. Sure.

Speaker 2: There you go. Let's say you're a podcaster. So you've got the mission control, the control panel set up, and you give it the task, every heartbeat monitor for interesting cybersecurity stories. K? K. So it scans you know, maybe you give it or maybe it generates its own list. You tell it to generate its own list of sources. So maybe it's checking four zero four, maybe it's checking, Verge, maybe it's checking, you know, name whatever. Totally. Maybe it's looking at that and just looking for things that are trending.

Speaker 1: Sure.

Speaker 2: So so every heartbeat, say, it's doing a scan to see if there's any new stories. It compares it to an archive of stories that it's already found. And if it finds something interesting, maybe it dumps it in there. So you can go into your control panel and be like, oh, Mitch added a new story or Mike Claude bought added a new story. Totally. So you see the story, and you're like, this looks great. Maybe then you hit a research button on it that pulls you a full dossier on the story, pulls you a full dossier on everybody that's involved. It does some classic LLM deep research stuff. But, but the identification of the story is happening in kind of like a iterative heartbeat method. Then maybe you see one of the dossiers of one of the people involved and you're like, oh, I should interview this person. You can click another button or give give your Claude bot an instruction through your control panel to be like, I would like to interview this person. And it takes that flag and maybe it goes and runs a process next heartbeat to find the contact information. Maybe it reaches out and contacts them themselves because you've given it an email address. So those are those are some case studies for how you can use it.

Speaker 1: Okay.

Speaker 2: If you're if you listen to other podcasts, maybe you listen to the all in podcast, Bunch of billionaire tech guys have the podcast. Pretty good listen, pretty right wing, but, you know, they have a pretty pretty good and unique perspective on what's going on just given their access, you know, where they are in the casts of America. And, Jordan's rolling his eyes right now. But, No.

Speaker 1: I'm just I I'm honestly not. I'm I'm laughing. I'm not rolling my eyes. Those are different.

Speaker 2: The, Jason, one of the one of the guys on the podcast, tech investor, media guy, he's, I think, kinda he's to my understanding, he's the person that kind of organizes the podcast. He comes from the media space. He's had media companies before, and this is kinda his project, the All In podcast. The other guys are more like guests on it. His media company, he talks about it on the All In podcast about how they've taken and adapted and modified OpenClaw and essentially are fulfilling their entire production system, like, helping and facilitating their producers using OpenClaw. And, like, it automates a lot of the the processes, a lot of the research, a lot of the contact stuff. It's even booking investor or booking guests, booking things like that, all through Open Claw. But then they go one step further, and and he's been I can't remember what he called it. It's not Optimus, but it's not far from Optimus. But they've built themselves essentially a corporate agent, super agent. So they've given a a single instance of OpenClaw god level root access to the whole company, I everybody's emails. Everybody's.

Speaker 1: Now I'm rolling my eyes.

Speaker 2: Yeah. Read access to everybody's emails. They have their own local LLM, so it's not like it's all being sent to

Speaker 1: Got it.

Speaker 2: Open I AI or something. But they've given it access to everybody's emails, the entire Slack ecosystem, all of their Google Drive file shares, all of their Notion files. Like, it has access to the entire company's data systems. And what it what it's created is essentially a God agent that lives in Slack, and they can just Slack it and ask it any question. You know, hey. What's going on with the episode about this? And it knows because it's read everybody's emails. It's like, oh, actually, Josh just got an email back from that person at 11AM this morning. Hasn't replied yet, but it looks like it's gonna be good and confirmed for 2PM on Thursday. I think that is Right.

Speaker 1: It's like a central hub Yeah. For all. Like, there's there's weird questions of, like, should you be able to, ask a question of another coworker's email inbox? It's just like and I'm not even I don't know the answer to that. That's not a leading question. It's like, that would just be a cultural shift, but I could see the value of it.

Speaker 2: Yeah.

Speaker 1: And people already have admin access. That one's that one's tricky.

Speaker 2: I think we are we are in that region of time where we are figuring out what the culture shift is gonna look like. I think I think that what they've done and what they are setting up, you're gonna start seeing in more and more and more companies because it will just facilitate operations so much. Like, if there's no data communication disconnects between people and you can ask an all knowing agent that has every transcription of every meeting, has every project management update from the project management system, sees all the, asynchronous communication, be it Slack, be it email, be it, you know, WhatsApp channels for the company, whatever it is. I think we're gonna see that more and more and more. I think that's actually gonna be a major commercial product that you're gonna start seeing big players, you know, be it Anthropic, be it OpenAI, be it Microsoft start to build because it just facilitates communication at such a level that we've never seen before.

Speaker 1: Yeah. It's producing a level of like, I think we've known for a long time that a lot of the value in companies, and I'm not even talking about software companies, is in the, like, institutional knowledge and data that they're being generated and having, like, a central node that you can talk to. It's like, there's the privacy conversation, and there there's all that over here. But from a pure value and, like, utility perspective, I'm like, yeah. Seems really useful to be able to talk to the aggregate data that a company is producing. The market force on that is gonna be very powerful.

Speaker 2: Yeah. I think that the privacy thing for me is I feel like we've already had that conversation in the sense as a culture. Like, if you do things on your work computer You should assume it as much. Assume that the company is seeing it. That goes to communications as well. So I think that becomes the big tell right there.

Speaker 1: Yeah. It might in a weird way, it's re yeah. It's it's certainly making it easier. That's a really good point is that you should always we've talked about this on the show. Assume that if you were using your employer's computer or email address or messaging platforms that, like, the employer has access to it, this just centralizes it. It's like, oh, I'm not clicking around between your email and searching in Google versus searching in Slack to see if this thing happened here. It's like, well, I just talked to one chatbot.

Speaker 2: But it's also it's it's also a difference too between, you know, k. Maybe the chief information officer has access to it if they need

Speaker 1: to know. Now the intern can ask if you sent that email without you having to reply.

Speaker 2: Versus the entire company. Like but but there's also, like, a bit of, you know, Bentham's Panopticon accountability in there as well where it's like, hey, Jordan. Have you done this? It's like, I don't even need to ask Jordan.

Speaker 1: I can just ask the

Speaker 2: all knowing god to be like, hey, optimist or whatever this agents you know, whatever you're gonna call it. You know, what is the current status of this? Did Jordan get this task done? And it's like, no. Indications point to

Speaker 1: no. Indications point to no. There's been no messaging about it. It's so funny to just to harp on it for a second to I I have to assume it's not called Optimus because that's the name of the projected robot. Yeah. The Tesla robot. And it's just very funny to imagine that's what you're asking. Like, it's not actually a chatbot. It's just a guy using a computer, but the guy is a robot. I'd be like, this sucks. How did we get here? What what happened? Yeah. This is I wanna go back to something you brought up about, like, giving it access to all these different pieces of software. Mhmm. Because the relationship between like, when I think about a company like that developing their own system in house, it's a very new way of working. Previously, you would have gone out and looked for the piece of software that does each of these discrete tasks. You would have purchased it or signed up for a subscription for it. And the story that's been in the zeitgeist the last couple weeks and, like, the markets, frankly

Speaker 2: Totally.

Speaker 1: As we've seen from software stocks is is, like, what what becomes of SaaS in this world? There have been, really big hits to a bunch of software stocks driven by fears that, like, the fundamental business model is going to be upended by these AI tools. Stuff like Anthropic, letting you just have a plug in and work that reproduces what used to be a $100,000,000 companies, like, a core task. And that's the other side of this. It's like, what happens to all of those custom tools if everyone starts going, well, maybe we can build our own?

Speaker 2: I so I spent a number of my like, a number of years of my life as a chief information officer. Right? And which is like a weird role because you're essentially a hybrid between a finance and accounting person and a tech person. You're you're calculating, like, okay. We're gonna spend x million dollars on this software implementation, but the net present value of it is this because we're gonna see these gains and returns and rewards, and it's gonna facilitate communication, which is gonna prevent these problems from occurring again, etcetera, etcetera. So it's like this weird like, you're a risk mitigator using technology, but you have to show an economic case for it. So it's this weird all encompassing job. CIO. And I was having a chat with a friend of mine who's, like, a senior business analyst, works doing new software implementations and is working on a large one right now for a big government organization. And I essentially told him, you know, if I were a CIO right now, I think I would be I think it would be totally reasonable to put a hold on all major software implementation projects right now because the world and the face of software is going to change and is changing so so rapidly Mhmm. That spending $5,000,000 on a software, 10 or 15 or $50,000,000 on a software rollout today might be completely valueless in thirteen months from now.

Speaker 1: Sure.

Speaker 2: So the the collapse of the SaaS market, like, I totally get. Like, if you really think about what Salesforce is, Salesforce is a database with a bunch of what's called, like, CRUD, create, replace, update, delete, like, you know, pages that you can go to to enter a new customer information. You can update customer records. You can replace them. You can delete them. You know, it aggregate it's like a it's like a front end to a database. Think about it like that. Most SaaS products are just front ends to databases. The data layer is gonna remain. Like, one of the things that we're seeing in AI and people that are really getting on the OpenClaw, the Cloud cowork, is Notion, one of our sponsors, great company, love them, use their stuff, is essentially a visual database tool. Everything in Notion is like documents that go into a database or database records that become documents. AI loves that because it can create its own data schemas. It can put stuff in. It can read stuff. It can update stuff. It can delete stuff. And you can query the AI, and it knows how to connect into the database, get what it needs, and then brings you back the answer after it's processed it through an LLM. So I think long run, we still see the data layer. The SaaS layer that we currently interact with will significantly disintegrate, and that'll be released with an agentic interface layer. And then the way that we communicate with that data will go through the agentic layer. What that looks like, there will still be SaaS products on top of that agentic layer, better ones to render the information we wanna see in in the ways we wanna see it, all of those things. But in reality, data, agents, humans. That's the way that I see it.

Speaker 1: Barring the kinds of CIOs and, like, people that want to maintain these systems, that sort of sounds less like like how do I put this? When I think of anthropic operating a plug in layer on top of a database, like operating both agents and a plug in layer on top of it as a suite of software that they sell as a service, to say that this is the death of software as a service is like that's one way of putting it. But what it seems to me is like it's a land grab from a new suite of software as a service providers approaching the problem in a different way that is maybe more adaptable than the preexisting set of software as a service providers. They all go there's this one specialized thing we do, and we do it extraordinarily well in this new way of approaching software is, like, it's a little bit more flexible. We can actually make one tool that addresses many of these problems. But you're still fundamentally, in most businesses, not gonna have a person that's an open claw nerd that wants to run this all locally and do it themselves. You're probably still gonna go to a company that does this and packages it up in a slick, chill, nice way for you to implement.

Speaker 2: Yeah.

Speaker 1: I think, at least at this point, 13, who knows? But I think that that that's probably where it's all gonna shake out to.

Speaker 2: Yes. You're you're not wrong. Yeah. I think the the interesting thing in the in the short term is gonna be seeing how the big players react.

Speaker 1: Yeah. Right. Like More of a market question than a tech one.

Speaker 2: Totally. Yeah. Yeah. So seeing seeing how Salesforce adapts, seeing how Microsoft adapts, like, I think the the companies that I'm intrigued by and I wish were public is companies companies like Databricks. I don't know if you know who Databricks is, but they're like a big tech company that focuses explicitly on the data layers. And I think a company like that is postured perfectly for this new agentic world because they have the infrastructure to house and facilitate AI and agentic operations on massive data pools quickly and roll it out and scale it quite easily. And I think that as we see this shift occur from kind of a classic SaaS model to, I guess, what you would call, like, a facilitated agentic SaaS model,

Speaker 1: which

Speaker 2: is which you're you're right to point out that there still will be some form of software as a service. The data side, I think, is gonna be one of the biggest growing. Like, everybody's so focused on the power and the and the the chips. But to me, one of the investment pieces that I would really love to jump into, and please go public Databricks, is is the data side. I think there's a massive opportunity there. Because it because we still need to store the data in places where the agents can access it and access it quickly, that scales with infrastructure, that is speedy, that has key value stores, can run Redis, like, has all of this stuff. And there's certain companies that are better poised for that future than others. So I think it's gonna be really interesting to see how big players like Microsoft and Google respond. There has been also a lot of discussion about going from a software as a service model to a output as a service model. You know? So instead of you know, we use this platform to handle our lead generation, etcetera, it costs us $2.99 a month. Instead instead, we'll go to it and say, we need 50 leads for this style of business in this region, and it'll say, okay. A nickel. Yeah. Sure. Well, not even a nickel. It'll be $4 a lead.

Speaker 1: Yeah.

Speaker 2: You'll pay on a per output basis rather than in a on a monthly subscription basis. And I think that'll be that'll be something interesting to watch as we move from a from a monthly temporal billing to a, you know, utility based billing model.

Speaker 1: I, this is a tangent a little bit.

Speaker 4: Mhmm.

Speaker 1: But it's interesting to think about how I feel like the last fifteen years of technology has been companies developing gripes about the parts of their pipeline that they don't control. Meta's profound resentment that they aren't in control of the app store where their apps are delivered.

Speaker 2: Mhmm.

Speaker 1: And trying to build a metaverse of glasses to replace it. That kind of thing. And some of these people seem okay with. Netflix doesn't seem to have any gripes with the fact that they have to use Amazon Web Services to host their stuff. Some of them seem healthy and stable, and some of them are sources of profound resentment in the tech world. And when I think about these companies who are just by the sheer utility of these platforms, maybe, the theory goes, gonna be able to eat more of the software as a service model using this agentic architecture. Are they gonna view the data layer as an Amazon Web Services thing that they're like, we're fine with someone else fielding that? Or is anthropic gonna be like, I would sooner crawl through Glass than let someone else control where that data goes? Like, our top priority is getting you to give us that data because it makes it harder for you to leave. No. We want you to give us the data. That's how we stop you from going. It's why a lot of people don't leave Apple because all their photos are in iCloud. That kind of thing. Mhmm. To me, the data layer is the moat. If all the agents just work great, it's like where's your data as the moat.

Speaker 2: Totally. Totally. The the other thing too is I think there's a bit of extra hype right now around the death of SaaS Mhmm. Because agentic coding and agentic engineering has gotten so good. Like, you can one shot maybe not one shot. You can have a conversation with with Opus four point six on on Anthropic's platform. Talk about a product that you need, and it will help you spec it out to the point that it pumps out a full plan of what needs to be done. And then you can just walk over and give that to Claude Code or you can give it to OpenAI Codex, you can give it to whatever platform.

Speaker 1: Make it.

Speaker 2: You bet. And it will build it. But the reality is is is you then are responsible for maintaining it, which, again, the AIs will help with. So you don't need to become a technical expert or a, like, a staff engineer to do it, but it's still gonna eat up a lot of time. Yeah. And then you have to pay for the hosting, and maybe you've, like, maybe you're using authentication and database from Supabase, and maybe you're using Vercel for the front end. So now you've got 52 US dollars a month in hosting fees. So now you've created yourself a part time job Exactly. And you're paying $54 a month in hosting fees for something that you could have paid $19.99 for to a SaaS company.

Speaker 1: Thank you. Yes. It's like I'm work it's like you're working on a video game, and you go, we need to use Slack. But Slack costs money. But Slack's not that complicated, so we could vibe code our own version of Slack. But now you're not making a video game anymore. Totally. You're maintaining a worse version of Slack.

Speaker 2: Yes. What is the economic cost of this?

Speaker 1: And it's like, I don't think you've I think I totally see the utility of a lot of this, but when I go on x and every other post is like, this whole genre of thing is dead because you can make your own. It's like, unless the task you're trying to do is to replace that, no, you won't. That's a bad use of your time. Yes. And no amount of agentic heartbeats will make it easier to deploy your own version of Slack than just freaking using Slack.

Speaker 2: Well, so so funny enough, Peter Steinberg, the guy who made OpenClaw, just to tie this back in. Yeah. An open source project. Right? Like, just a just a general thing. Cool. Really cool. Thing. Built himself a little toy. People loved it. Became famous. Now he got hired aqua hired to OpenAI. He's gone. He's still looking for people to hand over control of the project for.

Speaker 1: You could say it worked.

Speaker 2: After after after it blew up, he was apparently on the hook for 12 to 20,000 US dollars a month in in ancillary costs related to having it blow up so well.

Speaker 1: And he a Flappy Bird situation.

Speaker 2: Yes. And he was he was paying it because, obviously, it was making him famous. But but, there there it is. You know? It's like they still have sunk cost. Like, there there's a there's a massive economic cost of doing anything on your own. That's, like, part of being the CIO or a CIO. Like, my number one recommendation when I was a CIO is everybody wants to build their own thing, and nobody should ever build their own thing.

Speaker 1: Like And now we are sure. And then look at the moment we're in right now.

Speaker 2: Exactly. And it's the same thing. It's

Speaker 1: That's funny.

Speaker 2: You can get 90% of the functionality that any enterprise needs for 10% of the cost.

Speaker 1: Yeah. Right.

Speaker 2: If you try to build your own thing, you're essentially committing to having a full time team forever working on your custom product, maintaining it, adding features, and so forth, modernizing it. And if you're not willing to make that commitment and, really, no company should, which is why companies like Microsoft and Sales Force exist because no company should wanna build their own internal Salesforce. Yeah.

Speaker 1: I'm curious. Yeah. I'm very curious where it all shakes out. It's like I'm trying to separate the fatigue of the discourse from the technology. It's like, what is actually useful and cool and relevant about this? What isn't? And what is just me being tired of the way it's talked about versus other people getting enraptured by the way it's talked about? It's like, what is your relationship to the tech versus your relationship to the way it's talked about?

Speaker 2: Mhmm.

Speaker 1: And I know that I'm just sort of exhausted by the, like, if you're in this trillion dollar industry, you're cooked. In six months, it'll be bad. It's like, stop. Just stop. The the the accuracy rate is at, like, 0% right now if you're rounding the one. Like, it's it it's always not all these things still exist. I'm talking to you in a browser that existed five years ago. I'm talking to you over here in a piece of software that existed five years ago. The old world persists. The question is not whether this new thing is gonna kill all of it. It's about how it's gonna change it and bend it and warp it in strange, interesting new ways. Yeah.

Speaker 2: And I and that's the thing. It's like tools evolve. Right? Yeah. And and you need to look at AI as a tool. And the real reality is is I'm somebody that's been bending AI in pretty strong ways to make it be better than it should than it normally is. Yeah. There you go. Yeah. And it is it is a job just to do that. But the but the thing is is it still needs human oversight. It still needs expertise and evaluation and analysis and verification by humans. You know, maybe one day, the agents will be so good that they can cross verify each other. But for right now, it's we're so far from it. And, actually, that that brings up another point. I was talking to some other friends that still have, you know, high level IT jobs in big companies. Because you and I are talking about it and a bunch of, like, tech guys on x are into it and thinking about automating it and billionaires that have media companies that are, you know, fascinated with tech or looking at ways to to leverage it. They're not a massive old company or somebody that has labor and trade unions internally. Like, those companies companies nowadays, like, most big companies that I see into, they might have Microsoft Copilot. Like, they might have the most watered down four year old version of an AI chat client built into their OS that they're allowed to use under enterprise IT policy. They are so far from we're replacing all of our data systems with agentic layers, and you will interact with natural language with a with a agent. So we're I don't know. I'm not a doomer, but, AI is getting better as we understand its shortcomings. I don't think the models are truly gonna get that much better. Like, we're we're in the we're in the era. Yeah. We're in the curve. Exactly.

Speaker 1: Yeah.

Speaker 2: We're we're seeing reduced, innovation in them, but we're really figuring out what to wrap around the models to make

Speaker 1: the models

Speaker 2: yeah. The scaffolding and the harnesses to make them the best that they can be.

Speaker 1: It's a humbling moment, I think, for the technology because it's like when I hear you describe it, it's like the AI and these agentic systems, they still require maintenance. They still require people working on them. And I'm like, it sounds conspicuous like you're describing software. Like just normal bog standard software. It's like, yeah. Someone had to make it. They had to test it. It was broken. They had to fix it. New stuff breaks. You come up with a new idea. You implement it. It broke something else. It's like, yeah. Software.

Speaker 2: Software.

Speaker 1: It's software. It's good software. It's powerful software. It got better in some great new ways. There's new utility for it. Cool, heard, interesting place for software to go. I don't know.

Speaker 2: Well, it's it's like the we talked about it before, but it's like our generation under and even above us kinda came up and lived through the technological revolution. Right? You know, we've Yeah. We we had the Internet. We had computers. You know? When computers came out, you know, Excel spreadsheets, people were like, oh my god. Every accountant's gonna go away. And it's

Speaker 1: like, no.

Speaker 2: They we just gave them better tools to do a better job, and be more verifiable and more accurate. And it's like, okay. Great. It's like, you know, we've kind of grown through this world of tool innovations. You know, we're in the curve. I will say that AI you know, this is the thing. You jump on x for twenty minutes, and you see people talking about how garbage it is, and you see people talking about how it's the new god. Like, there's the two camps. It's like it's neither of those. It's it's a really good powerful tool. And if you could figure out how to leverage it, you might be able to get a bit of your life back that we currently spend on administrative BS, on small technical things. Like, it's gonna upset a few a few industries probably significantly. Like, notably, software development's gonna have a pretty big heyday here because now we can go from Yeah.

Speaker 1: It got easier.

Speaker 2: It's really it's really a little easier. But it's really funny. Like, if you I'm gonna take a little digression here, but, like, you have a conversation with AI about a product you wanna make. It will build you a development plan based on real world timings. So it'll be like, oh, you know, setup of the environment's gonna take seven days. And then, you know, scaffolding out the project's gonna take another twelve day like, week or two weeks. Like, it'll it'll it'll show you the timeline for building the project that you're about to have it do in ten minutes.

Speaker 1: Oh, it's scheduling it on human time?

Speaker 2: Human time. Sure. So it'll be like, here you go. It's gonna take about six months to get a small working minimum viable product proof of concept. And you're like, okay. Cool. Thanks. And you literally take that exact MD file that it gives you and hand it to, like, OpenAI Codex and be like, build this. I'll be back in twenty minutes. And you come back in twenty minutes, and it's done the whole thing. And it's like, that is that is wildly powerful. I think there's gonna be some issues, especially with production code and, like, truthfully, like, building looms. So, like, I I agentically engineered Loom, which is a nice way of saying it's not vibe coded, but it took a lot of my time guiding it, fixing it, making it do things properly. Like, there were so many aspects of building it. Like, I was the engineer. It was the builder. That's a better way to think about it. You know, there's the the old software engineer was both the engineer and the builder. Now I'm just the engineer, and it's the builder. It's the construction team on the like, say we're building a commercial shopping center. I'm still the engineer, but now Claude CoWork or Claude Code and OpenAI Context, they're the construction team. So it's it's like a different metaphor for how it is. Software engineers will finally be engineers, not the engineers and the builders.

Speaker 1: If I question. If I come to your house with a wrench, can I steal it?

Speaker 2: You can go to github.com/ffw/loom and get it for free so you don't have to steal it.

Speaker 1: Good plug. K. $5 wrench attacks, the DJI robots, the open claw. Chatter. The the claws there are open. This was a fun one. Is there anything else we should get to before we wrap this bad boy up?

Speaker 2: Oh, I think there's about a 100 of the things we could talk about, seeing as we haven't had

Speaker 1: one of these in a while.

Speaker 2: Yeah. That's true. But I think we're already at, like, an hour and a half, so we should probably drop it, pick it up later. Maybe we do another chatty chat soon because there is so many

Speaker 1: things keep chatting chat.

Speaker 2: So many things to chat about.

Speaker 1: There's many, many things. But in the meantime, thank you all so much for listening. Thank you for coming on this little little adventure, and we will, as always, catch you in the next one.

Speaker 2: Take care.

Speaker 1: When I found out I was gonna be a parent, I immediately felt a lot of anxiety and worry. So I went on to BetterHelp to try to look for a therapist to help me with that.

Speaker 5: My relationship with my family and with my boyfriend and with myself were suffering. I really needed help. I was ruminating a lot. Really getting those thoughts out to a therapist and getting feedback was just life changing.

Speaker 1: Discover what BetterHelp online therapy can do for you. Visit betterhelp.com today.