PodcastsNewsThree Buddy Problem

Three Buddy Problem

Security Conversations
Three Buddy Problem
Latest episode

231 episodes

  • Three Buddy Problem

    Microsoft's Secret Weapon: The GDID That Caught 'Scattered Spider' Teen

    04/07/2026 | 1h 36 mins.
    (Presented by Thinkst Canary: Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their hand by touching ’em giving you the one alert, when it matters. With zero admin overhead and almost no false-positives, Canaries are deployed (and loved) on all 7 continents.)

    Three Buddy Problem - Episode 104: We discuss the return of Anthropic's Fable 5 from export-control suspension with guardrails so aggressive that spelling "exploit" gets you downgraded. Plus, a debate on AI frontier labs killing businesses at scale, and OpenAI offering equity to the US government.

    Also, buried on page nine of a 'Scattered Spider' arrest indictment: Microsoft's never-before-detailed GDID device identifier, a persistent Windows fingerprint with massive implications for OPSEC, privacy, and APT tracking.

    Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

    Timestamps:

    0:00 Cold open: Heat wave in Washington DC

    3:45 Fable 5 returns after the 15-day timeout

    5:21 "Refined classifiers" and the downgrade-to-Opus mess

    8:23 Codex vs. Claude: real-world malware analysis test

    12:41 Who are the guardrails for? Defenders locked out

    19:13 What even is a "jailbreak assessment framework"?

    21:37 Two theories: failed PR vs. killing a thousand startups

    24:59 Could the labs build kernels or a whole OS?

    31:38 Bureaucracy is the moat

    36:09 Can AI actually run an attack? (Spoiler: 14 detections)

    47:01 OpenAI offers the US government a 5% stake

    58:16 Scattered Spider arrest and Microsoft's GDID revelation

    1:12:02 OPSEC fallout: how APT groups adapt to device telemetry

    1:27:18 UFO update, shout-outs from Seoul
  • Three Buddy Problem

    US Gov Takes the Wheel: Who Gets to Use the Best AI?

    29/06/2026 | 1h 53 mins.
    (Presented by Thinkst Canary: Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their hand by touching ’em giving you the one alert, when it matters. With zero admin overhead and almost no false-positives, Canaries are deployed (and loved) on all 7 continents.)

    Three Buddy Problem - Episode 103: We dive into the U.S. government's takeover of frontier-model rollouts (Mythos, Fable, and OpenAI's Sol/Terra/Luna) and what it means when intelligence gets commoditized but access gets rationed.

    Plus, Costin's all-Chinese open-weight stack, the economics of burning tokens, a fresh Salesforce OAuth breach, and jellyfish UFOs over Iran.

    Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

    Timestamps:

    0:00 — Introductory banter, Thinkst Canary sponsorship

    2:55 — Why threat intel analysts are built for the AI moment

    11:09 — Government takes the wheel: Mythos, Fable & the frontier labs

    16:15 — Did the government go too far/not far enough?

    25:42 — Anthropic's "best PR campaign in history"

    31:52 — Alibaba, distillation & the model-router cartel

    40:58 — Costin's stack: Chinese open-weight models & token economics

    46:12 — Dumping, evals & the real work of AI engineering

    1:04:32 — Soft power: how the world gets pushed toward China

    1:14:43 — "The bullshit": over-refusal & the Opus 4.8 regression

    1:32:03 — The trillion-dollar IPO endgame

    1:35:49 — The Klue OAuth breach and secure-by-default

    1:45:32 — Shout-outs: UAP jellyfish, LABScon 2026
  • Three Buddy Problem

    Katie Moussouris on the Anthropic Export-Control Mess

    19/06/2026 | 1h 38 mins.
    (Presented by TLPBLACK: A cybersecurity intelligence platform focused on sharing curated, high-sensitivity threat insights and research with trusted security professionals.)

    Three Buddy Problem - Episode 102: Software export controls expert Katie Moussouris joins the show to unpack the US government's abrupt move to suspend access to Anthropic's most powerful models over a so-called "jailbreak" that, on reading the paper, turned out to be a model doing exactly what defenders are supposed to do.

    We dig into the export-control chaos, the chemical-weapons framing of cybersecurity, the China question, and why Microsoft just resurrected a disclosure term the industry buried fifteen years ago.

    Cast: Katie Moussouris, Juan Andres Guerrero-Saade and Ryan Naraine. Costin is traveling.

    Timestamps:

    0:00 - Introductory banter

    1:00 - Export Controls: Fable 5 and Mythos 5 suspended

    3:40 - The Anthropic–USG relationship and USG’s surveillance claim

    9:40 - Self-owns, doomsday cults, and why the guardrails are "so broad"

    12:42 - What the Amazon paper actually says ("fix this code")

    20:33 - The chemical-weapons framing problem

    23:39 - The China question and the SK Telecom angle

    41:17 - Why hasn't the paper been published?

    57:01 - "Free Fable": are Chinese models only months behind?

    1:00:13 - The unforgiving internet and the security poverty line

    1:11:18 - Microsoft brings back "responsible disclosure" (and threatens researchers)

    1:29:04 - Luta Security, the AI bug flood, and shout-outs
  • Three Buddy Problem

    Mythos, Fable, and Anthropic's Big Trust Problem

    12/06/2026 | 1h 59 mins.
    (Presented by TLPBLACK: A cybersecurity intelligence platform focused on sharing curated, high-sensitivity threat insights and research with trusted security professionals.)

    Three Buddy Problem - Episode 101: We discuss Anthropic's Mythos 5 and Claude Fable 5 release and the bombshell that the company was silently downgrading paid users' results, sparking a heated debate over guardrails, gatekeeping, and whether elite AI reasoning is becoming a privilege for the few.

    Plus, AI-generated N-day exploits killing the patch window, a record-shattering Patch Tuesday, Meta's latest court filing against spyware maker NSO Group, the return of cyber paleontology, and a detour into the new government UFO drops.

    Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

    Timestamps:

    0:00 - Introductory banter

    3:22 - The Mythos 5 / Claude Fable 5 release

    14:42 - Anthropic’s silent downgrade trust problem

    26:18 - Anti-competitive behavior & the AV "stealing detection" parallel

    32:29 - Distillation, China & the real motive

    38:04 - "Too dangerous to release" & gatekeeping vs. guardrailing

    45:53 - Is Mythos a threat to malware-analysis startups?

    48:20 - Dario's AI regulation essay

    56:48 - N-day exploits and death of the patch window

    1:07:18 - Patch Tuesday and 10x vulnerability surge

    1:10:34 - Meta catches NSO Group

    1:14:45 - Cyber paleontology, Shadow Brokers leaks

    1:28:29 - Moonlight Maze and learning from history

    1:34:22 - UFOs, UAPs and Disclosure Day
  • Three Buddy Problem

    Fast16, Fanny, and Stuxnet: Cyber Paleontology Redux

    05/06/2026 | 2h 24 mins.
    (Presented by TLPBLACK: A cybersecurity intelligence platform focused on sharing curated, high-sensitivity threat insights and research with trusted security professionals.)

    Three Buddy Problem - Episode 100: We cover AI eating reverse engineering, the death of the malware report, running local models on the DGX Spark, where Google DeepMind stands, and whether the frontier labs will stay in cybersecurity.

    Plus, more on Anthropic's Mythos rollout and the thinly sourced Anthropic-NSA reports, the Fast16 sabotage of physics calculations, what researchers choose not to publish, Microsoft's bad Black Hat email, and Costin's Friday UFO files.

    Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

    Timestamps:

    0:00 - JAGS at InfoSecurity Europe

    3:40 - Sponsor: TLPBLACK

    5:54 - A roadmap for security after the AI revolution

    11:01 - Stripe Atlas and how easy it is to start a company

    15:00 - If anyone could reverse engineer anything for $5

    19:49 - Layoffs at Google's Threat Intelligence Group

    21:06 - The death of reading the report

    27:53 - Pitting the AI models against each other

    32:07 - Grok, local models, and the DGX Spark

    39:27 - Where is Google DeepMind?

    45:29 - Will the frontier labs stay in cybersecurity?

    52:41 - Mythos, Project Glasswing, and the NSA deal

    1:16:33 - FAST16, Stuxnet, and sabotaging Iran's bomb

    1:57:52 - Microsoft, Black Hat, and the chilling effect

    2:14:14 - Shout-outs, UFO files, and 100 episodes
More News podcasts
About Three Buddy Problem
The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. Connect with Ryan on Twitter (Open DMs).
Podcast website

Listen to Three Buddy Problem, The Karl Stefanovic Show and many other podcasts from around the world with the radio.net app

Get the free radio.net app

  • Stations and podcasts to bookmark
  • Stream via Wi-Fi or Bluetooth
  • Supports Carplay & Android Auto
  • Many other app features