Easy Prey

• Reclaiming the Internet

  We may not always understand the evolution of the internet and how tech monopolies exist, but having digital freedom fighters is vital to making conscious change. Today's guest is Cory Doctorow. Cory is a science fiction author, activist, and journalist. He is the author of many books and most recently, Picks and Shovels, The Bezel, and The Lost Cause, a solar punk science fiction novel of hope amidst the climate change emergency.  His most recent nonfiction book is the internet con How to Seize the Means of Corruption, a big tech disassembly manual. Other recent books include Red Team Blues, a science fiction crime thriller. In 2020, he was inducted into the Canadian Science Fiction and Fantasy Hall of Fame Cory talks about the slow decline of online platforms and has spent decades fighting for digital rights, fair tech policy and a better, freer internet. His work spans peer to peer networks to antitrust reform and his books—fiction and nonfiction—have become battle cries for tech reformers and digital freedom fighters around the world. In this episode we talk about how we got here, what Cory sees as the most urgent threats to digital freedom and the small cracks in the system that might finally let the light back in. From jailbreaking laws and app store monopolies to what comes after big tech’s dominance, Cory shares a roadmap for reclaiming the internet—not just as consumers but as citizens. Show Notes: [00:59] Cory shares his background. He's a science fiction novelist, activist, and journalist. He worked with the Electronic Frontier Foundation for over 23 years. [01:20] Cory has written more than 30 books. Most of them are science fiction novels. He's also co-owner and was co-editor for 19 years for the blog Boing Boing. [02:43] Being born in 1971 with a computer scientist father meant they had teletype terminals in the house. [04:01] Cory shares his interesting and pioneering internet and tech history. [05:17] We learn about the origins of Cory's love for science fiction. [07:21] Cory shares a story about how he was mentored by Judy Merril. [09:08] Cory talks about the internet and the changes we've seen from modems and memory cards to FidoNet to now.  [15:09] Currently, he's as worried about the internet as he is excited about its potential. [16:13] He's concerned about the internet becoming a powerful tool of surveillance and control. [18:46] Possible paths forward or hill climbing and reevaluating.  [22:00] We discuss why printer ink is $10,000 a gallon. It's about laws protecting big tech. [29:45] The hopeful optimistic view of the internet. We're close to making positive changes. [32:31] Advice for consumers is to be a citizen.  [34:16] Cory talks about the Electronic Frontier Alliance or EFA. [45:30] Talking about Cory's books and art.  [46:31] He says he writes when he's anxious. He talks about his book Red Team Blues. He wrote the last book first and realized that you can write in any order. [49:01] Bizarre early computers and the storyline of the new.  Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Cory Doctorow - Pluralistic Cory Doctorow’s Craphound Books by Cory Doctorow Cory Doctorow - Electronic Frontier Foundation Boing Boing Cory Doctorow - X

  --------  

  53:01
• Security Gaps Hackers Exploit

  Scammers aren’t just phishing your inbox anymore—they’re impersonating your voice, your face, and even your coworkers. Deep fakes and social engineering have moved beyond clever tricks and become powerful tools that bad actors are using to infiltrate businesses, breach accounts, and dismantle trust at scale. What used to take a hacker hours and expensive tools can now be done in minutes by anyone with a Wi-Fi connection and a little malicious intent. Our guest today is Aaron Painter, CEO of Nametag, a company leading the charge in next-generation identity verification. Aaron’s background includes 14 years at Microsoft and executive roles in cloud tech across Europe and Asia. After witnessing firsthand how easily identity theft could unravel lives—especially during the shift to remote everything—he founded Nametag to answer a critical question: how can we know who’s really behind the screen? With Nametag, Aaron is building real-time, high-security ID checks that are already reshaping how help desks and businesses protect users. In this conversation, we unpack the difference between authentication and identity, why traditional methods like security questions are dangerously outdated, and how mobile tech and biometrics are changing the game. Aaron also shares practical tips on protecting your most valuable digital asset—your email—and what consumers and companies alike can do to stay ahead of evolving threats. This one’s packed with insight, and more relevant than ever. Show Notes: [00:54] Aaron is the CEO of Nametag. A company he started 5 years ago that focuses on identity verification at high-risk moments. [01:37] He spent 14 years at Microsoft working on product including at Microsoft China. He also ran a cloud computing company that was AWS's largest partner in Europe. [02:12] When everything went remote in 2020, he discovered that there were identity verification issues over phone lines. [03:03] He began building technology that will help accurately identify people when they call in to support or help desks. [04:22] Most of what we think of as identity is really just authentication. [07:41] A common new challenge is the rise of remote work and people having to connect remotely. The rise of technologies that make it easier to impersonate someone is also a problem. [10:38] Knowing who you hire and who you're working with matters. [11:03] Deep fakes and voice cloning has become so much easier.  [15:47] How platforms have a responsibility to know their users. [18:11] How deep fakes  are being exploited in the corporate world. [19:30] The vulnerability is often the human processes. Back doors and side doors are deleting ways that companies are breached. [23:53] High value accounts and companies that know they have something to protect our early adopters of Aaron's technology. [24:50] Identity verification methods including using mobile phones. The device has cryptography. [27:07] Behavioral biometrics include the way we walk or the way we type. [29:56] If you're working with a company that offers additional security tools, take them up on it. [34:04] Dating sites are starting to do verification profiles. [43:07] We all need to push for more secure ways to protect our accounts. [43:48] The importance of protecting your email. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Aaron Painter - LinkedIn Nametag Aaron Painter - Facebook LOYAL: A Leader's Guide to Winning Customer and Employee Loyalty

  --------  

  51:03
• Cyber Warfare

  Cyber warfare is no longer something that happens behind closed doors or in some far-off digital corner. It's happening now—and reshaping the rules of conflict in real time. Drone strikes controlled by apps, ransomware attacks on hospitals—today's battleground is just as likely to be online as on the ground. That science fiction scenario is now a critical, constant threat-the kind that affects us all globally. I'm really excited to introduce you to Dr. Chase Cunningham. He's a retired Navy chief cryptologist with a wealth of experience in cyber operations for the NSA, CIA, FBI—and more. He's the one who pioneered zero-trust security strategies and advises top decision-makers in government and private industry. That gives him a front-row seat to how digital warfare is evolving—and what that means for all of us. He's also the author of Cyber Warfare and the gAbriel Series, where his real-world expertise comes to life in stories that are chillingly plausible. We talk about how cyber conflict is already playing out in Ukraine, how different threat actors operate—and why critical infrastructure is such a tempting target. Chase shares practical advice on what individuals and small businesses can do to better protect themselves. We also look at what governments are doing to defend against these growing threats. That conversation is eye-opening-and urgent. You won't want to miss it. Show Notes: [01:21] Chase is a retired Navy Chief and a cryptologist. He also worked at the NSA. He also put Zero Trust in the formal practice at Forrester research. [03:24] We learn how Chase got involved with computer work and cryptology. [05:29] We're seeing cyber war play out in real time with Russia and Ukraine. [07:13] We talk about the future of war and drones. [08:31] Cyber warfare is just the natural evolution of conflict in the digital space. It's the bridge between espionage and kinetic activity. [09:40] Chase talks about the different actors in the cyber warfare space and their primary targets. [12:05] Critical infrastructure includes oil and gas, piping, water systems, healthcare, and even schools. [14:12] Some of the unique issues with dealing with the attacks from cyber criminals. [19:20] How the CCP plays 3D chess. [22:26] Reducing risk and protecting ourselves includes following best practices.  [25:10] What the government is doing to try to mitigate cyber risk. [27:23] Chasing money and finding cyber crime. [32:04] A lot of valuable assets are being developed in the context of war. [35:06] Chase talks about some of the things he covers in his book.  Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Chase Cunningham - Dr. Zero Trust Dr. Chase Cunningham - LinkedIn Cyber Warfare – Truth, Tactics, and Strategies gAbrIel: A Novel in the gAbrIel Series Unrestricted Warfare: China's Master Plan to Destroy America

  --------  

  37:25
• DDoS Attacks

  Scammers are getting smarter, understanding the psychology behind social engineering and the challenges companies face every day can help keep networks secure. This episode will show how to anticipate these threats and secure networks against ever-changing vulnerabilities. We’ll focus on practical, real-world solutions to protect data and trust. Dr. Jared Smith joins us to share his insights from his role leading research and development at SecurityScorecard. He also co-founded UnCat, a B2B accounting technology company serving thousands of customers and teaches as an adjunct professor at the University of Tennessee, Knoxville and NYU. His experience shows why social engineering is so effective and how companies can adapt to a world where attackers are always refining their techniques. This episode shows how even small oversights or minor issues can lead to big breaches. Dr. Smith shares concrete steps to strengthen defenses, and why we need both technical solutions and employee awareness. By looking at the psychology behind the attacks, he’ll show that staying one step ahead depends on using smart security tools and a culture that recognizes vigilance at every level. Show Notes: [01:19] Jared is a distinguished thought researcher at SecurityScorecard. He's built systems and helps vendors monitor and secure their networks. He also has a PHD in computer science. He focuses on Border Gateway Protocol or BGP.  [02:16] He was also a high clearance government national security researcher. [03:02] Jared shares a story about how sophisticated phishing scams are becoming. [08:43] How large language models are making more sophisticated social engineering possible. [10:26] The importance of thinking about cybersecurity needed in the next 10 years. [11:02] BGP is like the plumbing of the internet. BGP poisoning breaks the typical internet traffic route. It's very nuanced traffic engineering that uses the Border Gateway Protocol. [13:34] BGP is also useful when you have multiple internet connections and one goes down. [14:20] The most sophisticated DDoS works are called link flooding attacks, where they identify links that have a certain amount of bandwidth, and they flood that specific border gateway protocol link, effectively segmenting the internet in those places. [15:39] Managing DDOS attacks and where the traffic comes from. [16:02] Being aware of botnets, because they are what's rented out or being used for these attacks. [17:32] Lizard Squad launched DDoS as a service.  [21:00] Attackers try to get the actual IP addresses from behind a CDN. [23:41] How AWS has the ability to manage large amounts of traffic. [25:24] There are some DDoS that just require sending enough traffic to fill up the buffers on the other side of the application. [28:15] The size of a botnet for DDoS to take down a big network like X. We explore potential paths for these attacks. [32:21] We talk about the uptick on attacks during tax season. A large accounting firm with a lot of clients could be spoofed. [36:50] The predominant attacks are coming from organized cybercrime groups and ransomware groups. [45:40] The vast majority of large networks taken out are usually a result of user error. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Jared M. Smith Dr. Jared Smith - SecurityScorecard Dr. Jared Smith - LinkedIn Uncat Evasive AI Jared Smith - X

  --------  

  49:46
• Safe AI Implementation

  Red models associated with AI technologies highlight real-world vulnerabilities and the importance of proactive security measures. It is vital to educate users about how to explore the challenges and keep AI systems secure. Today’s guest is Dr. Aditya Sood. Dr. Sood is the VP of Security Engineering and AI Strategy at Aryaka and is a security practitioner, researcher, and consultant with more than 16 years of experience. He obtained his PhD in computer science from Michigan State University and has authored several papers for various magazines and journals. In this conversation, he will shed light on AI-driven threats, supply chain risks, and practical ways organizations can stay protected in an ever-changing environment. Get ready to learn how the latest innovations and evolving attack surfaces affect everyone from large companies to everyday users, and why a proactive mindset is key to staying ahead. Show Notes: [01:02] Dr. Sood has been working in the security industry for the last 17 years. He has a PhD from Michigan State University. Prior to Aryaka, he was a Senior Director of Threat Research and Security Strategy for the Office of the CTO at F5. [02:57] We discuss how security issues with AI are on the rise because of the recent popularity and increased use of AI. [04:18] The large amounts of data are convoluting how things are understood, the complexity is rising, and the threat model is changing. [05:14] We talk about the different AI attacks that are being encountered and how AI can be used to defend against these attacks. [06:00] Pre-trained models can contain vulnerabilities. [07:01] AI drift or model or concept drift is when data in the training sets is not updated. The data can be used in a different way. AI hallucinations also can create false output. [08:46] Dr. Sood explains several types of attacks that malicious actors are using. [10:07] Prompt injections are also a risk. [12:13] We learn about the injection mapping strategy. [13:54] We discuss the possibilities of using AI as a tool to bypass its own guardrails. [15:18] It's an arms race using AI to attack Ai and using AI to secure AI. [16:01] We discuss AI workload analysis. This helps to understand the way AI processes. This helps see the authorization boundary and the security controls that need to be enforced. [17:48] Being aware of the shadow AI running in the background. [19:38] Challenges around corporations having the right security people in place to understand and fight vulnerabilities. [20:55] There is risk with the data going to the cloud through the LLM interface. [21:47] Dr. Sood breaks down the concept of shadow AI. [23:50] There are also risks for consumers using AI. [29:39] The concept of Black Box AI models and bias being built into the particular AI. [33:45] The issue of the ground set of truth and how the models are trained. [37:09] It's a balancing act when thinking about the ground set of truth for data. [39:08] Dr. Sood shares an example from when he was researching for his book. [39:51] Using the push and pretend technique to trick AI into bypassing guardrails. [42:51] We talk about the dangers of using APIs that aren't secure. [43:58] The importance of understanding the entire AI ecosystem. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Aditya K Sood Aditya K Sood - LinkedIn Aditya K Sood - X Aryaka COMBATING CYBERATTACKS TARGETING THE AI ECOSYSTEM: Assessing Threats, Risks, and Vulnerabilities Empirical Cloud Security: Practical Intelligence to Evaluate Risks and Attacks Empirical Cloud Security: Practical Intelligence to Evaluate Risks and Attacks

  --------  

  46:47

Mais podcasts de Crimes verdadeiros

Podcasts em tendência em Crimes verdadeiros

Sobre Easy Prey

Easy Prey: Podcast do grupo