HA

Hard Fork

The New York Times

Final Stories and Closing Thoughts

From A.I. Safety Is So Back + Mythos Mayhem with Nikesh Arora + Hot Mess ExpressMay 15, 2026

Excerpt from Hard Fork

A.I. Safety Is So Back + Mythos Mayhem with Nikesh Arora + Hot Mess ExpressMay 15, 2026 — starts at 0:00

Picture this. A curve in the road. A change in plans. Well, what do you say? With the all-new Audi Q3, the answer is always yes . Yes to adventure. Yes to escape yes to performance yes to comfort yes to right now because saying yes without hesitation that's real luxury the all new Audi Q3 made for the Yes Life . Casey, will you record my audio book for me? Yes, I would love to actually. Okay, thanks. Yeah, because I got the briefing yesterday on what this would entail for me. Mm-hmm. Uh they want thirty-six hours in the studio to record this audiobook. That's wait, hold on. Eight, sixteen, twenty four. That's over four days worth. That's four and a half days of recording. That's like almost a full week. I know. Oh my God. I know. But apparently people have, you know, a connection to us because of our voices, so they didn't want me using like an AI clone to do it. It makes it you know what? I really think that there there would be a case that I should do this because it would force me to read your book. You know what I mean? Like put me like then I really can't get out of it. Like I'm on the hook to read this thing for real. And uh so that might be the best way to do it. You can insert your little like snotty wise cracks if you want. Like Yeah, a little a little extra commentary on the side. Like, oh I see we're using that transition again. Hmm . Oh boy, he really ended this whole thing with time will tell. I um I would have suggested a different direction. Was this book edited? No wait, now I kind of actually want you to do it. I'm Kevin Roos, a tech columnist at the New York Times. I'm Casey Newton from Platformer. And this is hard for it. This week is AI safety back. The Trump administration seems to be changing its tune. Then Palo Alto Network CEO Nikesh Aurora joins us to discuss what's real and what's hype in the freak out over Claude Mythos. And finally, the train has returned to the station. It's the Hot Mess Express. Buckle up. People don't typically buckle a seatbelt on a This is a very safe train. Well the big news this week is that President Trump headed to China with a cohort of American business executives to have a series of meetings about Chinese trade policy and AI and other things with Xi Jinping and other leading Chinese officials. Now is it true when they walked off the plane, a bunch of H-100s fell out of the leg of Jensen Wong's pants ? I haven't heard that confirmed, but I'll look into it. Thank you. I want to talk about this, but less through the lens of like sort of President Trump and United States trade policy than through this sort of larger shift that I think we've both observed over the past week or so, which is that after several years of kind of dismissing AI safety and uh doomer fear mongering about AI, the Trump administration, or at least parts of the Trump administration, seem to be getting quite scared about what's happening. Yes, and while this is something that I think was honestly inevitable , it still has been jarring to see it happen because it seems like this administration has really turned on a dime when it comes to this subject. Yeah. So let's talk about what's been going on and some of the data points that support the idea that the Trump administration is sort of changing its AI posture, at least has several different AI postures that it's considering. But first, let's do our AI disclosures. I work for the New York Times, which is suing open AI, Microsoft, and Perplexity. And my fiancé works at anthropic. So first there was this executive order or rumored executive order uh that my colleagues at the New York Times reported on last week. This would be a new executive order to create an AI working group that would bring together tech executives and government officials to potentially come up with new ways of overseeing or regulating AI. One of the potential plans being discussed is a formal government review process for new AI models before they are released. So this is still ongoing. We still don't know exactly what the executive order will or won't include, uh, but we are expecting more news on that. Yes, and the reason that is notable, Kevin, is that on President Trump's first day in office in his second term, he canceled President Biden's executive order on AI, which among other things included this a very similar kind of review process for new frontier AI models, right? Like the Biden people were very confident that we would one day get models that could be used to commit great harm. And so they wanted to uh get a handle on that before those models were released. And when Biden did that, uh, many Republicans were saying, this is anti-innovation, you're gonna make us lose to China. Well, well, well. Now the shoe is on the other foot, and they're saying, hey, slow down, uh, don't release those things quite so fast. It's so remarkable how fast the Overton window has shifted on this idea. I mean, as you just said, like during the Biden administration, during the SB 1047 fight here in California over this proposed AI bill. People in tech and on the tech right and sort of among the more libertarian crowd were incensed about the idea that the government might ask them to do pre-release testing of their models that they then submit the results of to the government. They called this, you know, communist. They got they were they were sort of implying this would be kind of the end of free enterprise as we know it . And now just a couple of years later, they are reportedly considering doing something similar. So what do you think happened here? Well, I think that basically, um, it to use a phrase you sometimes like to use, like the Trump administration's view of AI just did not survive contact with reality, right? And that in a word, what has changed here is mythos, the model that Anthropic now has released in a preview to a very small group that includes now many federal agencies. This model is very good apparently at finding novel vulnerabilities in code that can be used to create exploits. And that appears to be true across many, many, many programs. And so the administration , I think, took a look at this and the serious people over there said, look, you know, what whatever your your views may be about, you know, free trade and the threat of losing to China, like we have a model right now that if it were just sort of unleashed on the public, could just create vast amounts of harm. And I think to their credit, the Trump administration said, okay, then what would be a policy to prevent harm from happening? Yeah, Smithos is the proximate cause here for a lot of this, but I think it's also worth talking about the various factions within the Trump administration that appear to be battling over control of this new AI regulatory push. There appears to be a turf for breaking out between the Center for AI Standards and Innovation, or Casey. Shout out to Casey. Uh, which is formerly known as the US AI Safety Institute. This was a group within the commerce department that was set up under the Biden administration. The Trump administration came in and basically they didn't like that this was, you know, they what they considered sort of a bunch of doomers. So they sort of made some changes, including to the name. But this is a group of AI researchers and safety experts who work in the commerce department who want to be involved in vetting new models. And there is just something so funny about these people coming in and saying AI safety is such a stupid idea that we have to remove safety from the name of this institute and then one year later be like, um, well, AI safety is really going to be a focus for us from now on. Yeah. So there are some people who believe that the vetting uh of frontier models should take place like in the intelligence community, among like the NSA and various other organizations. So there's some turf war there. There's also just like this interesting kind of posture war over like whether the kind of let it rip approach to AI development, uh, or as former AI czar David Sachs uh put it, the let them cook philosophy of laissez-faire regulation and this more sort of hawkish safety oriented faction within the Republican Party that does see these models as a big threat and wants to take steps to reel them in. Right. So do do we know at this point, who seems to be winning that battle and do you think it matters to the average person which side gains the upper hand? I do. I think there's obviously going to be some back and forth. We'll see when this executive order comes out. Like what they do about the the testing requirements and where they locate that if it's like we're going to let the NSA do this or we're going to let Casey do this. I think that all might matter a little bit, but I think the the general posture of the administration changing from AI safety is ridiculous and these doomers are using hyped up fears to enact regulatory capture is very different from what we are seeing now, which is, oh, wait, these models are very powerful and we don't want our adversaries to get access to them. But we should also say it is entirely confused and incoherent right now at the level of the federal government. Because on one level, you have President Trump inviting Jensen Huang of NVIDIA onto Air Force One to fly with him to China to try to make a deal to presumably like open up the export of NVIDIA's most powerful AI chips to China, while at the same time you have other high-ranking government officials saying we need to institute some kind of safety regime because these models are potentially very dangerous. Yes. And nowhere is that schism more apparent than in the Pentagon, Kevin, where on one hand, the Pentagon has designated anthropic as a supply chain risk because it refused to amend its contract to enable any quote lawful use of its technology, as we talked about on the show for a few months. That designation, the Pentagon is still arguing for in court. But at the same time, we learned that this week, during the period where the Pentagon is supposed to be unwinding all of Anthropic's technology from the Pentagon. The Pentagon is also implementing Mythos and using it to try to scan for vulnerabilities. It's truly wild. I I want to be in the meeting where the person who has to remove Anthropic from the Pentagon sits down with the person who's installing Anthropic i in into the Pentagon and just sort of uh he hear what those talks are like. Yeah. So aside from the obvious sort of incoherence and maybe hypocrisy of these conflicting positions. Like which side do you think is going to come out on top here? Well, obviously I'm always gonna side with KC. Uh you know, Casey is a great agency, uh gre,at people over there. And I mean, honestly, like they they were just set up to do this exact thing, right? Like when it was established under President Biden, the idea was these models are getting better. Pretty soon they're gonna be dangerous. We need to have a way of evaluating them before they are released. And frankly, they've just sort of like hired a lot of people who I think ordinarily might not work in a Trump administration, but felt like this is so important that I'm gonna swallow hard and go over there and try to , you know, serve my country by protecting us from the worst things that AI can do. And so to me, like that seems like they would be very well set up to do this kind of work. Where I think we still just have an obvious gap though, Kevin, is it's not entirely clear to me what is supposed to happen in the case when a company like anthropic comes up with a model that is too dangerous to release in the view of something like Casey, but wants to release it anyway. And I assume we are just going to get there, like sometime within the next six months, one of these companies is gonna say, Yeah, it's risky, but you know, we we think it's sort of fine to put out there. We have like business imperatives, we're gonna talk ourselves into it, and like then what happens? Yeah, I mean it's also just so clearly unfortunate that the issue of AI safety has become polarized in the way that it did over the past couple of years, that sort of caring about safety, talking about safety became sort of like vaguely woke-coded, and people in the Trump administration thought it was like a bunch of hysterical liberals uh, you know, using fears of AI to like get heavy-handed regulation into place. Like, I don't think that was ever true, but I think it it has become especially untrue now when you have very senior people in the Republican Party talking about how we need to restrain these systems. So it's just it's it's frustrating because I think you and I both saw like this technology is real , it's going to get you know even more powerful than it is. And at that point, it's not going to matter whether you're a Republican or a Democrat. Like you do not want this stuff falling into the hands of our adversaries. True, but I think the Trump administration was always out on a limb here in a really weird way. Like we have talked a lot recently about what the surveys show when it comes to the public opinion of AI in America. Republicans and Democrats are like largely allied in being like deeply skeptical of it and even, you know, uh outright hating it. And that's why you see so many Republican state legislators trying to pass laws to reign in AI, right? Like you did not have to convince Republic an state legislatures that AI was dangerous and needed to be regulated. Like they were racing to do it. And the Trump administration has had to put a lot of energy into trying to pass a moratorium so that it can preserve its sort of all gas, no brakes, approach to AI. So what I think happened here was that there was basically like a a minority of Republicans that happened to be running the country that said, let the labs do whatever they want. And then Mythos comes out and the bill comes due and they're they sort of have their pants down and they have to change their tune. Yeah. Just to sort of throw a lot of metaphors in there. Pants, tunes. Oh, we'll come up with more. Don't worry. We're getting there. Yeah. One other thing here is that you are starting to see the issue of catastrophic or existential risk floating up and percolating on the right. This is something that people like Bernie Sanders have now been talking about on the left for a couple of months. But on Tuesday of this week, Ted Cruz was talking about catastrophic risk and uh ta and the need to protect against it. So I just think that the improvement of these models and the fact that they are so clearly useful for dangerous things like cyber attacks is going to scramble some of the usual partisan allegiances here. Yeah, I mean look, the the idea that uh a large language model might eventually get so good that it could like break into your computer and wreak havoc. that L wasike not a liberal view. Like that was just a view grounded in an observation of like the rate of improvement in the model. In truth, I am glad that they are are are reversing course on this. Um, and they're doing it before we've had a massive catastrophe. Um maybe an asterisk there though, which is I truly feel like every single day for the past week I've seen news of a major cyber attack and increasingly we're getting word that these may have uh had AI systems involved in identifying these vulnerabilities. Yeah. So there may be a catastrophe unfolding under our noses. We just don't know about it yet. Yeah. Stay tuned for next week's episode . Um, I want to talk a little bit about this China trip and what, if anything, we think that has to do with AI regulations. So there was some uh reporting in the Wall Street Journal last week that both the US and China have been considering a series of official discussions around AI. We know that AI is on the agenda for President Trump's meetings with Xi in China this week. And we also know that China has been looking to get access to mythos. There was a great story uh recently in the Times that talked about the fact that a representative from a Chinese think tank approached anthropic officials at a meeting in Singapore last month to basically lobby them to open this model up to China. And we want to give them the hard fork Hutzpah Award for shooting your shot. If you work at a Chinese think tank and you think Dario Amade was about to hand you mytho, like that is truly like I I aspire to your level of self-confidence. Listen, you miss 100% of the shots you don't take. So along with uh Jensen Huang, who finagled a last-minute invite uh on Air Force One after there were news reports that he was not going to be going on this trip, um, Elon Musk, Tim Cook, and Dina Powell McCormick from Meta are also on the trip with Trump. What's going on here and uh how would you characterize the blunt rotation uh among those tech executives? You know, I mean th this is a group of executives that are aligned with the Trump administration and they have all found in various ways that the more time you spend flattering President Trump, the more like tax breaks and other forms of relief your company gets. So I mean, you know, this is exactly what we talked about expecting Tim Cook to do once he announced that he'd be stepping down as CEO is, you know, you're you're just kind of like a Trump whisperer and you follow him around and uh you say, you know, g go president Trump and also please give Apple what we want. So, you know, Meta, Apple and NVIDIA have all had huge success with this administration and now as their reward, they get to be, you know, photographed with the president flying around China. Yeah. I think uh like I am just very unsure where all of this settles out because I can imagine, you know, Trump wanting to go to China and make a bunch of deals and obviously Jensen Huang and NVIDIA wanna be able to sell their chips in China and so I can see them on a one hand like giving some kind of expanded access to Chinese AI companies to get these American chips. But then I can also see them not wanting China to get access to models like Mythos. So I just I don't know how that res olves and I see it as basically inherently contradictory that you want to give China or sell China the means to make its own mythos caliber models while at the same time trying to block them from getting access to the This is where it would be helpful to have a coherent strategy, but we don't, right? It's like the same administration that is like installing and uninstalling anthropic at the same time is kind of having a similar level of confusion over in China, where it seems like the administration is just like highly susceptible to like blowing where wherever the wind is today. Yeah. I mean, I am generally not all that optimistic about the government And I hope I'm wrong here, but I just I think that we will see this sort of incoherence and contradiction until there is like some big event that kind of forces everyone to like sit up straight. I mean, my question is: will this be a case of the same AI safety-minded people who were dismissed for the past couple years by the Trump administration be proven right again in the future when it turns out that China did use access to American technology to build mythos or better level models. And will there be any regrets, you know, that we sort of pave the way for them to do that? I mean, but you know, I I I don't think it's unlikely. Yeah. It's interesting though, like I had a conversation with a federal official recently, like in the last couple of weeks, where this person was basically telling me that AI is just a normal technology, sort of taking the line that we've heard again and again from the people who who don't want to regulate this stuff, saying, like, this is just the internet, this is just the PC, it's not some special technology that requires special rules. And that position has just become so untenable to me at least when you have models that are out there finding zero-day exploits. Like clearly our military, our intelligence agencies, they don't think this is a normal technology. They think it's it's more like a step change that requires them to like act in different ways. So I am very curious what happens to the sort of AI's normal technology camp inside the Trump administration as the technology continues to grow. They may change their arguments or they may not. Like that's the thing. You just don't know how committed these people are to their view. You don't. We should also talk about some of the international reaction to Mythos because it's not just China who wants into this thing. Germany's digital affairs and cybersecurity agency are out this week with a proposal for establishing their own version of something like the US Casey. They are also demanding access to state-of-the-art models like Mythos. So it just seems like this model has sort of forced conversations around the world about who should have access to which models when, should the public have access, should governments have access? Which governments should have access? It just seems like we are kind of like in a new era of AI brinksmanship. For sure. And you know, I what I hope that we will see in the coming months is more and more cooperation. Like the whole reason that we had that series of AI action summits over the past few years was to try to get more cooperation among the Western powers with this stuff. And then last year the US sort of came in and said, that's over. The US is winning the AI race and y and you can uh l like it or learn to live with it, basically. Right. And um, you know, so it's no wonder to me that these other, you know, Western powers are are seeking access to these models. And I think there's probably honestly a good case that they should get access to these models because when it comes to, you know, fixing every vulnerability on the internet, I think we could probably use all the help we can get. Yeah. And I I remember that AI Action Summit. I didn't go to this the most recent one in India, but the one in Paris before that, I remember it was just like, oh, we're just not going to talk about any of this. Like we're just not going to talk about the dangers that this technology might create because we're so invested in this sort of accelerationist posture. So how far we've come, uh, and yet we are still in the very early innings of this. Does it make you wonder what would have happened if the Trump administration had just been listening to hard fork a year ago. Could they have saved themselves some trouble here? It's possible. Yeah. So Casey, the politics of AI and AI regulation are obviously shifting very quickly. Um we may learn more this week after these meetings in China . But like what is your take on what this latest burst of news signals about AI or AI regulation? My take is this is a rare bit of good news when it comes to AI regulation, right? Like I am somebody who's been worried about AI safety for a long time. And one of the main reasons I've been worried about it is that our government has uh seemed to have this feeling of like, let's just see what happens. Uh whereas to me, it was seemed pretty obvious what was going to happen. Now we have arrived at that point. We have a super powerful model, and to their credit, the Trump administration is saying, okay, it seems like we were wrong about how um capable these models were going to be. Let's make some changes. Aaron Powell And do you think there's any way that this turns out to backfire? I mean, I'm just remembering like people wanting social media to be regulated and then when the Trump administration started doing things i in the realm of social media, it amounted to what you and I would consider sort of censorship or at least wanting to strong arm the social media companies into doing their bidding. So do you think there's it's it's it's possible that something similar happens with AI where it's like we get the regulation , but it's just the wrong kind, or this pre-release testing is testing for the wrong kind of thing. Yes, I am very sympathetic to those who believe that this is uh could amount to a kind of prior restraint on free speech and that there is the risk that there are, you know, members of the Trump administration will effectively say you can't release that model not because it's actually dangerous, but just because it seems woke and gay. And I think that we need to keep an eye out for that and you know potentially someone is going to need to sue over it. But when I look at how I want to balance those things, for the moment, I would rather have an administration saying uh the crazy cyber model, don't give that to every one. Yeah, I I think I'm landing at a pretty similar place where I'm like, I'm a little worried that this regulatory push from the right is going to be confused and maybe too sudden, and there's going to be some sort of overreaction that ends up with something more like the sort of censorship that you mentioned. But I I am glad that after many years of kind of denying that this technology was important , uh that it would become as good as the people at the lab said. Um that our government at least appears open to the idea that maybe they need to just step in and do something here. I'll take the little wins where I can get them. That's what I'm saying. When's the last time we talked about a win on this show? Yeah Yeah . When we come back, what is Claude Mythos doing to the world of cybersecurity? We'll talk to Palo Alto Network CEO Nakash Aurora . Meet Rovo, your A I-powered teammate by Atlassian. With Rovo, you can streamline your workflow and power up your team's productivity. Find what you need in a snap with Rovo Search. Connect Rovo to your favorite SaaS apps to get the personalized context you need . From brainstorming to complex requests, RovoChat delivers insights in the context of your work. And Robo is already built into Jira and Confluence. Get started with Rovo, your new AI teammate at rovo .com. As a small business, you can't afford downtime. Thankfully, with ATT business internet, downtime is a thing of the past. We used to put a baby monitor next to the router. If the router started blinking or beeping, someone would have to sprint to reset it. Now we've got ATT business internet, a reliable connection, so orders keep coming in. The monitor's still on, really loving that white noise. Although HR said no to hiring office, baby. ATT business internet. Connecting changes everything . It's time your hard-earned money works harder for you. With the Wealthfront Cash account, your uninvested cash can earn up to three point nine five percent APY. That's a point six five percent boost over an already high rate for three months, just for being a new client. Plus free instant withdrawals to eligible accounts. Start today at wealthfront.com. Three point three percent base APY via program banks as of january thirtieth, twenty twenty six. It is representative variable, requires no minimum and is earned on funds web to program banks boosted up to one hundred fifty thousand dollars. Cash account offered by Wealthfront Broker Jell LC member FINRA SIPC NATO Bank. Well, Kevin, is it just me or every time you look at the tech news, do you see some new cyber attack that seems to have befallen some company or another? Yes, this is my experience of social media over the past two weeks. I log in, I see uh three posts from companies about how they've discovered more bugs in a 24-hour window than in the previous, you know, 80 years of their company's history. And then everyone's reposting that with just like it begins or it is over or hide your kids. Yes, just to name a few of those, Mozilla was one of those companies saying that it had pushed four hundred and twenty three security bug fixes in April alone, compared to an average of about twenty two per month uh throughout Google announced on Monday that for the first time ever, its threat intelligence group had identified an attacker using a zero-day exploit that the group believes was developed with AI. So that's kind of a grim milestone. And then if you're a student, perhaps you noticed the cyber attack on the learning platform Canvas last week, which uh forced the site down for several hours. And um the company behind Canvas, which is called Instructure, had to negotiate a deal with hackers for the return and destruction of the stolen data. So, you know, on one hand, there are cyber attacks going on all the time, but it does seem like some new inflection point has been reached. And of course, a reason that people think we might be seeing more of these is AI. Yes. So we have talked about Claude Mythos preview, the model that Anthropic uh did not release widely, but released to a select group of companies and open source maintainers. And today we're actually gonna talk to someone who has used Mythos and who has been on the front lines of this frantic sprint to secure the infrastructure of modern life. Yes, our guest today is Nikesh Aurora. Nakesh is the CEO and chairman of Palo Alto Networks, the largest cybersecurity firm in the world, which supports more than 70,000 customers, including the vast majority of the Fortune 100. And as you mentioned, Kevin, Palo Alto was among the organizations given early access to Claude Mythos, as well as GPT five point five cyber. Yes. And Nikesh is one of the people I think who is best positioned to see the effects that these models are having on cybersecurity because they do work so broadly across industries. They're also a big government contractor. So I'm just really interested in what he thinks is different about this new class of models. Yes, and something I appreciate about Nikesh is that in an industry where there is a lot of hype, because of course the more scared that a cybersecurity executive can make you, the more likely you might be to buy their software. Uh Nakesh is somebody who I think tries to maintain an an even keeled approach here, and not to ring alarm bells where none are needed. But that said, I do think that he is uh quite concerned about some of the things that he's seeing. Well let's bring him in. Nikash Aurora, welcome to Hard Fork. Well, thank you for having me. I want to just start with your account of what it feels like to run a major cybersecurity company right now. Casey and I have talked with people at these companies for many years, usually because something terrible has happened. And I feel like the vibe we get is like this is the worst, most dangerous time ever in cybersecurity. What is your subjective experience as someone who's been in this field for a long time? I'm a little more perhaps relaxed than what you're trying to ascribe, that people come here tell us is the worst moment. Historically, what's happened is in the last seven years, you've seen the time from somebody breaching an organization and being able to have extract, well, say crown jewels, has been measured in days. Unfortunately, with the emergence of AI, the arrival of advanced technologies, that time frame has shrunk down to minutes. And when that happens in minutes, your defense systems have to be able to be activated and defend yourself some minutes. And fundamentally, the cybersecurity infrastructure was designed for days, some parts of it are making it to seconds, the good parts where you know how to stop them. But we have to go basically over all the backend infrastructure to make sure it's AI ready so we can fight AI with AI. So so you're seeing that, you're seeing AI is out there, you're seeing people like Anthropic launch models like Mythos, you're seeing OpenAI do that, it's 5.5 cyber. They're showing you the art of the possible from a bad actor perspective. Uh so we have to make sure we move as fast as them or faster perhaps to try and plug those holes, make the infrastructure better. So your company recently put out a report on some patches that you all have made to your own systems. Yes. Um you disclosed twenty-six critical exploits covering seventy-five issues, and you said that's against a typical baseline of under five. Yeah. Meaning that they discovered like five times as many in a complex. Yeah. So is like is that pretty standard for what kind of spike you all are seeing in exploits or discovered exploits as a result of mythos and similar models? So look what we've discovered, so on the newer models that have come out in the last few weeks, perhaps a month or so, is AI models are getting really good at coding. Well guess what? As the models start to understand what good code looks like, they also start developing and understanding what bad code looks So if you point this model and say, okay, now look through all this code repository I have and find me bad code, it will. And unfortunately, humans have been writing bad code for a very long time. So on average, we'll find about one fifth or one seventh of what was found in the last six weeks using these models. Now of course, remember, we ran a concerted effort to see what the models are going to find. We had hundreds of engineers working on it to make sure we look under every rock, run every product through it. It's almost like that it's a great cleansing, right? So it's a great cleansing moment. We found seven times the more volume that we would have normally found in a normal period. It's not gonna happen again, hopefully, uh, because we have hopefully cleared out a whole bunch of the, let's call it the tech debt or the vulnerability debt. But I think a lot of organizations will have to go through this moment to understand how much of their code written in the past suffers from these vulnerabilities, they'll have to do their own work, they'll have to make sure that it's fixed. I think the challenge we're gonna run into is uh most companies use a large corpus of open source. And open source doesn't get bashed or remediated as quickly as your own proprietary code can. The other thing we found very interestingly with Mythos and other models is it's really good at daisy chaining vulnerabilities. And that's what needs to be sort of contended for. I'm trying to get a sense of the scale of this issue because I feel like within the past few weeks I've heard a lot of stories like the one you just described about your own company. You know, M Mozilla has been publishing blog posts about discovering hundreds of bugs, you know, over a period where maybe previously they only would have discovered a couple of dozen. My sense is that as more companies sort of like undertake this audit, they're they're gonna find that they have similar problems. So like what what is the time scale that we might expect these kinds of issues to be fixed and is there enough time to fix particularly like critical infrastructure before our adversaries um gain access to similarly capable models? That's a great question, Casey. I think and that th that 's what should keep us up at night, right? Because not every organiz ation has resources to fix code that could have been written twenty years ago. Now the good news is that, you know, pretty much most of the cyber defenders have had access to the models. They understand the scale and enormity of the problem to some degree. I think what we have been able to do is we've been able to enlist the support of many of the system integrators in the world, like the IBMs, the Pricewaterhouse, the Lloyds, the Accenture's, et cetera, who are all rallying to make sure they make resources available to many of these customers to be able to patch these things. But I think we are in the midst of sort of testing in interesting solve where we can, once we know the vulnerabilities in an organization, we can write signatures into our perimeter defense firewalls to say, if you see somebody trying to go in this direction, we know there's an unpatched piece of code behind it, block them. So we can create a temporary scaffolding to let organizations have a little bit more time to go fix their vulnerabilities. But you know, it has to be done. And the risk, like you rightly articulated, is that open source or nation states or third parties can start building models that are similar to what Anthropic or OpenAI have built. And the risk is that they get there faster than the patches or have been enabled in many enterprises. I want to understand a little bit more about the defense side of this now that you have access to the this mythos model. There's been a lot uh written about it. It's the subject of much uh debate at the highest levels of power. And I kind of don't just want to ask: like, what is it like to use it? Does it feel different than using like Claude Code? You know, like if you've used another anthropic product, does it feel kind of the same? Or just like what what is it like to use mythos? Uh in the beginning it was not that um impactful because when you're looking for a bad code, it's gonna find everything. Remember, I mean it's 30% of false positives. Right? So it's not like always going to get the right thing, but unfortunately we gotta go test every one of them out to see which is real. But what became more and more fascinating is the more context we gave it, the better it became. What do you mean? Well, you showed a piece of code, it doesn't know what to be what the code is trying to achieve. Right. Right. So you have to give it context saying, well, this code is a very strong. So you're not just pointing it and say, go go test this firewall and tell me what you find. You're actually like giving it some instructions beyond that. You have to give it context in terms of what is the purpose of the code, what does it do? What is what is normal behavior supposed to look like? Then you have to give it more context in terms of other threat research. Like the models don't have all the threat research in the world. We sit on hordes of threat data saying this is how you know 10,000 attacks have been conducted in the past five years, which is data we store, we hold, because we write machine learning algorithms to protect against those instances. So we say, oh, we're arming you with all the past known techniques that have been used. Can you see if some of those known techniques can be applied in this scenario. Effectively, you're giving all the human training of the past to make sure that in the future you can build defense against those techniques. You you mentioned using both Mythos and GPT 5.5 cyber. I'm curious, like in your mind, how comparable those models are. Like are they in the same class or is one different than the other? You know, the most fascinating part is that they both found different things. Which tells you that based on their ground ing, their training, whatever they use being used to train at one of some of them were one of them was better at certain things, the other one is better at some other things. But it just tells you that there is still a lot that's gonna get found. I mean one thing that's stuck out to me as I was reading some of your blog posts and your sort of postmortems about your experiments with mythos is like if a cybersecurity company is finding five to seven times more vulnerabilities using this model, like the average bank , the average insurance company to say nothing of Kevin's personal website. My personal website. I mean, we're gonna be looking at many multiples of that, right? Or or is it the case that everything is so centralized and runs through just a few platforms that like the average institution is not as screwed as I think they are. I wouldn't say the average institution is screwed. I think look, there's a lot of work that needs to be done. It's not just good at finding vulnerabilities. The other thing we also found as part of our testing, it can even take a look at products you might be using perhaps to power your website, which you may have misconfigured. That's not a vulnerability. That's human error in the way you've using the product we've left the door open. For example, many people will take products and say, ah, it's easier if this control pane of this product was accessible from home or from the internet, so I could just go access it from wherever I am and manage this thing. Well, you should not leave control panes of most products in your company exposed to the internet. Because if I can find it, other people can find it too. Right. Right. When Mythos was first announced, there were a lot of people uh who were very skeptical. They said, Oh, this is just marketing hype or Anthropic doesn't have the compute to serve this model, which is why they're only releasing it to a select group of companies. Um a month or so later, uh do you still hear that kind of thing from people in your industry that maybe this isn't the sort of apocalyptic moment that anthropic and others have said? Yeah, I I look at it slightly from a longer-term perspective. I think what the Midzhaws model showed is what the art of the possible is going to be in the future, once we are compute unconstrained or we have better models in the future which are trained better. So it sort of gave us a window into what's coming. I think which was very useful. I I think that's a bit of a you know it's a bit of a tough rap towards Mythos that did this and purpose I think remember these companies whether it's OpenAI or or anthropic they're sort of working their way trying to understand how to do this. Both them and open eye want to do it right. They want to do it so that AI is not used in a bad way, at least in this instance. I think they were trying to do the right thing. I think there is no easy solve to this. I I give them marks for trying to do the right thing. And I think they sort of they've partly got a most of it right. Some of it they fumbled on the way there, but I in credit to both of them for trying to get it done right. Speaking of how we fix this, so for decades cybersecurity has operated uh using this sort of uh 90-day dis uh responsible disclosure window. Like I find something, I find a bug, I sort of privately notify you, but you know, in 90 days, you know I,'m gonna go public with this, so you better get your act together and fix it. And companies often do take ninety days or longer to sort of implement those bug fixes. So I I read a blog post this week by a a researcher named Hamanshu Anand who wrote that in his opinion the ninety day responsible disclosure window is dead. I also saw that in your own company's blog post last week, you guys said that within twenty five minutes, in an AI assisted scenario, somebody could uh get initial access to a system and exfiltrate the data. So do you agree that this 90-day window is dead? And if so, like what the heck do we do about it? Like I think the principle of the 90-day window is to allow the owners of the product or the piece of software or piece of code to have enough of time to investigate, to fix it, and make sure their customers are secured. I think the 90-day window is going to shrink, as he has rightly articulated. How much does it shrink? Still up for debate . How long do we have? Like think about it for what we just did, right? We announced this morning that we've patched almost 30 uh critical vulnerabilities. We've known about these for two or three weeks. We've had the time to go test it. We had time build patches, pretty much deployed everything that's available from a SaaS software perspective. So challenge not the SaaS software, right? SaaS software you can find, you can fix, you can deploy, it's not a problem. The challenge is when there's a laptop sitting in front of you, and I've got to go make sure you update your lappto because you're required to do something with it. And I can tell you he will go like six months without installing the mandatory updates. I'm not even kidding. Delay, delay, delay . I mean I am starting to see more of those and just in my products and I'm getting more requests to update system software. Is that mythos related? Like is no seriously. Like I'm I'm wondering to myself every time I see it, I'm like, oh, what did myth I was find now? So it's like, are we starting to see as consumers evidence that some of these systems are needing to be patched more frequently? I think there is going to be, as I said, there is going to be the cleansing of the vulnerability backlog that has been built over the years. So you will most likely experience in the next three to six months if you're an enterprise, you'll experience it in a lot more boxes that you buy. You buy servers, you buy switches, you buy routers, all those things where they have code lying on them will have to be looked at and will have to be bashed or upgraded over time. So you're gonna see some of that cleansing happen, but hopefully you can power through it and get to the other side. But it sounds like it is a just a good time to install those software updates when you get those. I highly recommend you do that. One persistent question about these kind of models is whether they favor attackers or defenders. So I guess I'm just gonna put that question to you. Like, is this technology better for people who want to break into systems or people who want to safeguard systems? And if you had attackers and defenders with an equal model, who would win? It's a great question. Classic Batman versus Superman. Remember, it's an unbalanced fight to start with. We have to be right 100% of the time. The bad guys can be right once. So it's an uneven playing field from that perspective. So the model, if you can find you five vulnerabilities and you can exploit one of them, it's a win for them and a loss for us. It doesn't matter if you protect you on the other four. We don't get 80% grade for protecting the other four. We get zero because it was able to find something to breach it. So for now, the bad actor is most likely able to use it much better than the good people. That's not a model constraint or model fault. It's because the model doesn't protect. Remember, the sensors protect. The sensors we apply around your perimeter protect. The sensor has to be smart enough to understand what the model is going to find. And that's why the fact that we got this window of four to six weeks to test them, to understand them, we're busy building defense techniques to make sure that as this tsunami of AI-based attacks starts to arrive, we have enough defense capability which is still powered by AI to give us a real-time response that we need. You know, the the challenge always is the companies which use technology where their core business is 95% something else, and the 5% part is technologies, and you can take that to mean small businesses, you can take that to mean sort of core industrial manufacturing output type businesses, where they're not spending as much time thinking about the technology. They're busy digging for gold or building infrastructure for something else. Or hospitals that use technology. So you're worried about the non tech businesses that may not have as many resources or as many engineers working in the internet. So they will go rally against it, they'll put the resources to to work. And they've been they've been protecting themselves for a very long time. They understand the implications of these things. So it's like in a poor doctor's office. Remember that there was a breach that happened I think almost a year ago and our cycling more of change healthcare, which caused a whole bunch of the entire physician ecosystem to come to a halt, and the physician didn't know what to do about it. Yeah. Hmm. I mean, like for the moment, like do do you sort of breathe a sigh of relief that these models are not generally available, or do you think they could be released and it wouldn't be that big of a deal? Well, as I said, they have been released, right? Both Opus four point seven cyber and open AI's five point five have both been released with cyber capabilities and guardrails. But not mythos. runs in ultra mode. Ultra mode is a compute consumptive mode, which allows the model to persist for much longer than the flash mode that most models are released in. So if you're saying it can just work for a lot longer, spend a lot more compute than other modes. The compute cost is from the persistence perhaps, not from the the capability. And the persistent allows the daisy chaining to happen much more effectively, right? Because it's trying different techniques, trying to see which one's most likely to work. So that's what causes the daisy chain ing to happen in a more effective fashion. So that's why. So is it a good thing that like the average person doesn't have access to that right now? I think so. I think every company should have a chance to be able to fix these things in the meantime. But again, I don't know what the average who the average person is in this case, right? Is every company out there an average person then they should have access to because they have to fix their stuff. You mean the average bad person? Basically, I mean I'm just like thinking about you know all of these cyber attacks that we've seen just over the past couple of weeks, and I'm assuming that they do not have access to a mythos level model. And so I'm just asked asking myself, like, well what if they did? Yeah. What if they did that they'll they'll they'll find a way to attack companies much faster. Yeah. Right. I don't think the nature of the attacks change. I don't think the nature of the out comes change. Most likely they will be used to leverage ransomware, perhaps cause economic harm if you're looking at it from a nation-state perspective. So I think the the entire set of fundamentals of how the bad actor industry works is not going to change. What it does change is the pace and the volume, perhaps, of attacks are going to be made possible because of the availability of these models. Aaron Powell I want to talk a little bit about what, if anything, an average uh person can do here. Um I I myself am the subject of an ongoing phishing attack where um uh I mean I I hope so. Um but basically almost every day somebody tries to get me to like reset my X password uh from an email address that has nothing to do with X.com. And because I'm looking at my emails on the desktop, that's very easy for me to see. And I'm not fooled, you know, congratulations. But that's me. I've been trying to steal it. How could you? But I also believe that like within six months or a year, one of those emails is gonna come in and it's just gonna look way more convincing. Right. It's just gonna figure out a way to trick me. And you one of my frustrations with talking about cybersecurity in general is it it tends to leave people with the sense of like, well, everything's really bad. Sorry, good luck to you. Um usually we give people advice like create a strong password and uh use multifactor authentication. That's right. Um is that good enough or do people need to update the playbook? Look, I think one of the things my frustration has always been that if you think about it, we have much better cybersecurity solutions in the enterprise world than we do for the consumers. For example, if you had a corporate email and all the phishing attacks will come to your corporate email or spam will come to your corporate email, be pretty good at sussing these out because the X email address that you talk about that you're getting, which is not actually X, we see it in one customer, we'll block it everywhere else. Now the problem is that consumer world doesn't have any such gatekeepers, right? So because we're effectively the gatekeepers of the enterprise, but consumer world doesn't have gatekeepers. The consumer gatekeepers are the email providers. The consumer gatekeepers are the telecom networks that give us, you know, if if you were getting an attack on your corporate mobile device and we were sitting in front of it, it won't happen. But on our personal devices, we can all get spam, we can all get fished, we can all get all this stuff happen to us. I think part of the frustration I have is that there are some consum er companies that need to implement better cyber control s for all of us consumers, which they sh which they're not. Well like and any particular controls come to mind that you'd like to see out there? Well think about the email, right? I mean you're telling me is it is it hard for the email provider to figure out that this is not an X email address? These guys are building AI just gonna anticipate what we want and do it for us. So somebody just needs to pay attention to it. I mean like for what it's worth though, so you know, this is like my paid Google workspace for my my my work account. And uh like you're you're absolutely right. Like it seems like a very simple classifier that Google makes to just be like, hmm, this probably isn't coming from X.com. How are your engineers feeling about all this? I mean, I imagine they're working uh a lot these days. Are they excited because there's this new tool, new set of tools available to them? Are they stressed out because all of a sudden their workload just got five times bigger. Like what is the mood? Yes. All of it. Look think about it. If you're a technologist, this is a phenomenal time to be doing this, right? The amount of opportunity to learn, the amount of opportunity to understand. Some of the people are fearful. Like, how is this thing going to work? And you can find, I think every emotion you can think of is probably in every engineering team out there. We have 9,000 plus tech nical people. I think it's not just the tool in front of us. I think it's the uncertainty of what this holds in the next two, three years. I mean, people are seeing OpenClaw being deployed. Now, OpenClaw is a scary thing from a security perspective. It's going to take all your permissions, all your credentials, do all kinds of stuff for you. But it's cool. So the early adopters are doing cool shit. I had dinner with somebody who came to my house. I got open claw on my phone. It's doing everything I've given her name, c it's ara. And it's doing all the things I'm asking it to do. And my the guy sitting next to us, holy shit, that's a security nightmare. You're worried about your ex AI uh ex you know supposed to change a password? You don't need to change your password. Open clause is gonna tweet on your behalf because it's had a moment last night. Totally. Right? Yeah. Yeah, and for all of my objectionable tweets over the years, I would like to just formally say that was my open claw. Acting autonomously. there we go So are you personally like running any of these insecure like are you running open claw? Are you experimenting with this stuff just from like a I need to understand the landscape perspective? On a on a segregated device which has no connection to many of my things, which makes it totally useless, by the way. You can't even book a meeting of my schedule because I does not have access to my schedule. It can respond to an email on my behalf because it doesn't have access to my email. So I'm still sort of using it the old fashioned way, which is I'm using Gemini in the interval. I did do that. I took my earnings script, sent it to Gemini and said, What do you think? Two quarters ago. It says, Are you trying to hide something? You're too enthusiastic. Use the word momentum and excited too much more than you normally use. I'm like, holy shit. That's not bad. That's very funny. Is it changing your hiring plans at all? I mean you employ thousands of cybersecurity engineers and researchers. Yes. You may need fewer of those people in the future, or no. I need more. I think this is the fallacy out there, right? The fallacy is that organizations are gonna get 30, 40, 50, 60 percent more productive from a development perspective and a testing perspective. So we need less people. The problem is every technologist that you talk to has a feature request list which is longer than their arm, and typically people have product roadmaps that are six to twelve months out. Why is that? Because they don't have enough people or they cannot serialize something because it takes a lot of effort to get it done. So I think the first thing that's going to happen is as we create more capacity, we're going to try and fill the technological backlog and try and make that work. I do understand there are people out there, I'll call it reshaping their technical organizations by creating capacities. Everybody who's out there saying I'm reducing my headcount by seven percent or fifteen percent or twenty percent which you're beginning to see recently, I think they're just creating capacity. They're saying that capacity allows me to hire more people and make room for people that I need who have the newer skill set. They're not just spending that salary money on tokens instead. Look, I think that the interesting part is I was saying this earlier, I was speaking somewhere else. And then the part we don't realize is that we're dealing with a tsunami of a desire to transform. I think we're in a decade-long transformation of business ahead of us. Imagine, like you have a new technology. My CFO would never come and say, I want to use AI to transform my team. He wants to transform his team and see if he can do it much more efficiently, but he wants AI. My head of HR wants AI because she wants to create an AI interviewer, an AI assessor instead of having humans do it. So every function wants more AI to deploy. Now the question is: where's the money going to come from? It's probably going to come from efficiency in those teams, those functions. So that's what's gonna pay for the tokens. I have to say, I don't think anyone wants to be interviewed by the the AI assessor. That's not a good vibe. You know? I don't know. Would you want to be interviewed like for a job by a AI? I think AI is most likely going to be better at assessing my domain skills than a human being. Really? Yes. If you're trying to find hire a good coder, if you're trying to hire somebody who's knows agenda really well, I mean sitting and talk to them is not gonna get me a better answer if they can sit and code and deploy open claw in front of me. It's like I'll literally have done that interview. It's like I says, Well, I'm really conversant to the eye. I'm like, really? That's cool. I'm like, what have you done for? It's like, well, I I built myself an agent. I'm like, show me. It's like, what do you mean? I'm like, you don't zoom, show me. They see this like bizarre, like, you know, simplistic, like, oh, I got I got to make a shopping list from the recipe. I saw like, dude. It's an AI girlfriend. It's like I actually I shouldn't show you this. Um well Nikesh, thanks so much for coming in. Really great to talk to you and good luck out there. Fascinating. Thank you, Kevin. Please tell Mythos to spare our families in the coming uprising. When we come back, it's time for the Hot Mass Express. With the all-new Audi Q3, the answer is always yes. Yes to adventure. Yes to escape. Yes to right now . The all-new Audi Q3. Made for the Yes Life . Before we got ATT business internet, whenever we needed to get another device set up in the office, we called Janet's nephew, charged us some pizza bites and energy drinks. He once renamed the network to New England Clam Router. Professional? Not really. Necessary? At the time, yes. Now we've got ATT business internet . Easy to set up, no nephews required. ATT Business Internet. Connecting changes everything. Some songs that I've written I started on the piano that happened with all in one for Christmas is you. If you couldn't tell, that is Mariah Carey. I'm John Caramonica, one of the critics behind the New York Times' 30 Greatest Living American Songwriters Project. We interviewed some of the songwriters on our list, including Taylor Swift, who hasn't sat for a video like this in a long time. These are not ordinary conversations. You're gonna watch these videos and learn about intimate approaches to craft in ways that you rarely have access to. My mom had got me this notebook and I was just writing it really small because I didn't want anybody to read what I was writing. Okay, Jay-Z teenage notebooks. I need to see those. Watch all the video interviews for free and check out the entire 30 Greatest Living American Songwriters project at nytimes.com slash 30greatest or in the app. And let us know if you agree with our picks. I bet you won't. Well, Casey, we've got a train to catch today. The Hot Mass Express is here . The Hot Mass Express is of course our segment where we take a look at the various calamities befalling people in and around the tech industry and at the end of discussing them decide what kind of mess was this? What's uh what's pulling up to the station today? Well, let's see what's first here on the tracks. You just love the sound effect. Our first story today comes from the verge. Oh, and this is truly the end of an era. Venmo is starting to test a big redesign of its app, and as part of the changes, Kevin, it will be implementing a major new privacy feature. The onboarding process for new users will set their posts to only be viewable by their friends by default in,stead of being public . And this is very sad for me because for years now, every time I've opened up Venmo to um, you know, pay a friend, I've seen a recent transaction from someone I hooked up with with once in twenty sixteen. And the thought that other people aren't gonna have that experience makes me really sad. So, you know, as a nosy person who loves to gossip, I am sad about this story because you know, it was always fun to see which of your random phone contacts had been paying their fractional share of the rent or back for dinner. Uh people put various jokey things on their transactions, you know, illicit drug deal, uh, foreign arms uh trade, et cetera. And it's just sad that we won't get to experience that. Yeah, also, you know, the uh public by default Venmo transactions gave us many great stories over the years, including Joe Biden's secret Venmo, uh, which was a BuzzFeed story. Uh, JD Vance had a public Venmo that Wired reported on. Matt Gates' Venmo payments uh were part of a federal inquiry into his payments to women, according to the New York Times. So I guess all of us investigative reporters are gonna have to find a new easy way of writing a story, Kevin. Yeah, now the only baffling uh security breach uh from these apps is that Telegram still does notify you when one of your phone contacts joins. And I always love to screenshot that and send it to people and be like, crypto or drugs? What is it this week? The only two possible answers. So what kind of mess is this Venmo mess? This is unfortunately a, cleanup, not a mess. This used to be a very hot mess, and uh now, you know, belatedly it is getting cleaned up. Fair enough. R.I.P. Let's see what else coming down the tracks . Oh well, this was interesting, Kevin, and uh ties in closely to something that you've written about recently. Amazon has started to widely deploy its in-house mesh claw product in recent weeks, which allows employees to create AI agents that can connect to workplace software and carry out tasks on a user's behalf. But some employees are saying that colleagues are using the software to automate additional unnecessary AI activity to increase their consumption of to kens, which will then, of course, make them look better to their bosses. So did we see that one coming or what? Yes. I believe you invoked Goodhart's Law about what happens when a target becomes a measure. Uh it's a measure becomes a target. When a measure becomes a target, it ceases to become a good measure. Is of course Goodhart's law. Thank you so much for that. Yes. And I imagine that at the famously frugal Amazon, they are loving this era of people just spending a bunch of random tokens to move up the leaderboard. Here's the thing. Uh I've talked to a lot of you know Amazon employees over the years. Tokens are the only thing at that company that is free. You wanna you want a diet coke from the vending machine? Get out your wallet. Okay? So these guys finally find something free and now they're getting in trouble. Yeah. The good news is they have unlimited tokens. The bad news is they can only use them on mesh claw. Yeah, I'm gonna say that this is actually a hot mesh. That's what kind of uh mess this is. Very good. All right. Next up, Kevin. This comes to us from 404 Media, and boy, did I see this clip in about 14 different places over the past week. Students boo commencement speaker after she calls AI, quote, the next industrial revolution. You see this one? Yes. Yes, so May 8th, commencement speaker Gloria Caulfield, who's the vice president of strategic alliances at Tabstock Group, uh told graduates of the University of Central Florida's College of Arts and Humanities and Nicholson School of Communication, that AI is the next industrial revolution. She was met with thousands of booing graduates, and someone in the crowd, Kevin, yelled, AI sucks. So what did you make of uh this this commencement moment? Here's my thing. Yeah. Students are allowed to feel however they want about AI. Yeah. But if you boo the commencement speaker for suggesting that AI is a big deal, I want to see your chat GPT history. If you have used AI to write your exams to help you with your problem sets in any way for your academic work. You are not allowed to boo it at commencement. That is my rule. I don't know. I think these students were fine to boo. I mean, you know, Ms. Caulfield was after all addressing the College of the Arts and Humanities, who I'm guessing is probably not the group of students at the university that are most excited to see AI come into their lives. So here's here's the thing that I'll say that is sincere. I think this is I think people are radically underestimating uh how mobilized young people are against AI right now. I see this every time I go to a college to talk to students. They there's like s a a a small group of them who are like running open clause and and very excited and like eighty percent of them are like, I hate this. Yeah. So look, if you have to give a commencement speech within the next few months or a highly relatable situation that many of our listeners will be in. Now you know. Yeah. Careful. Careful how you talk about AI. Yeah. Okay . Kevin, our next story comes to us from the good folks at Variety. Dua Lipa has filed a $15 million lawsuit against Samsung for using her face to sell TVs. And this one is honestly a pretty incredible. Samsung has apparently used Dua Lipa's image on the cardboard packaging of its TVs starting last year, when uh Ms. Lipa became aware of it, she demanded that the company stop using her image and uh apparently like could not get through to anyone at Samsung. So Samsung finally responds on Monday and said this was all the fault of some third party content partner and Samsung said we have uh great respect for Ms. Lipa and the intellectual property of all artists and uh they are actively seeking and remain open to a constructive resolution with Miss Lipa's team. Well it sounds like a constructive resolution could be taking her face off the packaging and paying her fifteen million dollars. And I understand her concern, because the thing that people always forget about Samsung products is that they do explode when you least expect them. There was of course the famous series of explosions related to their phones. So if I see my face on a Samsung TV, I'm thinking, I do not want to be the literal face of an exploding piece of hardware. Yeah. What kind of mess is this? This is a true hot mess because the TV could have exploded. Yeah. Now. Here, you want to read one? Okay. Okay . All right. This next one comes to us from our colleagues at the New York Times. eBay rejects GameStop's $55 billion takeover bid. Last week, GameStop offered $55 billion to eBay in an unsolicited takeover attempt. Uh, according to some interviews, they appeared not to have $55 billion , which uh would put a damper on their plans. This week, eBay officially said no to the GameStop offer, calling it quote, neither credible nor attractive . Which is also what our last iTunes review of this podcast said. And then there you have it. You know, this one is an interesting um story from the world of what I like to call companies that I can't believe still exist. I don't know what's happening on eBay. I don't know what's happening on GameStop. But what I do know is uh these companies probably don't belong together, Kevin. Yeah, I find this fascinating because it is just like the internet-brained CEO of GameStop is this guy Ryan Cohen who's like, you know, sort of rose to prominence during the meme stock man ia of like 2020 and 2021. And now you can just do whatever you want. If you're the CEO of a company, you can just say, we're gonna buy a company that's like five times bigger than us. How? Shame on you for asking. I mean, is it unreasonable given their history to expect that he they could have announced this and GameStop stock could have gone through the roof and all of a sudden they would have had fifty five billion dollars by eBay? Yeah. But that didn't happen. Well, if they had done this deal in typical GameStop fashion, they would have uh offered about half of what the market value for eBay was because it's used and probably doesn't even work on your console anymore. I like jokes that you'll only get if you have returned a video game to GameStop. It's kind of a listen for our younger listeners, uh, there used to be a time when you could walk into GameStop with a box of old video games that you wanted to get rid of, and they would offer you between 50 cents and one dollar for each video game. Alright. Well this is the sort of mess where we're explaining the joke. Okay. Okay, so we've got a few more items, Kevin. So Sheehan and Timu are fighting it out in UK courts, Kevin, as Sheehan has accused Timo of quote, astonishing levels of copyright infringement, and Timu accused Sheehan of waging, quote, an aggressive and relentless battle using copyright allegations to undermine competition. This comes to us from Bloomberg, and the whole trial revolves around thousands of photographs that Sheehan says are from its website. According to Sheehan's lawyers, Timu sold What do you make of this fight? The fast fashion brands are fighting. They're fighting. I have uh there's no one I'm rooting for in this fight. I've never bought an item of clothing from either of them. Um, but it is very funny that two of the brands who have made their uh sort of entire existence ripping off the clothing from more established purveyors are now fighting each other about which one's ripping off the other one. Yeah. Truly a situation where is there a way they both could lose and learn a hard lesson about intellectual property. Yes. We're rooting for them. Next up . Oh, favorite story of the week, Kevin. And I imagine you heard about this one. People are seriously pissed that Grinder outed them with its latest Madonna advert. Did this happen to you? No. Okay. So this issue stems from the fact that Madonna has been doing this big campaign inside of Grindr to promote her upcoming album, Confessions on a Dance Floor 2, which is a concept album about a 68-year-old woman who still wants to be at a nightclub like after midnight. And she's uh advertising on Grindr. And apparently, over the past week, when you opened up Grinder, even if you had your phone volume turned off, you would hear a sound of Madonna saying loudly, Hi Grinder, it's mother. No, which first of all, it's grandmother. Sorry. Second of all , apparently, like, you know, people who are not out to their families were opening grinder at the dinner table, which, you know, you're already sort of putting yourself in harm's way there, maybe. But the last thing they expected was to have Madonna being like, hey, look at look at this guy. He's on Grinder right now . So

This excerpt was generated by Smart Features

Listen to Hard Fork in Podtastic

For listeners, not advertisers

All podcast names and trademarks are the property of their respective owners. Podcasts listed on Podtastic are publicly available shows distributed via RSS. Podtastic does not endorse nor is endorsed by any podcast or podcast creator listed in this directory.