Pay up or get hacked!
hey welcome to cloud unplugged i am here
with salman a new co-host uh do you
want to quickly introduce yourself salman
I feel like I need to have the
mic that was in the intro,
but I don't have the mic in my
hand.
So yeah, hi.
My name is Salman Iqbal and I'm co-hosting
Cloud Unplugged with the one and only John
Shanks.
It's the first time for me on a
podcast as a host.
So let's see how it goes.
I'm excited for this season.
This is good.
It's going to be good.
We've got four news topics.
We've got the Anthropic Mythos and the
Glasswing Project.
I think that's something you're going to
talk about, Salman.
We've got the Vassell Breach.
and what that means for AI,
but really was it AI or was it
more supply chain?
We'll come on to that.
Tim Cook leaving and what it actually
means to the strategy of Apple overall in
the AI
arms race that's going on.
More AI again, Andon Labs,
a researching company who have basically
created a shop all based on AI driving
the business on its own.
And then we've got your sneaky story,
which we'll kind of come on to as
a surprise outside of mine as a last
day,
which is something you're going to talk
about.
We'll kind of crack on into that a
bit later.
Do you want to kind of kick off
on the Anthropic stuff and Mythos
Glasswing project and what's been going on
there?
Absolutely.
We all care about security in software
supply chain.
Security is very important to all of us,
especially us working in the cloud as
well.
So Anthropic a few weeks ago announced
this project Glasswing,
which is a closed invite only project for
a bunch of companies, including Computing,
Cloud Native Computing Foundation,
and some other companies as well to invite
them to work on and improve the software
security supply and looking at things like
if you can figure out if there's issues
in your software supply chain.
and it uses a special model that they
specific model that they announced called
mythos or mythos i think mythos that's
what they call it mythos and the position
it got announced as a a massive fanfare
and that has a major big breakthrough in
ai cyber security and a lot of security
companies as as is always the case with
the announcements are anthropic recently
every time there's an announcement in a
specific area the stock plummets for other
companies
So they released it.
They found a lot of vulnerabilities in
FreeBSD, in Mozilla,
in a bunch of other frameworks that have
been out there.
Some vulnerabilities that didn't exist a
long time ago as well,
like they've been in the ecosystem for
twenty or thirty years.
So it managed to find those
vulnerabilities and report on it.
And there was a FreeBSD as well, OpenBSD,
all of that stuff was there,
which is good.
There's great news for the ecosystem.
We have a new system that's come out.
But the reason why I bring this to
the table is when it got announced,
the closed sourceness of this thing,
it creates a bit of an imbalance between
what the big companies are doing or maybe
perhaps what the little open source,
smaller projects will do.
That's the high level.
But then also some companies manage it,
some security companies manage to.
use different models to try and recreate
the same issues so the mythos is closed
source is a bit more expensive so i
thought it'll be interesting to discuss
what our take is on this and i'll
be interested to hear from you as a
veteran of the cloud and security space
just to hear your inputs as well
So this then, like the whole mythos thing,
are you sceptical?
Do I detect a bit of a hint
of scepticism?
Scepticism, is that right?
On whether or not this is more of
a promotional PR stunt?
Is that what you're thinking?
Or do you actually think it is?
I'm not saying it's not.
Tell us the truth.
I'm not claiming that it's a promotional
PR.
I mean,
it's a great piece of work that they're
doing in the ecosystem.
It's an amazing thing that they're trying
to do.
But sometimes there's a bit more hype than
there is.
For example,
anything that surrounds Anthropic
recently,
they announced
cloud design where you can just design
stuff automatically.
Forget about Figma.
That's what the chat was on the social
media.
Forget about Figma.
And now you can just do everything with
cloud design.
And of course, when that got announced,
Adobe stock went down,
Figma stock went down and everybody jumped
on it.
I wanted to give it a go.
because i make animations for my videos
but i'll be pleased to say that uh
i've burned all my credits within thirty
minutes because it's a has a different
credit limit but i didn't get what i
wanted and it made me a llama which
didn't even look like a llama uh as
a design
It's some like cartoonish thing that you
draw in MS Paint.
So I'm saying it is an excellent project
where you can find,
going back to Glassman,
it is an amazing project where there's a
lot more work to be done.
And that's why, hence,
they asked so many companies to
collaborate with them.
But sometimes these things are a bit
overhyped.
Aisle is a security company.
They used some of the open source tools
and also some of the closed source tools
that you have,
but not as expensive models
that they managed to find the same
vulnerabilities in the system.
And they've been doing that since last
year, since twenty twenty five.
They've been looking at these
vulnerabilities in open BSD, free BSD.
And they and they did they did announce
them.
Of course,
No such fanfare was attached to their
announcement than it was to Anthropix.
I'm guessing because a lot of companies
were involved with them.
Plus it's Anthropix.
So there's a bit of hype there.
Yeah.
So I kind of was reading about this.
There was a bit of a funny thing
because we've done a few different stories
as in there were
one again this is a bit of my
this is probably my cynicism but on the
pr side they were like kind of talking
about what it might mean to security
companies um you know like oh it costs
like twenty thousand dollars to like test
your software we did this for like fifty
dollars on a token so i was like
okay that's like one spin um is like
how much cheaper and effective it can kind
of be but
what i read though i think it was
to do with out of how many attempts
would the model actually take the its own
um free will i guess to a point
on the exploitation like if it found
something would it actually write the code
to exploit it or would it just be
like highlight the fact that it's found
something that has like maybe a
vulnerability and under the opus one like
four point six
you could run it hundreds and hundreds of
times and only twice did it ever produce
um actual exploit whereas with mythos it
actually like a hundred times more likely
to have generated an exploit for it not
just highlighted what it's found but
actually then chain a set of events i
think it was actually it looked at
multiple pathways
yeah and then found multiple ways to kind
of like change things together to get an
exploit so some some things were quite
complicated um and then it would actually
take the initiative to then obviously
write the exploit um as well so that
was kind of the concern i think which
is like well it might mean that you
know you kind of raise an exploit i
i guess the thing i have a bit
of
beef with the most i think with this
is um it being trying to be like
a positive and a negative all at the
same time so they're like gating it
through a pr event of like let's make
let's create a closed group let's call it
glass wing the glass wing project we need
like people to support us on like
validating the model on that side but on
the second side
their stance is, well,
this is great because you can now find
vulnerabilities really easily in your
software and actually it's really powerful
and we should be security testing anyway
and blah, blah, blah.
But
Actually,
the barrier for entry has just dropped.
So it's like, well,
there's a difference between a security
specialist that's literally quite niche
and somebody,
I don't know comparatively to the model,
but probably a unicorn of an individual to
be able to do what Mythos could do
is rare.
You'd have to probably spend loads of
money.
You'd have to try and find them.
There's probably not many of them around
versus now you could just be anyone that
goes on and just like get me an
export.
So the barrier for entry is reduced.
There's no culpability.
There's no legalities around it because
the laws haven't changed.
It's on the person who does the exploit,
not on their company,
even though they've reduced the barrier
for entry.
So all of that side of things,
more from a regulatory and legal stance,
Feels like, I don't know,
feels like government or body should be
responding to it saying, okay, hey,
just a minute,
you're about to drop the barrel for entry.
Almost anybody, you know,
an eight-year-old could probably come in
and be like,
get me an exploit to my,
I don't know, this website,
or go and hack my school's
website and school systems or whatever
else and it's like yeah well you know
it's not our fault it's your kids uh
maybe you should uh you know what i
mean it's like it's that place for your
newly children you're saying that that
mythos and project last week can basically
become like the red team and just go
instead of you hiring because hiring a red
team and doing this is quite expensive
that's exactly what you're saying right so
that's what,
that's kind of what they're saying.
Even they're like, cause it's like,
Oh my God, look, you know,
this is like,
it would normally cost you like,
it would normally cost you like,
to get this, like pen testers in,
or do something.
It's like, just for fifty quid,
fifty dollars guys,
you can do the same thing.
So that, they're kind of spinning it,
but through an angle of like,
business lens, but actually,
their behaviours on it, is very different,
to the promotional aspect of it.
Do you see what I mean?
Like the way they've, the,
And so it's like on one side,
you're behaving one way,
on the other side,
you're saying something else from a PR
perspective.
And on the other side,
from a government lens, you're like, well,
what's everyone else doing?
Do you know what I mean?
Like as in who else is like what
from a regulatory perspective,
which I'm not saying like we need to
regulate everything,
but what does it mean when you make
everything so accessible that means that
you could just compromise something quite
easily?
But is that any different to any of
the other tooling that already exists out
there?
Yes, the barrier to entry is high,
but over time,
a bunch of tools have come out that
software engineers can also use.
A simple example like Wireshark.
When Wireshark didn't used to exist,
you can't even see the packets or the
network.
so does that mean that even then the
person who had a bit of knowledge about
software they could start using these
tools and start hacking or doing the red
team efforts would they be culpable is
that are they culpable well that's the
that's the stance isn't it i think because
it's like it's that's that that will be
their argument you know really that's that
would be the exactly what they'll say is
that well hey just admit this has existed
already we're not doing anything different
Because we kind of are,
because literally I don't need to know
anything.
The same way as I could go to
it today and be like,
write me an email in Spanish.
I can't speak any Spanish.
Or literally,
I might just know to say hello.
So there's a difference in trying to
understand the data of packet inspection
on a network and actually understanding
what it really means.
versus just never really even having to
understand anything at all.
And then even anything you don't
understand, you just pass it back.
And you're just like,
can you deal with this?
Because I don't understand it.
And on it goes in a chain.
What do you think about it anyway?
Do you think I'm being a paranoid loon
or something?
Well, the thing about security,
how I look at it,
is it's like layers of Swiss cheese
because it has lots of holes in it.
This is the analogy people use all the
time.
I think this is just yet another tool
in that, oh,
I need to have code isolation.
I need to have automated scanning.
I need to have validation.
Yeah, great project when it exists.
It's an excellent tool.
It's an excellent model,
as you talk about.
And when they did their test, yes,
they found some of the models weren't as,
as you were saying,
weren't as good at finding these
vulnerabilities.
But some like, I can't remember, GPT OSS,
I think version four, version five,
whichever one it was,
it was good at finding it.
So I think all I'm saying is,
These tools already exist.
Claude already had a security scan too.
They already exist.
Sometimes we get caught up in the hype
when Anthropic released something and
everybody else is like, this is it.
We don't need any more security.
Everything's automated.
You don't need to do anything else.
But all that stuff still applies.
All the OWASP practices still apply.
Yes,
this tool will give you an earlier
visibility of something that's
perhaps gone wrong or has been going wrong
for a while.
You didn't catch it.
But all the good practices,
they don't get thrown out of the window.
They still have to apply.
You still have to have all those
practices.
So I think all I'm trying to say
is that we shouldn't fall for the hype.
I fell for the hype.
I just thought,
I don't need to do anything for security
anymore.
I started looking into it a little bit
more.
I was like, okay, yeah, fine.
I understand.
Yeah.
I guess it's not just falling for the
hype,
but it's the hype plus
you know, like the rate of change,
plus it being a bit like a,
it's gangster, right?
It's like protection money.
You know now that they're probably going
to bring something out now that's like,
you know,
the clawed security tool that like helps
you against other models trying to hack
you.
So in one side of like got a
model that could hack you,
on the other side they've probably got an
agent or some other tool that you also
can buy that kind of detects the hacking
or something.
So it's like basically,
It's like pay us the money or we'll
rob your house.
But if you pay us the money...
yeah and you're like that's basically
what's going to become it's a really bad
thing there's nothing like that at all
because i do really like it so i'm
like obviously slacking it off but really
use it every day but anyway that's just
how it uh i should i should put
a disclaimer i love this stuff anthropic
too right cloud code i use it all
the time but like for example this mythos
model uh we don't there's some information
out there opus costs five dollars
per million tokens for an input and the
output is like twenty five dollars per
million token but the mythos cost is
twenty five dollars per million tokens for
input and hundred and twenty five dollars
per million tokens for output going to the
point that you're making that yeah it's
like oh we can we can give you
this but it's gonna cost you a little
bit more but then you also have to
balance with
What do you have?
Do you have an alternative for it?
Can you do this yourself?
Maybe that cost is reasonable.
Exactly, it's fair.
Yeah, I mean, it is amazing.
That's the thing.
It's amazing, but it's also scary.
And it's also like, you know,
it's got the touch of everything all kind
of going on at the same time,
isn't it?
But it's kind of funny.
But I guess leading on to security,
Vassell,
Vercel got hacked kinder,
but through really context AI.
And I actually, when we were speaking,
I didn't realize until you were kind of
mentioning it to me recently that actually
it was context AI that got hacked and
then Vercel run the tail end of it
because of an employee.
So actually,
I don't know if you want to talk
about it because you know,
you obviously go to smoking is what we
call it usually.
So Vercel is a cloud platform and you
can host your applications,
your websites and whatever you want.
It is basically a cloud platform that I
have used in the past.
and a lot of people that i know
are vibe coding stuff nowadays are using
that platform to host their websites and
host everything else which is it's an
excellent product and i i've used it and
they have very reasonable pricing for the
hosting so whatever happened it's not it's
it's it's it's unfortunate that
couple of weeks ago and attackers accessed
the internal system and customer data but
not directly but via the context.ai
third-party tool that an employee was
using so an employee was using context.ai
tool using an OAuth token so they
authenticated
using the Google Workspace to use that
tool, whatever they were doing.
And contacts there got hacked,
and then whoever the attacker was managed
to access the environment variables,
the API keys,
anything that was in the Google Workspace
for OAuth, for Vercel.
So they managed to get some information.
customers were affected some some weren't
uh they did come across you know straight
away they were very good and they were
very open i was following that on twitter
um and their founder as well they told
people what needed to be done that you
can you can rotate your tokens and things
like that
But again, there were a lot of people.
They were like,
what does the rotation of token mean?
Because the barrier to entry is now low,
which is great.
Anybody can use this stuff.
So the language sometimes also needs to be
on par with what people can understand.
And people are spending the weekend.
It happened last weekend.
People are spending the weekend rotating
rotating uh uh secrets i just deleted my
account even though i didn't have any
secrets on there for now remember we
talked about security you need to have a
kill switch i hosted it somewhere else um
but that's that's what happened basically
what this shows is you
Vercel will have amazing security
protection against security threats and
attacks that might be happening.
We just talked about this security in
layers.
But a single integration can cause a
massive blast radius.
So this is something you can get
compromised like that,
which I thought is interesting to discuss.
Maybe what's your thoughts on this?
What do you classify this as?
Because obviously you get the supply
chain,
which is like normally from pulling down
other software dependencies and from one
down into the other.
And obviously it's like a Russian doll
effect of like lots and lots of things
containing other things and it all bundles
down.
And somewhere within all of that chain
could be like a vulnerability.
Whereas this is not a traditional supply
chain.
It's like...
But it is a chain in itself, obviously,
of suppliers, I suppose.
So I just wonder,
is that what it is still deemed in
the industry?
Is it still supply chain?
It still is.
I read it and they're calling it the
modern supply chain attack.
Okay.
More than infrastructure.
That's how it's been framed.
That's that's how it came across because
context is another tool.
And, you know, that's how it's been.
It's still a supply chain attack because
it is in your eyes.
Yeah, it is in your chain.
But it's
there's a lot of people,
even I use OAuth to authenticate against
various systems in various places,
but you kind of have to keep reviewing
these tools over time because of this pace
of change, John, you know,
like you touched on that before.
I think it's a little bit
hard to keep track on what's going on
what's going what's wrong it's just you
just have to be a little bit careful
all the security principles that you have
before they still apply uh you know this
is uh is it yeah so this is
i don't know what your thoughts are on
this uh i find it a little bit
like i guess there's like two bits on
it for me is one is like slightly
self-reflective of
how lazy i'm becoming as in like i
really don't like much effort anymore for
anything you know and it's it's
incremental you know it's like an
incremental thing where um you know
installing software on your machine to do
like things and then you're like oh now
it's in the cloud i don't even need
to install things it's just like there i
go to a website and then
know food delivered to your door and you
know all these like things and then you're
like oh great just anything single sign i
don't have to have loads of passwords you
know and then now you're into ai and
you're like oh great i don't have to
really keep uploading documents and my
images just give you access to my google
drive i'll give you access to one drive
like i mean you you find it it's
there rather me move it paste it so
then each time that window slides of
convenience
then the more risk kind of you are
exposed to really, because it, it does,
you know, there's like a, like a,
I guess a multiplier effect.
The more times you're doing that,
the more likely you have more things that
have more access.
And then I couldn't even, you know,
I reckon if you ask most people like,
okay,
How much single sign on, you know,
where's your identity like signed into in
this moment in time?
Like how many systems do you reckon you've
got a single sign on token access?
That's probably got some privileges maybe
on the claim.
And people probably wouldn't even know.
They wouldn't be able to tell you.
They might just think three or four and
then you'd have a look and it'd probably
be like, like,
twenty-five or fifty or something.
Yeah.
Yeah.
You know, so that's,
I think that's the scary thing.
And then auditing, that's really hard.
I think from a, so yeah,
I think it's great on one side because
it's so convenient and makes everything
easier on the other side.
guess this is the the risk isn't it
it's you just one exploit on that token
that someone's then got access to um
before you can start scooting about um
their estate and finding things out yeah
as them yeah i know it's interesting you
say you're becoming lazy but some people
argue you're becoming more efficient
because you you don't have to just single
sign on everywhere right
If we were to play the Anthropic Playbook,
we would be saying it's an efficiency
game.
That's exactly what it is.
Efficiency game.
That's exactly it.
It's an efficiency game.
Messing.
And then, so another story then.
Tim Cook,
probably a little bit of a curve.
We're not so, like, technical, you know,
technology-based, AI-based.
But I found this interesting only for the
fact that...
Tim said he wasn't retiring or anything
four weeks prior.
And then John Ternus has obviously been
announced that he's now going to be the
new CEO.
And then Tim Cook's not really stepping
down fully.
He's still there and transitioning over.
But it obviously feels more pointed
because of John Ternus's background being
in hardware and
who was responsible for the M-Series
silicon program and rolling that out,
which is obviously a massive success.
So it just kind of gave a hint
into their strategy for them as a company
that they're aiming more for the devices
and let's get a CEO that's hardware-driven
in charge who can kind of drive that
strategy and think about how can we run
models on phones and how can we compute
things locally on devices.
So that felt like quite an interesting
opportunity
thing um and on the other side you
kind of got their competitor which is
google as well and they're kind of owning
everything you know the cloud phones the
models you know and they're like so it's
like just a different play but anyway i
don't that was that was just more more
amusing on an interest amusing on an
interest of like oh kind of interesting
that they've made that decision now
well yeah i don't want to read too
much into it but tim cook was from
supply chain right so i think he was
a supply chain person before and turnus as
you say is uh he's a hardware person
and you know recently gemini four uh
google announced gemini four a bunch of
models within gemini four some of them can
run on a phone right yeah oh it's
the gemma one
uh gemini uh i i one of the
german ones yes yes but gemini you know
the google gemini model is one of one
of them right on the phone perhaps what
you're saying is right so i think they're
focusing on because now you can you can
either you have there's so many models out
there right
but hardware is only a handful of
companies that are making hardware that
can run this stuff so perhaps that's a
bit of their strategy as well to maybe
improve because the m chips are amazing
for a bunch of stuff people couldn't even
buy the uh the the mac minis because
everybody's running open claw on it i know
you have a bunch of automation running the
house doing your laundry and stuff like
that and oh yeah yeah it's all robotic
I know everything is robotic for you.
I know you got those running in your
house.
So I think Apple saw that with what
happened with Open Claw.
It got sold out.
The minis got sold out because of the
capabilities.
Perhaps they're like,
we need to double down and maybe work
more into the hardware.
Not reading too much into it,
but Nvidia is also doing like, okay,
Nvidia is just...
They're the biggest player right now in
GPU land.
So I think they might be onto something
here with even bigger market share
capturing.
Because phones, they've got it, right?
Fine.
Big market share.
And also devices too.
They're getting it.
Perhaps they are maybe more into maybe
some stuff for the data center.
Maybe they'll release their own M series
GPUs.
Yeah, exactly.
I think it is.
I think it's more if they can...
if they can get the hardware exceptionally
powerful to run models.
Because what they've been phenomenal at is
obviously the size of the phone,
the design of the phone,
and then the capability on the chip.
So that's always been their strength.
It's like you're saying, the size of it,
from a consumer perspective,
the accessibility of it,
the convenience of it.
and so it does feel like as they've
not got into the model building side that
their players let's not waste time
building models right let's people are
going to do that and let's yeah let's
focus on the hardware and let's see
probably i mean i'm just speaking as if
i know i'm just making all this up
about all this is like a hypothetical
strategy but you'd think that they'd be
like well
We can then at some point,
probably there will be models that you'll
be able to just run locally.
Security will be a big risk.
What happens if you're offline or you've
got very costly exercise that you kind of
need to do for certain things?
You can't be expected if you're on the
tube to have an experience.
So I imagine that they're really going in
on the experience side of, like,
if we can invest in that and then
run a model and we can make that
work and it's really small, then we can,
like,
go head and shoulders above everybody
else.
Yeah.
I'm ready for it.
I'm ready for it.
Are you going to be like me and
have robots and escalators and slides?
I don't even... My aim is to be...
roughly maybe fifty tons in size
eventually where ai is delivering my food
i've got an escalator i slide back down
my house i don't leave let's see i
just never just john you're trying to be
efficient with your life that's it it's
all about you you're not moving but you're
being efficient you're getting everything
exactly i mean i love to have
run some of these models on my phone
when I don't have internet,
which is anytime you're getting on a train
within UK, you have no internet.
So I'll have to run these models and
help myself with some stuff.
So yeah, for sure.
Good luck to the new CEO.
Yeah, exactly.
Good luck to the new CEO.
I want to know more about, I mean,
I'll talk about my story,
but it's a little bit,
but I want to kind of know more
about your random... Random story.
Story, yeah.
I mean,
you're going to have to break it before
I get into mine.
Yeah.
You know,
we all established that you love
efficiency.
And we know that you love a sharp
fade on your hairstyle.
You love that.
Before that,
you have to go to a barber.
And sometimes it's just walk in.
You can't even book an appointment to some
of these barber shops.
You're sitting there and you're waiting
for your turn.
And there's like five people in front of
your queue.
And it's kind of hard.
And then one of the guys,
one of the barbers is empty.
But you know, he doesn't cut that well.
So you don't really want to go to
him.
So that's a bit awkward.
And you're just waiting for the best
barber in the shop and nothing's going on.
And you're just wasting your time.
Internet is terrible.
So you can't even use any of the
models that you want to use to brainstorm.
so glide the company called glide
g-l-y-d-e they said you know what we'll
get you some clippers which are ai based
and they will do a better job at
cutting your hair than a normal person
would right so these clippers these are
actual clippers which have an attachment
so there's like a bigger clipper
attachment and the the clippers go on
And they're AI powered.
And how do they work is you put
a band on and the idea is you
give this clipper to somebody who's never
cut hair.
So you don't have to go to the
barber, right?
And then you put this clipper on and
it's got this band that you put on.
The band just tells you select what
hairstyle you want.
Yeah,
I want to fade because that's what the
clippers do, right?
They're going to fade the hair in.
And then there's a screen on the we'll
put the link in the show notes.
There's a screen on the Clipper that tells
you, okay,
now you need to move it here,
move it there.
Just rough movements like up, down,
left and right.
What you have to move or that you
Clippers on remotely.
A person still has to cut your hair,
but they don't have to be a barber.
I can cut your hair, John.
We can try this.
Oh, I see.
I see.
So basically,
it almost guides them and explains to them
how to use the clippers as AI.
And the blades, the way the blades work,
they move themselves.
So right now,
if you have to do a fade,
you got to change the setting, go in,
move it like that.
The blades are a little bit bigger.
And then the way they move,
they just move themselves.
You just put it in the vicinity.
I want to put it here.
they will do the cut say okay now
move it here we'll do the fade up
down whatever it would change the settings
would you let me do that then if
it would if i get these clippers would
you trust me to use gliding and give
you a good fade how about how about
this i'll get the clippers i'll test it
on you and then you can do this
kind of wasn't the question just that you
just that was kind of the question i
just was just saying to you is like
Would you trust these Clippers?
Are you going to trust me to do
your... Would you trust me?
I would do it.
Would you?
We'd do it live with Cloud Unplugged.
How about that?
We'd do it live with Cloud Unplugged.
This is where we both come back with
the most horrific hairstyles on the next
episode that anyone's ever seen.
If the hairstyle is terrible,
we can go bald for a couple of
weeks.
That's all right.
So basically then it...
Just so I understand then,
there's a band around, a band that's,
what, a physical band?
Yeah,
it's like a thin band that goes around.
That's just your training line.
Oh,
don't go above this line or that line.
Yeah, okay.
So basically, it's just a guideline.
A bit like when you're bowling,
it's like the kid, like you put... Oh,
yeah, that's what it is.
That is exactly what it is.
And then some people did a haircut.
Of course, you know,
it was in CES and...
vegas they got they did some haircut of
course it's not as good as a professional
doing your your your fade but you can
get the short straw if you get go
to the worst barber in the barber shop
and get a really terrible fade the
reasonable job of cutting hair the fade
wasn't amazing but i did a reasonable job
of cutting hair technology is coming there
that means john you can be way more
efficient
You don't have to go.
Everyone that was like, oh, you know,
AI is just coming for like the tech
jobs and like all this.
And then they're like, no,
it's coming for the barbers.
Nobody knew that.
The whole time it was being sidetracked
with like developers and all this time.
It's like this, you know, this.
movement going on around the side that's
about to take out hairdressers and
barbers.
Yeah, scissors will be next.
You know, they'll be like...
Hair extensions.
Where does it go from here?
We've all got amazing hair extensions.
We've all got good perms,
tight perms coming into work.
Yeah.
What's your new story?
We can end on that.
So, yeah, so there was Andon Labs,
who is like an AI...
kind of research company,
I think just mostly around agentics.
And they have opened up a store called
Andon Labs.
Well,
it's opened by Andon Labs called Andon
Market, and it's in San Francisco.
And basically the whole store has been run
and managed and operated by AI called
Luna.
Luna's done all the hiring.
um it decides what to sell done the
logo of the shop design the the shop
logo done all of these things and so
it's an experiment um that is real and
there is a store i think you can
visit it it's on a specific street in
san francisco you can kind of go there
don't know fully what's been sold i think
it's novels and books sci-fi things and
But anyway,
they're trusting it to basically as a test
to see how it operates a business and
whether it can kind of like build a
company on its own without any human
intervention.
Very unlikely, I'd say.
I think the answer is, I mean,
just based on the Clippers story that we
just heard, I think we're all safe.
Until Mythos is out and then, yeah,
everyone's going to have the best haircuts
we've ever seen.
Then it's game-changing.
yeah yeah but yeah that was that story
but anyway so that's that's uh it for
us i guess we'll be doing these um
every week where we can um and kind
of stick into the format
But yeah, it's been good fun.
Good having you on now for this season.
So it's going to be good.
First one down.
Thank you so much for having me and
asking me to do this, John.
I really appreciate that.
And thanks for all your insights.
And we know you love for efficiency.
So next time I'll bring something more
onto the table that will make you even
more efficient, John.
Oh, wow.
That's it.
Yeah.
Okay, cool.
I'm just not on the podcast anymore.
Is that efficient?
It's just someone else.
I'm going to get off this call now
and just going to tell Andon Labs.
Find a new host.
Yeah.
I want them to be.
Yeah, exactly.
Just look at John.
Efficiency.
Efficiency.
Efficiency.
Yeah.
All right.
Great speaking to you.
Bye-bye.
Bye.
Creators and Guests
