S7, E265 - Don’t Trust, Verify: Even Your Update Button Might Be Lying episode artwork

EPISODE · Feb 12, 2026 · 26 MIN

S7, E265 - Don’t Trust, Verify: Even Your Update Button Might Be Lying

from Privacy Please · host The Problem Lounge

Send us Fan MailAutonomy sounds like progress until the system turns your choices against you. We dive into how AI agents change the risk equation, why “don’t trust, verify” now beats “trust but verify,” and what to do when the update button itself becomes the attack vector.We start with the Ivy League leak tied to Harvard and UPenn, where attackers exposed admissions hold notes that map influence rather than credit cards. That context turns routine records into leverage for extortion, social pressure, and geopolitical targeting. From there, we trace the surge of agentic AI in the workplace as employees paste code, legal docs, and sensitive files into chat interfaces. The real accelerant is MCP, the model context protocol that standardizes connections across Google Drive, Slack, databases, and more. Like USB for AI, MCP makes integration simple and powerful, but a single prompt injection can pivot across everything the agent can reach.Security gets messier with supply chain compromise. A China‑nexus campaign allegedly hijacked the Notepad++ update mechanism, handing a bespoke backdoor to developers who did the right thing. We unpack how to keep patching while reducing risk: signed updates, independent checksum checks, tight egress policies for updaters, and strong monitoring around update flows. On the policy front, Rhode Island’s vendor transparency rule forces companies to name who buys data. It is a nutrition label for privacy, and it lets users and watchdogs finally connect the dots between friendly interfaces and aggressive brokers.We close with concrete defenses that raise the floor. Move high‑value accounts to FIDO2 hardware keys or platform passkeys to block phishing at the protocol level. Scope agent permissions narrowly, isolate MCP connectors by function, and require explicit approvals for sensitive actions. Log everything an agent touches and review those trails. Autonomy should be earned, minimal, and observable. If AI is going to act on your behalf, it must prove itself at every step.If this conversation helps you think differently about agents, influence mapping, and how to lock down your stack, subscribe, share with a teammate, and leave a quick review telling us the one control you plan to implement this week.Support the show

Send us Fan Mail Autonomy sounds like progress until the system turns your choices against you. We dive into how AI agents change the risk equation, why “don’t trust, verify” now beats “trust but verify,” and what to do when the update button itself becomes the attack vector. We start with the Ivy League leak tied to Harvard and UPenn, where attackers exposed admissions hold notes that map influence rather than credit cards. That context turns routine records into leverage for extortion, soc...

NOW PLAYING

S7, E265 - Don’t Trust, Verify: Even Your Update Button Might Be Lying

0:00 26:25

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Never Time to Give Up Shadoe Lass A nod to the classics with a note from the future. A project meant to encompass every call I wanted to make but never went through. Seriously, it's just me, calling you. Pick up the phone? :) Hosted on Acast. See acast.com/privacy for more information. Explicit Unfiltered Casefile Presents Unfiltered invites guests from all walks of life to share real stories about justice and transformation. Join host Raquel O'Brien for a series of raw and honest conversations from a range of perspectives in an invitation for you to make up your own mind. No topic is off-limits. Hosted on Acast. See acast.com/privacy for more information. Explicit I am Consciously Curious Victor Chan I am Consciously Curious is a Chicago based podcast that dissects passionate individuals in various industries. The goal is to share their stories to inspire you to cultivate meaning within your own space. If you are interested in coming on or know someone that would be great for the podcast, please message us on fb/ig: @iamconsciouslycurious Explicit TCAST: The Future of Data & AI TARTLE The Data Intelligence Podcast (TCAST) explores the intersection of AI, data privacy, and ethical technology. Join Alexander McCaig and Jason Rigby as they decode the future of data ownership, artificial intelligence, and digital privacy with industry leaders, researchers, and innovators.Each episode delivers actionable insights on:AI and machine learning developmentsData privacy and ownership strategiesEthical technology implementationReal-world applications of data intelligenceFuture trends in digital identity and data marketplacesPerfect for tech leaders, data scientists, privacy advocates, and forward-thinking professionals looking to understand and shape the future of data and AI.Presented by TARTLE, pioneers in ethical data exchange and AI enhancement. New episodes every week.The show is hosted by Co-Founder and Source Data Pioneer Alexander McCaig and Head of Conscious Marketing Jason Rigby.What's your data worth? Find out at (https://tartle.co/)Watch the podcast on Yo Explicit

Frequently Asked Questions

How long is this episode of Privacy Please?

This episode is 26 minutes long.

When was this Privacy Please episode published?

This episode was published on February 12, 2026.

What is this episode about?

Send us Fan MailAutonomy sounds like progress until the system turns your choices against you. We dive into how AI agents change the risk equation, why “don’t trust, verify” now beats “trust but verify,” and what to do when the update button itself...

Is there a transcript available for this episode?

Yes, a full transcript is available for this episode. You can read the complete transcript on the episode page.

Can I download this Privacy Please episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!