Joe Weisenthal

Running a business means dealing with a lot of overly complicated Software, and most CRMs tend to follow the same pattern. They're packed with endless features. You'll never use interfaces that feel clunky, and teams end up spending way too much time just trying to find basic information. Today's sponsor, pipedrive is a simple CRM tool designed for small and medium businesses. Pipedrive brings you entire sales processes into one dashboard, giving you a crystal clear, complete view of sales processes and customer information. Designed to help teams stay in control and close more deals faster. It's it all centers around the visual sales pipeline where you can see every deal, what stage it's in, and what needs to happen next. Since everything is in one platform, pipedrive is designed to unite your team, keep track of sales tasks and stay on top of your leads. Switch to a CRM built by Salespeople for Salespeople and join the over 100,000 companies already using Pipedrive right now. You'll get a 30 day free trial, no credit card or payment needed. Just head to pipedrive.comsimplecrm to get started. That's pipedrive.comsimplecrM the thing about AI for

IBM Representative

business, it may not automatically fit the way your business works. At IBM we've seen this firsthand. But by embedding AI across hr, IT and procurement processes, we've reduced costs by millions, slashed repetitive tasks and freed thousands of hours for strategic work. Now we're helping companies get smarter by putting AI where it actually pays off. Deep in the work that moves the business. Lets create smarter business.

Sonesta Representative

IBM Travel smarter, not Harder At America's Best Value Inn by Sonesta. With convenient locations from coast to coast and value packed comfort at every turn, it's a practical choice for road trips, quick getaways and everyday travel that keeps things simple without sacrificing comfort. And when you're a Sonesta Travel Pass member, staying at America's Best Value Inn means earning points toward free nights, upgrades and more every time you stay. Go to Sonesta.com to book your stay and unlock the best rates with Sonesta Travel Pass here today, Rome tomorrow. Join now@sonesta.com Terms and conditions apply.

Joe Weisenthal

Bloomberg Audio Studios Podcasts, Radio News.

Tracy Alloway

Hello and welcome to another episode of the Odd Thoughts Podcast. I'm Tracy Alloway.

Joe Weisenthal

And I'm Joe Weisenthal.

Tracy Alloway

Jo, you know I have some prepper tendencies. Yeah, slightly prepper tendencies. Prepper adjacent.

Joe Weisenthal

I know you do, because my plan for when everything when everything goes bad is to bring my family over to your place. So I'm relying on you actually.

Tracy Alloway

That's fine. I actually figured that. And I've been building an extra store of supplies.

Joe Weisenthal

I'm gonna like send you a whole list of things my kids like to and stuff like that just so that we're.

Tracy Alloway

Just so that we're all ready.

Joe Weisenthal

Yeah.

Tracy Alloway

Okay. Well, one of the things I saw on a bunch of the prepper boards that I sometimes look at, I don't want people to think that I'm crazy about it, but I find it interesting. I find it interesting seeing how people's like insecurities manifest in physical stuff. But anyway, one of the things everyone was saying was you need to start taking cash out because of the situation in Iran because we're all expecting a big cyber attack that's going to absolutely destroy the US financial infrastructure.

Joe Weisenthal

By the way, have I told you my idea for business of like I've looked at prepper meals, like prepared meals, and they all look terrible. They do like a slightly high end version for yuppies I think would be really good. Like something that you know, like some nice.

Tracy Alloway

I think, I think it's a physical limitation on how good you can actually get. Like dry food.

Joe Weisenthal

Science can do a lot of things these days anyway, freeze dried food. Let's talk about the actual issue at hand. Yeah, well, are you taking cash out?

Tracy Alloway

No, I haven't.

Joe Weisenthal

Silver.

Tracy Alloway

I haven't yet. I'm relying on my store of gold and silver. That's right. But I think this raises a legitimate and actually very interesting topic, which is what do we know about Iran's cyber, I guess, facilities, skills, what could happen in this context? And then also everything that's going on with the world of AI, Right. Like cybersecurity, cyber hacking. It's changing really rapidly given this new technology.

Joe Weisenthal

Totally. I mean also just within the context of the war itself, setting aside hypothetical doom scenarios, there's a really interesting report in the Financial Times about Israel having been able to hack into all of the traffic lights in Tehran. Yeah, almost unbelievable and shocking. But there is already within the war itself, or even over the last couple of years, there was the pager attack that Israel had executed. And so yes, cyber is part of it. And the timing is wild here because speaking of AI, it was just on Friday, we're recording this March 5th. I'm not exactly sure the date is coming out, but a week ago, basically there was the news. The complete collapse of the anthropic relationship with the Department of Defense or the Department of War. And so it's all in the mix right now. And how is AI actually going to change warfare and what are the national security implications of AI and AI and hacking? There is a lot in this sort of mix that's all happening right now.

Tracy Alloway

Absolutely. The thing that really caught my eye was the story about a hacker using Claude to hack into like the Mexican government system. Did you see that?

Joe Weisenthal

That was really interesting because it seemed like the hacker extracted a bunch of information from Claude itself. You know, I'm pretty sure you cannot go to Claude code and say, like, I want to break into the Mexican government website. Help me, like build this app. It won't do that. It's trained to avoid malicious uses. But people find a way to jailbreak them. People find a way to sort of extract information from the AI itself that has in its training and so forth. And there's been examples of leaks where, you know, people upload data to the AI and somehow other people see it. Anyway, there is a lot here that we have to learn more about.

Tracy Alloway

We should talk about all of it. And we do in fact have the perfect guest, someone who's been on the podcast before, but it's been a while. We're going to be speaking with Matt Swish. He is the founder of O&DB, which is a data infrastructure startup, Agentic AI. So honestly, the perfect. And a legendary hacker, A legendary French hacker. I should have said that first. Matt, thank you so much for coming back on Odd Lots.

Matt Swish

Thank you very much. It's been a while. No, I think it's been what, four years?

Joe Weisenthal

Yeah, yeah, I think it has been.

Tracy Alloway

The last time we spoke to you, you were still in Dubai and now you're coming to us from Sweden and a very Gustavian looking background over there.

Joe Weisenthal

I think actually when we talked it was right after Russia's invasion of Ukraine. So I guess, yeah. Wow, that has been.

Tracy Alloway

Almost every time there's a war, we

Joe Weisenthal

call you Matt, but because war is so intermixed with cyber espionage, cybersecurity, hacking and so forth, it's a natural, natural time.

Tracy Alloway

So for the benefit of people who didn't listen to the episode four years ago, can you just give some context around who you actually are and your sort of history in the hacking community, including, you know, shadow brokers and the WannaCry era and all that stuff.

Matt Swish

So I've been in enterprise software for almost like 20 years, particularly cybersecurity, and my name appeared in a few of the different leaks because of various analysis that I've done of private information that was being leaked. But Also a lot of attacks that happened, that happened to target critical infrastructure over the last 10 years. Last time we were on the podcast, one of the things we talked about is does cyber really matter Once you enter into a kinetic war, which is exactly what's happening now. And the main takeaway was once you start using missiles, most of these cyber elements are not really relevant because you would use cyber mostly to gather information and intelligence to prepare an attack or to disorganize an enemy or create confusion. But as we have seen now you can use like drones that are like $20,000 and create more chaos that you would do with any sort of exploits.

Joe Weisenthal

You know, I liked how you're introduced as a legendary hacker and then you're like, oh, I've been 20 years in enterprise software. I feel like this is like the, the Winnie the Pooh meme. It's like, you know, that casual and then fancy dressed up hacker and then enterprise software. 20 years in enterprise software. But this is a really interesting point that you made. This idea between, okay, mostly it sounds like when people imagined cyber attacks, they imagine what Tracy talked about in the beginning. Suddenly the entire financial infrastructure, like I just come to a halt, people worried about, or there's going to be a blackout, etc. But in reality, or what we've seen so far, by and large, is that cyber in the context of war is still much more about data collection, espionage and so forth, rather than these. More like the types of things you might see in a movie.

Matt Swish

Yeah, exactly. I mean, over the last 10, 15 years, we have seen some attacks, cyber attacks against critical infrastructure. Iran targeted Aramco around 2012. They were just mostly using what we call a wiper. That was a malware that was erasing the hard drive of most of the machines. And then we obviously have the case of Stuxnet a few years before, where it was a joint Israeli US operation against some of the nuclear centrals in Iran where some of the PLCs were targeted. But what we have seen over the weekend is some of the drones happened to target some of the Amazon data centers. And that created so much instability because multiple of the zones have been down and I think two out of three and the third one is still recovering days after because most of companies, either private companies or public companies, now relying on the cloud, which is something that was not really the case before. And once you have some sort of centralization in terms of dependence, you also become an easy target. And Most of governments, AI companies, cloud companies do not really have $20,000 drones in their threat models, which is like something that's pretty new, but also confirms that kinetic wars can have more impact.

Tracy Alloway

So I take the point about cyber being perhaps more useful before a war when it comes to info gathering and things like that. But we have seen some deployment of cyber attacks in the past week or so. So we know Israel is attacking some cyber infrastructure in Iran, and we know that Iran has perhaps attempted some things maybe not as successfully. But walk us through what we've actually seen so far.

Matt Swish

So so far we have seen an Israeli operation where one of the prior app has been hijacked and some message was sent to the users. So it's more like to create confusion within people. Also the traffic light operation to understand the position of some of the target, but it's more used for reconing and in terms of destruction, we didn't see anything significant. Even the government itself of Iran shut down most of the Internet for a lot of the users. And a lot of what we see on social media is the usual disinformation and misinformation campaign. Especially now with AI. There is so much AI slop with the videos, the text, the bots, that's becoming pretty common now even when there is no war. So it's not really impactful. So it's more like to create confusion than being actually destructive. And now we're definitely entering in a stage where it's been extremely destructive. And I cannot remember the last time we have seen so many countries being targeted, which is pretty like a first, I would say, in terms of like a war climate.

Joe Weisenthal

Can you talk about, you know, people stare at their screens all day and they fool themselves into thinking that they're, quote, monitoring the situation, et cetera.

Tracy Alloway

But mostly is that projection?

Joe Weisenthal

Joe? I don't delude myself, no. I like actually like, I sort of look at my screen and I know that I'm being inundated with contextless garbage and slop and propaganda and so forth. I'm curious how you monitor this situation, actually, as someone who takes these topics seriously and doesn't just sort of become a overnight expert, you know, the day after bombings begin. Like, how do you pay attention to what matters? How do you actually know what's real and so forth and avoid just sort of the delusion of staring at the screen and engaging with slop?

Matt Swish

It's a good question because there's so much of it. So I think the default reaction is to ignore most of it.

Tracy Alloway

Yeah.

Matt Swish

Unless it becomes really significant. In this case, I think it comes down to looking at the actual damage. Many people from the military world, but also the intelligence community has been underestimating Iran capabilities exactly like people used to do with North Korea and now North Korea. Some of the best hackers in the world when we see them targeting financial institutions, whereas before they would not do much. So there is definitely internal capabilities that are available, but there is so much noise now. Like you say, a lot of people are monitoring the situation, giving their quote unquote like overnight expert opinions and that's becoming a lot of noise. But I would say that in this particular case we have heard of the imminent threat of Iran for around 40 years and that's also not really a new situation. So most of people would have context around it. And even for like the attack that happened last weekend, many people were expecting them four weeks, especially as they are a continuation of what happened last summer.

Joe Weisenthal

Running a business means dealing with a lot of overly complicated Software and most CRMs tend to follow the same pattern. They're packed with endless features you'll never use, interfaces that feel clunky, and teams end up spending way too much time just trying to find basic information. Today's sponsor, pipedrive is a simple CRM tool designed for small and medium businesses. Pipedrive brings you entire sales processes into one dashboard, giving you a crystal clear, complete view of sales processes and customer information. Designed to help teams stay in control and close more deals faster. It all centers around the visual sales pipeline where you can see every deal, what stage it's in and what needs to happen next. Since everything is in1 platform. Pipedrive is designed designed to unite your team, keep track of sales tasks and stay on top of your leads. Switch to a CRM built by salespeople for salespeople and join the over 100,000 companies already using Pipedrive right now. You'll get a 30 day free trial, no credit card or payment needed. Just head to pipedrive.comsimpleCRM to get started. That's pipedrive.comsimpleCRm support for the show comes

Public/Odoo Representative

from Public Lately it feels like there are two types of investing platforms. Some are traditional brokerages that haven't changed much in decades and others feel less like investing and more like a game. Public is positioned differently. It's an investing platform for people who are serious about building their wealth on public. You can build a portfolio of stocks, options, bonds, crypto without all the bugs or the confetti. Retirement accounts?

Joe Weisenthal

Yep.

Public/Odoo Representative

High yield cash? Yes again. They even have direct indexing. Public has modern design, powerful tools and customer support that actually helps go to public.com market and earn an uncapped 1% bonus when you transfer your portfolio. That's public.com market ad paid for by Public Holdings Brokerage services by Public Investing Member FINRA SIPC Advisory Services by Public Advisors SEC Registered Advisor Crypto Services by ZeroHash. All investing involves risk of loss. See complete disclosures@public.com disclosures so there's a

IBM Representative

lot of noise about AI. But time's too tight for more promises. So let's talk about results. At IBM we work with our employees to integrate technology right into the systems they need. Now a Global workforce of 300,000 can use AI to fill their HR questions. Resolving 94% of common questions. Not noise proof of how we can help companies get smarter by putting AI where it actually pays off. Deep in the work that moves the business. Let's create smarter business.

Joe Weisenthal

IBM, can you actually talk a little bit more about the data center attack? Because that's not cyber really. I mean that's just a physics. That's kinetic warfare against a data center. I was surprised how disruptive was that? I sort of would assume that cloud service providers that it's fairly liquid. Okay one goes down. But you know it can just be the same software can be run from numerous other clouds. But I saw that there were disruptions. I saw Fortnite tweeting about the fact that some of their gameplay was impaired due to the attack on data centers. How disruptive have those attacks been? Because this is of course a very,

Tracy Alloway

you know, this is where kinetic meets cyber.

Joe Weisenthal

Yeah. And there's a lot, you know, in future like thinking about hardening these data centers and as you say like making them, they're going to be increasingly targets for war. Like how disruptive was that?

Matt Swish

Very good question. So I think one of the main takeaways that it has been extremely successful. So like we said before, like a shahed drone is around $20,000 and they managed to shut down two of the zones of Amazon. Actually even if you look at the official report from Amazon for like 36 hours they were just saying oh, some objects struck the data centers before they actually explicitly said they were drone strikes. So a lot of services that have been using them have been targeted so from local applications, from two banks. Because in a data center you are taking care of multiple different services. And even Vercel had to reroute their data to Bombay and to exclude Middle east as deployment. So even if you take the cost of most of like zero day exploits that can go up to multimillion dollar attacks if you are really aiming at destructing things, the cost reward of using such an attack is really efficient. So you really enter into some sort of asymmetric conflict where you can just spend some really old material and have way more impact than someone who's going to be cutting edge and just trying to impress with capabilities. Because at the end of the day it does not really matter.

Tracy Alloway

How do governments actually build up their cyber capabilities nowadays? Because I have this image in my head of maybe 10 or 20 years ago they would recruit a 20 year old such as yourself at the time and they would be working in a dark room, that sort of thing, drinking Red Bull. Drinking Red Bull, that's right. But then, you know, we had the boom in Silicon Valley and so you had competition from private companies. Now we have the boom in AI and again even more competition from private companies. And at the same time governments seem to be, I guess ceding some of their own skill set to potentially private companies like Anthropic and chatgpt and some others. Walk us through how I guess the development of governmental cyber capacity has actually shifted.

Matt Swish

I mean something that didn't really change over the last years in terms of capabilities. I guess we all remember the Snowden leaks in 2013 when we started to see more about the inside of capabilities from a government, including domestic mass surveillance, global surveillance exploitation capabilities. And since then every other year we have seen an history of data being leaked that belongs to the government. So in a way things have been changing a lot, but not really much. Like most recently there was a contractor from Elfri Iris that was sentenced to 87 months sentence because he happened to sell zero day exploits to a Russian broker. And that's like actual export that belonged to the government because there was some sort of integrator. So we see nation states or governments like the US investing enormous amount of money into offensive capabilities, but they also keep being burned by insiders. A lot of those capabilities are also as strong as the internal coercion.

Tracy Alloway

But I guess what I'm asking is, you know, if you're the Department of Defense or I guess now the Department of War and you're thinking about developing in house capabilities versus partnering with a company like Anthropic and we should talk about all the drama that's going on there. How are you balancing those decisions nowadays versus say 10 or 20 years ago?

Matt Swish

Like my understanding is that now a lot of it is also like outsourced because they cannot really develop as many capabilities internally. So now we have seen with Entropic that it had been used in the Maduro operation. And then after that there was a pull out from Entropic because they said it was violating their ethical standards policy. Yeah, standards. So I would say now something that's really changing very fast is the incorporation of AI into those decisions. But as we all know, AI can also hallucinate. So even Dario, the CEO of Anthropic, said it's definitely not in a state where it can be used for fully autonomous decisions like that. So I would say the AI element would be the main difference. Even we start to see it now for exploit development or vulnerability discovery, but it's still too early to kind of give a definitive opinion about it. But overall I would say it's very similar.

Joe Weisenthal

Well, talk to us about exploit development because I know that you can't just go to Claude Code and say like, I'm working on a zero day malware attack, help me figure this out. But you know, I also know that there are some very talented people who pride themselves in being able to jailbreak AI and elicit outputs that the labs do not want their AIs to produce. So do you have a sense how just within the pure like hacker community AI is being employed today for these purposes or what they're able to get out of these tools?

Matt Swish

It's a good question. So like we started to see people leveraging like AI for like bug discovery, which actually is becoming like pretty good, I think. Even Entropic published an article explaining how cloud can be used for discovery into smart contracts and how it found some bugs automatically. And I think even recently they released something called Cloud for Security that was aiming at doing code assessment. But now we're entering into this interesting paradigm shift where the cost of software is going towards zero. So if you're a company and if your cost of building software is becoming less and less, it's also hard to convince people that auditing software for security reasons is going to be more expensive than developing the actual software. So I think that's one of the shift we're going to see. But when it's.

Joe Weisenthal

Can you explain.

Tracy Alloway

Sorry, say more about that.

Joe Weisenthal

Pause that last part. What did you mean by that? It's going to be hard to convince

Matt Swish

if you can have like to allocate budget for like building a product. So you have most of the budget that's usually allocated for your software engineers to build the software and then you do some code review afterwards to make sure there is no vulnerabilities before it gets released to the public. But security's risk is usually pretty high. You cannot just rely on AI tools, at least not at the moment. Maybe in a year from now it's going to be possible. So it's going to be really interesting to see how it's going to do market shift. Because now with Claude code and as a famous vibe coder, Joe, I'm sure you know that the cost of building software is approaching like zero if you just look on the timeline.

Tracy Alloway

Are you actually on this note, are you a believer in the saaspocalypse? Because obviously there's the argument that, well now everyone can just create their own software fairly easily using natural language. But on the other hand, if you're a big corporation or presumably a government, you're going to want to have, you're going to still want to buy software from an external provider. Given some of the security concerns, given that it might not necessarily make sense for various reasons, management reasons perhaps, to recreate an entire software business in house.

Matt Swish

So I'm definitely biased on that. But as someone who thinks like the cost of software is going towards zero and as someone who is watching the software costs collapsing, one of the things that we realized is that data is the only durable asset in the AI economy. That's why we decided to work on db, the current startup I'm working on. Because that's the only thing that's really going to have value long term if agents need something to transact or to take decision on. Because even if you look in term of, in any context, if agents are designed to think autonomously, you need to have enough information to take those decisions whenever you're going to have your reasoning loops. So software itself, if you just build it, is pretty static, whereas the agentic feedback loops are more dynamic. But what changes is the context they take decision on. So definitely SaaS business are going to have a hard time because if anyone, including the Shopify CEO, can just rewrite an MRI software in one afternoon just to look at his back MRIs, you can imagine how disruptive it's going to be by the end of this year. I think the only thing we haven't seen yet is enterprise AI agent so far I would say since Christmas, people are mostly still playing around trying to find a proper use case. We see a lot of consumer AI agents, OpenClo that really made agents more mainstream, but we really haven't seen yet enterprise AI agent. So as everyone is kind of scared of being replaced for their jobs, we haven't really seen actual AI agents replacing entire departments or full on employees. So we have seen some disruption around software engineering, mostly to make software engineering more efficient, especially in terms of development with shorter timelines, but we haven't seen yet proper enterprise AI agents.

Joe Weisenthal

How do you define an AI agent?

Matt Swish

So my view of an AI agent, and I like to remind people what an AI agent actually is at the moment, most of AI agent is just a piece of code usually written in Python or in Typescript that's just doing a bunch of calls to entropy OpenAI and running in a loop and taking decisions and calling third party tools like MCPS or web searches. So that's mostly what an AI agent is. We tend to think of AI agent as a completely different Persona, but at the end of the day it is just a piece of software that's running as a service, on a machine or on a server. So from a security standpoint, which is pretty interesting, it's just like another service or software. But people really like to think of

Joe Weisenthal

it in another way, from the security standpoint. I mean, one of the exciting aspects of AI agents is that they can work autonomously, right? You set a task and it can go out and find what it needs to do. And it sees like, okay, this didn't work, I'm going to try, it's going to try this thing, it's going to try this thing, I need to connect to this web service to get this information, etc. The downside of AI agents is precisely the same. The downside of AI agents is that they could do whatever they want to do and if it accidentally deletes a bunch of files because it thinks that's what's necessary to execute the task. So like, I'm curious, like from a security standpoint, like, I mean, we've already seen examples of people getting private information exposed. Or as I mentioned, the example of deleting a bunch of information is this like new way to think about the security threat model. The fact that the capability and the downside are one and the same. It's the same. It's sort of like hallucinations, right? The ability to like create an output. And it also, you know, is hand in hand with the ability to create a wrong output, a false output. And so, you know, the ability to do, to act on its own is also the ability to destroy on its own. Is this sort of like a novel threat model or a novel paradigm in thinking about enterprise security?

Matt Swish

From an enterprise security standpoint, it is pretty much the same thing in the sense of if you're building software, you cannot just really patch software afterwards and stuff because it never ends. Security must be built in and you need to have a safe design from the beginning. What we have seen now is whenever people do something agentic, they just give you all permissions up front, which is probably the worst thing you can do. And if you're an enterprise, as you can imagine, if you just give all permissions to an agent, it just becomes Murphy's Laws. If something bad can happen because you gave it access to, it will happen. So you're going to see more data leaks for sure because there is no safety by design in those architectures or those agents, which is in terms of vulnerabilities and exposure would be very similar to what we have seen over the last 10, 20 years. But if people are ignoring what has been done in terms of software security for the last 20 years, that's why we're going to have a lot of problems. And I think we're probably going to start to see people, especially in enterprise pushing back a lot because this compliance that needs to be like, you know, like answered to. So you cannot just give like full access to like, you know, your agent.

Public/Odoo Representative

Support for the show comes from Public. Public is an investing platform that offers access to stocks, options, bonds and crypto. And they've also integrated AI with tools that can assist investors in building customized portfolios. One of these tools is called Generated Assets. It allows you to turn your ideas into investable indexes. So let's say you're interested in something specific like biotech companies with high R and D spend small cap stocks with improving operating margins or the S&P 500 minus high debt companies. Chances are there isn't an ETF that fits your exact criteria. But on public you just type in a prompt and their AI screens thousands of stocks and builds a one of a kind index. You can even backtest it against the S&P 500. Then you can invest in a few clicks, go to public.com market and earn an uncapped 1% bonus when you transfer your portfolio. That's public.com market ad paid for by Public Holdings Brokerage Services by public investing member FINRA SIPC advisory services by public advisors SEC registered advisor crypto services by ZeroHash sample prompts are for illustrative purposes only, not investment advice. All investing involves risk of loss. See complete disclosures@public.com disclosures so there's a

IBM Representative

lot of noise about AI. But time's too tight for more promises. So let's talk about results. At IBM, we work with our employees to integrate technology right into the systems they need. Now a Global workforce of 300,000 can use AI to fill their HR questions. Resolving 94% of common questions, not noise Proof of how we can help companies get smarter by putting AI where it actually pays off. Deep in the work that moves the business. Let's create smarter business.

Sonesta Representative

IBM Travel Smarter, not harder At America's Best Value Inn by Sonesta with convenient locations from coast to coast and value packed comfort at every turn, it's a practical choice for road trips, quick getaways and everyday travel that keeps things simple without sacrificing comfort. And when you're a Sonesta Travel Pass member, staying at America's Best Value Inn means earning points toward free nights, upgrades and more every time you stay. Go to Sonesta.com to book your stay and unlock the best rates with Sonesta Travel Pass here today Rome tomorrow join now@sinesta.com Terms and conditions apply.

Tracy Alloway

Speaking of the long arc of history, one thing I really wonder is you've obviously been in this space for a very long time at this point you can you describe how you think your own career And I guess coding experience would have been different if you were say starting out now in 2026 versus I guess you would have started out in like the late 90s or early 2000s, maybe even before that.

Matt Swish

Yeah, mid mid 2000. Well I would say like what has changed is back even like even without going to like the 2000s. Like back in the Snowden days when the global surveillance program was being exposed, a lot of people were really scared of it and scandalized by it and pushed back and people really cared about privacy. Whereas now we're entering in a new arc where very few people care about privacy. Where you see like the CEO of Entropic being asked why he refused to work with the US government and he says well they wanted to do a domestic surveillance program. So that's against our safety chart. So this is all aspect of people relationship with data which I guess is very different in terms of software. Obviously like now you can write more things, anyone can write anything. But I think we're still in this weird adequate software phase where we know what AI can do but it cannot really do anything more, anything less. Yet we still haven't seen the actual use case for it because it's obviously very exciting and it feels a lot of it is very different from before. But we don't really have any evidence of how it's really helping in national security. I know it's been helping people who have been analyzing Epstein's emails because there's a lot of data and that makes it faster. But in terms of real use case, I don't think it feels like the current world is very different than before. But there's so much noise and so much slop all over that. In a way it is pretty similar. I don't know if that makes sense.

Joe Weisenthal

Well, I mean your company is ONDB AI, so you must think that it's going to be used or that there's clearly something there actually tell us about. I'm actually really. I'm on your website right now. It looks really interesting because it's something I've been thinking about. But you must have some vision for like where it's going and that there will actually be significant demand for these services. Sure.

Matt Swish

I mean, like I was saying, like, I think now we've like anything that's agentic building software, which is like the main use case so far for AI.

Sonesta Representative

Yeah.

Matt Swish

Is going to make software like going to zero. So the cost of building software is going to.

Joe Weisenthal

So that's real. So like, like there's. In your view, there's no question that already AI, I mean, talk about a use. That's a pretty big use case right there, bringing the cost of building software to zero.

Matt Swish

Yeah. I mean like even if you look at the author of cloud code, he said they didn't write like code since November. So a lot of people are like this. Even us internally, we definitely use cloud code a lot. But if software is going to zero, what's left in terms of the Internet layers? So our conclusion is that data is the only thing that's going to be timeless in the AI economy. So building a layer for that, especially now there's Auto's innovations around payments and stablecoin that you can use to actually pay anything online. So we think, okay, if you have issues like Entropic or OpenAI just scrapping Internet and using public Internet, so you may as well find ways of charging bots or agents for your data. So at least you can have this new revenue unlock that's going to emerge in this new economy. Because I think a lot of the traditional economic model, for instance we said with SaaS are going to be disrupted a lot. So there is a completely new market around how people are going to consume data. And I think people would just be ready to pay more to have high quality data because the more noise there is, the more you want to make sure that the data you have access to is going to be valuable and real. So yeah, even from a security standpoint, once you build an infrastructure layer, you can have this built in security to make sure that the data you give back or the access, like for the interface that we define is actually secure. Because even if you look at OpenCloud for instance, one of the top skill was malware. So like people just like living in this like wild west where they just run everything. So it's us anticipating that enterprise is going to look very different and they won't just run like anything they find online. Yeah.

Joe Weisenthal

You know, this is one of the things that I've encountered in my vibe coding forays is that one of the annoying things is, okay, you want the agent to like go out and grab some information or query some database or whatever. And then it's like, okay, like let me know when you've gotten an API. They're like, okay, come back and get an API and then you have to like go to a website and then you have to like get out your credit card and you have to set up an account and then you like get an API key and then you copy and paste it and so forth. And that's very annoying. I want, what I want is for the agent to just be able to go there, say, oh, you know, like, let me just pay you with some stablecoins, etc. Just go out and get the information on its own without having this human in the loop. But it also occurs to me, and this is something that I've asked about with others, which is that like, once I'm just like entirely operating in the terminal and the agent is going out and scraping information for me, etc. Like, why do we even have a free public Internet anymore? And so like, I'm curious like whether the direction of the Internet and information in general is just entirely like paying microtransaction or fees for data consumption so that the data then arrives in some usable form in the terminal that I'm operating on.

Matt Swish

Yeah, no, I think you're raising some really good points. We need to talk after. You can be our new design partner.

Tracy Alloway

He's going to hack all the API keys.

Joe Weisenthal

I can be a consultant. No, I hate having to deal with all these API keys. And why am I still using my completely.

Matt Swish

Right, see, I told you. You're a famous live coder. But the use case you're describing now makes entire sense. That's why we position ourselves kind of as a trusted provider where instead of having to go everywhere to get data, you have this single point and unified access a bit like open router for AI models, but for data providers. Because if you think about it, when you use CLAUDE now in your terminal, the level one is basically you asking the model itself for information. But as we know, the model may be a few months old and doesn't have access to all the information. So the second level is the agent, like cloud code or cloud for desktop or chatgpt doing web searches. And that's just them looking on the Internet, doing a Google search, et cetera. But that's still not giving you access to the actual relevant data that you would need, where, for instance, you would have those API keys and stuff. So the level after that is basically access to private information. So on private information, usually the one that's valuable, in the case of Bloomberg, for instance, Bloomberg has a lot of extremely valuable information, but you can only have access to it through the Tamil once you have the subscription or any SaaS services. If you think of SaaS platform as just some fancy UI where you can browse the database, but the data that's valuable is just in the database directly. So if you'd have access to those APIs and we not have to create 1 million subscriptions left and right, because there's already someone who is doing the integration for that kind of as a programmatic API marketplace. But the integration now is much easier and especially if you trust it, because now what we have seen also is whenever you use ALTOS tools, they make you install mcps. But more and more people are moving away from mcps. They're just using skills because like you just said, we start to spend more time into the terminal. So the terminal and anything that CLI is becoming a natural interface for agents, even for humans, because you don't need to try to understand those fancy UI on ux, you just say, okay, I want to do abc, just do that. So I think it just makes more sense to have this interface for it. And like you said, otherwise it becomes too complicated.

Tracy Alloway

Just on this note, can we talk a little bit about, I guess, institutional knowledge of code? Because I remember one of the things that happened in the early days of AI development. I mean, not that early. I think it was like 2017 or something back when Facebook's AI lab still existed. What was that called again? Like, the acronym was FAIR or something. Yeah, they had like a little Facebook, like experimental lab. Anyway, they invented a bunch of chat bots and the chatbots started talking to each other in pretty much incomprehensible language. But like they clearly understood what each other were saying and so I'm just wondering if you extrapolate that to AI generated code, could we have a situation where the models are constantly iterating on themselves, they're constantly talking to each other and so we end up with a system that becomes very, very difficult for human engineers and coders to actually understand.

Matt Swish

Yeah, I mean, I think what we're going to start with is humans like us are going to move towards creating markdown files as a programming language. So everything is just going to be normal language, but for the machine itself, obviously. Yeah, I remember that video that is like gibberish voice transfer thing. Well, if you think about it, it's not that much different from voice to text in that sense. And at the end of the day just bits being transferred. Because even whenever you connect on a web page, you write it in text, but behind it's just like bytes that are being exchanged. So agents still need to agree on the protocol that they're going to use. And not necessarily an encryption format, but an encoding format. So once you know what it is, it just becomes like a reverse engineering problem or like a forensic problem where you're just like, okay, this is what's being used when those packets are being sent. Let me just decrypt it. Once you know the protocol that. So I don't think we're going to end up in a situation where we would have no idea of it because you're always going to have people who are pretty good reverse engineers. But at the same time you're also going to have your AI assistant who's going to help you to reverse engineer those things. So in a way, even if it happens, you are not alone with your Red Bull and your laptop. I know AI agents, we all going to have AI agents. So that's also the reality of things. So we're far from just the clippy plugin that we used to have in Microsoft Office. Or you can have this CLI interface which give commands and then it's led that into like, okay, I understand what I need to do and that's it.

Joe Weisenthal

No, I love interacting with just the CLI now. And every time I have to go to the web, it feels like some sort of failure. Like I'm like, oh, I have to go to this bright website. Yeah. And I just like want the information right there on the black screen. Talking, you know, communicating back and forth

Matt Swish

in English, blueberry background, you know, that's like feeling familiar for you.

Joe Weisenthal

You know, something I think about is I imagine that there's a lot of like crusty Old Linux and UNIX programmers who are like, oh, this code is. This isn't high quality code that the AI that the chatbots produce. This is slop code. It needs all kinds of fixing and so forth. From your perspective, is the code itself of good quality or of improving quality? How? Just the lines of code itself. From your standards, is it good stuff?

Matt Swish

Yeah, it's pretty good. And even when it's bad, you just tell it, okay, this is bad. Just do it better. If you're using negative rewards, if you say, okay, this piece of code is garbage, it's going to understand better because you kind of give like a strong emotion. Whereas, like, if you say, oh, it's okay, you know, you just be like, okay, like, whatever. You know, if it's okay, it means it's passing, like the, the adequate test where you say, okay, that's garbage. You write it.

Tracy Alloway

And I always do this. So if I ask a bot for something, I will always say, like, after the first version, like, do better and just see what it comes up with. And then just try to iterate on that.

Joe Weisenthal

This is tough because you're talking. When you're talking in English, you. The brain deludes itself into thinking that you're talking to. Or when you're talking in human language, any language, the brain deludes itself. You feel like you're talking to a

Tracy Alloway

person, so you have to be nice.

Joe Weisenthal

Well, then I feel like I don't

Tracy Alloway

have that problem, Jay.

Joe Weisenthal

Oh, really? But then I feel like I, like, I don't want to say, oh, this is garbage.

Matt Swish

I don't.

Joe Weisenthal

But from your perspective, it's actually sort of important to, to be firm with the bot. And you get better results by being more sharp with it.

Matt Swish

Yeah, because it's the equivalent, equivalent of a negative reward, like, just like positive reward. If you, if it does something, you'll say, okay, like, that's great. That's exactly what I tried to explain. Then it's like, okay, that's a reference point. Whereas if it starts to go on a tangent, you just say, oh, that's completely out of the line. Redo this. Why are you doing this? The more explicit you are, the better it's going to understand how far it is from the requirements. While it's like, if you're being.

Joe Weisenthal

I just have to get better. I'm sort of conflict avoidant.

Tracy Alloway

I know.

Joe Weisenthal

And I like being nice to people. So I just.

Tracy Alloway

Joe still says please and thank you.

Joe Weisenthal

So I just.

Tracy Alloway

Basilisk doesn't get him.

Joe Weisenthal

So. Yeah, that's right. So I just have to be like, no, this is trash, this is garbage. You totally. We are all dumber for having seen this code. Okay, this is good to know.

Matt Swish

I mean it's a good point. You know like all those like AI companies that recording all the prompts, you know, so God knows if they are keeping it. If there is retention around it. We know the OpenAI is keeping them, they can get supone. Is this how you pronounce it? Yeah. So like who knows, you know like in years from now if there's like full on like autonomous like robots managed by the Department of War because they think it's lawful.

Tracy Alloway

So we all get social scores based on our AI.

Joe Weisenthal

These, these thoughts creep into my head unironically where it's like at some point is there going to be some. Am I going to regret having. I don't know, they were there in my head.

Tracy Alloway

Truly a brave new world. Matt, just one last question for me but going back to cybersecurity and the current situation with Iran, what are you on just the lookout for? What would pique your interest the most to see in that particular space?

Matt Swish

I think now in that particular space because I'm one of those people who think it's related to the Epstein files. It's just more about getting more Epstein files related stuff to see if there is more connections to it. So I think that would be the only thing that would kind of be digital that will spike my interest because now we have seen just those old drones can do so much damage and that Iran demonstrated that they can be really precise with their attacks. So now I think it's more about seeing which direction it's going to go to and how long it's going to last, which is the big question mark because there's so many other components like the energy sector. We have seen the price of memory increasing a lot. So now if they are starting to block the Detroit of Hormuz, what's going to happen to the cost of data centers and memory and AI in general? We are going to. On one side we're going towards the cost of tokens and inference going down, but that may also bring the cost up. So if you're going to use AI for your next generation wars, but if your enemy can just increase your cost of token and inference, what does that even mean? Do you even need AI in the first place? Is it even relevant? I think there's this whole asymmetric warfare that's going to happen that we really haven't seen yet. And I think that's going to be really interesting, but at the same time there's so much noise and so much, so many things happening at once that it's becoming extremely hard to focus and just extract what's really relevant.

Tracy Alloway

Yeah, definitely feels like that. Tough choices potentially coming for Havelock as your token costs go up. Matt, it was so wonderful to reconnect. Again, thank you so much for coming back on odd lots and yeah, you'll have to get back to Joe about those APIs.

Joe Weisenthal

Yeah, I'm happy.

Matt Swish

Let's, let's the most famous viper whether on Twitter.

Joe Weisenthal

Yeah, bring me on as a consultant.

Matt Swish

Sounds good.

Joe Weisenthal

Take care, Matt.

Tracy Alloway

Thanks Matt.

Matt Swish

Bye.

Tracy Alloway

Bye. Joe. Always good to catch up with Matt.

Joe Weisenthal

Super interesting. It's incredible how much is happening right now at this particular nexus, especially obviously the anthropic stuff. But you know, it's interesting. You know, you think about cyber warfare and you think about, okay, we're going to hack into a system and take out critical infrastructure, but another thing you can do is just attack a data center directly.

Tracy Alloway

Just send a drone to a data center. I thought that was really interesting. That sort of like we got very used to thinking about cyber as like this thing that exists only in code. In code. But now you have this like new front of kinetic warfare where the two like really intersect.

Joe Weisenthal

Yeah, they do really intersect. And yeah, these are like huge national security vulnerabilities. And he pointed out, I mean certainly today but you know, was this in anyone's threat model, thinking about the risks to it, you know, the cheapness of drones, the ability to take them out. Super interesting. Also just this idea, like yes, you know, obviously again as your observation, the point we think of like cyber attacks, like we're going to take out this whole thing. But at least in the warfare context, his point, like most of it is like before the war, et cetera, the sort of information gathering spy craft and so forth prior to the actual, the actual attacks.

Tracy Alloway

But it is interesting to see Israel in particular use some cyber attacks as a sort of sower of chaos in Iran. I can't imagine what it's like to actually be on the ground there at the moment for many reasons, but like you imagine just being there, worried about your physical safety and then the traffic lights aren't working as well.

Joe Weisenthal

Well, right. And also just think like, wait, there's cameras everywhere or you know, like how much is being recorded. Like create like a sense of like paranoia among everyone about, about everything.

Tracy Alloway

And also the interesting thing, obviously this is very topical in markets, but the SaaS apocalypse idea, Matt in particular seemed pretty bearish on the outlook for existing software companies, I guess. And I did think his comments about what that would mean for security budgets within organizations were pretty relevant and worrying.

Joe Weisenthal

Absolutely.

Tracy Alloway

All right, shall we leave it there?

Joe Weisenthal

Let's leave it there.

Tracy Alloway

This has been another episode of the Odd Thoughts podcast. I'm Tracy Alloway. You can follow me at Tracy and I'm Joe Weisenthal.

Joe Weisenthal

You can follow me at the Stalwart. Follow our guest Matt Swish. He's Swish. Follow our producers Carmen Rodriguez at CarmenArmen, Dash O, Bennett at Dashbot, and Kalebrooks at Kalebrooks. And for more Odd Lots content, go to bloomberg.comoddlods for the daily newsletter and all of our episodes and you can chat about all of these topics 24. 7 in our Discord, Discord, GG, Oddlauds

Tracy Alloway

and if you enjoy Oddlods, if you like it when we talk about the intersection of kinetic and cyber warfare, then please leave us a positive review on your favorite podcast platform. And remember, if you are a Bloomberg subscriber, you can listen to all of our episodes absolutely ad free. All you need to do is find the Bloomberg Channel on Apple Podcasts and follow the instructions there. Thanks for listening.

Joe Weisenthal

Ryan Reynolds here from Mint Mobile with

IBM Representative

a message for everyone Paying Big Wireless Way Too much. Please, for the love of everything good in this world, stop with Mint. You can get premium wireless for just $15 a month. Of course, if you enjoy overpaying.

Joe Weisenthal

No judgments.

Matt Swish

But that's weird.

IBM Representative

Okay, one judgment anyway, give it a

Joe Weisenthal

try@mintmobile.com Switch upfront payment of $45 for

Tracy Alloway

three month plan equivalent to $15 per month required intro rate first three months only, then full price plan options available, taxes and fees extra. See full terms@mintmobile.com this is Jacob Goldstein

Public/Odoo Representative

from what's yous Problem? When you buy business software from lots of vendors, the costs add up and

Matt Swish

it gets complicated and confusing.

Public/Odoo Representative

Odoo solves this. It's a single company that sells a suite of enterprise apps that handles everything from accounting to inventory to sales.

Matt Swish

Odoo is all connected on a single

Public/Odoo Representative

platform in a simple and affordable way. You can save money without missing out on the features you need. Check out Odoo at o d o

Matt Swish

o.com that's o-o o.com in the heat

Tracy Alloway

of battle, your squad relies on you. Don't let them down. Unlock elite gaming tech@lenovo.com Dominate every match with next level speed, seamless streaming and performance that won't quit. Push your gameplay beyond performance with Intel Core Ultra processors for the next era of gaming, upgrade to smooth high quality streaming with Intel Wi Fi 6e and maximize game performance with enhanced overflow clocking. Win the Tech search power up@lenovo.com.