Something’s not right in the world of location data. In January, a location data broker named Gravy Analytics was hacked, with the alleged cybercriminal behind the attack posting an enormous amount of data online as proof. Though relatively unknown to most of the public, Gravy Analytics is big in the world of location data collection, and, according to an enforcement action from the US Federal Trade Commission last year , the company claimed to “collect, process, and curate more than 17 billion ...
Mar 09, 2025•44 min•Season 6Ep. 5
Insurance pricing in America makes a lot of sense so long as you’re one of the insurance companies. Drivers are charged more for traveling long distances, having low credit, owning a two-seater instead of a four, being on the receiving end of a car crash, and—increasingly—for any number of non-determinative data points that insurance companies use to assume higher risk. It’s a pricing model that most people find distasteful, but it’s also a pricing model that could become the norm if companies a...
Feb 23, 2025•28 min•Season 6Ep. 4
In February 2024, a 14-year-old boy from Orlando, Florida, committed suicide after confessing his love to the one figure who absorbed nearly all of his time—an AI chatbot. For months, Sewell Seltzer III had grown attached to an AI chatbot modeled after the famous “Game of Thrones” character Daenerys Targaryen. The Daenerys chatbot was not a licensed product, it had no relation to the franchise’s actors, its writer, or producers, but none of that mattered, as, over time, Seltzer came to entrust D...
Feb 09, 2025•38 min•Season 6Ep. 3
It’s Data Privacy Week right now, and that means, for the most part, that you’re going to see a lot of well-intentioned but clumsy information online about how to protect your data privacy. You’ll see articles about iPhone settings. You’ll hear acronyms for varying state laws. And you’ll probably see ads for a variety of apps, plug-ins, and online tools that can be difficult to navigate. So much of Malwarebytes—from Malwarebytes Labs, to the Lock and Code podcast, to the engineers, lawyers, and ...
Jan 26, 2025•38 min•Season 6Ep. 2
The era of artificial intelligence everything is here, and with it, come everyday surprises into exactly where the next AI tools might pop up. There are major corporations pushing customer support functions onto AI chatbots, Big Tech platforms offering AI image generation for social media posts, and even Google has defaulted to include AI-powered overviews into everyday searches. The next gold rush, it seems, is in AI, and for a group of technical and legal researchers at New York University and...
Jan 12, 2025•47 min•Season 6Ep. 1
You can see it on X. You can see on Instagram. It’s flooding community pages on Facebook and filling up channels on YouTube. It’s called “AI slop” and it’s the fastest, laziest way to drive engagement. Like “click bait” before it (“You won’t believe what happens next,” reads the trickster headline), AI slop can be understood as the latest online tactic in getting eyeballs, clicks, shares, comments, and views. With this go-around, however, the methodology is turbocharged with generative AI tools ...
Dec 29, 2024•39 min•Season 5Ep. 27
Privacy is many things for many people. For the teenager suffering from a bad breakup, privacy is the ability to stop sharing her location and to block her ex on social media. For the political dissident advocating against an oppressive government, privacy is the protection that comes from secure, digital communications. And for the California resident who wants to know exactly how they’re being included in so many targeted ads, privacy is the legal right to ask a marketing firm how they collect...
Dec 15, 2024•34 min•Season 5Ep. 26
Two weeks ago, the Lock and Code podcast shared three stories about home products that requested, collected, or exposed sensitive data online. There were the air fryers that asked users to record audio through their smartphones. There was the smart ring maker that, even with privacy controls put into place, published data about users’ stress levels and heart rates. And there was the smart, AI-assisted vacuum that, through the failings of a group of contractors, allowed an image of a woman on a t...
Dec 01, 2024•45 min•Season 5Ep. 25
The month, a consumer rights group out of the UK posed a question to the public that they’d likely never considered: Were their air fryers spying on them? By analyzing the associated Android apps for three separate air fryer models from three different companies, a group of researchers learned that these kitchen devices didn’t just promise to make crispier mozzarella sticks, crunchier chicken wings, and flakier reheated pastries—they also wanted a lot of user data, from precise location to voice...
Nov 17, 2024•27 min•Season 5Ep. 24
The US presidential election is upon the American public, and with it come fears of “election interference.” But “election interference” is a broad term. It can mean the now-regular and expected foreign disinformation campaigns that are launched to sow political discord or to erode trust in American democracy. It can include domestic campaigns to disenfranchise voters in battleground states. And it can include the upsetting and increasing threats made to election officials and volunteers across ...
Nov 03, 2024•40 min•Season 5Ep. 23
On the internet, you can be shown an online ad because of your age, your address, your purchase history, your politics, your religion, and even your likelihood of having cancer . This is because of the largely unchecked “data broker” industry. Data brokers are analytics and marketing companies that collect every conceivable data point that exists about you, packaging it all into profiles that other companies use when deciding who should see their advertisements. Have a new mortgage? There are da...
Oct 21, 2024•35 min•Season 5Ep. 22
Online scammers were seen this August stooping to a new low—abusing local funerals to steal from bereaved family and friends. Cybercrime has never been a job of morals (calling it a “job” is already lending it too much credit), but, for many years, scams wavered between clever and brusque. Take the “Nigerian prince” email scam which has plagued victims for close to two decades. In it, would-be victims would receive a mysterious, unwanted message from alleged royalty, and, in exchange for a littl...
Oct 07, 2024•36 min•Season 5Ep. 21
On August 15, the city of San Francisco launched an entirely new fight against the world of deepfake porn—it sued the websites that make the abusive material so easy to create. “Deepfakes,” as they’re often called, are fake images and videos that utilize artificial intelligence to swap the face of one person onto the body of another. The technology went viral in the late 2010s, as independent film editors would swap the actors of one film for another—replacing, say, Michael J. Fox in Back to the...
Sep 23, 2024•21 min•Season 5Ep. 20
On August 24, at an airport just outside of Paris, a man named Pavel Durov was detained for questioning by French investigators. Just days later, the same man was charged in crimes related to the distribution of child pornography and illicit transactions, such as drug trafficking and fraud. Durov is the CEO and founder of the messaging and communications app Telegram. Though Durov holds citizenship in France and the United Arab Emirates—where Telegram is based—he was born and lived for many year...
Sep 09, 2024•34 min•Season 5Ep. 19
Every age group uses the internet a little bit differently, and it turns out for at least one Gen Z teen in the Bay Area, the classic approach to cyberecurity—defending against viruses, ransomware, worms, and more—is the least of her concerns. Of far more importance is Artificial Intelligence (AI). Today, the Lock and Code podcast with host David Ruiz revisits a prior episode from 2023 about what teenagers fear the most about going online. The conversation is a strong reminder that when America’...
Aug 26, 2024•49 min•Season 5Ep. 18
Somewhere out there is a romantic AI chatbot that wants to know everything about you. But in a revealing overlap, other AI tools—which are developed and popularized by far larger companies in technology—could crave the very same thing. For AI tools of any type, our data is key. In the nearly two years since OpenAI unveiled ChatGPT to the public, the biggest names in technology have raced to compete. Meta announced Llama. Google revealed Gemini. And Microsoft debuted Copilot. All these AI feature...
Aug 12, 2024•41 min•Season 5Ep. 17
In the world of business cybersecurity, the powerful technology known as “Security Information and Event Management” is sometimes thwarted by the most unexpected actors—the very people setting it up. Security Information and Event Management—or SIEM—is a term used to describe data-collecting products that businesses rely on to make sense of everything going on inside their network, in the hopes of catching and stopping cyberattacks. SIEM systems can log events and information across an entire or...
Jul 29, 2024•43 min•Season 5Ep. 16
Full-time software engineer and part-time Twitch streamer Ali Diamond is used to seeing herself on screen, probably because she’s the one who turns the camera on. But when Diamond received a Direct Message (DM) on Twitter earlier this year, she learned that her likeness had been recreated across a sample of AI-generated images, entirely without her consent. On the AI art sharing platform Civitai, Diamond discovered that a stranger had created an “AI image model” that was fashioned after her. The...
Jul 15, 2024•36 min•Season 5Ep. 15
More than 20 years ago, a law that the United States would eventually use to justify the warrantless collection of Americans’ phone call records actually started out as a warning sign against an entirely different target: Libraries. Not two months after terrorists attacked the United States on September 11, 2001, Congress responded with the passage of The USA Patriot Act. Originally championed as a tool to fight terrorism, The Patriot Act, as introduced, allowed the FBI to request “any tangible ...
Jul 01, 2024•55 min•Season 5Ep. 14
🎶 Ready to know what Malwarebytes knows? Ask us your questions and get some answers. What is a passphrase and what makes it—what’s the word? Strong? 🎶 Every day, countless readers, listeners, posters, and users ask us questions about some of the most commonly cited topics and terminology in cybersecurity. What are passkeys? Is it safer to use a website or an app? How can I stay safe from a ransomware attack? What is the dark web? And why can’t cybercriminals simply be caught and stopped? For s...
Jun 17, 2024•39 min•Season 5Ep. 13
This is a story about how the FBI got everything it wanted. For decades, law enforcement and intelligence agencies across the world have lamented the availability of modern technology that allows suspected criminals to hide their communications from legal scrutiny. This long-standing debate has sometimes spilled into the public view, as it did in 2016, when the FBI demanded that Apple unlock an iPhone used during a terrorist attack in the California city of San Bernardino. Apple pushed back on t...
Jun 03, 2024•51 min•Season 5Ep. 12
The irrigation of the internet is coming. For decades, we’ve accessed the internet much like how we, so long ago, accessed water—by traveling to it. We connected (quite literally), we logged on, and we zipped to addresses and sites to read, learn, shop, and scroll. Over the years, the internet was accessible from increasingly more devices, like smartphones, smartwatches, and even smart fridges. But still, it had to be accessed, like a well dug into the ground to pull up the water below. Moving f...
May 20, 2024•48 min•Season 5Ep. 11
You’ve likely felt it: The dull pull downwards of a smartphone scroll. The “five more minutes” just before bed. The sleep still there after waking. The edges of your calm slowly fraying. After more than a decade of our most recent technological experiment, in turns out that having the entirety of the internet in the palm of your hands could be … not so great. Obviously, the effects of this are compounded by the fact that the internet that was built after the invention of the smartphone is a very...
May 06, 2024•45 min•Season 5Ep. 10
Our Lock and Code host, David Ruiz, has a bit of an apology to make: “Sorry for all the depressing episodes.” When the Lock and Code podcast explored online harassment and abuse this year , our guest provided several guidelines and tips for individuals to lock down their accounts and remove their sensitive information from the internet , but larger problems remained. Content moderation is failing nearly everywhere, and data protection laws are unequal across the world. When we told the true tale...
Apr 22, 2024•46 min•Season 5Ep. 9
A digital form of protest could become the go-to response for the world’s largest porn website as it faces increased regulations: Not letting people access the site. In March, PornHub blocked access to visitors connecting to its website from Texas. It marked the second time in the past 12 months that the porn giant shut off its website to protest new requirements in online age verification. The Texas law, which was signed in June 2023, requires several types of adult websites to verify the age o...
Apr 08, 2024•48 min•Season 5Ep. 8
Few words apply as broadly to the public—yet mean as little—as “home network security.” For many, a “home network” is an amorphous thing. It exists somewhere between a router, a modem, an outlet, and whatever cable it is that plugs into the wall. But the idea of a “home network” doesn’t need to intimidate, and securing that home network could be simpler than many folks realize. For starters, a home network can be simply understood as a router—which is the device that provides access to the inter...
Mar 25, 2024•46 min•Season 5Ep. 7
A disappointing meal at a restaurant. An ugly breakup between two partners. A popular TV show that kills off a beloved, main character. In a perfect world, these are irritations and moments of vulnerability. But online today, these same events can sometimes be the catalyst for hate. That disappointing meal can produce a frighteningly invasive Yelp review that exposes a restaurant owner’s home address for all to see. That ugly breakup can lead to an abusive ex posting a video of revenge porn. And...
Mar 11, 2024•42 min•Season 5Ep. 6
For decades, fake IDs had roughly three purposes: Buying booze before legally allowed, getting into age-restricted clubs, and, we can only assume, completing nation-state spycraft for embedded informants and double agents. In 2024, that’s changed, as the uses for fake IDs have become enmeshed with the internet. Want to sign up for a cryptocurrency exchange where you’ll use traditional funds to purchase and exchange digital currency? You’ll likely need to submit a photo of your real ID so that th...
Feb 26, 2024•37 min•Season 5Ep. 5
If your IT and security teams think malware is bad, wait until they learn about everything else. In 2024, the modern cyberattack is a segmented, prolonged, and professional effort, in which specialists create strictly financial alliances to plant malware on unsuspecting employees, steal corporate credentials, slip into business networks, and, for a period of days if not weeks, simply sit and watch and test and prod, escalating their privileges while refraining from installing any noisy hacking t...
Feb 12, 2024•41 min•Season 5Ep. 4
If the internet helped create the era of mass surveillance, then artificial intelligence will bring about an era of mass spying. That’s the latest prediction from noted cryptographer and computer security professional Bruce Schneier, who, in December, shared a vision of the near future where artificial intelligence—AI—will be able to comb through reams of surveillance data to answer the types of questions that, previously, only humans could. “Spying is limited by the need for human labor,” Schne...
Jan 29, 2024•26 min•Season 5Ep. 3
