Microsoft's Secret Weapon: The GDID That Caught 'Scattered Spider' Teen
July 4th, 2026
1 hr 36 mins 3 secs
Tags
About this Episode
(Presented by Thinkst Canary: Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their hand by touching ’em giving you the one alert, when it matters. With zero admin overhead and almost no false-positives, Canaries are deployed (and loved) on all 7 continents.)
Three Buddy Problem - Episode 104: We discuss the return of Anthropic's Fable 5 from export-control suspension with guardrails so aggressive that spelling "exploit" gets you downgraded. Plus, a debate on AI frontier labs killing businesses at scale, and OpenAI offering equity to the US government.
Also, buried on page nine of a 'Scattered Spider' arrest indictment: Microsoft's never-before-detailed GDID device identifier, a persistent Windows fingerprint with massive implications for OPSEC, privacy, and APT tracking.
Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.
Timestamps:
0:00 Cold open: Heat wave in Washington DC
3:45 Fable 5 returns after the 15-day timeout
5:21 "Refined classifiers" and the downgrade-to-Opus mess
8:23 Codex vs. Claude: real-world malware analysis test
12:41 Who are the guardrails for? Defenders locked out
19:13 What even is a "jailbreak assessment framework"?
21:37 Two theories: failed PR vs. killing a thousand startups
24:59 Could the labs build kernels or a whole OS?
31:38 Bureaucracy is the moat
36:09 Can AI actually run an attack? (Spoiler: 14 detections)
47:01 OpenAI offers the US government a 5% stake
58:16 Scattered Spider arrest and Microsoft's GDID revelation
1:12:02 OPSEC fallout: how APT groups adapt to device telemetry
1:27:18 UFO update, shout-outs from Seoul
Episode Links
- Transcript
- Redeploying Claude Fable 5 (Anthropic)
- Howard Lutnick on Anthropic export controls
- OpenAI proposes handing Trump administration 5% stake
- DOJ: Alleged Member of “Scattered Spider” Extradited to USA
- Full DOJ complaint on Scattered Spider arrest
- HBO Max -- Q: Into the Storm
- Q Into the Storm
- LABScon 2026
- Thinkst Canary