Tech Brew Ride Home - Mon. 04/21 – Trump Helps Zuck Get A Reprieve In Europe
Episode Date: April 21, 2025Meta and Apple were about to go to the woodshed in Europe, but it looks like Trump’s tariffs have run interference for them. Everyone wants in on stablecoins, example number 23. Beware of phishing e...mails from Google.com. And are OpenAI’s latest models good, bad, or just “jagged”? Sponsors: QualiaLife.com/ride and code RIDE Links: EU Delayed Punishing Apple, Meta Just Before Trade Talks Started (WSJ) Crypto Knocks on the Door of a Banking World That Shut It Out (WSJ) Phishers abuse Google OAuth to spoof Google in DKIM replay attack (Bleeping Computer) Coinbase in hot water over $12 million ‘content coin’—but exec tells haters to lean in (Fortune Crypto) OpenAI’s new reasoning AI models hallucinate more (TechCrunch) On Jagged AGI: o3, Gemini 2.5, and everything after (Ethan Mollick) Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
On April 4th, 2023, around 2 in the morning, a man was found stabbed multiple times on a sidewalk in downtown San Francisco.
Hey, who did this to you?
What happened next turned the story into a political firestorm.
Reports have identified the victim as Bob Lee, the founder of Cash App.
From Bloomberg Podcasts, this is Foundering, the Killing of Bob Lee, beginning April 16.
Welcome to the Tech meme right home from Monday, April 21st, 2025. I'm Brian McCullough today. Meta and Apple
were about to go to the woodshed in Europe, but it looks like Trump's tariffs have run interference for them.
Everyone wants in on stable coins example number 23. Beware of phishing emails from Google.com
and are Open AIs latest models good, bad, or just jagged? Here's what you miss today in the world of tech.
I think we quoted from a piece last week about how Meta has been attempting to cozy up to the Trump
administration in hopes that they will make the antitrust trial here in the U.S. go away.
That hasn't borne fruit yet, but apparently that doesn't mean the Trump administration can't
shield them from some regulatory battles. sources are telling the journal that the EU planned to
penalize META and Apple on April 15th, but delayed the announcement of any sort of punishment
to avoid conflict with the Trump administration before trade and tariff talks.
quote, the decision to postpone the announcement was made shortly before EU Trade Commissioner
Maros Svkovich met with U.S. officials in Washington on Monday for his first in-person talk
since President Trump announced a 90-day pause on some tariffs. In addition, this week,
Italian Prime Minister Georgia Maloney met with Trump, who said he would have very little
problem making a trade deal with the EU. The rulings are still expected to go ahead,
and it isn't immediately clear how long the delay may last. The delay represents a brief
reprieve for Meta Chief Executive Mark Zuckerberg. The Wall Street Journal reported last month that
meta executives had pressed U.S. trade officials to fight the expected order. Trump has complained
about EU tech regulations and threatened earlier this year to respond with tariffs.
Zuckerberg defended the company this past week in a U.S. Federal Trade Commission trial that could
end up forcing META to sell valuable pieces of its business empire. European officials say they
won't water down their tech regulations in response to U.S. pressure, but some lawmakers in the
European Parliament have questioned whether the cases have become political as the EU seeks to
negotiate a deal with the U.S. on trade. The meta and Apple cases both relate to alleged breaches of
the EU's Digital Markets Act, a law that seeks to make it easier for smaller companies to compete with
their big tech rivals. The Commission opened investigations in March 2024 and issued preliminary
findings in both cases last summer. The cases carry a potential fine of up to 10% of the company's
global annual revenue, though people familiar with the matter, have said they expect fines would be
much lower. The cease and desist orders which target business practices are expected to have a bigger impact
on the two companies than any potential fines. A spokesman for META referred to earlier comments that its
concern isn't only about fines, quote, it's about the commission seeking to handicap successful
American businesses simply because they're American while letting Chinese and European rivals off the hook.
The statement said. The commission says it enforces the blocks laws equally for all companies that
operate in the EU. The meta case relates to whether the company should be forced to allow users to use
Facebook and Instagram for free without seeing personalized ads a key source of revenue for the company.
The EU said last year that meta's policy of requiring users to choose between buying a subscription
or allowing meta to use their data for targeted advertising didn't comply with the Digital Markets Act.
In an effort to appease regulators, Meta last fall introduced an alternative that allows
users to see less personalized ads without buying a subscription.
A separate case against Apple deals with the iPhone maker's App Store rules,
which the Commission has previously said prevent app developers from freely direct.
directing users to alternative ways to make purchases. The Commission has said Apple restricts how
developers can communicate with users and charges fees for facilitating transactions outside the App Store
in a way that goes beyond what is necessary, end quote.
Sources are also telling the journal that Circle, Bitgo, and other firms plan to apply for
bank charters or licenses as the Trump administration pushes to bring crypto into mainstream
finance. Quote, crypto exchange, Coinbase, global, and stable coin company Paxos are
considering similar moves, other people said. That comes as the Trump administration moves to
incorporate crypto into mainstream finance and Congress advances a pair of bills that would establish
a regulatory framework for stablecoins, which let people easily trade in and out of more
volatile cryptocurrencies. The legislation would require stablecoin issuers to have
charters or licenses from regulators. Some crypto firms are interested in national trust or
industrial bank charters that would enable them to operate more like traditional lenders,
such as by taking deposits and making loans. Others are after
relatively narrow licenses that would allow them to issue a stablecoin. World Liberty Financial,
the Trump family's crypto project unveiled plans to launch a stablecoin called USD1 last month. It said
the stablecoin's reserves would be safeguarded by crypto custodian Bitco, which is getting close to
submitting the bank charter application, people familiar with the matter said. Any crypto firm that
obtains a bank charter would become subject to stricter regulatory oversight. Anchorage Digital, so
far the only crypto firm in the country with a federal bank charter, said it spent tens of
millions of dollars to comply with regulations. In 2022, a bank regulator issued a consent order against
Anchorage, pointing to anti-money laundering deficiencies. It has not been easy, said Nathan McCauley,
chief executive officer of Anchorage, which obtained its charter in 2021, but he said the, quote,
whole gamut of regulatory and compliance obligations that banks have can be intertwined with the
crypto industry, end quote. Meanwhile, some banks are looking to play catch-up and forge ties with
the industry. In February, Bank of America, Chief Executive Brian Moynihan said his bank
would issue its own stable coin if a legal framework for doing so is established. U.S. Bank Corp said
this month it would relaunch its crypto custody service through a partnership with NYD, a Bitcoin
trading and banking firm. Separately, a consortium of banks, which includes Deutsche Bank and
Standard Chartered, has started to examine how to expand crypto operations to the U.S.,
according to a person familiar with the matter, end quote.
This is something I didn't think was even possible, but in a clever new attack, hackers were
able to send phishing emails that appeared to come from no reply at google.com after a similar
attack on PayPal users in March, quoting bleeping computer. The attacker leveraged Google's
infrastructure to trick recipients into accessing a legitimate-looking support portal that asks for
Google account credentials. The fraudulent message appeared to come from no reply at google.com
and pass the domain keys identified mail or D. Kim authentication method, but the real sender was
different.
Johnson, the lead developer of the Ethereum name service, or ENS, received a security alert that
seemed to be from Google informing him of a subpoena from a law enforcement authority asking
for his Google account content. Almost everything looked legitimate, and Google even placed
it with other legitimate security alerts, which would likely trick less technical users
that don't know where to look for the signs of fraud. However, Johnson's keen eye spotted that
the fake support portal in the email was hosted on sites.gov.com, Google's free webbuilding
platform, which raised suspicion. Being on a Google domain, the chances of the recipient to realize
they are being targeted are lower. Johnson says the fake support portal was an exact duplicate of the
real thing, and the only hint it's a fish is that it's hosted on sites.govgle.com instead of
accounts.com. The developer believes that the purpose of the fraudulent site was to collect
credentials to compromise the recipient's account. The fake portal is easy to explain in the scam,
but the clever part is delivering a message that appears to have passed Google.
Google's decim verification in what is called a decim replay fishing attack.
A closer look at the email details revealed that the mailed by header shows a different address
than Google's no reply, and the recipient is a me at address at a domain made to look like
it's managed by Google. Nevertheless, the message was signed and delivered by Google.
Johnson put the clues together and discovered the fraudsters tricks. First, they register a domain
and create a Google account for me at domain. The domain isn't that important, but it
It helps if it looks like some kind of infra.
The choice for me as the username is clever, the developer explains.
The attacker then created a Google Oath app and used for its name the entire phishing message.
At one point, the message contained a lot of white space to make it look like it ended
and to separate it from Google's notification about having access to the attacker's
me at domain email address.
When the attacker granted their Oath app access to their email address in Google workspace,
Google automatically sent a security alert to that inbox.
Since Google generated the email and signed it with a valid decim key and passes all the checks,
Johnson says, adding that the last step was to forward the security alert to victims.
The weakness in Google's systems is that decim checks only the message and the headers without the envelope.
Thus, the fake email passes signature validation and appears legitimate in the recipient's inbox.
Furthermore, by naming the fraudulent address, me at, Gmail will show the message as if it was delivered to the victim's email address.
A similar trick has been tried on other platforms than Google,
In March, a campaign targeting PayPal users relied on the same method where fraudulent messages originated from the financial company's mail servers and passed decim security checks.
Bleeping Computers test revealed that the attacker used the gift address option to link a new email to their PayPal account, end quote.
Coinbase is facing pump and dump accusations after its subsidiary base launched a content coin on Zora.
Coinbase has clarified that base will never sell the tokens.
Quoting Forbes, U.S. Crypto Exchange, Coinbase launched a meme coin, or rather its subsidiary issued a content, or maybe it's just posted on-chain content. The distinctions are slippery, but however one defines Coinbase's actions, the response from the crypto industry has been withering and put the publicly traded company on the defensive.
The controversy began on Wednesday when the social media team for base, Coinbase's blockchain, posted a picture that read, Bases for Everyone on Zora, an NFT platform that has pivoted to meme coin.
When Base posted the image, Zora created a linked cryptocurrency, which soon rocketed to a market
capitalization above $14 million before crashing to $1 million. It since rebounded to more than $12 million
as a Friday evening, according to Dex Screener. Crypto industry commentators alleged that
the token launch was a pump and dump scheme, or when influencers push or pump, up a cryptocurrency's
price only to sell or dump the token for profit. Base will never sell these tokens, and these
are not official network tokens for base, Coinbase, or any other related price.
product, Coinbase said in a statement. So what exactly happened? Did Coinbase actually launch a
meme coin and why are folks so angry? Here's a guide to the controversy. Founded in 2020,
Zora was originally conceived as an NFT platform where users could turn images into non-fungible
tokens, others could buy and sell. But as the NFT market dried up, Zora pivoted to meme coins or
cryptocurrencies that have no utility and have been traditionally based on online jokes. Meme coins have
become all the rage in crypto, so the pivot, which occurred in late February, made
cents. Zora is a social network where every post is a meme coin. D. Goens, the co-founder and CEO of the
startup told fortune in a statement. The company issues its meme coins on base, a layer two blockchain
built on top of Ethereum that Coinbase has promoted and developed. So Jesse Pollock, a member
of the Coinbase executive team, who heads the company's base division, began to experiment
with the platform. On Wednesday, the corporate account for base, not just Pollock, experimented with
Zora and effectively launched its own meme coin, or what Pollock called a content coin.
The term, he said, refers to cryptocurrencies associated with online media whose price can be
interpreted as a reflection of a post-popularity.
It's not just creators who are individuals who deserve to benefit from these technologies,
he said, it's also brands.
Traders soon bought up the content coin from base.
People just thought it was a meme coin, and if there's an official meme coin launched by
Coinbase or base, under that big brand that everyone knows and loves, that is going to be
the sole focus.
Alon Cohen, the co-founder of the memecoin launchpad, pump.com, told Fortune.
However, traders were mistaken that the meme coin would be Coinbase's sole focus.
Base made another post on Zora that generated another cryptocurrency, which prompted the original
tokens price to plummet. The tokens price, however, recovered, and Pollack said the outrage was
misplaced. Coinbase didn't profit off the token launch and has no plans to sell its meme coin
holdings and is just experimenting with new technology. This is just for creativity, he said.
Despite the backlash, Pollack remains undaunted. He believes content coins are the future for
online media, and on Friday he continued to post on Zora.
His most recent meme coin or content coin was connected with a screenshot of one of his recent ex-posts.
Base is for everyone it read, even the haters, end quote.
OpenAI says its new 03 and 04 mini AI models hallucinate more often than its previous reasoning and traditional models, and the company doesn't know why.
Quoting TechCrunch, according to Open AI's internal tests, O3 and O4 Mini, which are so-called reasoning models, hallucinate more often than the company's previous reasoning models, O1, O1, Mini, and O3 Mini, Mini, as well as to Open to OpenAI's internal tests, O3 Mini, as well as.
as OpenAI's traditional non-reasoning models such as GPT-40. Perhaps more concerning, the chat GPT
maker doesn't really know why it's happening. In its technical report for O3 and O4 Mini,
OpenAI writes that more research is needed to understand why hallucinations are getting worse as it
scales up reasoning models. O3 and O4 Mini perform better in some areas, including tasks related
to coding and math, but because they make more claims overall, they're often led to make more accurate
claims, as well as more inaccurate slash hallucinated claims per the report. OpenAI found
that 03 hallucinated in response to 33% of questions on person QA, the company's in-house benchmark
for measuring the accuracy of a model's knowledge about people. That's roughly double the
hallucination rate of OpenAI's previous reasoning models, 01, and 03 Mini, which scored 16 and
14.8% respectively. 04Mini did even worse on person QA, hallucinating 48% of the time.
Third-party testing by Transluse, a non-profit AI research lab, also found evidence that
03 has a tendency to make up actions it took in the process of arriving at
answers. In one example, Transluse observed O3 claiming that it ran code on a 2021 MacBook Pro
outside of chat GPT, then copied the numbers into its answer. While O3 has access to some tools,
it can't do that. Our hypothesis is that the kind of reinforcement learning use for O series models
may amplify issues that are usually mitigated, but not fully erased by standard post-training
pipeline, said Neil Chowdrey, a Transluse researcher and former OpenAI employee in an email to
TechCrunch, end quote. Actually, there was a fair bit of debate.
over the weekend about the new O models from Open AI.
Folks like Aaron Levy are very impressed.
Aaron says O3 nailed a multi-step financial modeling task for him,
and Scale AI CEO said that O3 is a big breakthrough,
but others have been less impressed.
None other than Ethan Mollick this weekend wrote that models like O3 and Gemini 2.5
pro feel like what he calls jagged AGI, i.e., they are unreliable,
even at some mundane tasks, but still offer superhuman capabilities in many other areas.
quoting from the conclusion of a piece on his substack.
There's a deeper uncertainty here.
Are there capability thresholds that once crossed fundamentally change how these systems
integrate into society?
Or is it all just gradual improvement?
Or will models stop improving in the future, as LLM hit a wall?
The honest answer is, we don't know.
What's clear is that we continue to be in uncharted territory.
The latest models represent something qualitatively different from what came before,
whether or not we call it AGI.
Their agentic properties, combined with their jagged capabilities, create a genuinely novel situation with few clear analogs.
It may be that history continues to be the best guide in that figuring out how to successfully apply AI in a way that shows up in the economic statistics may be a process measured in decades.
Or it might be that we are on the edge of some sort of faster takeoff where AI-driven change sweeps our world suddenly.
Either way, those who learn to navigate this jagged landscape now will be best positioned for what comes next, whatever that is.
I personally was using the O3 model quite extensively over the weekend, and I have to say
it felt like a step or two better than a lot of stuff I've used recently.
Good enough that, again, I think I'm switching back officially from Claude back to ChatGPT.
Don't hold me to that, though.
We'll see.
Talk to you tomorrow.