đź”’ Patreon Special

IT Pros: exclusive shows await you on Patreon, focusing on the more challenging aspects of running your practice and working with clients and employees.

Join us on Patreon

669: Adam Engst (TidBITS) Slack Impersonation Malware, Anthropic's Mythos, and Why You Need a Personal AI Defender

/

669: Adam Engst (TidBITS): Slack Impersonation Malware, Anthropic's Mythos, and Why You Need a Personal AI Defender

Adam Engst (TidBITS) discusses a malware incident in a long-running public “Slack Bits” group where a bad actor impersonated Glenn Fleishman via a duplicate Slack display name, tricking him into downloading an info-stealer, prompting Engst to consider shutting down the 1,400-member community. The conversation shifts to Anthropic’s Mythos and Project Glasswing (as covered by TidBITS security editor Rich Mogull), which reportedly found long-standing bugs (including in OpenBSD and FFmpeg), raising concerns about AI-accelerated vulnerability discovery, defender/attacker asymmetries, costs and compute barriers, and impacts on zero-day markets. They also cover Apple’s iOS signing and update/upgrade distinctions, why Apple supports macOS differently than iOS, broader distrust in institutions, social media’s advertising/algorithm problems (including Section 230), bots and AI-driven phishing, and the idea of local, user-controlled AI agents to help protect individuals online.

00:00 Welcome Back Adam Engst

00:20 Slack Impersonation Scare

02:15 Cleaning Up a Public Slack

03:40 Mythos and Glasswing Explained

05:19 AI Bug Hunting Reality Check

08:25 Red Team Blue Team Asymmetry

09:50 Compute Costs and Access Barriers

12:19 Trust Ethics and Regulation

17:50 Personal AI Security Agents

23:34 Zero Day Markets and Exploit Kits

25:40 iOS Signing and Update Windows

27:13 Why Macs Get Longer Support

32:06 Scams Incentives and Pig Butchering

34:02 Life Offline and Misinformation

35:41 Social Media Hot Garbage

36:43 Addiction By Design

37:46 Advertising Model Flaw

38:47 Infinite Scroll Limits

39:39 Dunbar Number Reality

40:54 Platform Power Responsibility

42:46 AI Influencers And Slop

43:37 Bots And Fake Accounts

46:33 AI Phishing And Passkeys

49:21 Closed Communities Trust

53:25 CAPTCHAs And Human Help

56:08 Section 230 And Algorithms

57:46 Chronological Feed Fix

59:35 Two Week News Rule

01:02:41 Ads In Maps Backlash

01:04:10 Wrap Up And Next Part

668: Michael Thomsen of Origin 84, Part Two - Reusable Compliance Policies, ISO 27001 Audits, and Building a Fractional GRC/Strategy Bench

/

In this Command Control Power episode, host Joe and guests discuss standards, policies, certification, and compliance with Michael Thomsen of Origin 84 in Sydney, continuing an ISO 27001 deep dive. Michael explains how policies are written to solve specific control problems (e.g., MFA) and can be reusable, while areas like data classification require tailoring based on a client’s industry, legislation, contracts, and workflows; key discovery questions include where data is stored and shared, and what obligations contracts impose. The conversation contrasts frameworks (NIST, Essential Eight) and notes auditors verify that policies drive processes and are followed, emphasizing continual improvement through audits, risk/incident tracking, and iterative remediation. Jerry and Sam share healthcare/SOC 2 experiences and discuss shifting solo consultants from tactical support to higher-value strategic advisory/account management, using fractional roles and partners. Michael outlines Origin 84’s fractional model (financial controller, HR, strategy officer, plus legal/CFO) and sourcing via professional networks, LinkedIn, and conferences like ACEs, where Michael will present on account management.

00:00 Welcome and Recap

00:45 Reusable Policies vs Tailoring

02:20 Data Classification Nuances

03:33 Discovery Questions That Matter

06:18 Building Trust Without Conflict

07:30 Insurance as the Trigger

08:47 SOC 2 and Framework Reality

10:50 Audits and Continuous Improvement

12:48 Breaking Down Compliance Work

14:07 Jerry’s Healthcare SOC 2 Case

15:49 Fractional Support Models

17:13 Move Up to Strategic Advisor

19:16 Agency and Stakeholder Dynamics

20:41 Consulting Revenue Mindset Shift

23:26 Hand Off Tactics, Lead Strategy

24:21 Healthcare Provider Experiences

24:30 Compliance Strategy Calls

25:16 Subcontracting Specialist Help

25:55 Scaling With Key Hires

28:18 Fractional Finance And HR

30:03 Fractional Strategy Officer

31:26 Outsourced Regional Support

32:31 Finding Fractional Talent

36:55 Networking At ACEs

39:41 Account Management Matters

41:51 Wrap Up And Farewell

667: Michael Thomsen of Origin 84 on Building a Process-Driven MSP and Using Compliance Frameworks for Strategy

/

Michael Thomsen on Building a Process-Driven MSP and Using Compliance Frameworks for Strategic IT

Host of Command Control Power welcomes returning guest Michael Thomsen of Origin 84 from Sydney ahead of the ACEs conference in Minneapolis, discussing the mental and operational preparation to leave a company running without him through documentation, chain of command, and role accountability using Confluence and selected EOS practices. Thompson explains balancing perfectionism with repeatable team standards, prioritizing avoiding preventable mistakes, and aligning service quality to what clients value. The conversation pivots to SOC 2, HIPAA, and ISO 27001 as validation frameworks increasingly demanded via vendor risk and tenders, emphasizing policy vs procedure and continual improvement. He outlines Origin 84’s flat-fee, services-first model and “magic quadrant” approach—help desk, IT administration, account management, and strategy—using root-cause fixes and programmatic improvements across clients. He advocates standardizing on Microsoft (often using Entra even for Google clients), careful vendor selection, and tailoring higher-cost governance features (e.g., Defender/Purview, logging) to client needs while keeping baseline security consistent.

00:00 Welcome Back Michael

00:35 27 Hour Travel Ritual

01:14 Leaving The Business

03:23 Planning Like Military

04:47 Runbooks And EOS

07:22 Perfection Versus Good

12:24 Standards And Apologies

13:53 SOC2 HIPAA ISO Explained

16:32 Policies Versus Procedures

17:56 Making Services Sticky

20:14 Magic Quadrant Strategy

23:16 Fix Root Causes

26:21 Hourly Billing Incentives

27:45 Value Without Strategy Buy In

29:13 Listening Before Pushing

29:28 Pricing Pushback Case Study

31:52 Standardized Security Baseline

34:33 Paying For The Paperwork

36:10 Reducing Cost Via Account Management

36:50 Stack Ownership And Optional Features

39:21 Microsoft As The North Star

41:10 Vendor Risk And Pricing Strategy

47:54 Entra SSO For Google Clients

50:46 ISO 27001 Policy Reality Check

54:57 Wrap Up And Part Two Tease

Best Of CCP - 200: Not So Off The Rails

/

Sam Valencia, Jerry Zigmont and Joe Saponare discuss working with Apple technology and clients. Drawn from their combined experience of over 20 years in the Apple Consultants Network, thaey discuss technical support issues both with the technology and working with clients.

665: Apple’s 50th Anniversary Old Shortcuts, and What Still Delights - Part 2

/

The hosts revisit early Apple and Mac experiences and discuss first keyboard shortcuts, focusing on “Command Control Power” after a photographer client referenced it while troubleshooting a MacBook Pro that died on location from a drained battery. They debate the proper shortcut key order versus Apple’s conventions, recall Apple II shortcuts like Control–Open Apple–Reset, and reflect on floppy-drive workflows and multi-disk backups. The conversation shifts to Apple’s attempts to break into business hardware, Steve Jobs’ impact and management style, and a perceived reversal where hardware fit-and-finish improved while macOS feels buggier, with annual OS releases and settings moving cited as problems. They note Rapid Security Response/Background Security Improvements placement changes, praise Apple Watch and AirPods, share audience photos and Apple memorabilia, and close with gratitude to Apple, colleagues, and listeners.

00:00 Apple 50th Kickoff

00:27 Shortcut Origin Story

01:08 Photo Shoot Panic

02:17 Shortcut Order Debate

03:27 Open Apple Keys

05:16 Save Changes Shutdown

07:33 Floppy Boot Days

09:02 Apple In Business

12:22 Jobs Magic And Myth

14:03 Modern OS Buggy Era

19:27 Settings Search Problem

23:17 Yearly OS Cadence

26:04 Planned Obsolescence Talk

27:46 Software Sells Hardware

28:07 Mac CPU Transitions

29:12 Snow Leopard Lessons

31:37 Intel Era Reality Check

33:11 Security Updates Moved

34:22 Throwback Mac Photos

35:52 Daily Delight Devices

40:12 Old iPhones and iPods

42:29 Apple Employee Card

44:37 Startup Office Memories

46:13 50 Years of Apple

664: Apple at 50 - First Macs, HyperCard, iPod Halo, and Memories from the Early Days - Part 1

/

Apple at 50: First Macs, HyperCard, iPod Halo, and Memories from the Early Days - Part 1

CHM Live | Apple at 50: Five Decades of Thinking Different

The hosts celebrate Apple’s 50th anniversary (recorded April 1) and recommend David Pogue’s book “Apple at 50,” including his Computer History Museum interview. They invite listener stories and discuss first Apple computers (Apple IIe/IIc/II Plus), early BASIC programming habits, and Apple’s influence in schools via HyperCard/HyperTalk. Jerry recounts starting on PC compatibles in a tool-and-die business, moving into Macs for music/MIDI and Finale, and shows a 1989 receipt for a Macintosh IIx system costing about $7,000 (roughly $14,730 in 2026 dollars). Listener Dwayne Moss shares memories working at Apple, concerts at sales conferences, seeing Steve Jobs introduce the iPod at Town Hall, and being hired and laid off three times. The group reflects on the iPod’s Windows support, the “digital hub” era, early CD burning, Airport cards, Macworld/iPhone displays, Newton hardware, and transitions from PowerPC to Intel to Apple silicon. 

00:00 Apple Turns 50

00:40 David Pogue Book Pick

01:59 First Apple Computers

03:56 Learning BASIC Early

06:34 Jerry’s First Macs

09:25 Sticker Shock Pricing

11:55 From Punch Cards to AI

13:42 HyperCard Magic

15:38 Listener Story Dwayne

18:30 iPod Halo Effect

20:37 Digital Hub Creativity

24:15 CD Burning Nostalgia

26:31 Iconic iPhone Sounds

27:26 First Business Macs

28:49 Early WiFi Upgrades

30:35 Offline Computing Era

31:45 Macworld iPhone Memories

36:09 Newton Surprise Find

39:12 Early Influences

39:55 Jerry Career Pivot

46:23 Vintage Server Rooms

50:33 G4 to Intel Shift

50:55 Wrap