This week Joseph talks to Lorenzo Franceschi-Bicchierai, a journalist at TechCrunch. Lorenzo has possibly the deepest understanding of one of the wildest cybersecurity stories in years: how an employee of Trenchant, a government malware vendor that is supposed to only sell to the ‘good’ guys, secretly sold a bunch of hacking tools to a Russian company. Those tools, it looks like, then ended up with the Russian government and possibly Chinese criminals too. It’s a really insane story about how powerful hacking tech can fall into the wrong hands.
0:00 - Guest Introduction: Lorenzo Franceschi-Bicchierai
02:52 – What Is Trenchant?
03:52 – Secrecy & Evolution of Exploit Industry
05:05 – Modern Spyware Industry Landscape
08:34 – Discovery of Peter Williams
10:31 – Apple Spyware Notifications Context
13:03 – Early Reporting Strategy
14:13 – Indictment & Confirmation
15:34 – What Peter Williams Did
18:17 – Economics of Zero-Day Market
24:53 – Google Discovers “Corona” Exploit Kit
28:11 – Shift to Mass Exploitation in China
31:03 – How Did It Spread? (Speculation)
34:36 – Link Back to Trenchant Leak
36:27 – Security Failure & Industry Implications
41:04 – Ethical Stakes & Real-World Harm
43:15 – Motive & Final Reflections
