#124 - You Are Clonable. 30 Cents Is Enough. — Realtime Deepfake Fraud and the DACH Mittelstand

#128 - How ChatGPT Cracked an 80-Year-Old Math Problem for $1,000

Picture Dr. Katharina Hess — she runs the Computational Chemistry Group at one of the big pharma companies in the Novartis corridor. 11 postdocs and data scientists under her. Not 3 projects — 30 open projects, research cycles of 5, 10, 20 years. Five days ago she opens Nature. The headline grabs her: "AI cracks an 80-year-old mathematical challenge." She reads it. Reads it again. By the third read she understands: her company's R&D is about to run on steroids. Not because of the math problem itself — but because of the method. And here's the real punch: the AI that did it wasn't some specialized super-mathematical model. It was ChatGPT. Yes, your ChatGPT. (OK, the reasoning model, GPT-5.4 Pro — but still.) 🧮 Who the hell was Paul Erdős? Hungarian mathematician, born 1913. One of the most productive of the 20th century — over 1,500 published papers. Restless. No apartment. No fixed office. Today we'd call him a digital nomad — back then, an analog one. He went from university to university with two suitcases. His passion wasn't solving problems. It was formulating them. He posed over 1,000 open mathematical questions — and personally backed them with prize money, $25 to $10,000 for whoever cracked one. 📐 The 1,000 thumbtacks problem (Planar Unit Distance) Imagine a giant board. You take 1,000 thumbtacks. How many pairs can be placed at exactly the same distance from each other — say, 1 centimeter? Sounds simple. It isn't. In 1984, Spencer & Trotter calculated the upper bound: n to the 4/3 power. That ceiling hasn't moved in 40 years. Noga Alon (Princeton): "It was one of Erdős's favorite problems." 💸 How ChatGPT solved it — for ~$1,000 in tokens Step one — which ChatGPT? Not the one that messes up your email. The reasoning model — GPT-5.4 Pro. You actually have to click the model selector. Don't use Auto. The prompt was almost unassuming: "Could Erdős be wrong? Could the reasoning behind this bound be flawed?" And then the model worked. Completely autonomously. 125 pages. Around 100,000 tokens. Cost: somewhere between $100 and $1,000. Reality check: tomorrow I'm flying to an oil & gas company in Hannover. Zurich → Hannover one-way: $800. So the token cost of solving an 80-year-old mathematical problem is in the order of a single business trip. 🔧 The trick: not a better screwdriver — a different wrench entirely For 40 years mathematicians attacked this with geometric tools: incidence geometry, Szemerédi-Trotter, crossing number method. Those tools hit a natural ceiling — the n^(4/3) bound. The AI did something else. It pulled a completely different key out of the toolbox: algebraic number theory. CM fields. Complex multiplication. Infinite Galois towers. It didn't solve the problem. It reformulated it — from a geometric problem to a number-theoretic one. And suddenly the answer became much more concrete. 🤖 The DeepMind counter-punch: AlphaProof Nexus + Lean Then Google DeepMind dropped the receipts. Their system AlphaProof Nexus claims to have solved: * 9 open Erdős problems * 44 additional open conjectures * A 15-year-old problem in algebraic geometry And here's where it gets architectural. AlphaProof Nexus combines AI reasoning with a formal verification tool called Lean. The AI doesn't just spit out an answer — it produces a step-by-step proof, and Lean mechanically verifies every single step. Every logical leap is checked. Incorrect assumptions are rejected. The final proof meets strict mathematical standards. Cost per problem: a few hundred dollars in compute. ⚖️ Two religions: human-verified vs machine-verified This is now a genuine philosophical split in the AI math community: * OpenAI's approach: let the LLM produce the proof, then send it to 9 of the world's top mathematicians — including Fields Medal winners like Noga Alon, Daniel Litt, Melanie Wood — to verify by hand. Slow. Authoritative. * DeepMind's approach: let the AI prove it AND let the machine (Lean) verify it. Fast. Reproducible. But — you have to trust Lean. Both approaches address the hallucination problem: AI models can invent unproven statements, skip difficult parts, present incomplete proofs as finished. Human review and machine verification are two different solutions to the same fundamental risk. 🛑 The Hassabis caveat: AGI is still far Demis Hassabis (DeepMind CEO) reminds everyone: "For an AI, this wasn't actually that hard." The problem is extremely difficult to solve, but it's bounded. AGI would require: * Creativity across multiple fields simultaneously * Independent reasoning * Original idea generation Today's systems are powerful specialized tools — not minds. But here's the catch: the most clever thing the AI did wasn't the solution. It was the cross-domain reformulation. And that's exactly where your R&D department needs to wake up. 🧬 Why your R&D needs this — silos, Da Vinci, AlphaFold Pharma R&D is the textbook silo problem: * Medicinal chemists define and find targets * Biologists know the pathways * Statisticians wade through the data They work in their silos. They don't talk on the level where breakthroughs happen. Leonardo da Vinci could. Math + chemistry + physics + anatomy — all in one head, all connected. Today that's impossible for a human because of information overload. But an AI? An AI has exactly that cross-domain synthesis ability. Side note: Google DeepMind already won the Nobel Prize 10 years ago — for AlphaFold solving the protein-folding problem. Pure cross-domain AI. If pharma had taken that seriously, they'd be a decade ahead today. 🦴 The uncomfortable truth about your senior researchers Who are the most expensive people in any R&D department? Not the juniors. The 30-year veterans earning three-quarters of a million euros a year. And they are the worst AI users. Because they fundamentally say: "I've done research like this for 40 years. I don't need ChatGPT." When you hire a postdoc in 2026, "is he good in his domain?" is no longer the only question. The new questions: * Can he prompt a reasoning model correctly? * Can he ask cross-domain questions? "How would a biologist see this? How would an economist see this?" * Does he click "Auto" or does he deliberately choose GPT-5.4 Reasoning? ⚖️ The legal department will be your next blocker Imagine: you've found something genius with ChatGPT. You want to patent it. Who stops you first? Legal. * Does it belong to us? Or to OpenAI? * Does it belong to Microsoft (if you used Copilot)? * Who holds the patent? The answers aren't clarified yet. Your discoveries may sit in legal review for 2 years. Plan for it. 🎯 Three Monday Actions...

#127 - [Quickbite] - Chief AI Academy — Sneak Peek into Session 1

People keep asking: "What are you actually teaching in the Werchota Chief AI Academy?" So here's a Quickbite sneak peek into Cohort 1, Session 1 — the four moments that made the room go silent. Quick context: each cohort = small group (5-15 business leaders — CFOs, Chief AI Officers, heads of procurement, HR directors), 4 weekly sessions × 2 hours. Not just listening to Malcolm — also to Maria (co-founder) and Damian (associate partner, head of engineering). And critically: participants talking to each other. Because when you leave the academy, you shouldn't just talk to us — go talk to your peers. 💥 Moment 1: The Software Armageddon Opened the session with the stock charts: HubSpot down 30-40%, Gartner in free fall since Q3, Adobe Duolingo essentially dead, Salesforce bleeding. None of these companies will literally disappear tomorrow — but the rate of decline is accelerating because their customers can now build the same thing themselves. Example demoed live: a procurement participant uses IronCloud for contract reviews — €40,000/year. We showed Claude doing the same thing, more personalized, more tailored to her business, for ~$50 in tokens. The room went silent. The pushback: "But Malcolm, companies are still buying software." Yes — out of habit. As soon as they understand headless software (no UI, just an MCP server or API key, AI orchestrates it), the whole game changes. We're giving the wrong software to the wrong people right now. Stop rolling out Microsoft Copilot to your knowledge workers. Roll out Claude Code and Codex instead — with compliance-friendly options like OpenCode. Then they can build their own solutions. 🧠 Moment 2: Reverse Prompting (the killer technique) Someone said: "I tried your prompt 'make me a sexy dashboard' and nothing came out." So we went back to basics — because most people still don't know how to prompt. The technique: Reverse Prompting. Inspired by how psychologists work — they don't ask you to articulate your trauma in one sentence. They ask you questions, and through your answers, you discover what you actually want to say. Your command to Claude/ChatGPT:  "Ask me 10 questions, multiple choice, 4-5 answers each. Don't ask all at once — three at a time, wait for my answers, then formulate the next three."  Now the AI is interviewing you. While you answer, you start to actually understand what you want. The AI surfaces concepts you didn't even know existed — "Do you want a Streamlit app, or maybe a web app?" — and you go: "Wait, what's a Streamlit app? Yes, that one." Promise: Malcolm will pay for your dinner if reverse prompting does not measurably improve your output. 🧠 Moment 3: The Second Brain that called me the WORST salesperson The werchota.ai "second brain" — built in 48 hours, now running in production on Azure (Victor's setup) — has access to: * Every email from every employee (including mine — anyone in the company can query my inbox) * Every meeting transcript * Everything on SharePoint * Queryable via Teams Live demo: I asked it to do a SWOT analysis of Malcolm, focused on sales. It ran for 30 minutes. Produced a dashboard that called me out: * "Malcolm is the weakest persona on the entire sales team" * "Rarely has an agenda going into calls" * "Talks all over the place, ends calls with 'OK, bye'" * "No follow-up discipline. No paper sent in 3 days, no follow-up in 1 week" * "Creates information overload for customers" The room went silent. I love when that happens. Because the point isn't to publicly roast me — it's that a Second Brain lets you do this for everyone in your team. People know their strengths. They struggle to articulate weaknesses. The Second Brain extracts them — and then Marsha can jump in on my post-meeting communication, Alex can cover ABCD, and the team plays to its actual gaps. 🦴 Moment 4: "You've been hiring AI Neanderthals" I showed them what an AI-native business leader can do — Claude Code, Codex, prompting fluency, voice-to-Excel, MCP servers, headless software integration. Then I asked: "Be honest. Your last 10 hires. How many can do this?" Answer in the room: essentially zero. You're running an AI-powered company while continuously hiring AI Neanderthals. Then you wonder why adoption is slow. If you want your company to stay Neanderthal-shaped and disappear in the next 1-2 years, continue hiring like this. I don't care. But you should. Remove "Microsoft Office" from your job descriptions. Replace with prompting, AI tool fluency, understanding of where the tech is going. The biggest leverage you have right now is who you hire next. 🎯 Three Monday Actions 1. Try Reverse Prompting today. Take any messy goal you have, paste it to Claude/ChatGPT with the formula above. Free dinner if it doesn't work. 2. Audit your last 10 hires against ~10 AI skills (prompting correctly, Claude Code / Codex fluency, MCP understanding, voice-to-Excel, second-brain literacy, etc). Expect 1-2 out of 10. You've been hiring problems — now they need re-training. Going forward, hire people who already use AI natively. Biggest leverage in the company. 3. Build a Second Brain — even a small one. Don't have to go enterprise like we did. Start with a project: shared email address, project files, meeting transcripts of one initiative. Build it. Query it. Watch what surfaces. 💬 What participants left with A Swiss consultant: "I realized I don't have a workload problem — I have a cross-department visibility problem. The Second Brain would solve that for me." Another participant: "I'm going to go try reverse prompting tomorrow. This alone is worth the session." That's the Chief AI Academy in 18 minutes. Want to come to Cohort 2? See the link below. ⏱️ Timestamps * 00:00 — What is a Quickbite + intro to the Chief AI Academy format * 02:30 — Who comes: CFOs, Chief AI Officers, procurement, HR directors * 05:00 — Moment 1: Software Armageddon — HubSpot, Gartner, Adobe, Salesforce * 08:00 — IronCloud €40k/year vs Claude $50 in tokens — live demo * 10:00 — Headless software + MCP servers explained * 12:00 — Moment 2: Reverse Prompting — the dating-your-psychologist technique * 14:00 — Moment 3: Second Brain — the SWOT that called me the worst salesperson * 16:00 — Moment 4: AI Neanderthals — your last 10 hires * 17:30 — Three Monday actions + participant takeaways 🎙️ About the Host Malcolm Werchota runs AI adoption programs for companies across Europe — close to 90 companies advised, majority in the DACH region. After 15+ years at Novartis and Schlumberger, today's focus: AI without the bullshit. Lecturer at ESADE and HSLU. Studied in Leoben. 🚀 Resources for Executives * 📚 Chief AI Academy — AI for Decision Makers [https://www.werchota.ai/chief-ai-academy] ← Cohort 2 ...

#126 - [AI Drama] - Your Continuity Plan Doesn't Cover Drones. It Should.

Welcome to AI Drama. About a year ago, in a single night across five Russian airbases, 41 aircraft were destroyed. TU-95 strategic bombers. TU-22 M-3s. A-50 AWACS surveillance planes. Estimated damage: $7 billion. No air raid sirens went off. No interceptors scrambled. The attack didn't come from the sky. It came from trucks. Ordinary containers, driven inside Russian borders. The drivers were tricked — "bring the container, someone will pick it up." Nobody ever came. Inside: 117 FPV drones, loaded with explosives. The containers opened on remote command. The drones deployed one after another. Each flew only 300-400 meters to strike. Total operation cost: maybe $2-3 million. Damage inflicted: $7 billion. ROI: 3,500×. Some call it Russia's Pearl Harbor — but delivered by drones in a truck. This was Operation Spider's Web. Welcome to AI Drama. Today: the new way of running wars, teenagers in basements, and the end of "safe distance" as a concept. 🎮 Mykola, 19, gaming streamer turned drone pilot Three years ago, Mykola was a 16-year-old Counter-Strike streamer in Kharkiv with a few thousand Twitch followers. Today he's in the Ukrainian army — not because he wanted to, but because Ukraine started a new program: only soldiers between 18 and 24 can operate drones. Why 24? After 24, your brain is too slow. His "front line" is a bombed-out basement. Four laptops, three pairs of FPV goggles, a controller that looks like a PlayStation. The only light: an LED running on a battery that'll die in 2-3 hours. He flies a quadcopter that costs $300-400 in parts, 8-10 km out to a Russian position, 150 km/h. Tilts left, tilts right. Russian soldier sees it, has milliseconds to react. Impact in 4 seconds. Live feed disappears. Mykola goes to Telegram. Doesn't celebrate. Reaches for the next drone. It's only 2 PM. This is his 12th mission today. 🏭 The numbers that should terrify NATO * USA: ~100,000 military drones produced per year * Ukraine: 4.5 million military drones per year * Ratio: 45:1 — from a country with zero drone industry four years ago * Industrial ceiling: 8-10 million drones/year projected * Bloomberg: Ukraine produces more drones than the entire NATO alliance combined Ukraine has created an Unmanned Systems Forces — a military branch dedicated entirely to drone warfare. No other country in the world has this. ⚠️ Aurora 26 — when NATO learned the hard way April-May 2026, Gotland Island, Sweden. NATO exercise Aurora 26. 18,000 soldiers from 13 NATO countries. Ukraine was invited as the attacking force. The exercise had to be STOPPED THREE TIMES. Each time, the NATO troops would have been annihilated. The Ukrainian pilot said: "If it was real life, they would have all been dead." Swedish Defense Minister General Michael Claesson, after the exercise: "The fastest way for any Western force to learn about drone and counter-drone warfare is to go and listen to the Ukrainians." 🤖 Inside the $700 killing machine An FPV drone is a small quadcopter, $300-3,000. Inside lives a chip from one of our darling companies: the NVIDIA Jetson Nano (or Jetson Orin). Matchbox-sized. Costs $100-300 per unit. Available on Amazon. It wasn't built for war. It was built for robot vacuum cleaners, DIY hobbyists, AI students. NVIDIA didn't sit down and say "let's build chips for drones that kill people." It just happened. Add a Ukrainian company called Fourth Law's TFL-1 computer-vision module ($100). Now the operator only needs to fly within 400-500m of target. The Jetson takes over the final approach. Hit rate without AI: 30-50%. Hit rate with AI Jetson + computer vision: over 80%. Today, 20+ Ukrainian brigades use this AI copilot. Microsoft Copilot, but for killing people. Given to 19-year-olds. Total bill of materials: ~$700. Even priced at $10,000 (it's not), compare: * $10,000 drone vs $5,000,000 Russian armored fighting vehicle * $10,000 drone vs $100,000,000 Tupolev TU-95 bomber 🇪🇺 Why this is YOUR problem (yes, even in DACH) Picture Werner: head of security at a mid-sized DACH automotive company. 1,500-2,000 employees. Three plants. Just-in-time delivery to Mercedes, BMW, Audi. His business continuity plan covers fire, floods, cyberattacks, supplier failure. It does not cover fiber-optic drones flying inbound from a loading dock. "But Malcolm, drones can't fly all the way to Bavaria!" You missed the point. It's $700 to build. You can build it in a garage. You can launch from a container. This was already done a year ago. And you can't send one — you send swarms. Proof? On May 30, 2026, Russia launched 800 drones in a single night. The Bundeswehr's entire drone fleet today: 500-600 units. Russia could wipe out Germany's entire drone stock in one night and still have 200 left over. 🏢 The German players quietly building this * Helsing (Munich) — $12B valuation, $600M latest round led by Daniel Ek (Spotify founder). Their HX2 loitering munition uses advanced AI targeting. * RF1 Resilience Factory (southern Germany) — produces 1,000+ HX2 units per month. Ukraine has ordered 10,000. * Even the Bundeswehr is now buying from Helsing. 🎯 Five Monday Actions for every European exec 1. Drone-airspace continuity plan: Sit your logistics chief + ops chief + insurance + general counsel down. Ask: "What are our assumptions for business continuity if drones enter our airspace?" These plans don't exist yet. 2. Map drone-exposed choke points in your supply chain. Belgium has had repeated airspace disruptions. Strasbourg is on the border. Don't assume "too far." 3. Bring in someone who understands Helsing, the Quadcopters, computer vision, edge AI. You can't buy weapons for your factory — but the tech stack is migrating to commercial applications. 4. Build AI-controllable machines. Your next product's UI shouldn't look like 1990. Build it controllable via MCP server. Currently nobody is doing this — first mover wins. 5. Have a board conversation about it. Poland already is. US, Israel, South Korea already are. DACH boardrooms — not yet. 🌐 The wild part: most of this tech is OPEN SOURCE Go to Google or Perplexity right now. Type: "GitHub repo drones". You'll find: * Drone log analyzers (flight log analysis dashboards) * Fully autonomous VTOL repositories * Computer vision targeting modules * Hundreds of repos with the full AI tech stack Anybody can build this right now. Not state actors. Not criminal organizations. Mykola and his mother and his sister, in a kitchen. FPV drones used to cost $50,000. Today: $500. Every new AI model + every chip generation makes them cheaper. 🎬 What this episode is really about Ukraine in the last four years has see...

#125 - [Quickbite] - Microsoft Bans Claude Code — and Takes the Ferrari Away From Its Engineers

Imagine your company car is a Lamborghini. Or a Ferrari — doesn't matter. You drive it to work every day. You're productive. You're happy. And then your CEO walks in and says: "Starting next month, you're driving a Skoda Octavia." That's exactly what just happened at Microsoft. And it affects you directly — even if you've never written a line of code. Last week, May 14, 2026, an internal memo landed at Microsoft's Experiences and Devices Division. Windows, Microsoft 365, Outlook, Teams. Tens of thousands of engineers. The memo came from Rajesh Jha, Executive Vice President. The content in one sentence: We're shutting down Claude Code. Deadline: June 30, 2026. The absurdity: six months ago — December 2025 — Microsoft aggressively rolled out Claude Code to those same engineers. Thousands of seats. Even designers and project managers got access. The original ask: install this, experiment, build prototypes. Why the reversal? Not because Claude Code is bad. Because it's too good. It was better than Microsoft's own tool — GitHub Copilot — at exactly the work that matters: multi-file refactoring, architectural work, rapid prototyping. Microsoft sells GitHub Copilot to the world as its AI developer flagship. Microsoft invested $13 billion in OpenAI. And for six months, Microsoft's own engineers quietly preferred a competitor's product from Anthropic. That's not embarrassing — that's a strategic bomb. 📊 What separates Claude Code from GitHub Copilot * Copilot is autocomplete. You type, Copilot suggests the next line. You're driving. Passive. Like a Skoda with cruise control. * Claude Code is agentic coding. You say: "Build me an app that recognizes my Sonos speakers and starts music when my Tesla arrives home." Claude works two, three, even seven hours autonomously. Reads the whole codebase. Refactors. Tests its own output. You're no longer driving — you're a project manager. * Context window: 1 million tokens (rumored 12M coming). The AI's brain fits the entire codebase. * Extended thinking: Claude stops, plans, reasons, will tell you when something is nonsense. Copilot codes blindly forward. * Multi-file autonomy: Claude grabs "helper" agents and works in parallel across the codebase. 💸 The pricing question Claude Code Enterprise: $150 per seat per month. GitHub Copilot: $10 to $30. Microsoft engineers were using the 10× more expensive tool — and when they ran out of tokens, they paid out of their own pocket for more. Like a free-to-play game, except here the tokens produce production code. ⚠️ The Amazon precedent Microsoft is not the first to make this mistake. End of 2025 Amazon banned Claude Code and Codex internally and mandated their in-house tool "Kiro." What happened immediately? A 13-hour AWS outage in China. Engineers stuck with a Skoda Octavia facing a Ferrari-sized problem. By April 2026, Amazon reversed course and re-enabled Claude Code. Google does something similar: Claude Code is blocked by default — except at DeepMind, their top AI division. SpaceX just paid $60 billion for an option on Cursor (a Claude Code competitor). The pattern is identical everywhere. 🇪🇺 The DACH / European lesson If you're a CTO, VP of Engineering, or founder in a typical European tech company: your developers are already using these tools. As shadow AI. On personal subscriptions. Quietly in the evenings. Here's how to figure that out — without any survey: * Two years ago: ~3,000 lines of code per developer per day * With Copilot: jump to 6,000–9,000 (2–3×) * With Claude Code: jump to 30,000–300,000 (10–100×) Just look at the output. That's your audit. Done in a Monday morning. 🇪🇺 The sovereign alternative If data sovereignty matters: Mistral Codestral — 22B-parameter code model, 80+ programming languages, EU infrastructure, GDPR-native. Mistral just raised nearly $1 billion from European banks to build exactly this. Plus the upcoming Cohere-Aleph Alpha merger (Schwarz Group, €500M) explicitly building for DACH enterprises. You don't have an excuse anymore. 🏭 The hackathon moment Three days ago we co-ran a hackathon at a major German manufacturing company. 20 top developers in the room with the absolute best tools — OpenCode, Open Terminal, Claude Code. Phenomenal. But then the question: 20 people at the table, 6,000 in the corporation. When do the other 5,980 get the same tools? 🚀 How we work at werchota.ai Every single person at our company uses Claude Code. 85% of all our work is done by Claude Code and AI agents. Porni (journalist) — Claude Code. Alex (finance) — Claude Code. Not because they code. Because the tool has become universal. 📌 Three Monday actions 1. Shadow AI audit. Look at code output per developer across 2 years. Who made the 10× jump? That person is secretly using Claude or Codex. 2. A/B test with a real task. Same task, same 24 hours. One developer "old way," one with Claude Code. Compare output, error rate, completeness. 3. Three-tier data classification. Tier 1 non-sensitive = any tool. Tier 2 internal business logic = EU-hosted (Mistral). Tier 3 regulated data = security review. Not a ban. A policy. 🎬 The bigger question Microsoft will reverse this in 2-3 months. Just like Amazon did. But you have a more important problem: are you keeping the Ferrari away from your engineers — or finally giving it to everyone? ⏱️ Timestamps * 00:00 — Cold open: The Lamborghini, the Microsoft memo, the June 30 deadline * 03:00 — Agentic coding vs. autocomplete — the two worlds * 05:30 — Context window, extended thinking, multi-file autonomy * 07:00 — The $150-vs-$20 question and why engineers still pay * 09:00 — Amazon's 13-hour AWS China outage + Google + SpaceX-Cursor * 11:00 — How to audit your shadow AI in 5 minutes * 13:00 — Mistral Codestral + Cohere-Aleph Alpha as the sovereign alternative * 14:30 — The hackathon: 20 vs. 6,000 — the question every CTO must answer * 15:30 — werchota.ai: 85% Claude Code, every single person * 16:00 — Three Monday actions + close from Bregenz 🎙️ About the Host Malcolm Werchota runs AI adoption programs for companies across Europe. After 15+ years at Novartis and Schlumberger, today's focus: AI without the bullshit. Last week live at the AIM Summit in London — after Lord Melvin (former Chief of the Bank of England) and before Eric Trump, in front of 150 investors. Lecturer at ESADE and HSLU. Studied in Leoben. 🚀 Resources for Executives * 📚 Chief AI Academy — AI for Decision Makers [https://www.werchota.ai/chief-ai-academy] * 👥 AI... [https://chief.werchota.ai/getting-started]

#124 - You Are Clonable. 30 Cents Is Enough. — Realtime Deepfake Fraud and the DACH Mittelstand

You are clonable. Yes, you. Anyone listening to this podcast is right now clonable — audio and video both. And the software has gotten so good that 90 seconds of you on camera is enough. For audio, even less — 30 to 40 seconds from a phone call. Someone calls you, asks two or three questions. That's all they need. If you think that sounds far-fetched, pause this episode right now and go to TikTok. Type one name: Patrycek. A 13-14-year-old kid presses a button and turns into Brad Pitt. Moves like Brad Pitt. Speaks like Brad Pitt. He can do it with any famous face. He can do it with yours. A month ago, Patrycek didn't exist. Today: 104 million views. One side of this is funny. The other side is a hacking manual. For 30 to 50 cents. Remember Arup? Hong Kong, January 2024. A finance employee gets a Teams call. The CFO is on screen. The whole board sits around the CFO. They tell her: log in, click this through, we need it now. Across fifteen transactions she sends 25 million dollars. Every single person on that call was fake. Two years ago that attack cost hundreds of thousands. Today, two years later, the same attack costs 30 to 50 cents. 🔧 Three technologies that stack today * Real-time Deepfake — your face is replaced live in a video call, with millisecond latency. Voice too. Expensive today, ubiquitous in 6 months. * Face-Swap Pipeline — cheap and mature. Works in streams. If audio fails: "Sorry, my audio broke, I'll type." * Voice Cloning — cheapest and most mature. Runs locally. 30 seconds of source audio is enough. 📱 Where this software actually gets sold: Telegram Not on a website called deepfake-store.com. On Telegram channels with thousands of members. You join, ask "I want to do X" — minutes later someone offers you a demo call. Same playbook as legitimate enterprise software sales. One named product: Haotian AI. Chinese real-time face-swap, with customer support, update protocols, tutorials. Integrated directly into WhatsApp, Teams and Zoom. Honestly — SAP and the big enterprise software houses should study these products. They are better integrated than most legitimate enterprise software I have seen in 2026. Subscription tiers from $100/month up to several thousand for low-latency high-quality models. Fraud-as-a-Service has reached SaaS maturity. 🐷 Pig Butchering 2.0 — same victim, new face This is not a new scam. Young men in Nigeria and Ghana have been doing this for two decades. Fake romantic personas, slow extraction. The scam even has a name: Pig Butchering — you take a pig and cut it slowly. Before today, the scam was detectable — wrong accent, wrong photo, wrong rhythm. Today the scammer looks like a 25-year-old from Vienna. Or a 25-year-old from Hannover. With the right face. The right voice. The right accent. Decades-old scam playbooks suddenly enhanced. And it doesn't stop at romance scams. The same toolkit works on: the fake CFO call, the fake bank caller, the fake "I'm on the train, my phone is broken" WhatsApp to a family member. US fraud losses in this category: $12 billion in 2023 → $40 billion by 2027. 30% growth per year, every year. If this were a company, it would be the best venture investment of the decade. 🏢 Why the DACH Mittelstand is the perfect target "Malcolm, I'm happily married. This doesn't concern me." Stop. Listen. Think about German-speaking business culture. Not the DAX corporations — the actual Mittelstand. Austrian family businesses. Swiss family offices. GmbH owners. Companies between 200 and 2,000 employees, third or fourth generation, fifty or a hundred years old. When the CFO calls and says "urgent" — people move fast. Hierarchy is real. That cultural reflex is exactly what the new scammers target. Family office in Zurich — Teams call, urgent real-estate wire transfer, closes today. The assistant knows the face, the voice, the travel calendar. No formal callback protocol. Trust is the operating system. That trust can today be rented on Telegram for $500/month. IT password reset — factory manager calls IT on Teams: "I'm at the customer, my password is locked, reset it now." IT sees the face, hears the voice, approves. Perfect entry point for ransomware. Not your password — the keys to the whole company. 🔍 Detection is a losing game. Protocol is not. "Can we just buy software that detects deepfakes?" Kind of yes. Mostly no. The moment a detector becomes good, the attackers test against it and route around it. Antivirus arms race, 1990s edition — only faster. 🖐️ One free tip: If you suspect the person in your video call is fake, ask them to pick up a pen and rotate it in front of the camera. Today's face-swap models are bad at rendering small motor movements that overlap with the face. The fingers will glitch. Costs nothing. Use it. 🎯 Five Monday Actions 1. High-Risk Action List. One page, five items. Each item describes an action that cannot be authorized by phone or video call alone. Wire transfers above $10,000. IT password resets for admin accounts. Vendor bank-detail changes. Document signing under time pressure. Payroll routing changes. 2. The Codeword System. One word, rotated every 90 days. Agreed in person, never written down. When a sensitive action arrives via call: "What's our codeword for this quarter?" If they can't answer, the call is over. I use this in my own family. It's not paranoid — it's hygiene. 3. Multi-Factor Authentication on Payments. You have MFA on your Microsoft login. Extend it to financial actions. Above $10K, a second person approves via an app on a different device. Video call alone can't push it through. Most banks already offer this. Most companies haven't turned it on. 4. The Drill. Hire an external consultant to run a simulated deepfake attack. Today's tech: they succeed in 2 out of 10 attempts. Next year's tech: 9 out of 10. Run the drill annually. Treat it like a fire drill. 5. Show Your Team Patrycek. 10 minutes at the next all-hands. Open the deepfake software on screen. Be three different people in ten seconds. "This cost me three euros and took ten minutes." The shock is the training. 🧠 The deeper layer: Psychological Safety At a CAS in Artificial Intelligence at the Lucerne University of Applied Sciences, the Head of Strategy at Swiss Television said something I can't shake: "Malcolm, what's missing from all your protocols is psychological safety." Psychological safety is the permission to say "I don't believe you" to your boss, mid-call, without consequences. The permission for the assistant to interrupt the CFO with "Could you also send me a written confirmatio...