Meta sees everything, Copy Fail, and a deepfake gets hired
Smashing Security
Graham Cluley
4.7 • 579 Ratings
🗓️ 6 May 2026
⏱️ 63 minutes
🧾️ Download transcript
Summary
Meta's smart glasses promise privacy "designed for you" - but everything they record was being beamed off to workers in Nairobi to label by hand. When those workers blew the whistle, Meta sacked all 1,108 of them.
Meanwhile, the IT press is in a frenzy over a new Linux bug called "Copy Fail" - complete with logo, dedicated website, and a marketing-friendly name. But is it really the disaster everyone's making it out to be?
And in our featured interview, Jake Moore of ESET explains how he tricked a company into offering his deepfake clone a job - after a perfectly normal-looking video interview.
All this and more in episode 466 of the "Smashing Security" podcast with cybersecurity expert and keynote speaker Graham Cluley, joined this week by special guest Paul Ducklin.
EPISODE LINKS:
- Anti-DDoS Firm Heaped Attacks on Brazilian ISPs - Krebs On Security.
- Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha - Bleeping Computer.
- Trellix confirms data breach after hack of 'a portion' of its source code - TechRadar.
- Meta’s AI Smart Glasses and Data Privacy Concerns: Workers Say “We See Everything” - Svd.
- Dispute over fate of Kenyan workers who saw Meta AI glasses films - BBC News.
- Copy Fail - CVE-2026-31431.
- Copy Fail: Hype versus reality - the full story - SolCyber.
- Flight into Danger: The Original Airplane! - BBC Sounds.
- The Luton writer behind the original Airplane! - BBC News.
- Code Dependent by Madhumita Murgia - Pan Macmillan.
- The Code Book - Simon Singh.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
SPONSORS:
- Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- ESET - 30 years of threat research behind unique global telemetry, AI-native technology, and human expertise working together to keep your business protected.
- Action1 - Keep your systems safe (and your sanity intact) with the patch management platform that just works. The best part? Your first 200 endpoints are free, forever, with no functional limits.
SUPPORT THE SHOW:
Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!
FOLLOW THE SHOW:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.
THANKS:
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Privacy & Opt-Out: https://redcircle.com/privacy
Transcript
Click on a timestamp to play from that location
| 0:00.0 | So these employees, they're drawing little boxes around things to say, this is a flower pot, this is a traffic cone, this is a coffee tender, whatever it may be. But this is the reality, this trillion dollar industry of AI, the actual truth is there's an awful lot of people who happen to do this. |
| 0:26.9 | Smashing Security, Episode 466, Meta sees everything, copy fail. And a deep fake gets hired with Graham Cluley and special guest Paul Ducklin. |
| 0:44.3 | Hello, hello and welcome to Smash Insecurity episode 466. My name's Graham Pluley. |
| 0:49.5 | And my name is Paul Ducklin. |
| 0:52.2 | Hello, Paul. Good to have you back on again. |
| 0:54.2 | Hello, Graham. I always forget that when you do that pregnant Hello, Paul. Good to have you back on again. Hello, Graham. |
| 0:54.6 | I always forget that when you do that pregnant, Paul's, I'm supposed to give my name, even though I've done it many times before I make the blunder every time. |
| 1:04.6 | You're not the only one. |
| 1:08.4 | Sometimes I have to whisper, and sometimes the whisper is edited out afterwards. |
| 1:11.7 | Say who you are. |
| 1:14.7 | Oh, no. |
| 1:15.6 | If it gets that bad with me in any future episode, I'm happy for you to leave the stage whisper in. |
| 1:21.5 | Because that will focus my mind for next time. |
| 1:24.0 | How has the world of cybersecurity been in the last, well, since we last spoke? |
| 1:28.6 | Well, it has been a lot more of the same, hasn't it? |
| 1:32.5 | More AI panics, more bugs, more patches, more social engineering attacks, more of everything. |
| 1:41.5 | So it's always been that way, hasn't it? |
| 1:43.4 | It's always been on that direction. Yes. We can't ever say, oh, it's been really, really quiet. This whole cybersecurity business seems to be shutting down. Maybe we'll have to find ourselves a new job. We're getting to fishmongery. Well, fish with a pH would come after us, I'm sure. Well, before we kick off, let's thank this week's wonderful sponsors, Action One, |
| 2:02.0 | ESET and Vanta. |
| 2:03.3 | We'll be hearing more about them later on in the podcast. |
| 2:08.6 | This week on Smashing Security. |
| 2:10.7 | We're not going to be talking about how a Brazilian firm that protects businesses |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Graham Cluley, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Graham Cluley and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.