
Sign up to save your podcasts
Or

![[Dev]olution](https://podcast-api-images.s3.amazonaws.com/corona/show/7206136/logo_300x300.jpeg)
Everyone's asking the wrong question about open AI models and has turned the debate into a geography problem. Is it Chinese? Is it American? Can we trust it?
But the biggest AI security incident in recent memory had nothing to do with where a model came from.
In this minisode, Nicky Pike breaks down the three layers of risk hidden behind open-weight AI models and why most security conversations focus on the easiest layer to defend. From poisoned training data and sleeper-agent research to malicious Hugging Face repositories that fooled hundreds of thousands of developers, this episode separates real threats from political headlines.
If you're evaluating DeepSeek, Qwen, Llama, or any open model, this episode will change how you think about trust, ownership, and security.
In this episode, you’ll learn:
Episode highlights:
(00:00) The repo that fooled 244,000 developers
(00:35) Why everyone wants open models
(01:20) The wrong question CIOs keep asking
(02:10) The three layers of AI risk
(04:00) Anthropic's sleeper agent experiment
(06:25) How 250 documents can poison a model
(08:00) The Hugging Face malware problem
(09:20) Why banning models misses the real threat
(10:15) Self-hosting isn't a force field
(11:20) What ownership actually gives you
(13:20) 4 practical defenses that work
(16:20) Why open models are getting too good to ignore
Resources:
By CoderEveryone's asking the wrong question about open AI models and has turned the debate into a geography problem. Is it Chinese? Is it American? Can we trust it?
But the biggest AI security incident in recent memory had nothing to do with where a model came from.
In this minisode, Nicky Pike breaks down the three layers of risk hidden behind open-weight AI models and why most security conversations focus on the easiest layer to defend. From poisoned training data and sleeper-agent research to malicious Hugging Face repositories that fooled hundreds of thousands of developers, this episode separates real threats from political headlines.
If you're evaluating DeepSeek, Qwen, Llama, or any open model, this episode will change how you think about trust, ownership, and security.
In this episode, you’ll learn:
Episode highlights:
(00:00) The repo that fooled 244,000 developers
(00:35) Why everyone wants open models
(01:20) The wrong question CIOs keep asking
(02:10) The three layers of AI risk
(04:00) Anthropic's sleeper agent experiment
(06:25) How 250 documents can poison a model
(08:00) The Hugging Face malware problem
(09:20) Why banning models misses the real threat
(10:15) Self-hosting isn't a force field
(11:20) What ownership actually gives you
(13:20) 4 practical defenses that work
(16:20) Why open models are getting too good to ignore
Resources: