Most important take away

In the Iran-Israel conflict, cheap kinetic attacks ($20,000 Shahid drones hitting Amazon data centers) have proven far more disruptive than sophisticated cyber exploits, revealing a massive vulnerability in centralized cloud infrastructure that was never in anyone’s threat model. Meanwhile, AI is driving the cost of building software toward zero, which threatens SaaS business models but makes data the only durable asset in the AI economy — and creates new security risks as enterprises give AI agents overly broad permissions without safety-by-design principles.

Summary

Actionable Insights & Investment Implications:

• Cloud infrastructure concentration is a physical vulnerability. Iranian drones struck AWS data centers in the Middle East, taking down 2 of 3 availability zones for ~36 hours. Companies relying on single-region deployments (Fortnite, multiple banks, Vercel) were disrupted. Geographic diversification of cloud infrastructure is now a critical consideration.

• Once kinetic war begins, cyber becomes less relevant. Cyber is most useful before war for intelligence gathering and psychological operations. A $20,000 drone creates more chaos than a multi-million-dollar zero-day exploit. Israel’s cyber ops (hijacking a prayer app, hacking Tehran’s traffic lights) were about intelligence and confusion, not destruction.

• SaaS faces existential pressure. Matt argues the cost of software is approaching zero (Shopify’s CEO rebuilt MRI software in an afternoon with AI). If anyone can build software, traditional SaaS businesses face massive disruption. Be cautious with pure-play SaaS investments lacking proprietary data moats.

• Data is the only durable asset in the AI economy. Software can be rebuilt instantly; data cannot. This is the thesis behind Matt’s company OMDB — building a data infrastructure layer where AI agents access and pay for high-quality private data.

• AI agents are a security disaster waiting to happen. Enterprises are giving AI agents all permissions upfront — “probably the worst thing you can do.” Expect more data leaks because there’s no safety-by-design in current agentic architectures.

• The internet may shift to micropayments. As AI agents operate and scrape information, the free public internet model breaks down. The future likely involves agents paying microtransactions (potentially via stablecoins) for data access.

• Strait of Hormuz risk extends to AI compute. A blockade could increase memory chip, data center, and AI compute costs — an asymmetric warfare dynamic where adversaries can drive up your token costs even as the West drives them down.

• Anthropic pulled out of DoD work after its AI was used in the “Maduro operation,” citing ethical policy violations. This signals ongoing uncertainty about which AI companies will serve military customers.

• AI for vulnerability discovery is improving. Anthropic released “Claude for Security” for code assessment. But a cost paradox emerges: if software is nearly free to build, how do you justify expensive security audits?

Stocks/Investments Mentioned:

• Amazon (AMZN/AWS) — Data centers physically struck by drones; concentration risk exposed
• SaaS sector broadly — Existential risk as AI drives software costs to zero
• Stablecoins/crypto payments — Potential beneficiary of agent-to-agent micropayments
• DRAM/NAND memory — Prices already increasing due to Strait of Hormuz supply chain risk
• Cybersecurity companies — Paradoxical position: greater need but harder to justify budgets if software is free
• Anthropic — Pulled back from DoD, creating uncertainty for defense-adjacent AI investors

Chapter Summaries

Chapter 1: Introduction — The Cyber Threat Context Tracy and Joe open discussing prepper concerns about Iranian cyber attacks on US financial infrastructure, referencing Israel hacking Tehran’s traffic lights and the broader Iran-Israel conflict.

Chapter 2: Cyber vs. Kinetic Warfare Matt revisits his thesis from the Ukraine conflict: once kinetic warfare begins, cyber attacks become less relevant. A $20,000 drone creates more destruction than a multi-million-dollar exploit. Most social media activity around the conflict is disinformation and AI-generated content.

Chapter 3: Specific Iran-Israel Cyber Operations Israel hijacked an Iranian prayer app for psychological warfare, hacked traffic lights for reconnaissance, and conducted intelligence operations. Iran shut down much of its own internet. The operations were about confusion and intelligence gathering, not infrastructure destruction.

Chapter 4: Drones Hit Amazon Data Centers The most striking revelation: Iranian Shahid drones struck AWS data centers, taking down 2 of 3 availability zones for 36 hours. Cloud providers never modeled “$20,000 drones” as a threat. This is asymmetric warfare at its most effective — cheap weapons creating massive digital disruption.

Chapter 5: Government Cyber Capabilities and Anthropic/DoD Split Discussion of how governments build cyber capabilities, insider threats (L3 Harris contractor sold zero-days to a Russian broker, got 87 months in prison), and Anthropic’s ethical withdrawal from DoD work after the Maduro operation.

Chapter 6: AI for Hacking and the Security Cost Paradox AI is becoming genuinely useful for bug discovery and vulnerability research. But if AI makes software nearly free to build, how do you justify expensive security audits? This could fundamentally reshape cybersecurity economics.

Chapter 7: The SaaS Apocalypse and Data as Durable Asset Matt argues software costs are going to zero, making SaaS businesses vulnerable. Data is the only “durable asset” — his thesis for OMDB. He envisions AI agents paying for data via stablecoins through unified data marketplaces, replacing fragmented API-key models.

Chapter 8: AI Agents, Enterprise Adoption, and Security Risks AI agents are “just Python/TypeScript code calling APIs in a loop.” Enterprises are giving them all permissions upfront — expect more data leaks. Enterprise AI agents haven’t truly arrived yet; companies are still experimenting to find proper use cases.

Chapter 9: The Future of Code and AI-Generated Software Discussion of whether AI-generated code could become incomprehensible to humans. Matt isn’t worried — reverse engineering still works, and humans will increasingly use natural language (markdown) as a programming language.

Chapter 10: Geopolitical Outlook and Asymmetric Warfare Economics Matt notes the cultural shift away from caring about privacy. On Iran: watching the potential Strait of Hormuz blockade and its effect on data center costs and AI compute economics — adversaries can increase your token costs even as you try to drive them down.