Digital Dopamine

Digital Dopamine
  • 5.0 (1)
  • NEWS
  • UPDATED WEEKLY

Tune in for a weekly dose of digital dopamine! Explore productivity apps, uncover tech trends, and dive into short coding tutorials tailored for new developers. Subscribe for insights that supercharge your tech journey! digitaldopaminellc.substack.com

Episodes

  1. The Coruna iOS Exploit & The Major Issues With The Commercial Surveillance Industry

    5D AGO

    The Coruna iOS Exploit & The Major Issues With The Commercial Surveillance Industry

    So What Is the Coruna Exploit? The Coruna iOS exploit framework is a new and powerful exploit kit targeting Apple iPhone models running iOS 13.0 (released in September 2019) up to version 17.2.1 (released in December 2023). It was identified by Google Threat Intelligence Group (GTIG) and iVerify. The exploit contained five full iOS exploit chains and a total of 23 exploits. The core technical value of this exploit kit lies in its comprehensive collection of iOS exploits, with the most advanced ones using non-public exploitation techniques and mitigation bypasses. GTIG has been tracking this exploit since 2025, and at first, that threw me off a bit. Like, you mean to tell me this has just been out in the wild for a whole year without any major reporting on it? But that’s exactly what they do. There’s another report from 08-29-2024 from Google that states, “Today, we’re sharing that Google’s Threat Analysis Group (TAG) observed multiple in-the-wild exploit campaigns, between November 2023 and July 2024, delivered from a watering hole attack on Mongolian government websites.” Now I’m still new to cyber security and threat intelligence, so I don’t know if there are procedures around exploit discovery that require monitoring to understand them. To be honest, that kinda makes sense as I say it out loud, so maybe there’s some truth to that assumption. But these specific campaigns first delivered an iOS WebKit exploit affecting iOS versions older than 16.6.1 and then, later, a Chrome exploit chain against Android users running versions from m121 to m123. These were n-day exploits for which patches were available, but would still be effective against unpatched devices. They assessed that, “with moderate confidence, the campaigns were linked to the Russian government-backed actor APT29”. This leads me back to the Coruna exploit, because it seems like security vendors that are goverment backed have increasingly become more and more careless with who they sell the exploits to. That’s right folks, commercial spyware is sold to the government and other brokers. And it’s becoming more common that once spyware or an exploit capability is sold, control over the end customer is lost. Brokers can’t be trusted with these capabilities, and business-to-business transactions over the spyware market are highly unregulated. Now, this lack of control helped launch discussions about responsible use of spyware and aligning on a formal voluntary framework for its use called the Pall Mall Process. But those discussions are ongoing, and the economic pressures for spyware companies to return a profit mean these tools are being sold to a broader array of organizations. Some things just should’t be based on the constant need for a return on investment, and at the end of the day, Capitalism is to blame for this industry getting sloppy with its handling of exploits. Google is actually more on the forefront of reporting the slippery slope we are in when it comes to the unchecked commercial surveillance industry, and there is a great report you can read here → “Buying Spying”. I highly recommend the read regardless of your interest in CS, because whether you like it or not, these leaks or unethical sales of spyware affect all of us. So I want to elaborate on the definition of these attacks and exploits. 0-day Exploits A 0-day is a vulnerability or security hole in a computer system unknown to its developers or anyone capable of mitigating it. Until the vulnerability is remedied, threat actors can exploit it in a zero-day exploit or zero-day attack. The term "zero-day" originally referred to the number of days since a new piece of software was released to the public, so "zero-day software" was obtained by hacking into a developer's computer before release. Eventually, the term was applied to the vulnerabilities that allowed this hacking, and to the number of days that the vendor has had to fix them. Vendors who discover the vulnerability may create patches or advise workarounds to mitigate it, though users need to deploy that mitigation to eliminate the vulnerability in their systems. Zero-day attacks are severe threats. Watering Hole Watering hole is a computer attack strategy in which an attacker guesses or observes which websites an organization's users frequently use and then uses one or more of the websites to distribute malware. Eventually, some member(s) of the targeted users will become infected. Attackers looking for specific information may only target users coming from a specific IP address. This also makes the attacks harder to detect and research. The name is derived from a strategy of predators in the natural world, who wait for an opportunity to attack their prey near watering holes. The attack strategy was named in an RSA blog in 2012. These are just 2 of many different types of attacks and exploits that threat actors use to gain confidential information or credentials from their targets. If you’re interested in learning about more common attacks, you can check out this article from Fortinet → https://www.fortinet.com/resources/cyberglossary/types-of-cyber-attacks, where they go over the 20 most common attacks and exploits. Initial Discovery: The Commercial Surveillance Vendor Role In February 2025, GTIG captured parts of an iOS exploit chain used by a customer of a surveillance company. The exploits were integrated into a previously unseen JavaScript framework that used simple but unique JavaScript obfuscation techniques. The framework starts a fingerprinting module, collecting a variety of data points to determine if the device is real and what specific iPhone model and iOS software version it is running. Based on the collected data, it loads the appropriate WebKit remote code execution (RCE) exploit, followed by a pointer authentication code (PAC) bypass as seen in Figure 2 from the deobfuscated JavaScript. At that time, GTIG recovered the WebKit RCE delivered to a device running iOS 17.2 and determined it was CVE-2024-23222, a vulnerability previously identified as a zero-day that was addressed by Apple on Jan. 22, 2024 in iOS 17.3 without crediting any external researchers. The image below shows the beginning of the RCE exploit, exactly how it was delivered in-the-wild with GTIG’s annotations. I’m gonna throw in a shameless plug from my Hack w/ Me Episode 2: Search Skills: Because I used one of the specialized databases I learned about, the Common Vulnerabilities and Exposures (CVE) database, to pull up the record of this exploit. As previously mentioned, the record is CVE-2024-23222, and as you can see below, this exploit was fixed with the iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, and tvOS 17.3 updates. The last update on the record states 2024-06-12, so I’m not sure if that is when the OS updates came out or if that was the last fix forward from the initial releases of the OS patches. Either way, most people I can assume are safe from this attack moving forward. But there are apparently still many users within the US and outside of the country who still have an older OS version, for one reason or another. The Coruna Exploit Kit is In The Wild This is a huge issue, and the fact that these exploits that are being funded by and built for government entities should be concerning to all of us. Google’s report doesn’t explicitly mention the original CSV customer that deployed Coruna, but iVerify, which also analyzed a version of Coruna it obtained from one of the infected Chinese sites, suggests the code may well have started life as a hacking kit built for or purchased by the US government. Google and iVerify both note that Coruna contains multiple components previously used in a hacking operation known as “Triangulation” that was discovered targeting Russian cybersecurity firm Kaspersky in 2023, which the Russian government claimed was the work of the NSA. The US government didn’t respond to Russia’s claim and you can be damn sure that if they DIDN’T have any involvement in “Triangulation”, they would make it known. iVerify also noted that the code appears to have been originally written by English-speaking coders, saying “It's highly sophisticated, took millions of dollars to develop, and it bears the hallmarks of other modules that have been publicly attributed to the US government." Adding, “This is the first example we’ve seen of very likely US government tools—based on what the code is telling us—spinning out of control and being used by both our adversaries and cybercriminal groups.” So here we are again, another extremely sophisticated exploit, leaked by the US government. I say another because this isn’t the first time this has happened. Back in 2017, EternalBlue was a Windows-hacking tool stolen from the NSA (National Security Agency) and leaked to the world, leading to its use in catastrophic cyberattacks, including North Korea's WannaCry worm and Russia's NotPetya attack. We can most certainly expect something of the same caliber to be developed and deployed over the next couple of years. Even Google stated, “Beyond these identified exploits, multiple threat actors have now acquired advanced exploitation techniques that can be reused and modified with newly identified vulnerabilities.” The loosely regulated industry is a problem within itself. iVerify’s cofounder, Rocky Cole, points to the industry of brokers that may pay tens of millions of dollars for zero-day hacking techniques that they can resell for espionage, cybercrime, or cyberwar. Notably, Peter Williams, an executive of US government contractor Trenchant, was recently sentenced to seven years in prison for selling hacking tools to the Russian zero-day broker Operation Zero from 2022 to 2025. Williams’ sentencing memo notes that Trenchant sold hacking tools to the US intelligence community as well as others in the “Five Eyes” group of English-speaking governme

    30 min

  2. FEB 25

    Hack w/ Me Episode 2: Search Skills

    Intro Sup folks! Today, we will be discussing what was learned after finishing the Search Skills room in TryHackMe. Honestly, I went into this room thinking, “This is gonna be a bunch of filler that I already know, I should just skim through it.” But I quickly realized that there were plenty of VERY useful tips, tricks, and resources that I never knew. So with that, here’s a quick overview of the learning material within this room: * Evaluation of information sources * The use of search engines efficiently * Exploring specialized search engines * Reading technical documentation * Making use of social media * Checking news outlets Most of these topics are things I do regularly, especially reading technical documentation, considering that’s a required skill as a software engineer. But others, like the use of specialized search engines, were topics I’ve never really touched (or maybe I have in the past and didn’t realize it). Even some of the tips and tricks with search queries for the typical search engines like Google or DuckDuckGo were new to me, so I definitely learned a good amount from this section, aka “room”. I’ll try to make this article a quick read and sum up everything I went over and learned. Evaluation of Search Results For this task, we just went over how to effectively evaluate the information we ingest from our searches. Here are a handful of things to consider when evaluating information: * Source: Identify the author or organization publishing the information. Consider whether they are reputable and authoritative on the subject matter. Publishing a blog post does not make one an authority on the subject. * Evidence and reasoning: Check whether the claims are backed by credible evidence and logical reasoning. We are seeking hard facts and solid arguments. * Objectivity and bias: Evaluate whether the information is presented impartially and rationally, reflecting multiple perspectives. We are not interested in authors pushing shady agendas, whether to promote a product or attack a rival. * Corroboration and consistency: Validate the presented information by corroboration from multiple independent sources. Check whether multiple reliable and reputable sources agree on the central claim Search Engines Most people reading this will be familiar with Google or Bing, and some will be keen on DuckDuckGo, like myself. However, I found out about the many search operators that you can use to refine your search results. Each browser has its own set of operators, and some do overlap. It’s not isolated only to browsers either; many operating systems have their own subset of search operators as well. Here is a GitHub repo that has collected a ton of direct links to platform documentation of their respective search operators → https://github.com/cipher387/Advanced-search-operators-list. Since I use DuckDuckGo, let’s take a peek at a screenshot of that one: Here, you can see a variety of search operators that may come in handy for searching for specific items. One I find particularly useful is the filetype parameter. This will be extremely useful when trying to search for research papers and whitepapers. This actually partially disproves a statement I made in my latest article/podcast, which was that search queries these days were starting to produce less and less valuable results. Now that I’m no longer ingnorant to more advanced ways to search for information, I might be able to limit the trash articles I get in my queries 😅. I encourage people to play around with some of these search operators and confirm if your results are more refined and useful for what you’re searching for. Specialized Search Engines Completing this task was my “oh, word?!” moment when completing the room. There are SO many very specific search engines that provide fantastic information and context depending on what you’re looking for. I find that this is more useful for IT and Cyber Security engineers/enthusiasts, though. The example engines presented seem to be focused that way, at least. The first one we cover is Shodan. Shodan Shodan is a search engine for devices connected to the Internet. It allows you to search for specific types and versions of servers, networking equipment, industrial control systems, and IoT devices. For example, you may want to see how many servers are still running Apache 2.4.1 and the distribution across countries. To find the answer, we can search for apache 2.4.1, which will return the list of servers with the string “apache 2.4.1” in their headers. Censys Next up is Cynsys. Cynsys is similar to Shodan but focuses on Internet-connected hosts, websites, certificates, and other Internet assets. Some of its use cases include enumerating domains in use, auditing open ports and services, and discovering rogue assets within a network. They have a good doc on Introductory Use Cases that’s worth checking out. Some key use cases are: * Investigate indicators of compromise (IoCs): Find and track threat actors on the internet via the infrastructure they set up. * Enrich internal threat feeds with host and certificate data: Augment network logs with the most accurate, up-to-date public profile of the entities within and connecting to your network. * Create a timeline of adversary infrastructure: Investigate how and when an adversary weaponized infrastructure. See the history of a compromised or suspicious host. * Understand the global impact of vulnerabilities across the Internet: Conduct security research to understand the global impact of vulnerabilities across the Internet from CVEs to zero-days like SolarWinds or Microsoft Exchange. * Map your external attack surface: Investigate and view your attack surface from an external perspective by finding your Internet-facing assets and evaluating them for vulnerabilities. The Introductory Use Cases doc goes into deeper detail of the key use cases with some examples as well, but I won’t go over that in this article. I’m sure we will be utilizing this tool in the future for assignments. VirusTotal VirusTotal is a website that provides a virus-scanning service for files using multiple antivirus engines. It allows users to upload files or provide URLs to scan them against numerous antivirus engines and website scanners in a single operation. They can even input file hashes to check the results of previously uploaded files. The screenshot above shows the result of checking the submitted file against 67 antivirus engines. Moreover, one can check the community's comments for additional insights. From time to time, a file might be flagged as a virus or a Trojan; however, this might not be accurate for various reasons, and that's when community members can provide a more in-depth explanation. Have I Been Pwned Last but certainly not least, is “Have I Been Pwned” (HIBP). HIBP does one thing: it tells you if an email address has appeared in a leaked data breach. I’ve used this a couple of times over the past couple of years due to the increased data breach reports that have been sprouting up with apps I used, like Discord and the National Data Breach that exposed 3 BILLION PEOPLE!! Finding one’s email within leaked data indicates leaked private information and, more importantly, passwords. Many users use the same password across multiple platforms; if one platform is breached, their password on other platforms is also exposed. So please, for the love of god start using a password generator and manager lol. While passwords are usually stored in an encrypted format, many passwords are not that complex and can be recovered using a variety of attacks. Vulnerabilities & Exploits This task was pretty damn cool. We went over 2 main tools/databases: The Common Vulnerabilities and Exposures (CVE) program and the Exploit Database. Common Vulnerabilities and Exposures (CVE) It’s said to think of CVE as a dictionary of vulnerabilities. It provides a standardized identifier for vulnerabilities and security issues in software and hardware products. Each vulnerability is assigned a CVE ID with a standardized format like CVE-2024-29988. This unique identifier (CVE ID) ensures that everyone from security researchers to vendors and IT professionals is referring to the same vulnerability, CVE-2024-29988 in this case. The MITRE Corporation maintains the CVE system. For more information and to search for existing CVEs, we can visit the CVE Program website. Alternatively, we can visit the National Vulnerability Database (NVD) website. The screenshot below shows CVE-2014-0160, also known as Heartbleed. The Heartbleed bug is a critical security vulnerability in the OpenSSL cryptographic software library that allows attackers to exploit improperly implemented TLS heartbeat functions to access sensitive data in memory, such as private keys and passwords. This vulnerability was publicly disclosed in April 2014 and has since been patched in newer versions of OpenSSL. Exploit Database There are many reasons why you would want to exploit a vulnerable application; one would be assessing a company’s security as part of its red team. Needless to say, we should not try to exploit a vulnerable system unless we are given permission, usually via a legally binding agreement. Once we have permission to exploit a vulnerable system *wink wink*, we might need to find a working exploit code. One resource is the Exploit Database. The Exploit Database lists exploit codes from various authors; some of these exploit codes are tested and marked as verified. Technical Documentation & Social Media I want to combine these two tasks as they are pretty straightforward Technical Docs From coding languages & Framework docs like Python and Svelte to hardware ecosystem docs for Apple hardware, you will find well-organized documentation of its software or hardware. These official docs provide a reliable source of information about the software or product features and funct

    23 min

  3. FEB 18

    Open Season on OpenAI & The Crumbling AI Pillar Our Society Sits On

    Let's dive into how OpenAI and AI in general is hemorrhaging money, our environment, and the economy. Check out my Substack for the full video & full written article that contains all of the sources: https://open.substack.com/pub/digitaldopaminellc/p/open-season-on-openai-and-the-crumbling Follow Me on IG: https://www.instagram.com/digital_dopamine_llc Peep the Linktree for all other socials: https://linktr.ee/digital_dopamine If YouTube is your preference for watching, catch me over there and give me a subscribe: https://www.youtube.com/@DigitalDopamineLLC Get full access to Digital Dopamine at digitaldopaminellc.substack.com/subscribe

    53 min

  4. JAN 28

    The AT Protocol & Why You Should Drop Centralized Social Apps

    Intro (2 minutes) [Music Intro] What’s up, folks, and welcome to the second episode of the Digital Dopamine podcast! One of these days, I’m gonna get a sponsor lol and have a quick standard intro for everyone. In due time, in due time 😂. But people who follow me on IG have already seen what today’s episode is gonna be about, and that’s the AT Protocol, or Authenticated Transfer Protocol, atproto. All names are used in the space of decentralized digital identities. Alright, so we will be covering: * What the AT Protocol is at a basic-intermediate level so that developers and, more importantly, non-devs can understand what it is and how it works. * The key features of the AT Protocol and its benefits. * The Challenges and Limitations of the AT Protocol as of today. * Why apps built on the architecture (Bluesky, Flashes, and Pinksky) are superior to centralized social apps like IG, TikTok, and X, and what is capable within those apps. * Discussing a bit about Fanbase and UpScrolled. * Then, ending the show with a new project I’m starting up related to these apps and content distribution. After more research on the core tech and architecture of Bluesky, there are some concerns that I actually learned about and will give my honest frustration with it, but they pale in comparison to the issues I have with the likes of IG, TikTok, and X, and I personally see more benefits of using these apps over the others. So let’s get right into it. Main Story The At Protocol Overview *Skip to minute 30:00 if you want to skip the technical deep dive* So I’ll just start with a quick definition of the AT Protocol: “is a protocol and open standard for distributed social networking services.[3] It is under development by Bluesky Social PBC, a public benefit corporation created as an independent research group within [Twitter, Inc.](https://en.wikipedia.org/wiki/Twitter,_Inc.) to investigate the possibility of decentralizing the service.[4] A distributed social network (not to be confused with a decentralized or federated social network) is a network wherein all participating social networking services can communicate with each other through a unified communication protocol, and all participants are equal. Okay, technical definitions are over. What is the purpose of switching, and why should you care? depending on what you’re looking for in your social apps and identity will determine if any of this is of interest to you. So far, monetization is the only frustrating challenge I see with these apps, and in a world where influencers are the biggest proponents for people who might want to switch. If they don’t have a way to make money on these new platforms, it’s gonna be hard to get people to transition. That being said, creators can take the extra step and use external revenue channels like Substack, Patreon, or Fanbase in order to generate income from the traffic they get through the platforms. But Bluesky IS planning to add revenue streams to the platform, like a tipping system as well as subscriptions in future feature releases, so hopefully that comes sooner than later. AT Protocol also doesn’t support private content yet. If you need a private account or encrypted DMs, this isn’t your platform yet. But it’s coming. For public discourse and community building, it’s great. Now this next section is about to get a bit technical and into the weeds so if any of this starts to confuse you or you don’t really care about the good and the bad of the protocol, I’ll try to have a timestamp of where you can skip to and we talk about the apps that stand to be a 1:1 alternative and what they offer. AT Protocol’s Key Features The “Speech vs. Reach” Framework So the core concept of apps built on ATP is “Speech vs. Reach”. This is the heart of what makes AT Protocol different, and it’s the fundamental architectural philosophy of its creation. AT Protocol deliberately separates two layers: “speech” and “reach” and explains both in detail. * Speech Layer = permissive, distributed authority. It’s the data repository level where everyone has a voice. Your posts, data, and identity are all stored in signed repositories that you control. * Reach Layer = moderation and algorithmic curation. This is where platforms decide what you see. It’s about limiting the visibility/reach of content based on preferences, algorithms, moderation policies, etc. You are basically able to curate what you see on your feed without a central algorithm showing you what it thinks you might like, or force-feeding you rage bait or thirst traps because it tracked how long you paused on the “Suggested Reels” section…Which, for some reason, always has something you’ve clearly stated “See Less” or “Not Interested” multiple times. You’re able to literally choose moderation services and custom feed algorithms built by community developers. For instance, I have a handful of coding feed algorithms I’ve subscribed to, and my feed rarely shows posts that I wasn’t interested in. IfIi start to see a trend in the wrong direction, I can search for a new algorithm to swap to OR use none if my followers and likes are vast enough for the standard algorithm to know what I actually like. And for context, there are over 50,000 custom feeds that exist on Bluesky. So there’s bound to be a feed that fits your preferences. Moderation Dive To dive a bit deeper, Bluesky uses a two-tier moderation system: baseline protections (violence, exploitation, fraud) that everyone follows, then user choice on top. What this means: Bluesky maintains community standards, but you decide which additional moderation filters you subscribe to. Community-run labelers create custom labels (”Spoilers,” “Political Content,” etc.), and you choose which ones affect what you see. This is fundamentally different from Instagram, X, and TikTok: * Instagram bans you with no explanation or appeal * X’s moderation is inconsistent and unilateral under Musk * TikTok’s algorithm removes content opaquely Bluesky gives you transparency—you know why you were flagged, can appeal, and can choose your own moderation standards. The key insight: Moderation is part of the “reach” layer (who sees what), not the “speech” layer (whether content exists). This means if you block someone on one AT Protocol app, that block carries across all apps. Your moderation rules work at the protocol level, not just one platform. You’re not at the mercy of one company’s moderation philosophy, and you set your own standards. DIDs (Decentralized Identifiers) Another awesome feature is DID, or Decentralized Identifiers. Instead of your identity being @username.instagram.com, which is tied to Meta’s servers, your identity on AT Protocol is a cryptographic DID that looks like a hash. Example: did:plc:7iza6de2dwap2sbkpav7c6c6 I’ll explain did:plc a bit later. This DID can have multiple human-readable handles (@alice.example.com, @alice.bsky.social), but the DID stays the same and is portable. And I think this is one of the most, if not THE most important features within this ecosystem. And that’s the fact that you can’t get banned or straight-up deleted from the devs/company that built the app. With Instagram, your account exists at the pleasure of Meta. And we have seen how they’ve been moving on IG recently. I’ve experienced it myself, and I’m a nobody on that platform lol. If they ban you, you lose everything—followers, posts, history, pretty much your whole digital identity. With AT Protocol, your DID (your actual identity) is cryptographically yours. Your posts are signed by you. If Bluesky shuts down, you move to another AT Protocol app and bring everything with you: all followers see your posts, your history is intact, and your identity persists. Now, how this works is: Your DID contains your public cryptographic keys, and your posts are signed with your private key. This means you can prove ownership of your account without asking permission from any company, and if it comes to it, you can migrate servers without the old server’s involvement. So imagine if a big name like IShowSpeed could leave Instagram, take 100% of his followers and posts him to Snapchat or TikTok (if they were on AT Protocol), and his username and followers would be transferred as well and they would still be able to verify it’s him AND he would still be able to have his own verified status come along too. That’s what the AT Protocol enables. So getting control and freedom of your digital identity would be a great thing for us as a society to do, in my opinion. But that leads us back to some of the major drawbacks and bottlenecks I discovered while researching this. The Challenges and Limitations So, currently, the most common DID method is did:plc “Public Ledger of Credential,” and Bluesky runs the single directory service that manages it. There’s no redundancy or independent backup, so if the directory goes down, critical network functions break. Which then raises the theoretical concern of you being banned at the protocol level by Bluesky if they really wanted to be petty 😩 cause that wouldn’t only ban you from Bluesky, it would ban your DID from all apps you’re using with DID. It also contradicts the whole decentralization narrative. But I’m not too concerned about this for a few reasons: * That would ruin the reputation of Bluesky and the Protocol they built,t which will encourage people to go back to the mainstream apps or switch to a different, more raw decentralized protocol, like Nostr. I won’t dive into Nostr, but I will leave links to the Wiki (https://en.wikipedia.org/wiki/Nostr), the white-paper it released in 2020 (https://fiatjaf.com/nostr.html), and it’s Github README (https://github.com/nostr-protocol/nostr/) in the script. Also. Very cool protocol, but not as feature-rich to build on as AT Protocol. * They are already

    54 min
  5. Billionaires' Takeover Attempt in Greenland

    JAN 23

    Billionaires' Takeover Attempt in Greenland

    Intro (2 minutes) * *[Music Intro] Welcome everyone, to the first podcast of Digital Dopamine! Where I’ll be delivering a weekly dose of tech news, app demos, tips, and tricks, tailored to tech enthusiasts and developers of all levels. On today’s Episode we’re gonna focus on the Tech Billionaire’s wet dream…” Greenland”. As a lot of you probably know by now, there’s this feverish push to “buy” Greenland, which is pretty much another invasion, and they want to make it seem like it’s for national security. While that claim may be partially true. I’m gonna dive into the real culprits behind this push, and that’s all the tech billionaires, specifically the “PayPal” Mafia. Main Story Who’s the PayPal Mafia, you ask? Well i’ll get into that in a bit, but first, let’s go back to 2016, where a man named Ronald Lauder made the first move of this long game plan. I’ll keep this briefing quick, Lauder, in 2016, made a huge investment in , a luxury water bottling company founded by Svend Hardenberg and Jørgen Wæver Johansen, both of whom are well-connected in the political sphere. Now Ronald is the person who floated the idea during Trump’s first term to make Greenland part of the US (Source-1, Source-2), with some analysts describing his investments in Greenlandic businesses asa political strategy rather than purely commercial (Source). Ronald’s business partner, Jørgen, is married to Greenland’s current foreign minister, which is for sure a conflict of interest, but that’s never stopped the ultra-wealthy from doing business. But the same individuals negotiating foreign investment policy are also investment recipients. Now that’s just a bit of context for how this all started, and I recommend diving deeper into Ronald Lauder when you get some free time. But let’s hop ahead a few years to talk about some other Billionaires that didn’t wanna miss out on the exploitation. In 2019, when traction started to pick up on the “idea” of buying Greenland, Jeff Bezos, Bill Gates, and Michael Bloomberg all invested in a company called KoBold Metals through Breakthrough Energy, an organization founded by Bill Gates himself (Source). KoBold Metals is a company that explores and develops mineral resources essential for clean energy technologies, which consists of Ev Vehicle wind turbines, etc, and the minerals they are in search of include lithium, nickel, copper, and cobalt, which are critical for batteries and other renewable energy solutions. How they search for these rare earths is through AI-powered exploration of the island. And in 2022, guess who decided to join the party, Sam Altman, and since then, more and more investments have poured into KoBold Metals, valuing the company today at around 2.96 billion dollars. Speaking of muddied interests, Howard Nutlick….I mean, Lutnick… has been investing in a different Greenland Mining company called Critical Metals Corp……..for over 3 decades through Cantor Fitzgerald. He’s since divested in cantor but his stake was just handed over to his children……and I’m SUREEEE they will have a moral compass and not be a conflict of interest in the area moving forward. (Forbes) And then we have Ken Howery, a former venture capitalist and associate of Peter Thiel, who Trump appointed as US ambassador to Denmark…..like how is no major outlet reporting about this?!?!…. That’s rhetorical, of course. There are a couple more folks in the weeds of all of this, but for the sake of time, I’m gonna now get to the PayPal Mafia, and how they plan to create a “Freedom City”…which in reality will be an internet-native/technocratic nation, testing AI surveillance tech before bringing it back home here in the US. Let’s start at Praxis, which is a company founded by Dryden Brown and Charlie Callinan, with Howard Hughes Corporation founder David Weinreb, who is the current vice chairman. Praxis describes itself as an “internet-native nation” [1] and has stated plans to create a 10,000-person city in the Mediterranean. Brown is designing a theoretical “city-state” aiming to “restore Western Civilization,” and has had his sights on Greenland specifically. Who backs this concept???? PayPal Mafia members, including Peter Thiel and Ken Howery, Trump’s pick for Denmark ambassador So how do they play to test surveillance?? Praxis plans include “AI-augmented governance” and will feature “employer-friendly labor laws” described as “Elon-compatible.” The company’s manifesto describes creating all infrastructure—contracts, governance—on blockchain, creating a “tax-free enclave, governed by free-market principles and managed by a king-CEO leading citizen-shareholders.” (Source) The argument for why they are desperate for Greenland is that it’s a small, contained population (Greenland has under 57,000 people) where these billionaires with their shady political connections could experiment with governance, AI integration, and surveillance systems. All while being free from existing regulatory frameworks and the consequences that come with breaking them. These tech billionaires envision unregulated “freedom cities” in Greenland, free from democratic oversight, environmental laws, and labor protections. La Voce di New York Greenland’s cool climate is ideal for hosting massive AI data centers. Wikipedia—combining computational power with a controlled population creates something like a real-world laboratory. The PayPal Mafia’s collective vision is “a state stripped down to its bare bones, with only one objective: maximize shareholder value.”(Source: New Arab). These people include Elon Musk, Thiel’s minion JD Vance, Ken Howery, and other members across Trump’s executive branch, like David Sacks, who is Trump’s advisor on AI and cryptocurrencies. This group has unprecedented political access and, from their past actions, will surely stop at nothing until they get their greasy, greedy hands on Greenland. Peter Thiel and Elon Musk see Greenland not just as a source of rare earths, but as a laboratory for their libertarian economic and social experiments. ( The Irish Times ) The crazy part is, this is all being experimented with NOW in Próspera. “What’s Próspera?” you ask…..well, Próspera is a charter city on the island of Roatán in Honduras, operating as one of three Zones for Employment and Economic Development (ZEDEs) with autonomy from the national government. It’s backed by venture capitalists, including none other than Peter F*****G Thiel, Marc Andreessen, and Balaji Srinivasan (buh-LAH-jee sree-nee-VAH-sun)…I literally had to add how to pronounce his name in the script lol. But the investment is through Pronomos Capital, and has recently attracted Coinbase CEO Brian Armstrong as an additional investor. So this is pretty much a libertarian experimental zone designed to test free-market principles at scale. According to historian Quinn Slobodian, Próspera is part of a broader trend of projects aimed at implementing these theories in practice. The model features: * Minimal taxation: Tax rates are 1% on business revenue, 5% on wages, and 2.5% sales tax, with 5% personal income tax as of 2025. * Corporate governance: Honduras Próspera Inc. has veto power over the governing council’s nine-member body, with four members appointed by the company itself. * Crypto integration: Bitcoin is recognized as legal tender within the city. * Private arbitration and custom law: Businesses can select regulations from approved foreign jurisdictions or propose custom regulations subject to Próspera’s approval. (The Irish Times) And this is already negatively affecting the local populations of neighboring villages. The village of Crawfish Rock expressed fears about land expropriation, and funds earmarked for Honduras development haven’t reached nearby communities, while Próspera uses the island’s infrastructure (electricity, airports, garbage) with inequities. Honduras’ leftist President Xiomara Castro repealed the ZEDE law in 2022, citing sovereignty concerns, but Próspera didn’t stop operations…….they instead decided to sue Honduras for $10.7 billion—equivalent to one-third of the country’s GDP. (The Irish Times) This is the atrocity: create a private city with minimal regulation, extract wealth from the land and locals while ignoring their communities, and use international legal mechanisms to override national sovereignty if a government tries to stop it. Greenland would be where this model scales globally. Outro So really quick: we have mining companies searching for rare earth minerals (Bezos, Gates, Bloomberg via KoBold), water extraction (Lauder), and a libertarian city-state with AI governance (Thiel, Howery, Altman via Praxis), an ongoing experiment in Próspera testing these theories of libertarianism, minimal income and business revenue tax while at the same time, horrid wages for workers & being a haven for crypto fraud and laundering by the GOV—all connecting to the same island, all connected to PayPal alumni, all with Trump administration alignment. Editors Note All sources in the article are bolded with links. Feel free to correct any of my sources in the comments. Get full access to Digital Dopamine at digitaldopaminellc.substack.com/subscribe

    19 min
  • 5 Episodes

About

Tune in for a weekly dose of digital dopamine! Explore productivity apps, uncover tech trends, and dive into short coding tutorials tailored for new developers. Subscribe for insights that supercharge your tech journey! digitaldopaminellc.substack.com

Information

  • Creator
    Digital Dopamine
  • Years Active
    2K
  • Episodes
    5
  • Rating
    Explicit
  • Copyright
    © Kyle Leonard
  • Show Website
    Digital Dopamine