The Mixed Blessing of Lousy PRNG - Kaspersky Ban, EU vs. Google's Privacy Sandbox
The Mixed Blessing of Lousy PRNG - Kaspersky Ban, EU vs. Google's Privacy Sandbox
The Mixed Blessing of Lousy PRNG - Kaspersky Ban, EU vs. Google's Privacy Sandbox
Episode Transcript
Transcripts are displayed as originally observed. Some content, including advertisements may have changed.
Use Ctrl + F to search
0:00
It's time for security now Steve Gibson is here
0:02
lots to talk about The
0:05
Commerce Department in the United States
0:07
bans the Kaspersky anti-virus Steve
0:09
talks about why and whether it's a
0:11
legitimate problem We hear from a security
0:13
researcher who is having trouble getting into
0:15
the United States Maybe you could help
0:18
and then we'll find out why every
0:20
once in a while It's a good
0:22
idea of a bad password generator all
0:24
that more coming up next on security
0:26
now Podcasts
0:29
you love from
0:31
people you trust This
0:40
is security now with Steve Gibson
0:42
episode 980 recorded
0:44
Tuesday June 25th 2024
0:49
the mixed blessing of lousy
0:51
PRNG It's
0:53
time for security now. Yeah, the show
0:55
you wait all week for let's
0:58
just make that your your tagline We
1:00
wait all week for Tuesday if
1:03
it's Tuesday, it must be Steven Gibson
1:05
day. Hello, Steve Gibson my friend it's
1:07
great to be back with you as
1:09
we close out the first half of
1:11
the year and Where
1:13
I I have to say it was
1:15
a little poignant. Well not poignant. It was it was it
1:19
Was very clear to me that we are closing
1:21
in on episode 1000 crossing the infamous 999
1:25
when I wrote 9 8 0 Wow No,
1:30
we're getting we're getting we're getting there.
1:32
Holy moly. Yes Okay,
1:35
so we I just
1:37
have to say and I assume you haven't
1:39
seen it yet because you haven't fallen off
1:41
your ball That we have
1:43
one of the my favorite pictures of the week
1:46
in a long time so That's
1:49
coming up. But I think a
1:51
great episode one with some interesting
1:53
lessons the
1:55
mixed blessing of a lousy
1:59
PRNG And I realized when
2:01
I was using you know PRNG that some
2:03
of our listeners by what a bring Of
2:06
course, we know that's a pseudo
2:08
random number generator. Yes, and the
2:11
Pringles were named after Sudan Probably
2:14
no, that's it exactly that this is
2:16
the audience they were targeted at because
2:19
we all sit around eating Pringles. Yes
2:22
But we're gonna answer some questions as we
2:24
always do before we get to our main
2:27
topic, which is How
2:29
long did it take for
2:31
Windows recent horrific Wi-Fi flaw
2:33
to become weaponized? What
2:37
are the imp- oh and oh boy, is there
2:39
a new twist on this Wi-Fi flaw, too What
2:42
are the implications of the
2:44
US Commerce Department's total ban
2:46
on Kaspersky which
2:49
will be coming into effect in a
2:51
few months Wow. Yeah How
2:53
is the Kremlin reacting to that and
2:56
who cares but still why would
2:59
an EU privacy watchdog file
3:02
a complaint against Google over
3:05
their privacy sandbox Which
3:08
is all about privacy as the name
3:10
suggests When
3:12
is an email tracking bug not
3:14
a tracking bug? What
3:17
can this podcast do to help
3:19
a well-known security researcher? Present
3:22
his work at Defcon and
3:25
blackhat this summer What's
3:28
another near certainty
3:30
for Microsoft's actual plan
3:32
for recall? This is
3:35
something else that occurred to me that I think everyone's gonna
3:37
go. Oh Of course
3:39
like the first time I had this I
3:41
thought a couple weeks ago and
3:43
what two mistakes Maybe
3:45
not only two but at least
3:47
these two have I been making
3:49
on this podcast finally,
3:52
why might a really
3:54
bad password generator wind
3:56
up being a good thing a mixed
3:59
blend as it were. Yeah, I'm
4:01
trying to think of why it could ever
4:03
be a good thing. And more importantly
4:07
what lessons do we learn
4:09
about cryptography overall from from
4:12
that. So yeah I think Leo,
4:15
we may actually have a good podcast
4:18
finally. Well after
4:20
980 attempts I think it's good.
4:22
I think we got the hang of it.
4:24
This might be something
4:27
where people come away thinking, you
4:29
know, that was okay. They're doing
4:31
alright these kids. Yeah. Well
4:33
let me tell you before we go much further about our
4:35
first sponsor of the show and then we can get into
4:37
the... I do have a penguin in my face I should
4:39
note. I'm
4:41
sorry. That's
4:44
rude. I
4:46
put a Linux penguin in your face. Sorry
4:49
you shouldn't go there. Let me put him
4:52
off to the side. But just a
4:54
little reminder,
4:58
using Windows you don't
5:00
have to. We should all actually be using.
5:03
That's right. I found out what that was.
5:05
The thought that I have about Windows may
5:08
cement that further. Oh boy. I
5:10
found out what that was. Remember
5:12
before the show Windows kept saying
5:14
restart, restart, restart. Yeah. And
5:16
then I was getting a UAC from 8-bit
5:18
solutions. Turns out that's the
5:20
Azure provider that Bitwarden uses. So
5:24
that was Bitwarden asking me to update
5:26
itself basically. Oh interesting. But you know
5:28
I have to say from a security
5:30
standpoint you don't want to see another
5:33
name show up when you're
5:35
reinstalling something. That means you have to go out and look
5:37
it up and figure out why it
5:39
wants to do that. So. Well and Leo
5:41
why is it only 8 bits? I would
5:44
think what is this from the 80s?
5:46
8-bit solutions? What? Is it a platform
5:50
of 6502 or something? That's
5:52
very odd. Yeah that's a good point. I
5:54
don't know. Well anyway now I'm gonna
5:56
install it because I've found out. I'd
6:00
be inclined to trust it. More
6:02
bits is better. Is it always better? That's
6:04
right, baby. If we learned anything in crypto,
6:07
the more bits you got, the better. That's
6:10
what did you call that? A padding of some
6:12
kind, right? I
6:15
can't remember. You had a good name for it. Password,
6:18
perfect paper, password, haystacks
6:20
or something, right? Is
6:22
it haystacks? Well the haystacks is an interesting
6:24
idea, but that's different than this. That's a
6:26
different one. Okay. Anyway, enough of
6:29
that. Enough fall to roll. Let's talk about
6:31
our sponsor Delete Me, and I know a
6:33
lot about Delete Me because we use it.
6:36
We started using it when a malicious,
6:40
oh, I'm going to call him a bad
6:42
guy, decided to pose as
6:44
my wife, the CEO of the company, and
6:47
sent a text message to all our direct reports
6:49
saying I'm in a meeting right now. I need
6:51
you to immediately buy $1,000 with
6:53
Amazon gift cards and send her this address. Now
6:57
our employees are a little
7:00
smarter than that, but what really
7:02
chilled me was not only did they
7:04
know Lisa's name and the company and
7:06
her phone number so they
7:09
could impersonate it, they knew her
7:11
direct reports, they knew their phone
7:13
numbers, and that was scary. Delete
7:15
Me deletes your personal information
7:18
off the internet. Who is the number
7:20
one problem here? Data
7:22
brokers. Until they make a
7:25
comprehensive privacy law in the US, which they
7:27
still haven't, those data brokers are legal and
7:29
run wild. If you've
7:31
ever searched for your name online, you know
7:33
how chilling this is. Almost
7:36
all your personal information is right there for
7:38
anybody to see. It's
7:41
not just you. If
7:43
you're a business, it's your company. If
7:47
you're a father or mother of a
7:49
family, it's your family, right? Delete
7:51
Me helps reduce risk from identity
7:53
theft, cybersecurity threats, harassment, and more.
7:55
Where do they get that information?
7:58
Data brokers. Delete me.
8:00
Now once you sign up for delete me, their experts
8:03
will find and remove your information from the data brokers.
8:06
And if you're doing the family plan, you can
8:08
assign a unique data sheet to each family member
8:11
tailored to them with easy
8:13
to use controls. Account owners can manage privacy
8:15
settings for the whole family. And
8:18
here's this is really important. After they do the
8:20
first initial delete, they will continue to scan and
8:22
remove your information regularly. I'm
8:24
talking addresses, photos, emails, relatives, phone
8:27
numbers, social media, property value, you
8:29
name it. It's out
8:31
there and it's available to the highest bidder.
8:34
You don't even have to be the highest bidder. They sell it
8:36
cheap. Protect
8:39
yourself. Reclaim your privacy. Visit
8:41
joindeleteme.com. That's what we use.
8:44
The offer code is TWIT. You're gonna get 20% off when
8:46
you do that. joindeleteme.com.
8:50
Twitch promo code
8:52
TWIT for 20% off.
8:56
All right, I am prepared to show
8:58
you the picture of the week as
9:01
soon as you say so. It is
9:03
a fave. I haven't looked at it yet.
9:06
It's just quick,
9:09
visual, simple, fun.
9:11
Okay. Do
9:14
you want me to show it and then you describe
9:16
it? Is that how you want to? I'd really, well
9:18
okay, yes. I would be good. All
9:20
right, so I have to figure out how
9:22
to show it first. There it
9:24
is. You know, it's funny, my thing is moving around
9:27
all the time and I don't, sometimes my, now it's
9:30
this laptop so it's just gonna take me
9:32
a second. Why don't you set it up
9:34
anyway? Okay, so anyway, the
9:37
picture, and I should note Leo, that 4,330 subscribers
9:39
to the SecurityNow
9:45
mailing list received this three
9:47
hours ago. Oh, so
9:50
they're already up on it. They know
9:52
all about it. Yeah, and the email
9:54
contained a thumbnail which a bunch of
9:57
them clicked in order to see the
9:59
full-size image. So anyway, I
10:02
gave this the title correlation
10:04
is not causation. That's a
10:07
very important concept that people
10:09
need to understand. Absolutely
10:11
is. Yes. And
10:14
we have a cute little, I'm not sure what
10:16
he is, kind of a dog, but
10:19
a small dog that's been
10:21
leashed to a... Isn't
10:27
it wonderful? He wants to get away badly.
10:30
He's looking at his master saying, hey,
10:33
what about me? Why am I
10:35
stuck here? So
10:37
he's tied up to this, what
10:39
would you call that? A bollard.
10:42
A bollard, yes. However,
10:45
something in the past has
10:47
whacked this bollard off to
10:49
the right so that it's
10:51
a leaning bollard. And
10:53
if you didn't know better, you'd think
10:56
that this was mighty dog and that
10:58
in trying to join his owner,
11:01
he had tugged
11:03
at this thing and yanked it
11:05
almost out of the pavement. Anyway,
11:07
I would commend our listeners to
11:09
go find today's picture of the
11:11
week because it is, it's a
11:14
goodie. A lot of
11:16
fun. And thank you
11:18
to whomever it was who sent it to
11:20
me. Okay, so last
11:23
week we opened with the
11:25
news that the previous
11:28
week's monthly Windows Patch
11:30
Fest had quietly
11:33
closed a remarkably worrisome
11:35
flaw that
11:37
had apparently been sitting undiscovered in
11:40
every Windows native Wi-Fi network
11:42
stack since the last time
11:45
Microsoft poked at it. And
11:47
there's been no definitive statement about
11:50
this because it appears that even
11:52
Microsoft is quite freaked out by
11:54
this one. A listener
11:56
of ours, Steven CW, sent
11:58
a relevant question. He said,
12:01
Hi Steve, long time listener,
12:03
our corporate IT group vets
12:05
windows patches, thus delaying them.
12:09
In the meantime, does turning off
12:11
the Wi-Fi adapter prevent the attack
12:13
you described? Okay,
12:16
now given the havoc that
12:18
past mistakes in Windows updates have
12:20
caused for corporate IT, especially remember
12:23
a couple of years ago when
12:25
Microsoft kept wiping out all printing
12:27
capability enterprise-wide, you know about like
12:29
once a month they would do
12:31
that, I suspect that
12:33
many organizations may have adopted a wait
12:35
and test to avoid
12:37
subjecting their users to such
12:39
mistakes. And it's
12:41
typically the case that even though 50
12:44
to more than 100 flaws may be
12:46
fixed in any given month, nothing
12:49
is really happening that's highly
12:51
time sensitive. But that's not
12:53
the case with this month's revelations. What
12:57
I saw and mentioned last
12:59
week at GitHub did
13:02
not make any sense to me since
13:04
it appeared to be too high
13:06
level. Remember I mentioned in passing
13:08
that there was already an exploit
13:10
on GitHub. Well since then someone
13:12
else appears to have found a
13:15
way to overflow the
13:17
oversized 512-byte
13:20
buffer which Windows
13:22
Wi-Fi driver provides for
13:24
SSIDs. But that's
13:26
not this problem. He
13:28
wrote thinking that this was
13:30
the critical 30078 CVE. He
13:36
initially wrote CVE 2024 30078 describes a vulnerability in
13:38
the way Windows handles SSIDs, you
13:45
know service set identifiers in
13:47
Wi-Fi networks. Windows has
13:49
a buffer for SSIDs up to 512
13:52
bytes long which exceeds the
13:55
Wi-Fi standard by
13:57
sending chunked frames
13:59
to increase the SSID size
14:01
beyond 512 bytes, a buffer
14:03
overflow can be triggered. He
14:06
says this exploit leverages this
14:08
vulnerability to cause a buffer
14:11
overflow by creating and sending
14:13
Wi-Fi beacon frames with oversized
14:15
SSID fields. Okay,
14:17
so that's a problem. But
14:20
then he realized that he had
14:22
found a different flaw from what Microsoft
14:26
patched, so in an update
14:28
he subsequently added, he said,
14:31
info. This repo does
14:33
not seem to be hitting the same
14:36
bug as in the stated CVE.
14:38
New information has
14:40
come to my attention thanks to
14:42
FarmPoet. The CVE 2024 30078 vulnerability
14:48
is in the function .11 translate 802.11
14:51
to ethernet endis packet.
14:58
And I should say that absolutely based
15:00
on that function name that makes total
15:02
sense. And he said of
15:04
the native Wi-Fi Windows driver nwifi.sys
15:06
where a very
15:09
specific frame needs to be constructed
15:12
to get to the vulnerable code
15:14
path, which as he
15:16
said his code, his current code
15:18
does not. So he said
15:20
I'm working on it. I've identified
15:22
the changes in the patched function
15:24
and I'm now working on reversing
15:27
to construct the relevant frame required
15:29
to gain code flow into this
15:31
segment. Okay,
15:33
so we have this guy
15:35
publicly working on a public
15:38
exploit for this very worrisome flaw and
15:40
we're about to see why it turns
15:43
out this is a lot worse than
15:45
it first seemed. Meanwhile
15:47
it may be that anyone who has
15:49
a spare $5,000 may
15:53
be able to purchase a working
15:55
exploit without waiting for a freebie
15:57
on github. online
16:00
publication Daily Dark Web,
16:03
believe it or not, there is such a thing,
16:05
writes, a threat actor has
16:07
announced the sale of an exploit for CVE
16:09
2024 30078, a remote code execution
16:14
vulnerability in the Wi-Fi driver
16:16
affecting all Windows Vista and
16:19
later devices. In
16:21
their announcement, the threat actor details
16:23
that the exploit allows for remote
16:26
code execution over Wi-Fi. Get
16:28
a load of this though, leveraging compromised
16:31
access points or saved
16:33
Wi-Fi networks. I'll
16:36
get more to that in a
16:38
second. The exploit reportedly works by
16:40
infecting a victim through Wi-Fi router-based
16:42
malware or simply by having the
16:44
victim's device be within range of
16:46
a Wi-Fi network they've previously connected
16:48
to. The exploit code is
16:51
offered for sale at $5,000 US with
16:55
the price being negotiable. The
16:57
seller also offers to develop custom
16:59
solutions tailored to the buyer's needs.
17:02
Anastasia, the new owner of the forum,
17:05
is listed as the escrow for this
17:07
transaction. Interested parties are instructed
17:09
to send a private message to the
17:11
threat actor with a warning that time
17:13
wasters and scammers will be ignored. Okay,
17:15
now, in
17:18
the first place, while we have no way
17:20
to confirm this, from what we've seen before,
17:23
it's entirely believable that
17:26
several weeks downstream from
17:29
the release of a patch, which
17:31
will have altered the binary
17:33
of some Wi-Fi component of
17:35
Windows, that by diffing,
17:37
you know, in hacker
17:39
parlance, the pre-
17:41
and post-patched files, the
17:44
change that Microsoft made to repair
17:47
the original driver's defect can be
17:49
readily found. This is what the
17:51
guy on GitHub is already
17:54
doing. But
17:56
the really interesting attack
17:58
vector that a occurred to me
18:00
when we first talked about this last week, but obviously
18:02
has occurred to the author of this $5,000 for sale
18:05
exploit, is the idea of infecting
18:11
vulnerable consumer routers or
18:13
corporate wireless access points,
18:16
which might well be, you know,
18:19
half the world's circumference away.
18:22
In other words, if a
18:24
vulnerable Wi-Fi router is available
18:27
anywhere in the world, it
18:29
could be infected with knowledge of
18:32
this critical Windows flaw, so
18:35
that any unpatched Windows Wi-Fi
18:37
laptop within range of that
18:40
router could be compromised,
18:42
and that would be
18:44
a very remote attack. It's
18:46
clear that the only reason Microsoft
18:49
was able to get away with
18:51
labeling this flaw as only being
18:53
important with a CVSS of
18:57
8.8 instead of critical with a CVSS of
18:59
9.8, is it, or maybe even 10, is
19:02
it it required
19:05
a nearby attacker? At
19:09
least that was the theory, but
19:11
in reality all it requires
19:13
is a nearby hostile radio,
19:15
and thanks to
19:17
the historical vulnerability of consumer
19:20
and enterprise routers, that's not
19:22
a high bar. The observation
19:24
here is that a
19:26
maliciously infected router may
19:29
not be able to attack the
19:31
machines connected to it by wire,
19:34
because there are no known
19:36
exploitable vulnerabilities in their wired
19:38
Ethernet network stacks, but
19:41
that same router may now
19:43
be able to successfully attack
19:45
those same or other machines
19:48
within its wireless reach, thanks
19:51
to the known presence of a, by
19:54
Microsoft's own assessment, readily
19:57
exploitable, low-complexity, highly reliable
20:00
likely to succeed flaw that
20:03
exists in any Windows machine since
20:05
Vista which is not yet received
20:07
the patch that first appeared only
20:09
two weeks ago. So to
20:13
answer Steven CW's question about
20:16
whether turning off, you know, disabling
20:19
the Wi-Fi on a machine would
20:21
protect it, the answer has
20:23
to be yes. Everything we
20:25
know, although I have to say I
20:27
looked around and as I
20:30
said Microsoft is oddly mute
20:33
on this whole thing. Normally you would expect
20:35
them to say mitigation, disable
20:38
Wi-Fi, but maybe they presume
20:40
so many people are using
20:43
Wi-Fi that you can't
20:45
really call it a mitigation if
20:47
you if like taking the machine
20:49
off the network is what it
20:51
takes to mitigate the problem. So
20:54
they're not suggesting that but yes
20:56
everything we know informs us that
20:58
turning off Windows Wi-Fi adapters will
21:00
completely protect any unpatched machine from
21:02
the exploitation of this vulnerability. Yeah but
21:05
you could also remove the machine from the
21:07
internet entirely, air gap it
21:09
and that would be good too. Or
21:11
Leo, I had something, it just
21:13
hit me, turn it off. Yeah
21:16
that'll fix it too. What a concept. That's
21:18
right pull the plug, shut it
21:20
down, you're safe. Anyway
21:22
I wanted to conclude this week's follow-up on
21:25
this CV by making
21:27
sure everyone understands that
21:29
the addition of this
21:31
remote router extension to
21:33
this vulnerability really
21:35
does change the game for it.
21:38
We know tens of thousands
21:41
of routers have already been
21:43
and are taken over and
21:46
are being used for a multitude
21:48
of nefarious purposes launching DDoS attacks
21:50
forwarding spam email as proxies to
21:53
probe the internet for other known
21:55
weaknesses and on and on. So
21:58
the bad guys are glittering. realize
22:01
that by updating the malware
22:03
that's already within their compromised
22:06
router fleets, they'll
22:08
be able to start attacking and
22:10
hijacking any Windows machines
22:12
that have not yet been
22:14
updated that have their wireless
22:16
turned on. And for
22:19
whatever reason history tells us that there will
22:21
be many such machines updating seems
22:23
to be a slow process. You
22:25
know and if for example Steven
22:27
CW acknowledged
22:30
that his corporate IT people
22:32
you know they're waiting now
22:34
because there's been too
22:37
much history of updates you
22:39
know destroying you know corporate
22:41
IT functioning so they're they're
22:43
taking a cautious process. Anyway
22:45
it's going to be interesting to see
22:48
whether bad guys how
22:52
long it takes bad guys to leverage
22:55
the idea of pushing
22:57
this flaw out to the routers
22:59
and seeing if they can remotely
23:01
grab wireless machines.
23:06
I'll share this piece of
23:08
news this next piece and interject some of
23:10
my thoughts along the way and Leo I know
23:13
you reacted a little bit as I did and I'm
23:17
of two minds so it
23:19
creates for some interesting
23:22
dialogue. Last Thursday Kim
23:24
Zetter writing for Zero Day posted
23:27
the news. The US government
23:29
which did it on the same day
23:32
the US government has expanded its ban
23:35
on Kaspersky software in
23:37
a new move aimed at
23:39
getting consumers and critical
23:42
infrastructure to stop using the Russian
23:45
companies software products citing
23:48
of course national security
23:50
concerns. The ban
23:52
using new powers granted to the
23:54
US Commerce Department would prohibit the
23:56
sale of Kaspersky software anywhere
23:58
in the US. US and
24:01
would also prevent the company
24:03
from distributing software security updates
24:06
or malware signature updates
24:09
to customers in the US. In other
24:11
words, they're being cut off. Signatures,
24:14
they explain or Kim explains,
24:16
are the part of the antivirus
24:19
software that detect malicious threats.
24:21
Antivirus vendors push new signatures to
24:23
customer machines, often on a daily
24:26
basis, to keep their customers protected
24:28
from new malware and threats as
24:30
the vendors discover them. Without
24:33
the ability to update the
24:35
signatures of customers in the
24:37
US, the ability of
24:39
Kaspersky software to detect threats on
24:41
those systems will significantly degrade over
24:44
time. The US Commerce
24:46
Department announced the ban
24:48
on Thursday after what
24:50
it said was an extremely
24:54
thorough investigation, but
24:58
did not elaborate on the
25:00
nature of the investigation
25:03
or what it may have uncovered
25:05
if anything. US
25:08
Secretary of Commerce Gina
25:10
Raimondo told reporters in a
25:12
phone call, given
25:14
the Russian government's continued
25:17
offensive cyber capabilities and
25:20
capacities to influence
25:22
Kaspersky's operations, we
25:25
have to take the significant
25:27
measure of a full prohibition
25:30
if we're going to protect Americans
25:32
and their personal data. Russia,
25:35
she said, has shown it
25:37
has the capacity and even
25:39
more than that the intent
25:41
to exploit Russian companies like
25:44
Kaspersky to collect and
25:46
weaponize the personal information of Americans
25:48
and that's why we're compelled to
25:50
take the action we're taking today.
25:55
Wow okay so in other words we
25:58
don't like their zip code So,
26:00
we're going to deny a
26:02
company against whom we have
26:05
no actionable evidence of wrongdoing
26:08
all access to the American
26:11
market because, being a
26:13
Russian company, they could be
26:15
forced to act against us. And
26:19
as I said, I'd say that I'm
26:21
evenly divided on this. Over
26:23
the years, we've covered
26:26
countless instances where Kaspersky
26:28
has been hugely beneficial
26:30
to Western software and
26:33
to Internet security globally.
26:36
Thanks to their work, for the past many
26:38
years, the world is a safer place than
26:41
it would otherwise be. So
26:43
to say, we don't like where
26:45
you live, so we cannot trust you,
26:47
is a bit brutal. But
26:50
at the same time, it is also
26:52
understandable because, being
26:54
in Russia, it's possible that
26:57
their actions may
26:59
not always reflect their values. And
27:02
it's not as if operating within a state where
27:05
we democratically elect our representatives
27:07
is all that much different,
27:10
right? After all, in the
27:12
US, we have warrant canaries.
27:15
Remember that Wikipedia explains a warrant
27:17
canary by writing, A
27:19
warrant canary is a method by
27:22
which a communications service provider aims
27:25
to implicitly inform its
27:27
users that the provider
27:30
has been served with a
27:32
government subpoena despite legal prohibitions
27:34
on revealing the existence of
27:37
the subpoena. The warrant
27:39
canary typically informs users that there
27:41
has not been a court-issued
27:44
subpoena as of a particular
27:46
date. If the canary
27:49
is not updated for the period specified
27:51
by the host, or if the warning
27:53
is removed, users might
27:55
assume the host has
27:58
been served with such a subpoena. subpoena.
28:00
The intention is for a provider to
28:03
passively warn users of the existence
28:05
of a subpoena, albeit violating the
28:07
spirit of a court order not
28:09
to do so while
28:11
not violating the letter of the
28:13
order. So again, this
28:16
is what state
28:19
entities do. And
28:21
in other words, the US, our
28:24
courts are able to say, we
28:26
demand that you turn over information within
28:28
a certain scope and by the way,
28:30
you're legally forbidden from disclosing that we've
28:33
asked and that you have complied. So
28:36
it's not my intent to
28:38
pass moral judgment here. I'm just saying
28:41
that what we see is
28:43
unfortunately, you know, all
28:46
nation states will act to
28:48
protect their interests and
28:50
that their client citizens have
28:52
little choice other than to
28:54
comply. So Kim's piece
28:58
continues. Ask
29:01
what evidence the government
29:03
found to support concerns that
29:05
the Russian government is using
29:07
Kaspersky software to spy on
29:10
customers. Romando and
29:12
other government officials on the
29:14
call declined to provide specifics.
29:17
One senior commerce official said on
29:19
background, in terms of
29:21
specific instances of
29:24
the Russian government using Kaspersky
29:26
software to spy, we
29:29
generally know that the Russian
29:31
government uses whatever resources are
29:33
available to perpetrate various
29:36
malicious cyber activities. We
29:39
do not name any particular
29:41
actions in this final determination,
29:43
but we certainly believe that
29:46
it's more than just a theoretical
29:48
threat that we describe. And that's
29:50
right, because these days, as we know,
29:53
life is all that's needed. Kim
29:56
writes, the ban will not go
29:58
into effect until September. September 29th
30:01
to give existing Kaspersky customers
30:03
in the US time
30:06
to find a replacement for
30:08
their antivirus software. The
30:11
ban on new sales of Kaspersky software in
30:13
the US, however, goes into effect on July
30:15
20th. Sellers
30:17
and resellers who violate the ban could
30:20
be subject to fines from the Commerce
30:22
Department and potentially criminal action. In
30:24
addition to the ban, the
30:26
Commerce Department also put three
30:29
Kaspersky entities on its trade
30:31
restrictions and entities list, which
30:33
would prohibit US-based suppliers from
30:36
selling to Kaspersky, though it's
30:38
unclear if Kaspersky currently has
30:40
US suppliers. A
30:42
Kaspersky spokesman in a statement
30:44
to Zero Day accused the
30:47
Commerce Department of making its
30:49
decision quote, based on the
30:51
present geopolitical climate and
30:53
theoretical concerns rather than on
30:56
a comprehensive evaluation.
30:59
Right. I mean, I feel bad for
31:01
Eugene Kaspersky. Everybody loves him. Yes.
31:04
But why not? I mean, we don't, we don't have
31:06
to have it, right? The ban
31:08
Huawei phones. I mean, right.
31:12
I mean, this is what we're beginning to
31:14
see happen, right? As
31:17
we, as we choose sides and
31:19
we, you know, pull the pull
31:21
the bridges, the, the, the draw
31:23
bridges up that you, the of,
31:25
of, of global commerce that
31:27
used to interconnect everyone. So
31:30
anyway, they apparently think they have
31:33
some legal standing. This
31:35
spokesperson said, we will continue
31:37
to defend ourselves against actions.
31:40
That's our reputation
31:42
and commercial interests. So
31:46
okay. Now as a little
31:48
bit of background, the department of Homeland
31:50
security had previously issued a directive in
31:52
2017 banning federal government
31:55
agencies and departments, not
31:57
consumers. And like everybody
31:59
now. which is what is about to
32:01
happen. So this was in 2017 just federal government agencies
32:05
and departments from installing Kaspersky
32:07
software on their systems. DHS
32:10
had also not cited any specific
32:12
justification for its ban at the
32:14
time but media reports
32:17
citing anonymous government officials back then
32:19
cited two incidents and we talked
32:21
about them on a podcast. According
32:24
to one story, an NSA contractor
32:27
developing offensive hacking
32:30
tools for the spy agency had
32:33
Kaspersky software installed on his
32:35
home computer. Yeah we reported
32:37
this story. Remember this? Yes,
32:40
yes. This was those NSA tools.
32:43
Right, he was developing these
32:45
NSA tools and the Kaspersky
32:48
software detected the source code
32:50
as malicious and extracted it
32:52
from the computer as
32:55
AV software often does. They
32:57
quarantined it. Yeah. Well they'd
32:59
actually send it to Kaspersky. And that's what
33:01
all anti viruses do. They quarantined it and
33:04
they sent it in. Exactly.
33:06
To the home office which in this case was
33:08
in Roskow. That was the eternal
33:10
blue leak. Yes. So
33:13
a second story claimed that Israeli spies
33:16
caught Russian government hackers using
33:18
Kaspersky software to search customer
33:20
systems for files containing US
33:22
secrets. So okay you
33:25
could install Kaspersky as
33:27
you can many other tools. You
33:29
know Mark Racinovich's PS
33:32
exec is a favorite tool
33:35
for bad guys to use. But
33:37
you know its intention is benign.
33:39
So Kaspersky for their
33:42
part denied that anyone
33:44
used its software to explicitly search
33:46
for secret information on customer machines
33:48
and said that the tools detected
33:51
on the NSA workers machine were
33:53
detected in the same way that
33:55
all AV software is designed to
33:57
detect malware on customer machines. malware.
34:00
It really was malware. Right,
34:03
right. Exactly. They were, they
34:05
were developing NSA malware for the
34:07
NSA. And you know, it's
34:09
funny too, cause it's a little reminiscent of
34:11
the Plex breach, which of course is the
34:14
way LastPass got themselves in trouble. You have
34:16
some, you know, some third party contractor using
34:18
your tools at home on their home machine
34:21
where they've
34:23
got, you know, AV software installed. Right.
34:26
It's like, whoops, not
34:28
quite secure. So anyway,
34:31
following that 2017 DHS directive, Best
34:35
Buy and other commercial software
34:37
sellers that had contracts with
34:39
Kaspersky to sell computers
34:41
with Kaspersky AV software pre-installed on
34:43
those systems, subsequently announced they would
34:46
no longer install the software on
34:48
computers they sold. This
34:50
didn't, however, put an end to
34:52
existing customers using Kaspersky software or
34:54
prevent new customers from purchasing the
34:57
software on their own. Today's
34:59
ban is designed to convince those
35:01
customers to stop using the software as
35:06
well. And get this, commerce
35:08
secretary Raimondo told
35:11
reporters when Americans have software from companies
35:14
owned or controlled by countries
35:16
of concern, such as
35:19
Russia and China integrated into
35:21
their systems. It makes all
35:23
Americans vulnerable. Those
35:25
countries can use their authority over
35:28
those companies to abuse that software
35:31
to access and potentially exploit
35:34
sensitive US technology and data.
35:38
You know, and I'll just note that the United
35:40
States is no different in that regard. It's just
35:42
that we're here and they're there. We know
35:45
we've covered the news that China's
35:47
government is similarly urging its businesses
35:49
to stop using windows. You know,
35:51
we clearly have a new cyber
35:53
cold war heating up and
35:56
unfortunately choosing sides and
35:58
cutting ties is part of the process. this. So
36:02
anyway, it's
36:09
unfortunately, oh, that that a
36:13
product that many people use is not
36:17
going to be available at the same
36:19
time. I guess
36:24
I, it feels to
36:26
me like Casper skis employees should have
36:28
seen the writing on the wall. They've
36:31
seen the tensions between the U S
36:33
and Russia heating up, you
36:35
know, it's easy for us to say, well, you know,
36:37
they could have left Russia, but they probably love Russia
36:39
as much as we love the U S. So, you
36:42
know, for most of them, it's just, it's just
36:44
a job. And I mean,
36:47
Eugene Kaspersky was trained at
36:49
the KGB technical school and
36:52
did have a job in the ministry
36:54
of defense when he founded Kaspersky antivirus.
36:56
So there are deep connections to
36:58
the Russian government and the GRU. Um, so
37:02
I, and I would note also
37:05
that AV software in particular has
37:08
a very intimate relationship
37:10
with, with an operating system.
37:12
It is in the kernel.
37:15
If it is absolutely true, and this
37:18
is the kind of thing that, that
37:20
keeps the military mind up all night.
37:23
You know, here we have a Russian company
37:26
that has an active connection to
37:28
all of the customers
37:31
machines in
37:33
the U S and you
37:36
know, it's not an, you
37:38
know, a text editor. It's running
37:40
a driver in the kernel. This
37:43
ain't Tik TOK. This is exactly.
37:45
Yeah. If it did want to
37:47
get nasty in
37:50
an instant, it could take
37:52
over all of the machines
37:54
where it's installed and that's been banned
37:56
on government machines for a long time.
38:00
2017. Yes. So I mean, yeah. It
38:04
makes sense. I mean, I
38:07
feel bad for Eugene. Everybody,
38:09
you know, part of the reason people are
38:11
upset is everybody loves Eugene Kaspersky. Dvorak used
38:13
to recommend Kaspersky all the time. He
38:15
loved it. But mostly because he used to
38:18
hang with Eugene and drink vodka during Comdex.
38:23
So, but honestly, there are plenty of
38:25
antiviruses out there. One
38:28
could argue you don't even really need an
38:30
antivirus. I was going to say, and you
38:32
and I, Leo, and my wife and everyone
38:35
I have any influence over, no longer uses
38:37
any. We just use Windows Defender. And
38:39
believe me, it apparently is doing the job because
38:41
it sure is a pain for me. Oh, yes.
38:45
Let's take a break. Oh, what a
38:47
thought. My goodness. Yeah.
38:52
Okay. Good. Okay. Yeah.
38:55
Let me just pull the copy up here. I don't
38:58
know. I'm a little, I'm
39:00
a little off today. Well, I'll just
39:02
note while you're doing that, that the
39:05
Kremlin has extended the duration on its
39:07
ban on Russian government
39:09
agencies and critical organizations
39:11
using IT services from unfriend,
39:14
from unfriendly countries. That's exactly what's going
39:17
to happen. And that ban will enter
39:19
into effect the extension on January 1st.
39:22
So that was when the previous one was going
39:24
to expire and we still don't
39:26
like each other. So, you
39:28
can't use those nasty Windows computers. I
39:30
mean, in a perfect world, I mean,
39:34
I often think that the best way to
39:38
keep from going to war is to
39:40
having economic dependency on each other. Yes.
39:42
Yes. That's why it's like it makes
39:45
no sense for us to be upset
39:47
with China. Everything we own comes from
39:49
China. Right. And
39:51
as a result, China is less likely to,
39:53
you know, screw with us. I would think
39:55
so. But maybe not. Who knows?
39:58
It's like, why are they messing with Taiwan? Taiwan
40:00
where the chips come from that seems they're out
40:02
of their they're out of their mind But see
40:04
that's more of a that's more see this is
40:06
a problem. That's not a rational thing. That's more
40:08
of an emotional thing just
40:10
like Russia invading Ukraine because it used
40:12
to be part of China and And
40:15
so on a back we want it back But
40:19
that's emotional. It's not rational clearly All
40:23
right, let's talk about our sponsor
40:25
for this particular portion of the show and actually
40:27
it's very timely because if
40:30
that NSA Contractor had
40:33
been running one password on
40:35
his machine. He wouldn't have had this problem
40:39
Every business should be using one
40:42
passwords Extended access management.
40:45
Let me talk about this and I
40:47
think you're gonna recognize an old friend
40:49
here in a perfect world End
40:52
users would only work on managed devices with
40:54
IT approved apps right apps that are up-to-date
40:56
apps that are clean apps that
40:58
are secure Unfortunately doesn't
41:01
work that way as you well know in your
41:03
enterprise everyday employees are bringing
41:05
in BYOD their personal devices and
41:08
Unapproved apps that aren't protected by MDM
41:10
or IAM or any other security tool
41:13
There is a big gap between the security
41:15
tools. We have in the way they
41:18
actually work and this is where one password
41:20
really Can
41:22
get involved they call it the access
41:24
trust gap and they've
41:26
created the first-ever solution to fill it One
41:29
password extended access management. It
41:31
secures every sign-in for
41:34
every app on every device Now
41:37
you of course, you know one password is
41:39
a password manager. It includes that it's the
41:41
password manager I probably close
41:44
to number one password manager now certainly
41:46
well known and well loved an enterprise
41:49
the device Trust solution
41:51
you also have heard of because it's collide
41:53
now you remember we were we were talking
41:56
about collide for a long time And
41:58
then we said collide got pepper by 1Password.
42:00
So this is now the
42:02
alliance of 1Password and Collide. This is
42:05
the resulting tool and what a great
42:07
idea, the 1Password Extended Access
42:09
Management. It cares about the user
42:11
experience and privacy, which
42:13
frankly means it can go places
42:16
other tools can't like personal devices,
42:18
contractor devices. It ensures that every
42:20
device is known and important,
42:22
healthy, and every
42:24
login is protected. So
42:27
stop trying to ban BYOD
42:29
or shadow IT. Start protecting
42:32
them with 1Password Extended Access
42:34
Management. Check it
42:37
out at 1password.com/security now.
42:40
Two names you know
42:42
and love together at last and now really
42:44
making a tool that everyone should have. That's
42:46
1-P-A-S-S-W-O-R-D 1password.com
42:52
slash security now. The one is
42:54
a number one. Thank you 1Password.
42:58
This is a perfect idea. Glad it's here.
43:02
Now on with the show. Glad you're here, Steve. Okay,
43:05
so I
43:08
saw a short blurb in the
43:10
Risky Business newsletter and all it
43:12
said was, sorry? When
43:15
you say Risky Business, I think of
43:17
Tom Cruise in Underpants. Yeah, I know.
43:19
Okay. Always. Always. Okay, so it just
43:21
was a short blurb. It said
43:24
Google Chrome complaint and
43:27
it read European Privacy
43:29
Organization, NOIB, and it's
43:33
not capitalized so NOIB, I
43:35
don't know, NOIB, it's
43:38
Austrian, has filed a complaint
43:41
with Austria's data protection
43:43
agency against Google for
43:45
its new privacy sandbox
43:48
technology. NOIB
43:50
says Google is tricking
43:52
users to enable
43:55
privacy sandbox by
43:57
falsely advertising it as an ad.
44:00
privacy feature. Of
44:02
course my reaction to that was, what?
44:06
So I dug a bit deeper. I went
44:08
over to the N O Y B E
44:10
U website and found their article with the
44:13
headline Google Chrome agree
44:16
to privacy feature it has in
44:18
quotes but get tracking.
44:20
Okay so their
44:23
piece begins with after years
44:25
of growing criticism over
44:28
invasive ad tracking Google
44:30
announced in September of 2023 that
44:32
it would phase out third party cookies
44:35
from its Chrome browser. Wait a minute
44:37
NYOB stands for none of your
44:39
business. That's
44:42
really good. In German I guess. Maybe
44:44
not. No it's English. Really? It's the
44:46
European Center for Digital Rights. N O
44:48
Y B. That is perfect.
44:51
None of your business. Okay
44:54
so this guy saying
44:56
they after years of
44:58
growing criticism over invasive ad tracking Google
45:00
announced it would phase out third party
45:03
cookies from its Chrome browser. So this
45:06
is already misleading because
45:08
while it's true that Google has been
45:10
using the same ad tracking
45:12
that the rest of the
45:14
advertising and data aggregation industry
45:17
uses the growing criticism has
45:19
been over the entire industry's
45:22
use of ad tracking not
45:24
just Google's. You know
45:26
as we've been carefully covering here what
45:29
Google is hoping to do with their privacy
45:31
sandbox is to change
45:33
the entire model of
45:35
the way advertising and its
45:38
user profiling operates by
45:40
inventing an entirely new way
45:42
for a user's browser to
45:45
intelligently select from among available
45:48
advertisements that are seen at
45:50
websites and
45:52
we've already heard from one of
45:54
our listeners whose job it is to implement the
45:57
server side technology of a major web
45:59
site. website that the rest
46:02
of the non-Google industry is
46:05
massively pushing back against
46:07
Google's attempt to end
46:10
tracking. Google really is trying
46:12
to end tracking and the rest of
46:14
the community says, no, we
46:16
like tracking. We don't want you to take it
46:18
away. Okay, so the beginning
46:20
of this article, I'll just share
46:23
the beginning, it reads, after years
46:25
of growing criticism over invasive ad
46:27
tracking, Google announced in September 2023
46:30
that it would phase out third party
46:32
cookies from its Chrome browser. That part I already
46:34
read. Since then, users
46:37
have been gradually tricked into
46:39
enabling a supposed
46:42
ad privacy feature that
46:45
actually tracks people. Okay,
46:48
it doesn't. While the
46:50
so-called privacy sandbox, again, and it
46:52
quotes from him, is
46:54
advertised as an improvement over
46:57
extremely invasive third party tracking,
46:59
which it is, the tracking is
47:02
now simply done within the browser
47:04
by Google itself, which
47:06
is not true. To do
47:09
this, the company theoretically needs
47:11
the same informed consent from
47:13
users. Instead, Google
47:16
is tricking people by pretending
47:18
to turn on an ad
47:20
privacy feature. NOIB
47:23
has therefore filed
47:25
a complaint with the Austrian
47:28
Data Protection Authority. Okay,
47:30
now the article goes on at length and
47:33
it never gets any more accurate. So
47:35
there's no point in dragging everyone through it. It's
47:38
full of misconceptions and an utter
47:40
lack of understanding of what Google
47:42
is trying to do. Google's
47:45
privacy sandbox system explicitly
47:47
does not track users,
47:50
which is precisely why the
47:52
rest of the well-established tracking
47:54
industry is freaking out over
47:56
it and scurrying around trying
47:58
to come up with alternative
48:00
tracking solutions. This NOIB is
48:03
a privacy watchdog agency, as I
48:05
said, based in Austria. I looked
48:08
around their site and they appear
48:10
to gauge their value
48:13
to the world by
48:15
the number of complaints they're able
48:17
to file per day. They're
48:20
complaining about everyone and
48:23
everything. So, they're
48:25
kind of like a rabid version
48:28
of the IETF. You
48:30
know, like the IETF, they are
48:32
never going to be happy with
48:35
anything short of complete
48:38
and total legally and
48:40
technically enforced internet anonymity.
48:43
And in a perfect world, that would
48:45
be great. But as
48:48
we know, that's unlikely to happen.
48:51
You know, giving the author of
48:53
this the most sweeping benefit of the
48:55
doubt possible, the only thing I can
48:57
imagine is that he confuses, hopefully
49:01
not willingly, he
49:03
confuses tracking with profiling.
49:06
Those two words are different and so is
49:08
what they mean. You
49:10
know, perhaps he sees no difference.
49:13
Perhaps he doesn't consider Google's privacy
49:15
sandbox to be, you know, the
49:17
ad privacy feature that Google does.
49:20
We're told that websites
49:22
which are able to offer
49:25
identification of the
49:27
viewers of the ads they display,
49:30
or at least some reasonable assurance
49:32
of the relevance to them of
49:34
the ads, can double the revenue
49:37
from their advertising. The
49:40
problem, therefore, is not Google,
49:42
who's been working long and hard
49:45
to find a way to do
49:47
this without tracking. The problem now
49:49
is becoming websites and their advertisers
49:51
who are refusing to change their
49:54
own thinking. It's challenging. By
49:56
the way, you said IETF. Pretty
49:59
sure you didn't mean it. the IETF.
50:01
Oh my god. Because I don't think
50:03
the IETF cares. Of course. No. Thank
50:05
you, thank you, thank you Leo. You
50:07
just saved me from receiving a thousand
50:10
emails. I just saved the IETF, the
50:12
Internet Engineering Task Force, is not at
50:14
all cares about this at all. Thank
50:16
you so much. I just thought I'd
50:18
bet you. Yes. Not the I, I
50:20
have a couple of errata coming up.
50:22
So we've just reduced. I'm trying when
50:25
I can. Sometimes I miss it, I
50:27
don't know. Thank you. So there you
50:29
go. The IETF.
50:31
Exactly. Thank you. But
50:34
speaking of tracking, after
50:36
last week's podcast, as
50:39
planned, I finished
50:41
the implementation of GRC's subscription
50:43
management front end and
50:45
turned to the email sending
50:48
side. I designed
50:50
a layout and template
50:52
for the weekly podcast announcements
50:54
I plan to start sending
50:56
and Saturday afternoon, US
50:59
Pacific Time, I sent
51:01
the first podcast summary
51:03
email to this podcast's
51:05
4239 subscribers.
51:08
And then this morning, about
51:10
three hours before actually, we
51:13
started an hour later than usual. So
51:15
about four hours before this podcast began,
51:17
I sent a
51:20
similar summary of today's
51:22
podcast to 4330 subscribers
51:25
that listed grown by about 100
51:27
over the past week. So email
51:29
is starting to flow from GRC
51:32
and everybody who has subscribed should
51:34
have it. If you don't find
51:36
it, check your spam folder because
51:38
it may have been routed
51:40
over there. Rob
51:43
in Britain said, Hi, Steve,
51:47
as Apple broke their IMAP
51:50
message read flag a while back,
51:52
I've been using the blue mail app
51:55
to get my mail. Blue
51:57
mail includes a track of
52:00
the day. tracking image detector, and
52:02
guess what? It flagged
52:04
your email message as
52:07
containing one. As
52:09
a Brit, the irony of
52:11
a security podcast tracking me
52:14
does not escape me. Okay,
52:16
now, Rob was one
52:18
of a couple of people who replied
52:20
with a, what the? When
52:23
their email clients reported that
52:25
a so-called tracking bug was
52:28
present in their email from me,
52:31
and since that's what their client
52:34
calls it, it's natural
52:36
for concern to be raised. So I
52:38
wanted to correct the record about when
52:40
an email bug is tracking someone and
52:43
when it's not. The
52:46
TLDR is, it's not tracking
52:48
you if it's a
52:50
bug you indirectly asked for
52:53
and if it's only
52:55
linked back to whom you asked
52:58
from. The
53:00
confusion arises because our email clients
53:02
have no way of knowing that
53:04
this incoming email is not unwanted
53:07
spam and
53:10
that makes all the difference in the world
53:12
about the purpose and implications of the bug.
53:15
Because if it were an unwanted
53:17
spam email as opposed to
53:19
email everyone has been clamoring
53:22
for, you would definitely
53:24
not want your opening of that
53:26
email to send a ping back
53:29
to the Cretans who
53:31
are despoiling the world with spam. But
53:34
in this case, no one is being
53:36
tracked because the image
53:38
link points only back to me,
53:41
back to GRC, the source
53:43
of the email that was sent to you,
53:46
which only those who jumped through some hoops
53:48
to ask for it in the first place
53:50
would have received. Also
53:53
unlike pretty much everyone else
53:55
and against the advice of
53:58
some well-informed others, I,
54:00
GRC, am sending
54:02
the email myself, not
54:05
through any of the typical
54:07
third-party cloud providers that most
54:09
organizations have switched to now
54:11
using. As a
54:13
consequence, the email address our
54:16
subscribers have entrusted to me
54:18
will never be disclosed to
54:20
any third party. And
54:22
as I noted, that single-pixel bug
54:24
is only coming back to me
54:27
to allow me to obtain
54:29
some statistics about the percentage of email
54:31
I send that's open and viewed. And
54:34
I've learned some interesting things thanks to
54:36
that little bug. For example, half
54:38
of our listeners, well, I guess I already
54:41
knew this already, half of our listeners are
54:43
using Gmail, but I did not know that
54:45
fully one quarter of
54:47
our listeners are using
54:50
Mozilla's Thunderbird as their email
54:52
client. I thought that was
54:54
interesting. So basically
54:56
three quarters of
54:58
everybody who has listed for email
55:02
and received and opened their email from
55:04
me the last two that I've sent,
55:07
three quarters are either half of
55:11
them are, half of the
55:13
total is Gmail and the other
55:15
one quarter is Mozilla's Thunderbird. I'll
55:20
also note that as
55:22
regards this bug, the SecurityNow
55:24
emails contain a link to
55:27
the full-size
55:30
picture of the week and
55:33
the show notes and GRC's SecurityNow
55:36
summary page, all
55:39
in the email, back to GRC. So
55:41
it's not as if anyone who receives these emails
55:44
from me and clicks any of their links is
55:47
being stealth. Also
55:49
I chose to embed a reduced
55:51
size picture of the week as
55:54
a visible, it's about 250 pixels
55:57
wide, thumbnail image so
55:59
that the email. email would be self-contained
56:02
and complete. I could have
56:04
linked back to GRC for
56:06
the retrieval of the thumbnail when viewed.
56:08
In that way I would have obtained
56:11
have obtained the same feedback that the
56:13
single pixel image provided and presumably
56:16
since it's like 250 by 203 pixels it will just
56:18
look like a real image
56:22
and it's visible and no email
56:25
client would say oh you
56:27
got a tracking pixel in your email.
56:30
Right anyway it's certainly the case
56:33
that unsolicited
56:35
commercial spam email
56:38
contains tracking bugs to
56:41
inform their senders when
56:43
their obnoxious unwanted spam
56:45
has been opened by
56:47
its recipient. Anyone
56:49
who thinks that describes the weekly
56:51
podcast summaries they signed up for
56:53
will be glad that every
56:56
one of my emails contains a
56:58
very clearly marked unsubscribe link and
57:01
of course it has immediate effect.
57:03
There's none of this please allow
57:05
two weeks for your unsubscribe to
57:08
be processed nonsense. I've seen that
57:10
from other you know major mailers
57:13
and I just think wow aren't
57:17
you using computers? Anyway
57:19
my work after today's podcast
57:21
will be to automate the
57:23
sending of these weekly podcast
57:25
summaries. At the
57:27
moment sending a new email to
57:29
a list is not difficult but
57:32
it does involve a large number
57:34
of steps and decisions which are
57:36
redundant week from week so I
57:38
want to take a bit more
57:40
time to build some infrastructure to
57:42
make it simple and mistake-proof. And
57:48
Leo I wish I had you are
57:52
you nearby? No. I'm
58:10
coming. He can see me.
58:12
I know he knows I'm coming. Yes I
58:15
do. I tweaked my knee. Oh God
58:20
I heard about like going up into the attic
58:22
or something. Yeah I don't, I'm not used to
58:24
stairs and I
58:26
fell up and it fell
58:29
down. So like hit the front of your
58:31
knee on the, oh it'll get better. And
58:36
of course stairs to an
58:38
attic are probably not padded or carpeted. Not good stairs.
58:40
Oh no. So
58:42
there are two things. We needed to take
58:44
a break because we went a long time
58:47
before our second one. And
58:50
you need to hear this next thing
58:52
because this is from Orange Psi. Orange
58:54
Psi. Yes. The security researcher. And you
58:57
sent me a note about this
58:59
and I uh, I know what
59:01
you're gonna say. So yeah let's
59:03
pause. All right I
59:06
am here and we will pause and then we
59:08
will talk about Orange Psi. But
59:10
first no sighs
59:12
only pleasant smiles for
59:15
our sponsor Mylio. I love
59:17
Mylio. It's solved. It's
59:20
uh, and I suspect this is how Mylio
59:22
came about. It scratched somebody's itch but it
59:24
sure scratched mine. I
59:26
have and I bet you do too, lots of
59:28
photos. I have more than 200,000 photos.
59:32
Lots of documents. Lots of videos.
59:34
And I had no good way to organize it.
59:36
When Google bought Picasa and put them out of
59:38
their misery, it was
59:40
the end of the line for what I was using
59:42
to keep things in order. And
59:45
yes sure I used Google Photos but it
59:47
really kind of made me queasy to
59:49
put all of my stuff up in the cloud. Mylio
59:53
was the solution. Unbelievable
59:56
solution. And what I love
59:58
about it is I can organize my photos. I
1:00:00
can have them on all my devices and if I
1:00:03
want I don't need to use the cloud or
1:00:05
I can use Steve's technique of pre-internet
1:00:09
encryption Miley
1:00:11
Oh uses strong encryption will crips all your
1:00:13
data and then store it on your choice
1:00:15
of cloud They even have their own Miley
1:00:17
Oh cloud But between encryption and the ability
1:00:20
to put it on every device that just
1:00:22
just solved all my issues And
1:00:24
I haven't even scratched the surface of what
1:00:26
Miley Oh will do Miley Oh Automatically does
1:00:29
face recognition So if I have pictures of
1:00:31
Steve and Lisa and my family and so
1:00:33
where I will say that's Steve That's Lisa
1:00:35
and then it goes through all the rest
1:00:38
of the photos and amazingly accurately finds them
1:00:40
all in the background Not
1:00:43
going to the cloud on device does
1:00:45
the same thing? Automatically with pictures
1:00:48
of pets dogs cats even fish
1:00:51
Mice gerbils it can tell
1:00:54
Different, you know mountains rivers
1:00:56
streams it organizes it all
1:00:58
automatically Automatically lets
1:01:00
me curate it. I can
1:01:02
share it if I want to the genealogy
1:01:06
site run by the LDS
1:01:08
Church Which is
1:01:10
a great genie. It's the genealogy site.
1:01:13
So it's a great genealogy tool It
1:01:17
even could pull photos from other
1:01:19
sources that I haven't
1:01:21
had in my library Instagram Facebook
1:01:24
it even will take Google takeout from Google photos
1:01:26
download them all and here's the best part with
1:01:28
Miley Oh photos plus It
1:01:30
eliminates all the duplicates. So when I say
1:01:32
I have 200,000 photos, I have exact I
1:01:34
have 200,000 unduplicated unique
1:01:38
photos and the best of
1:01:40
all you all the files stay on your devices
1:01:42
not on somebody else's Server it
1:01:44
supports your folder structure. So
1:01:47
it makes it easier to search curate
1:01:49
and organize your media across all devices
1:01:52
Privacy first cloud backups are
1:01:54
entirely optional But
1:01:56
if you do choose to use them as I said it
1:01:58
automatically encrypts the data for security.
1:02:00
MyLio Photos Plus is amazing and
1:02:03
all of the AI, all the
1:02:05
categorization is done entirely on device.
1:02:07
Nothing is uploaded, nothing can
1:02:10
be data mined. You can
1:02:12
tag and search for photos using
1:02:14
all of the above, you know,
1:02:16
face, object recognition, metadata. It
1:02:18
takes all the metadata from my camera.
1:02:21
It supports every feature I've
1:02:23
got in my camera. It
1:02:26
supports every file format and all
1:02:28
of its private on device. Put
1:02:31
privacy first with MyLio Photos Plus.
1:02:33
To help you get started we've
1:02:35
got a special offer on your first month free
1:02:38
that's $99 for your
1:02:41
first year of MyLio Photos
1:02:43
Plus. I paid for it immediately after
1:02:45
I tried it. Don't miss
1:02:47
this great deal though. Sign up and get your free
1:02:49
month at our
1:02:52
exclusive address mylio.com/twit.
1:02:55
It's hard for me to tell you all of
1:02:57
the things it can do because there's so many.
1:03:00
You will be impressed. You will say hey, scratch
1:03:03
is my edge
1:03:05
too. myliomylio.com/twit. You,
1:03:07
trust me, I know you've been looking for this. It's
1:03:10
here. mylio.com/ twit.
1:03:15
Okay, now back to the show we
1:03:17
go Mr. G. So
1:03:20
I got an email with
1:03:22
the subject seeking assistance
1:03:24
for Black Hat USA
1:03:27
visa issue. And
1:03:29
when I saw that this was from
1:03:32
Orange Psi whose
1:03:35
name should be familiar to all
1:03:37
of our longtime podcast
1:03:39
listeners I thought really?
1:03:41
That one? I mean that Orange Psi?
1:03:44
So the email reads hello Steve Gibson
1:03:46
and Leo Laporte. My name
1:03:48
is Orange Psi, a security
1:03:50
researcher from Taiwan. While
1:03:53
I'm not a listener of the show, Jonathan
1:03:55
Leichu, a friend
1:03:58
of mine, says you feature being
1:06:00
flagged by the US. Since
1:06:03
then, I've been unable to enter the
1:06:05
United States to present at DEF CON
1:06:07
and Black Hat USA in person. In
1:06:11
2022, I tried applying for
1:06:13
a business tourist visa at the
1:06:15
embassy. However, the consular
1:06:17
officer couldn't decide and my application
1:06:19
had to be sent to DHS
1:06:22
for further administrative processing. After
1:06:24
several months of review, I never
1:06:26
got a response and missed the
1:06:29
2022 DEF CON Black Hat USA
1:06:31
dates. This year, I submitted
1:06:33
my latest research and was accepted by
1:06:36
Black Hat USA in May of 2024.
1:06:38
To catch up
1:06:42
with the visa this time,
1:06:44
I reapplied for the B1-B2
1:06:46
visa in January and had
1:06:48
the interview on March 19th.
1:06:51
However, three months have passed and
1:06:53
there's still no update. As a
1:06:55
security researcher, I try to do
1:06:58
the most impactful research and I'm
1:07:00
keen on having my research seen
1:07:02
by the world, especially at the
1:07:04
top hacker gatherings like Black Hat
1:07:07
USA. I'm currently seeking all
1:07:09
the help I can get to break
1:07:11
through this situation. I hope
1:07:13
this gives you a better understanding
1:07:15
of the situation I'm facing. This
1:07:17
has been a long and troubling
1:07:19
issue for me. If you have
1:07:21
any advice or guidance to offer,
1:07:23
it would be greatly appreciated. Here's
1:07:25
my contact information in case anyone
1:07:28
needs it. Thank you, Orange
1:07:30
Psi. Okay, so
1:07:33
this is great if we could help. And
1:07:36
by we, I mean everyone listening.
1:07:39
So the moment I saw his name,
1:07:41
you know, as I said, my eyes
1:07:43
open wide because of course we recognized
1:07:45
him from all the times we've talked
1:07:48
about his many significant contributions to the
1:07:50
security of this industry and its software
1:07:52
systems. I don't actively
1:07:54
maintain the sorts of contacts that he
1:07:56
needs for this like with the State
1:07:59
Department. but I'm always surprised
1:08:01
and flattered when I learn about
1:08:03
the roles of many of the
1:08:05
people who are listening to this
1:08:07
podcast and who consider it to
1:08:09
be worth their time. So
1:08:12
I'm sharing Orange Psi's plea
1:08:15
in the sincere hope that we
1:08:17
do have listeners here who
1:08:19
may have the connections required to solve
1:08:21
this problem for him. This
1:08:24
year's DEF CON and Black Hat USA
1:08:26
conferences are being held near the start
1:08:28
of August, and today is our
1:08:30
last podcast of June, so we only have
1:08:32
a month to go. I
1:08:34
wrote back to Orange Psi to tell him
1:08:37
that I would be honored to do anything
1:08:39
I could to help by giving his situation
1:08:41
a larger audience. I also
1:08:43
asked how someone who was in
1:08:45
a position of authority might contact
1:08:47
him if they needed further clarification.
1:08:50
He replied, Hi Steve,
1:08:52
thank you for your response. I
1:08:54
really appreciate your help. My
1:08:57
only concern comes via a
1:08:59
friend, in that the
1:09:01
US government can be very sensitive
1:09:03
to and he has
1:09:05
in quotes, media pressure. And
1:09:08
there have been cases where this has
1:09:10
led to a permanent ban on entry.
1:09:13
Although security now is not traditional
1:09:15
media, I still hope
1:09:18
that when mentioning my case, it
1:09:20
can be done in a neutral manner. When
1:09:23
seeking help, please ask listeners
1:09:25
to do so in their
1:09:28
personal capacity rather than representing
1:09:30
me, the media, or any
1:09:32
other sensitive entities. So
1:09:35
anyway, I, speaking for myself, would
1:09:37
ask anyone to heed that. If
1:09:41
you're in a position to help, please
1:09:43
understand and be gentle if you're
1:09:46
able to determine what's
1:09:52
going on and why. I
1:09:54
asked him for a link to a web
1:09:56
page of contact information, which he provided by
1:09:59
the US government. but all
1:10:01
he wrote there was, hi, I'm
1:10:03
Oren Tsai, a security researcher
1:10:05
from Taiwan. I really wanna go to the
1:10:07
US to present my latest research at Black
1:10:09
Hat USA 2024 in person. If
1:10:13
you have any suggestions, please feel
1:10:15
free to email me at orange
1:10:18
at sign chroot.org. Thank
1:10:23
you. So with
1:10:25
that, I'm leaving this in
1:10:27
the hands of our wonderful listeners. Please
1:10:30
don't do anything if you are not
1:10:32
the right person. I would hate to
1:10:34
make matters worse, but if you are
1:10:37
the right person or have a sufficiently
1:10:39
close relationship with someone who is, then
1:10:41
it would be wonderful if we
1:10:44
were able to help him. His
1:10:46
years of past work have shown
1:10:48
that he is exactly the sort
1:10:50
of security researcher whose work should
1:10:52
be encouraged. Mark
1:10:56
Zip sent me a note.
1:10:59
He said, hi, Steve. Seems to me
1:11:02
that an overlooked problem with
1:11:04
recall is, and this
1:11:06
was interesting, is third-party
1:11:08
leakage. Listeners to
1:11:11
security now may lock down
1:11:13
their machines and opt out
1:11:15
of recall, whereas the people
1:11:17
with whom we interact may not.
1:11:21
If I write an email to a friend, their
1:11:24
recall instance now knows of
1:11:26
our correspondence. We
1:11:28
can think of other leakage easily. For
1:11:31
instance, people frequently share passwords via
1:11:33
email. More examples should be
1:11:35
easy to imagine. Okay,
1:11:37
so first of all, I think Mark
1:11:39
makes a great point. Many
1:11:41
people who've been critical of
1:11:44
recall have likened it to
1:11:46
spyware or malware, you
1:11:48
know, that's now being factory installed.
1:11:52
Through our first podcast about this, you
1:11:54
know, well, I should
1:11:56
say, although our first podcast about
1:11:58
this was titled by
1:12:00
me, the 50 gigabyte privacy
1:12:03
bomb, I
1:12:05
have never characterized recall
1:12:07
as spyware or malware
1:12:10
because both of those things
1:12:12
require malicious intent. And
1:12:15
at no point have I
1:12:17
believed or do I believe
1:12:19
that Microsoft has ever had
1:12:21
a shred of
1:12:23
malicious intent for recall.
1:12:26
I've seen other commentators suggesting that
1:12:28
the entire purpose of recall is
1:12:31
to eventually send the collected data
1:12:33
back to Redmond, you know,
1:12:36
for some purpose. I think
1:12:39
that's irresponsible nonsense and
1:12:41
it's a failure of imagination. For
1:12:44
one thing, Microsoft knows that
1:12:46
in today's world they could
1:12:48
never do that without
1:12:51
being found out immediately. We
1:12:54
are all now watching them too
1:12:56
closely. And besides, why
1:12:59
would they? The details of
1:13:02
some grandmother's management of her
1:13:04
canasta group is nothing that
1:13:06
Microsoft cares about. But
1:13:09
that's not to say that there
1:13:11
would not be some value to having
1:13:14
the AI residing
1:13:16
in grandma's computer be
1:13:19
aware of her interest
1:13:21
in canasta. If
1:13:23
Windows continues to
1:13:26
evolve or maybe devolve
1:13:28
into an advertising
1:13:31
platform, which
1:13:33
would be unfortunate, but
1:13:35
seems likely based on the way it's going, Microsoft
1:13:41
would be crazy not
1:13:44
to use their recall
1:13:47
AI's digested history and
1:13:49
understanding of its machine's
1:13:51
user to improve
1:13:54
the relevance of such
1:13:56
advertising. And as
1:13:58
we know, this could all
1:14:00
be done locally on the machine,
1:14:02
much as Google's privacy sandbox will
1:14:04
be doing in the user's web
1:14:06
browser. In this case,
1:14:08
the Windows OS itself would
1:14:11
be pulling the most relevant ads
1:14:13
from the internet for display either
1:14:15
in Windows itself or in their
1:14:18
Bing web browser. So
1:14:21
we now have one declared
1:14:23
and two undeclared but obvious
1:14:25
uses for recall. And none
1:14:27
of these applications for recalls
1:14:29
data requires it to ever
1:14:31
leave its local machine environment.
1:14:34
The concern Mark raised about third party leakage,
1:14:36
I think, is a good one. It
1:14:39
probably hadn't occurred to most of us
1:14:41
that not only would our own machines
1:14:44
be recording our every move, but that
1:14:46
all of our personal interactions with any
1:14:48
others would also be captured by their
1:14:51
instances of recall. Last
1:14:54
week, we quoted Matthew Green
1:14:56
on the topic of Apple's
1:14:58
cloud compute design. He
1:15:00
wrote, TLDR,
1:15:03
it's not easy. And
1:15:05
he said, building trustworthy computers
1:15:08
is literally the hardest problem
1:15:10
in computer security. He said,
1:15:13
honestly, it's almost the only
1:15:15
problem in computer security. But
1:15:18
while it remains a challenging problem, we've
1:15:21
made a lot of advances. Apple
1:15:23
is using almost all of them.
1:15:25
So that was Matthew talking about
1:15:27
Apple's cloud compute. But the point
1:15:29
being, building trustworthy
1:15:31
computers is the hardest
1:15:33
problem we have. So
1:15:37
in Apple's case, they
1:15:39
have the comparative luxury of
1:15:42
housing their cloud compute infrastructure
1:15:44
in data center facilities surrounded
1:15:47
by strong physical security. Even
1:15:50
so, the architecture Apple has
1:15:53
designed does not require its
1:15:55
physical security to hold
1:15:58
in the presence of an infiltrate. adversary,
1:16:01
but they have physical access
1:16:04
security nevertheless. That's
1:16:06
something Microsoft does not
1:16:08
have with their
1:16:10
widely distributed Windows workstations.
1:16:14
Grandma always leaves
1:16:16
her co-pilot plus PC open,
1:16:18
logged in, and unlocked just
1:16:21
like her back door. So
1:16:24
Microsoft's challenge is greater than
1:16:26
Apple's, which Matthew Green has
1:16:28
just made clear is already the hardest
1:16:30
problem in computer security. And
1:16:33
as we've seen with last
1:16:35
week's revelation of a supercritical
1:16:37
Wi-Fi proximity remote code execution
1:16:39
flaw that's apparently been present
1:16:41
in Windows forever, at least
1:16:43
since Vista, whatever
1:16:45
solution Microsoft finally implements
1:16:48
will need to be something we've
1:16:51
not yet seen them successfully
1:16:53
accomplish. Let me say that again
1:16:55
because I think it's really important and it's exactly
1:16:57
the right way to think about this. Whatever
1:17:00
solution Microsoft finally
1:17:02
implements to protect its
1:17:05
recall data will
1:17:07
need to be something we've
1:17:09
not yet seen them
1:17:11
successfully accomplish. What
1:17:14
everyone else other than
1:17:16
Microsoft clearly sees is
1:17:18
just how much having
1:17:20
recall running in a PC raises
1:17:23
the stakes for Windows security. But
1:17:26
so far we've seen zero indication
1:17:28
that Microsoft truly understands that this
1:17:30
is not something they could just
1:17:33
wave their hands around and claim
1:17:35
is now safe for them to
1:17:37
do because they said so. What's
1:17:40
not clear is whether they'll be
1:17:42
able to use the hardware that's
1:17:44
already present in those
1:17:46
co-pilot plus PCs to implement the sort
1:17:49
of super secure
1:17:51
enclave they're going to
1:17:53
need. And this is to your point Leo
1:17:55
you made a couple weeks ago about you
1:17:58
know that's really being what's now necessary.
1:18:01
And that makes it even
1:18:03
more doubtful that they'll be
1:18:05
able to securely retrofit the
1:18:07
inventory of existing Windows 11
1:18:09
hardware to provide the required
1:18:11
level of security. It may
1:18:13
take new hardware. Apple
1:18:16
has only managed to do it
1:18:18
for their iPhone handsets because their
1:18:20
hardware architecture is so tightly closed.
1:18:24
Windows has never been since
1:18:26
it's an OS designed to run
1:18:29
on third-party OEM hardware. So
1:18:31
for example, the phrase secure
1:18:34
boot is an oxymoron
1:18:36
since secure boot bypasses
1:18:38
are continually surfacing. I
1:18:42
realize that I'm spending a great deal
1:18:44
of time on recall. This is
1:18:46
now the fourth podcast where I've given it
1:18:49
some significant discussion. And
1:18:51
of course for the first two podcasts it was our
1:18:54
main topic. But given the
1:18:56
security and privacy significance of Microsoft's
1:18:58
proposal, it would be
1:19:00
difficult to give it more time than
1:19:02
it deserves. And
1:19:05
finally, I have two pieces of errata.
1:19:09
The first came from someone who
1:19:12
wanted to correct my recent
1:19:14
statement about the duration of
1:19:16
this podcast. He noted
1:19:18
that since we started in 2005, we are still in
1:19:20
our 19th year of the podcast, not
1:19:27
as I have been erroneously saying, in
1:19:29
our 20th year. So
1:19:32
in two months, we
1:19:34
will be having our 19th birthday, not
1:19:37
our 20th birthday. He
1:19:41
said, quote, the reason we listen
1:19:43
is that we know you care about getting
1:19:46
the details right. I'm
1:19:48
glad that comes through. So
1:19:50
I'm happy to correct the record. And
1:19:54
the second mistake several of
1:19:56
our astute listeners have spotted is
1:19:58
that I've been erroneous saying that
1:20:01
the big security changes in
1:20:03
Windows XP, its built-in
1:20:05
firewall being enabled by default and
1:20:08
its users access to raw sockets
1:20:10
being restricted, came about
1:20:12
with the release of XP's
1:20:14
final Service Pack 3. That's
1:20:18
wrong, it was the
1:20:20
release of XP's Service Pack
1:20:22
2 where Microsoft finally decided
1:20:24
that they needed to get
1:20:26
more serious about XP's security
1:20:29
and made those important changes.
1:20:31
So a thank you to
1:20:33
everyone who said, Steve, I
1:20:36
appreciate the feedback. Always. Wow,
1:20:38
that's a deep cut. I mean
1:20:41
have you talked about that in
1:20:43
a while? Yeah, last couple
1:20:45
weeks actually. Alright. It's
1:20:48
a long time ago you can be
1:20:50
excused for not remembering the exact details.
1:20:53
And I think the reason I'm, I
1:20:55
was getting
1:20:57
hung up on it is that I
1:20:59
have had occasion to install some Windows
1:21:01
XP's way
1:21:03
later and of course after installing
1:21:05
it I always install Service Pack
1:21:08
3 which was the last
1:21:10
Service Pack in order to bring it up, to
1:21:12
bring it current. But I do remember when they,
1:21:14
it was a big deal when
1:21:16
they built a firewall into Service Pack 2. That
1:21:18
was like, in fact, I
1:21:20
think we pretty much said don't use
1:21:22
XP until Service Pack 2 comes out,
1:21:25
basically. It was a much-needed Service
1:21:28
Pack as I remember. Yep. Alright,
1:21:30
well you're forgiven. I'm
1:21:34
always happy to correct my mistakes. That's good.
1:21:38
Let us talk about something
1:21:40
very important, our sponsor for this
1:21:42
hour, and then get to
1:21:44
the pseudo random
1:21:46
number generator or Pringle as
1:21:48
I call it. For hell.
1:21:50
For the Pringle from hell.
1:21:53
Although if I'd only used it
1:21:55
I would be in heaven. So
1:21:58
that's why it's a double-edged sword. true yeah you
1:22:01
would be a little richer yeah as
1:22:03
opposed to a richer see it it peaked
1:22:05
at sixty seven thousand dollars a
1:22:07
bit well thanks a
1:22:10
lot Leo don't do the man is he you
1:22:12
for don't do the man at his hard drive
1:22:14
yeah 50 of them would be worth
1:22:16
what three million almost
1:22:19
four million or north north of
1:22:21
yep that hurts it's
1:22:24
just money Steve money doesn't buy I'll just have
1:22:26
to earn at the old fashion way yeah there
1:22:28
you go let's
1:22:31
talk a little bit about the thinks to
1:22:34
canary because this is such a cool product
1:22:36
they've been advertising on this
1:22:38
show almost exclusively for almost a decade now
1:22:41
and we brought them a lot of
1:22:43
customers maybe you're one of them if
1:22:46
you are you maybe you've even tweeted your love
1:22:48
for the thinks canary in which case you're at
1:22:50
the canary dot tools
1:22:52
slash love page like
1:22:55
the CTO or is it the see
1:22:57
so of slack and so many other
1:22:59
well-known people would say you
1:23:02
know you could have perimeter defense fine all
1:23:04
fine and dandy but do you know if
1:23:07
someone's penetrated your network and how do you know
1:23:09
and more importantly do you know in
1:23:11
a timely fashion that's what the things
1:23:14
to canary does thinks to
1:23:16
canaries are honeypots basically they're
1:23:18
about the size of external USB hard
1:23:20
drive they're tiny little things they
1:23:22
have two connections one to a for
1:23:25
Ethernet plug it into your network one
1:23:27
to the wall give it some power and Bing
1:23:29
bada-bing bada-boom you got honey pot and
1:23:32
man these honey pots can be anything mine's a
1:23:34
Synology NAS just cuz I you know I could
1:23:37
make it other things but I'm just lazy but it's
1:23:39
easy to do you just go to the console you
1:23:41
can choose from a Windows server a Linux
1:23:44
server an IIS server SSH
1:23:48
you can make it a skate of literally
1:23:50
make it a skate of device if you're
1:23:52
worried about the Israeli army hacking
1:23:54
your centrifuges hey this
1:23:56
is what you need the
1:23:59
thing is once you set it up up, it doesn't
1:24:01
look like honeypot. It doesn't look vulnerable.
1:24:03
It looks valuable and that's the key.
1:24:05
You can also use your
1:24:07
things to set up tripwires. They call
1:24:09
them Canary tokens. Little files, put
1:24:12
them anywhere on your network. They could
1:24:14
be PDFs or DocEx or XLS. I have
1:24:16
a number of Excel
1:24:18
spreadsheets saying things
1:24:20
like employee passwords, employee
1:24:22
information, that kind of thing. Things that the
1:24:24
bad guys who penetrate your network go, oh,
1:24:27
and they open them and now as soon
1:24:29
as they open them, you
1:24:31
get an alert. Only the alerts that matter,
1:24:33
only the alerts that tell you someone's in
1:24:35
my network. On average, people
1:24:37
don't learn about prowlers inside
1:24:39
their network for 191 days. They could do a
1:24:42
lot of damage in that time.
1:24:44
Whether it's a malicious insider, an evil
1:24:46
maid who's in there, or it's somebody
1:24:49
who penetrated your defenses and is now
1:24:51
wandering around and they're very good at
1:24:53
hiding their tracks. They think, okay, sniff
1:24:55
here and there. They're looking for valuable
1:24:57
things. They can exfiltrate customer information, embarrassing
1:25:01
emails, that kind of thing. They're also looking for
1:25:03
where you keep your backups so
1:25:05
that when they do trigger a ransomware attack,
1:25:07
they know your backups are encrypted too. That
1:25:09
kind of thing. They're nasty, but the things
1:25:11
Canary detects them. Whether it's
1:25:13
accessing lure files or
1:25:16
brute forcing your fake internal SSH server, as
1:25:18
soon as they do that, your things Canary
1:25:20
will immediately tell you you've got a problem.
1:25:23
You could do it email, text, Slack,
1:25:26
syslog. You've got your own hosted console. They have
1:25:29
an API if you want to add it to
1:25:31
other things. Pretty much any way you
1:25:33
want to be notified. SMS,
1:25:35
of course, text. Then
1:25:38
you just wait. Push notifications, web hooks. Then
1:25:41
you just wait. Attackers who breached
1:25:43
your network, malicious insiders, and other
1:25:45
adversaries inevitably will make themselves known
1:25:47
by trying to attack your things
1:25:49
Canary or those Canary tokens. Then
1:25:52
you can route them, routes them
1:25:54
from your network. Visit
1:25:56
canary.tools slash twit. Now
1:25:59
some big. operations might have hundreds of them,
1:26:01
small places like ours might say have five.
1:26:04
Let's say five. Five thinks canaries,
1:26:06
$7,500 a year. You get five of them, you get
1:26:10
your own hosted console, you get your upgrade support,
1:26:12
your maintenance, and if you use the code twit
1:26:14
in the how did you hear about us box
1:26:16
you're gonna save ten percent off
1:26:19
on your thinks canaries for life. Now
1:26:23
if you're at all concerned good news you
1:26:25
can always return your thinks canaries within
1:26:28
two months you get 60 days
1:26:30
for a 100% money back refund.
1:26:33
But I have to tell you during all the years Steve
1:26:35
and I have been talking about thinks canaries in this show
1:26:37
no one has ever
1:26:39
asked for a refund not one not one
1:26:42
that tells you
1:26:44
something once you get these thinks canaries in
1:26:46
your network you're gonna go oh how
1:26:49
did I live without them. Visit
1:26:52
canary.com slash
1:26:54
the offer code twit in
1:26:56
the how did you hear about us box gets you 10% off
1:26:58
for life canary.tools
1:27:03
slash twit don't forget the offer
1:27:05
code TWIT and we thank
1:27:07
thanks to canary for supporting the
1:27:10
good work that Steve does here. Steve
1:27:13
let's talk about perks. Yes
1:27:17
Leo you may think it was bad
1:27:20
it's worse than you could
1:27:22
have imagined. Great. So
1:27:26
yeah the mixed blessing of
1:27:28
a lousy pseudo
1:27:30
random number generator or when
1:27:32
are you very glad that your
1:27:35
old password generator used
1:27:38
a very crappy pseudo random
1:27:40
number generator. So
1:27:42
today I want to share the true story
1:27:44
of a guy named Michael who
1:27:47
after generating 43 .6
1:27:51
Bitcoin lost the password
1:27:53
that was used to protect it with
1:27:56
Bitcoin currently trading at around $60,000 US Yes,
1:28:00
for each coin, that's around $2.6 million
1:28:03
worth of Bitcoin waiting for him at
1:28:06
the other side of the proper password.
1:28:09
Unlike many similar stories, this one has
1:28:11
a happy ending, but it's the
1:28:13
reason for the happy ending that
1:28:16
makes this such an interesting story for
1:28:18
this podcast and offers so many lessons
1:28:20
for us. Okay, now
1:28:23
by pure coincidence, the story was recently written
1:28:25
up by the same guy, Kim
1:28:28
Zetter, who wrote that piece
1:28:30
about Kaspersky for Zero Day that we
1:28:32
were discussing earlier. Kim's
1:28:34
story for Wired is titled, How
1:28:37
Researchers Cracked an 11-Year-Old Password
1:28:39
to a $3 Million Crypto
1:28:43
Wallet. He wrote,
1:28:46
two years ago when Michael, and he
1:28:48
has that in air quotes, Michael wants
1:28:51
to remain anonymous, two years ago, because
1:28:53
now Michael has a lot of
1:28:55
money, and he would rather just keep it to himself.
1:28:58
Two years ago, when Michael,
1:29:00
an owner of cryptocurrency, contacted
1:29:02
Joe Grand to help him
1:29:05
recover access to about $2
1:29:08
million worth of Bitcoin he had
1:29:10
stored in an encrypted format on
1:29:12
his computer, Joe turned
1:29:14
him down. Michael, who's
1:29:16
based in Europe and asked
1:29:18
to remain anonymous, stored the
1:29:21
cryptocurrency in a password-protected digital
1:29:23
wallet. He generated a
1:29:25
password using the RoboForm password
1:29:27
manager and stored that password
1:29:29
in a file encrypted with
1:29:31
a tool called TrueCrypt. At
1:29:34
some point, that file got corrupted, and
1:29:37
Michael lost access to the 20-character password
1:29:39
he'd generated to secure his 43.6 Bitcoin,
1:29:41
worth a total of about 4,000 pounds
1:29:44
or 5,300 back
1:29:50
in 2013 when it was generated and
1:29:52
stored. That's right, Michael, use the RoboForm
1:29:54
password manager. to
1:30:00
generate the password, but did not store
1:30:02
it in his manager. He
1:30:04
worried that someone would hack his computer
1:30:07
to obtain the password. Reasonable
1:30:09
concern. Joe
1:30:11
Grand is a famed hardware hacker
1:30:13
who in 2022 helped
1:30:16
another crypto wallet owner recover
1:30:18
access to two million dollars
1:30:20
in cryptocurrency he thought he'd
1:30:22
lost forever after forgetting
1:30:25
the pin to his
1:30:27
Trezor wallet, which is a
1:30:29
hardware device. Since then, dozens
1:30:32
of people have contacted
1:30:34
Grand to help them recover
1:30:36
their treasure. But Grand,
1:30:39
known by the hacker handle Kingpin,
1:30:41
turns down most of them for various
1:30:44
reasons. Grand is an
1:30:46
electrical engineer who began hacking computing
1:30:48
hardware at age and
1:30:50
in 2008 co-hosted the
1:30:53
Discovery Channel's prototype this
1:30:55
show. He now
1:30:57
consults with companies that build complex
1:30:59
digital systems to help them understand
1:31:02
how hardware hackers like him might
1:31:04
subvert their systems. He
1:31:06
cracked the Trezor wallet in 2022 using
1:31:10
hardware techniques that forced the
1:31:12
USB wallet to reveal its
1:31:15
password. But Michael
1:31:17
stored his cryptocurrency in a
1:31:19
software-based wallet which meant none
1:31:22
of Grand's hardware skills were
1:31:24
relevant this time. He
1:31:26
considered brute-forcing Michael's password writing
1:31:30
a script to automatically guess millions
1:31:33
of possible passwords to find the
1:31:35
correct one but determined
1:31:37
this wasn't feasible. Right,
1:31:39
you know 20 characters, upper and lower,
1:31:42
special cases, numbers and so forth as we
1:31:44
know 20 characters that's
1:31:46
strong security. He briefly
1:31:48
considered that
1:31:55
the RoboForm password manager Michael
1:31:57
used to generate his password
1:32:00
might have a flaw in
1:32:02
the way it generated passwords which would allow
1:32:04
him to guess the password more easily. Grand,
1:32:07
however, doubted such a
1:32:09
flaw existed. Michael
1:32:16
contacted multiple people who specialize
1:32:18
in cracking cryptography. They
1:32:20
all told him there's no chance
1:32:23
of retrieving his money, and I
1:32:26
should mention they should have
1:32:28
been right. Joe
1:32:31
Grand should have been right. All these
1:32:34
crypto specialists should have been right.
1:32:38
Last June he approached Joe
1:32:41
Grand again, hoping to convince
1:32:43
him to help, and this time Grand agreed
1:32:46
to give it a try, working
1:32:48
with a friend named Bruno in
1:32:50
Germany who also hacks digital wallets.
1:32:54
Grand and Bruno spent months reverse
1:32:56
engineering the version of
1:32:59
the RoboForm program that they
1:33:01
thought Michael had probably used
1:33:04
back in 2013, and
1:33:07
found that the
1:33:09
pseudo-random number generator used to
1:33:11
generate passwords in that version
1:33:14
and subsequent versions until 2015 did
1:33:19
indeed have a
1:33:21
significant flaw. Let
1:33:23
me just say calling
1:33:25
it a significant flaw is like,
1:33:29
you know, I don't know what. It's understatement.
1:33:32
Calling noon daylight or something. I
1:33:34
mean, okay. The
1:33:38
RoboForm program unwisely tied
1:33:40
the random passwords it generated,
1:33:42
and I should explain, I've
1:33:44
dug down into the technology.
1:33:46
I'm going to go into
1:33:48
kind of detail that our
1:33:50
listeners want after I'm through
1:33:52
sharing what Kim
1:33:55
wrote. So he wrote the
1:33:57
RoboForm program unwisely tied the random.
1:34:00
passwords it generated to the date and
1:34:02
time on the user's computer. It
1:34:05
determined the computer's date and time and
1:34:07
then generated passwords that were predictable. If
1:34:10
you knew the date and time and
1:34:12
other parameters, you could compute any password
1:34:14
that would have been generated on a
1:34:16
certain date and time in the past.
1:34:19
If Michael knew the
1:34:21
day or general time frame in 2013
1:34:24
when he generated
1:34:26
it, as well as
1:34:29
the parameters he used to generate
1:34:31
the password, for example the number
1:34:33
of characters in the password including
1:34:35
lower and upper case characters, figures
1:34:37
and special characters, and
1:34:39
by figures I guess he means numbers and special
1:34:41
characters, this would narrow the
1:34:43
possible password guesses to a manageable
1:34:45
number. Then they
1:34:48
could hijack the roboform function responsible
1:34:50
for checking the date and time
1:34:52
on a computer and get
1:34:54
it to travel back in time, believing
1:34:57
the current date was a day in the 2013
1:34:59
time frame when Michael
1:35:01
generated his password. Roboform
1:35:04
would then spit out the same
1:35:06
passwords it generated on the days
1:35:08
in 2013. There was
1:35:10
one problem, Michael could
1:35:12
not remember when he
1:35:14
created the password. According
1:35:17
to the log on his
1:35:19
software wallet, Michael moved Bitcoin
1:35:21
into his wallet for the first
1:35:23
time on April 14th 2013,
1:35:28
but he couldn't remember if he generated the
1:35:30
password the same day or sometime
1:35:32
before or after that. So
1:35:35
looking at the parameters of
1:35:37
other passwords he generated using
1:35:40
roboform, Grand and Bruno
1:35:42
configured roboform to generate 20
1:35:44
character passwords with upper and
1:35:47
lowercase letters, numbers and eight
1:35:49
special characters from March 1st
1:35:52
through April 20th 2013. It failed to generate
1:35:57
the right password. So,
1:36:00
Grandin Bruno lengthened the time frame
1:36:02
from April 20th out to June
1:36:04
1st, 2013, using the
1:36:08
same parameters. Still no
1:36:10
luck. Michael says that
1:36:12
Grandin Bruno kept coming back to him,
1:36:14
asking if he was sure about this
1:36:16
or that parameter that he'd used. He
1:36:19
stuck to his first answer. Michael said,
1:36:22
They were really annoying me, because who
1:36:24
knows what I did ten years ago.
1:36:28
Anyway, he found other passwords he generated with RoboForm in
1:36:30
2013, and two of them did not
1:36:33
use any special characters. So
1:36:35
Grandin Bruno adjusted. Last
1:36:38
November, they reached out again to
1:36:40
Michael to set up a meeting in person.
1:36:43
Michael said, I thought, oh my
1:36:46
god, they're going to ask me again
1:36:48
for the settings. Instead
1:36:51
they revealed that they had
1:36:53
finally found the correct password.
1:36:56
No special characters. And
1:36:58
it was generated on May 15th, 2013, at 4.10.40pm, GMT. Grand
1:37:09
wrote in an email to Wired, We
1:37:12
ultimately got lucky that our
1:37:15
parameters and time range was
1:37:17
correct. If either of those
1:37:19
were wrong, we would have continued
1:37:21
to take guesses and shots in the dark
1:37:23
and it would have taken significantly longer to
1:37:26
pre-compute all the possible passwords. Kim
1:37:28
then provides a bit of background about
1:37:31
RoboForm, writing, RoboForm,
1:37:35
made by US-based Cyber, spelled
1:37:37
with an S, systems,
1:37:40
was one of the first password
1:37:42
managers on the market, and
1:37:45
currently has more than 6 million
1:37:47
users worldwide, according to a company
1:37:49
report. In
1:37:51
2015, Cyber, S-I-B-E-R, seemed
1:37:54
to fix the RoboForm
1:37:56
password manager. In
1:37:59
a cursory science, Grand and Bruno
1:38:01
could not find any sign that
1:38:03
the pseudo-random number generator in the
1:38:06
2015 version used
1:38:08
the computer's time, which makes
1:38:11
them think they removed it to fix
1:38:13
the flaw, though Grand says they
1:38:15
would need to examine it more thoroughly to be
1:38:17
certain. Cyber Systems
1:38:19
confirmed to Wired that it did
1:38:21
fix the issue with version 7.9.14
1:38:23
of RoboForm released
1:38:29
on June 10, 2015,
1:38:32
but a spokesperson would not answer
1:38:34
questions about how it did so.
1:38:38
In a changelog on the company's website,
1:38:40
it mentions only that cyber
1:38:42
programmers made changes to quote,
1:38:45
increase randomness of generated
1:38:47
passwords unquote. But
1:38:50
it doesn't say how they did this. For
1:38:53
spokesman, Simon Davis says that
1:38:55
RoboForm 7 was
1:38:57
discontinued in 2017. Grand
1:39:01
says that without knowing how
1:39:03
cyber fixed the issue, attackers
1:39:05
may still be able to
1:39:07
regenerate passwords generated by versions
1:39:10
of RoboForm released before
1:39:12
the fix in 2015. He's
1:39:15
also not sure if current versions
1:39:17
contain the problem. He said quote,
1:39:20
I'm still not sure I would trust
1:39:22
it without knowing how they actually improved
1:39:25
the password generation in
1:39:27
more recent versions. I'm not
1:39:29
sure if RoboForm knew how
1:39:31
bad this particular weakness was
1:39:33
unquote. Kim
1:39:36
writes customers may also still be
1:39:38
using passwords that were generated with
1:39:40
the early versions of the program
1:39:42
before the fix. It
1:39:44
doesn't appear that cyber ever notified
1:39:46
customers when it released the fixed
1:39:48
version 7.9.14
1:39:52
in 2015 that they really should
1:39:54
regenerate new passwords for critical accounts
1:39:56
or data. The company
1:39:59
did not respond to a question
1:40:01
about this. If
1:40:03
cyber did not inform customers,
1:40:05
this would mean that anyone
1:40:07
like Michael, who used RoboForm
1:40:09
to generate passwords prior to
1:40:11
2015 and are still
1:40:13
using those passwords, may
1:40:16
have vulnerable passwords that hackers
1:40:18
can regenerate. Grant
1:40:20
said, quote, we know that most
1:40:22
people don't change passwords unless they're
1:40:25
prompted to do so. He
1:40:27
added that out of 935 passwords
1:40:30
in my password manager, he
1:40:32
said, not RoboForm, 220 of
1:40:35
them are
1:40:37
from 2015 and earlier, and
1:40:40
most of them are for sites
1:40:42
I still use, unquote. Depending
1:40:45
on what the company did to
1:40:47
fix the issue in 2015, newer
1:40:49
passwords may also be vulnerable. We
1:40:51
don't know. In
1:40:53
November, Grant and Bruno, having
1:40:55
earned their reward, deducted
1:40:58
a percentage of Bitcoin
1:41:01
from Michael's account for the work
1:41:03
they did, then gave
1:41:05
him the password to access the
1:41:08
rest. The Bitcoin was worth
1:41:10
38,000 per coin at the time. Michael
1:41:15
waited until it rose to 62,000 per coin and sold some
1:41:17
of it. He
1:41:20
now has 30 Bitcoin, now worth 3
1:41:23
million and is waiting for the value to
1:41:25
rise to $100,000 per
1:41:28
coin. Michael says
1:41:30
he was lucky that he lost
1:41:33
the password years ago because
1:41:35
otherwise he would have sold off the Bitcoin
1:41:37
when it was worth 40,000 per
1:41:40
coin and missed out on a
1:41:42
greater fortune. He said,
1:41:44
quote, my losing the password was
1:41:46
financially a good thing, unquote. Yeah,
1:41:48
that's how I feel. If I ever,
1:41:50
now you can never recover yours,
1:41:52
but if I ever remember my
1:41:54
password, why it's just been
1:41:57
a long term savings account. Okay.
1:42:00
So, but a bad PRNG. Oh,
1:42:03
they're always bad. Aren't they? That's
1:42:06
what the pseudo means. Oh,
1:42:08
well, Leo, wait for this. Oh my
1:42:10
God. First of all, Robo
1:42:13
form is probably a well-known
1:42:15
name to everyone, even those of us who
1:42:17
never had occasion to use it. They were
1:42:19
one of the first. I'm in that camp.
1:42:21
You're in that camp. I
1:42:23
think I use it back in
1:42:26
the day though. I mean, okay. Because it
1:42:28
was the only, it was the first one.
1:42:31
Yeah. Yes. Yes.
1:42:34
Okay. But since this podcast has
1:42:36
been going since 2005, we've covered the span of time
1:42:38
that Roboform was
1:42:42
apparently using a horrific
1:42:45
password generation scheme. One
1:42:49
of this podcast's early and
1:42:51
continuing focuses has been
1:42:53
on the importance of the strength
1:42:55
of pseudo random number generators used
1:42:58
in cryptographic operations. So
1:43:00
I was quite curious to
1:43:02
learn more about what exactly
1:43:04
Grand and Bruno found when
1:43:06
they peeled back the covers
1:43:09
of Roboform circa 2013. I
1:43:14
was reminded of a line
1:43:16
from the sci-fi movie Serenity
1:43:18
where our villain says to
1:43:20
Mel, it's worse than you know,
1:43:24
to which Mel replies, it usually is.
1:43:29
Believe it or not, whenever
1:43:31
the user of Roboform set
1:43:34
version 7.9.0 and probably my theory is even
1:43:41
version one, but we'll get to that
1:43:43
in a minute, but definitely 7.9.0,
1:43:45
which was released
1:43:48
on June 26 of 2023. Whenever
1:43:52
the user pressed its generate
1:43:54
password button Roboform
1:43:58
up until it's repair to. years
1:44:00
later, with 7.9.14, simply took
1:44:02
the Windows Systems UNIX time,
1:44:05
which is the number of
1:44:11
seconds elapsed since January 1,
1:44:13
1970, and directly and deterministically
1:44:15
used that time
1:44:20
of day to produce
1:44:23
the user's password. Boboform
1:44:27
didn't even take the
1:44:30
trouble to create
1:44:32
a unique per-system salt
1:44:35
so that differing installations
1:44:38
would produce differing bad
1:44:40
passwords. This
1:44:43
meant that if two users
1:44:45
anywhere were to press
1:44:48
the Generate Password button within
1:44:50
the same one-second
1:44:52
interval, if
1:44:54
they were using the same password
1:44:56
parameters, identical passwords would
1:44:59
be generated. Grandin
1:45:02
Bruno discovered something else when
1:45:04
they opened up Roboform. The
1:45:07
designers of this password generator that should
1:45:09
really just be called a time
1:45:11
scrambler realized that
1:45:14
if a user happened to press
1:45:16
the Generate Password button a second
1:45:18
time within the same
1:45:20
second, the same password would
1:45:22
be generated. To cover
1:45:25
up this flaw, they subtract a
1:45:27
fixed amount of time from the
1:45:29
system time for repeats. What
1:45:32
an utter disaster. One
1:45:34
thing we don't know is for
1:45:37
how long Roboform's password generator
1:45:39
was this horrific before
1:45:41
it was changed. I
1:45:44
originally wrote before it was fixed, but
1:45:46
we don't know how it was changed. But
1:45:57
I have a theory about that. is
1:46:01
that this must have
1:46:04
been the original
1:46:06
implementation of
1:46:08
Roboform's password generator. The
1:46:11
reason I think that is
1:46:13
that by 2013 no one
1:46:17
would have ever designed such
1:46:20
a horrifically lame password
1:46:22
generation scheme. This
1:46:25
had to have been a very
1:46:28
early password generator created
1:46:30
back in the late 90s or
1:46:32
early 2000s before
1:46:34
there was much awareness of the
1:46:36
proper way to do these things.
1:46:39
And then following the well
1:46:42
understood property of software inertia,
1:46:45
10 to 15 years went by
1:46:47
without anyone at Roboform bothering to
1:46:50
think about it again because
1:46:52
it was after all
1:46:55
producing random appearing passwords.
1:46:58
But for some reason, whatever
1:47:00
reason, eventually someone noticed
1:47:04
and apparently fixed
1:47:06
it. We don't know how, but at
1:47:08
least changed it. Grand and
1:47:10
Bruno note that something did finally change
1:47:13
in 2015 with
1:47:16
7.9.14. But since
1:47:19
Roboform is both closed
1:47:21
source and closed
1:47:24
mouthed, we have
1:47:26
no idea what may have precipitated the
1:47:28
change nor what the new
1:47:30
algorithm was changed to. So I'm
1:47:34
put in mind of Bitwarden,
1:47:36
the password generating sponsor of
1:47:38
this network where we can
1:47:40
know anything we want to
1:47:43
know about its innards. First,
1:47:46
because if we asked we'll be
1:47:48
told. Secondly, because it's
1:47:51
probably openly documented. And thirdly, because
1:47:53
the source code of the solution
1:47:55
is publicly available. None
1:47:58
of which is true for for
1:48:00
Roboform. The final
1:48:02
note that's worth repeating is
1:48:05
the point that Grand highlights. Regardless
1:48:07
of their apparent complexity, we
1:48:10
now know that's an illusion.
1:48:13
It's just the scrambled
1:48:15
time of day and date, without
1:48:19
even having any per-system
1:48:21
salt, which means that all user scramblings
1:48:23
are identical for all owners of Roboform,
1:48:25
probably from the beginning, its
1:48:30
first release through 2015. Therefore, any passwords that were
1:48:33
ever generated by Roboform,
1:48:40
presumably until version 7.9.14, can be reverse
1:48:42
engineered. So, the first thing that's
1:48:46
required to be a password is that
1:48:49
the set of possible passwords
1:48:51
can be further narrowed
1:48:55
by the degree to which their approximate
1:48:57
date of creation is known. Even
1:49:00
if the format of the password is
1:49:02
not known, there are a limited number
1:49:04
of choices available for upper and lower
1:49:06
case, special characters, numbers, and length. So,
1:49:09
if someone were determined to crack into
1:49:12
something that was being protected by a
1:49:14
password that they had reason to believe
1:49:16
had been generated by Roboform, and
1:49:19
they had some idea of when, such
1:49:21
as the date of the protected
1:49:23
account's creation, it's not a stretch
1:49:25
to imagine that it could be
1:49:27
done. Sure, I would
1:49:30
put the chances of this actually
1:49:32
happening being done as extremely remote
1:49:34
at best, but anyone
1:49:36
who was using Roboform back then,
1:49:38
who may have never had the
1:49:40
occasion to update their password since,
1:49:43
should at least be aware that
1:49:45
those passwords were simply generated by
1:49:48
scrambling the time of day, and
1:49:51
with a resolution of only one
1:49:53
second. There are not a
1:49:55
cryptographically strong number of seconds in a
1:49:57
day. While
1:50:00
I don't want to throw shade
1:50:02
on Robiform's products of today, which
1:50:05
might be excellent. Given
1:50:08
the history that has just been revealed,
1:50:11
Robiform is certainly not something
1:50:13
I could ever use or
1:50:15
recommend, especially when there are
1:50:17
alternatives like Bitwarden and 1Password
1:50:19
which are hiding nothing and
1:50:21
Robiform is hiding everything. And
1:50:24
this brings me to the final and most important point
1:50:26
and lesson I want to take away from this. Way
1:50:29
back when I and
1:50:31
this podcast first endorsed
1:50:34
LastPass, I was able
1:50:36
to do so with full confidence and
1:50:39
in fact the only reason I was able to
1:50:41
do so and did was
1:50:43
because the product's original designer
1:50:45
Joe Seegrist completely
1:50:47
disclosed its detailed operation
1:50:49
to me. It
1:50:52
was the 21st century and
1:50:55
Joe understood that the value he
1:50:57
was offering was not
1:50:59
some secret crypto mumbo jumbo.
1:51:03
That was 20th century thinking.
1:51:06
Joe understood that the value
1:51:08
he was offering was a
1:51:11
proper implementation of well
1:51:13
understood crypto that was then
1:51:15
wrapped into an appealing user
1:51:18
experience. The value
1:51:20
is not in proprietary secrecy,
1:51:22
it's in implementation, maintenance and
1:51:25
service. As we know, many
1:51:27
years and ownership changes later,
1:51:30
LastPass eventually let us down.
1:51:33
I hope Joe is relaxing on a
1:51:35
beach somewhere because he earned it. So
1:51:40
the lesson we should take from
1:51:42
what can only be considered a
1:51:44
Robiform debacle is that
1:51:47
something like the design of a
1:51:49
password generator is too
1:51:51
important for us to trust
1:51:53
without a full disclosure of
1:51:56
the system's operation and its
1:51:58
subsequent assessment by individuals. independent
1:52:00
experts. Any password
1:52:02
generator that anyone is using
1:52:05
should fully disclose its
1:52:07
algorithms. There's no
1:52:09
point in that being secret in
1:52:11
the 21st century. It doesn't necessarily
1:52:14
need to be open source, but
1:52:16
it must be open design. No
1:52:19
company should be allowed to get
1:52:21
away with producing passwords for us
1:52:23
while asking us just to assume
1:52:25
those passwords were
1:52:28
properly derived just because
1:52:30
their website looks so
1:52:32
nice. What the
1:52:34
marketing people say has
1:52:36
exactly zero bearing on
1:52:39
how the product operates. It's
1:52:41
obvious that we cannot assume that
1:52:44
just because a company is offering
1:52:46
a fancy looking crypto product that
1:52:48
they have any idea how to
1:52:51
correctly design and produce such a
1:52:53
thing. There's no reason
1:52:55
to believe that there are not
1:52:57
more robo forms out there. What's
1:53:01
the best way? I mean, software
1:53:05
random number generators are
1:53:09
pseudo because they repeat eventually. Remember
1:53:11
that the first thing I started
1:53:14
doing, the first piece
1:53:16
of technology I designed for squirrel
1:53:18
and I talked about it on
1:53:20
the podcast was I created what
1:53:22
I called an entropy harvester. It
1:53:24
was harvesting entropy
1:53:27
from a range of
1:53:29
sources. It was pulling
1:53:31
from Windows own random
1:53:34
number generator. I fed mouse
1:53:37
clicks and network
1:53:42
received network packets, DNS,
1:53:46
transfer rates, all the noise
1:53:49
that I could was constantly
1:53:52
being poured into a hash that
1:53:55
that squirrel was churning. And the
1:53:57
idea was to. that
1:54:00
to create something unpredictable,
1:54:03
unpredictability is the single
1:54:05
thing you want. And
1:54:08
so the idea was that, I
1:54:10
mean like almost immediately squirrels,
1:54:13
pseudo random number generator would
1:54:16
just have so much noise poured
1:54:18
into it, all of
1:54:20
that affecting its state, that there
1:54:22
would be no way for anybody
1:54:24
downstream to have ever been able
1:54:27
to predict the state that
1:54:29
squirrels pot of entropy was in
1:54:32
at the time that it generated
1:54:34
a secret key. Right, Galia
1:54:36
is reminding us that CloudFlare uses a
1:54:38
wall of lava lamps to
1:54:40
generate their random numbers. But
1:54:44
it's not the seed you're generating
1:54:46
because as I remember with software
1:54:48
random number generators, if
1:54:51
you reuse the same seed, you'll
1:54:53
get the same sequence of numbers, it'll repeat
1:54:55
events, right? Those are
1:54:58
old pseudo random number generators. That's not how we
1:55:00
do it anymore. Right. Okay.
1:55:03
And I do remember you saying the best way to do
1:55:05
it would be use a capacitor. Was
1:55:07
that right? Actually a diode.
1:55:10
A diode, that's right. A
1:55:12
reverse bias diode where you put
1:55:14
it just
1:55:17
at the diode
1:55:19
junction's breakdown voltage and
1:55:22
what happens is you
1:55:24
get completely unpredictable electron
1:55:26
tunneling across the reverse
1:55:28
biased junction
1:55:30
to literally create hiss.
1:55:34
If you listen to it, it is hiss. Right.
1:55:37
And it is truly, it is
1:55:39
quantum level noise. Wow.
1:55:42
And that's as good as it gets. That would be the best way you think,
1:55:44
as good as it gets. That is
1:55:46
what all of the
1:55:48
true random number generators now do,
1:55:50
is a variation on that. They
1:55:53
actually do some post-processing because
1:55:55
the noise can be skewed,
1:55:57
but it is utterly unknowable.
1:56:00
This is actually a fascinating problem
1:56:03
in computer science because
1:56:06
you know, we might say well is a coin flip random?
1:56:08
Well it is with a perfect
1:56:10
coin but no coin is perfect. A
1:56:14
roulette wheel is random with a perfect roulette
1:56:16
wheel but there is no such thing. They
1:56:19
all have biases. I
1:56:21
was asked in 1974 to
1:56:26
design a little
1:56:29
machine that some people
1:56:31
would take to Las Vegas and
1:56:34
it was going to be operated with tow
1:56:36
switches because it could not.
1:56:38
That's the eudemonic pie. This was in
1:56:40
Santa Cruz right? There's
1:56:43
a book about this. Actually it was close
1:56:46
to Santa Cruz. Yeah there's a famous book
1:56:48
about this. Have you read the eudemonic pie?
1:56:51
No. Well they got caught. But
1:56:55
they made a lot of money. Yeah
1:56:58
and what they were doing was they
1:57:01
were recording, at least
1:57:03
in the case of the guys who asked me
1:57:05
to develop this thing, they
1:57:08
were recording roulette wheel results
1:57:10
because no roulette wheel is
1:57:13
perfect. Right. And
1:57:16
believe it or not they had
1:57:18
this thing running already and they
1:57:21
were using a wire recorder to
1:57:23
record tones that their toes
1:57:25
were generating and they wanted me to
1:57:28
do a solid state version for them.
1:57:30
They wore computers in their shoes to
1:57:34
basically solve roulette and
1:57:37
they went a lot of money and because
1:57:39
people are used to people counting cards in
1:57:41
blackjack but everybody in
1:57:43
Vegas assumes a roulette wheel can't be
1:57:46
beat. Well it can. If
1:57:48
you haven't read this book you gotta read it. I wonder if
1:57:50
it's the same guys. Very
1:57:53
interesting story. The eudemonic pie.
1:57:56
And I'm pretty sure that they were in
1:57:59
Santa Cruz area. Well, that would be
1:58:01
the right physical area because I was in Mountain
1:58:03
View, which is just and it was a computer
1:58:06
they would Wow,
1:58:08
yep Wow How
1:58:11
fascinating is that? So
1:58:14
yeah, I see maybe someday maybe she
1:58:17
got a little you know a
1:58:19
slow week I know there's never a slow week
1:58:21
on this show you could talk a
1:58:23
little bit about random numbers and Why
1:58:26
they're pseudo and why you know how
1:58:28
to how it's a challenge It's not
1:58:30
a not it's a non-trivial way to
1:58:32
to generate those with
1:58:34
computers and crucially important. It's funny because
1:58:38
We think about crypto as solving
1:58:40
all the problems but but
1:58:43
I'm I'm not sure I can think of an
1:58:45
instance Where you
1:58:47
don't need something random when you're choosing
1:58:49
a private key for a public key
1:58:51
crypto You need a high quality random
1:58:54
numbers and we've seen failures of that
1:58:56
where for example studies
1:58:58
of the private keys used on
1:59:00
web servers have have turned
1:59:02
up a surprising number of collisions right
1:59:04
of private
1:59:07
keys because they were all They
1:59:10
were all getting their key shortly
1:59:12
after turning on a version of
1:59:14
Linux that hadn't yet had time
1:59:17
To to to develop enough entropy.
1:59:19
It hadn't warmed up its pseudo
1:59:21
random number generator enough I think
1:59:23
that you were I can't
1:59:25
believe you're not heard of the book the book focuses
1:59:27
on a group of University of California Santa Cruz Physics
1:59:30
graduate students who in the
1:59:32
late 70s and early 80s
1:59:34
designed and played miniaturized computers
1:59:36
hidden in specially modified platform
1:59:38
sold shoes to predict the
1:59:41
outcome of casino roulette games I Think
1:59:44
I think you were on an unwitting You
1:59:48
didn't do it though, right? I didn't do it. You didn't
1:59:50
do it. They found somebody to do it
1:59:53
Wow what a story That
1:59:56
may also be the one of the first wearable computers
1:59:58
I Steve
2:00:02
Gibson, you see, he has a
2:00:05
history in this business. He
2:00:07
knows what he's talking about. That's why we listen
2:00:09
to him with such rapt attention. Steve
2:00:12
does Security Now every Tuesday.
2:00:14
We try to start right after Mac Break Weekly around 1.30 p.m.
2:00:18
This, you know, often bleeds over
2:00:20
to about 2 p.m. Pacific. That's 5 p.m.
2:00:22
Eastern, 2100 UTC. We
2:00:25
do stream it live. You're just so impatient to
2:00:28
get your Security Now fix, you can't wait. You
2:00:31
go to youtube.com/twit slash live and you
2:00:33
can catch the live stream. But
2:00:36
of course, we have on-demand
2:00:38
versions because it's a podcast. Now
2:00:40
Steve has some interesting versions that are
2:00:42
unlike anything else. He
2:00:45
has the 64-kilobit audio. I
2:00:47
would say that's the canonical version. We have that
2:00:49
at our website as well. We
2:00:52
have video, which is absolutely not canonical.
2:00:54
But you have something even weirder,
2:00:57
which is 16-kilobit audio, which
2:00:59
sounds a little bit like Thomas Edison
2:01:01
on a recording disc, but
2:01:04
it's got the virtue of being a very, very
2:01:06
small file size. Now Elaine
2:01:08
Ferris, who is a court reporter and a
2:01:10
transcriptionist, then takes that file and
2:01:12
types it up. So Steve also has a full
2:01:15
human-written, not AI-generated transcript
2:01:18
of each show, of all 980 shows. Those
2:01:23
are all on his website. grc.com.
2:01:26
He also has his show notes there in the picture of the
2:01:28
day and all of that stuff. Now if
2:01:31
you go to grc.com/email, you can sign
2:01:33
up to get that stuff in
2:01:35
the mail automatically. But
2:01:38
you don't have to. In fact, the default
2:01:40
is off. It just basically approves your address
2:01:42
so that you can email Steve after that.
2:01:45
So that's a new feature that Steve's added. You may hear
2:01:47
him talk about it on the show. He
2:01:49
also has, and I think you might have heard him talk
2:01:51
about this as well, a little
2:01:53
thing called Spinrite 6.1, the world's best
2:01:56
Macintosh. storage
2:02:01
performance enhancer maintenance and
2:02:04
recovery utility. Did I get all
2:02:06
that? I think I did. Well done. Yes and
2:02:09
it is well worth it. It's Steve's bread and butter
2:02:11
so you support him when you buy it and
2:02:13
of course it's pretty much a lifetime license.
2:02:17
I mean he's very lenient
2:02:19
with all of that. So go on
2:02:21
in there if you already bought one you can
2:02:23
get an upgrade of 6.1. There's
2:02:26
lots of other free stuff there. Shields up and I
2:02:29
really think this Valadrive program is
2:02:31
very important. It validates the
2:02:33
actual that the USB key that you purchased
2:02:35
on Amazon actually has the amount of data
2:02:37
it says it does. Lots of them don't.
2:02:40
Valadrive will let you know.
2:02:43
Our site is twit.tv slash SN
2:02:45
for security now. That's where you can
2:02:47
download the show. There's
2:02:49
a YouTube channel with just the video. There's audio
2:02:51
too but I mean the video versions are on
2:02:54
YouTube and that's nice for sharing if you say
2:02:56
oh I gotta send the boss this clip. Oh
2:02:59
wow. Just clip
2:03:02
it on YouTube. YouTube makes it very easy. You can send
2:03:04
it to him and everybody has access to that. The
2:03:07
best way to get the show though is to
2:03:09
subscribe so you get the show automatically.
From The Podcast
Security Now (Audio)
Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week.Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.Join Podchaser to...
- Rate podcasts and episodes
- Follow podcasts and creators
- Create podcast and episode lists
- & much more
Episode Tags
Claim and edit this page to your liking.
Unlock more with Podchaser Pro
- Audience Insights
- Contact Information
- Demographics
- Charts
- Sponsor History
- and More!
- Account
- Register
- Log In
- Find Friends
- Resources
- Help Center
- Blog
- API
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More
- © 2024 Podchaser, Inc.
- Privacy Policy
- Terms of Service
- Contact Us