Security Now 1038: Perplexity's Duplicity

Summary

Security Now 1038: Perplexity's Duplicity - Detailed Summary

Release Date: August 13, 2025
Hosts: Leo Laporte and Steve Gibson
Podcast Series: All TWiT.tv Shows (Audio)
Episode Title: Perplexity's Duplicity

1. Introduction and Episode Overview

The episode begins with Leo Laporte expressing appreciation for Steve Gibson's role in the cybersecurity landscape, highlighting his ability to provide reassurance amidst ongoing security threats. The hosts acknowledge the podcast's milestone, marking the final episode of its 20th year before transitioning into year 21.

2. CISA's Emergency Directive on Microsoft Exchange Servers

[03:55] Steve Gibson:
Steve delves into the recent emergency directive issued by the Cybersecurity and Infrastructure Security Agency (CISA) targeting federal agencies. The directive addresses a critical vulnerability in Microsoft Exchange Hybrid configurations that allows attackers to escalate privileges from on-premises servers to the Microsoft 365 cloud environment.

Key Points:

Vulnerability Details:
A post-authentication flaw permits lateral movement from on-premises Exchange servers to the cloud, posing grave risks to organizations using Microsoft Exchange Hybrid setups.
CISA's Authority:
CISA operates under Section 3553, Title 44 of the U.S. Code, empowering them to issue directives to federal agencies in response to substantial information security threats.
Microsoft's Response:
Microsoft has released an April 2025 patch that reconfigures the authentication process between on-premises and cloud environments, mitigating the vulnerability by introducing a standalone Entra app.

Notable Quote:
Steve emphasizes the complexity of modern security issues, stating, "We have jumped into all this without really knowing how to write code that was bug-free...something crawled into your network and erased all your data."

3. Nvidia's Stance Against Hardware Backdoors

[24:13] Steve Gibson:
The conversation shifts to Nvidia's firm rejection of proposed governmental mandates to include kill switches, backdoors, and location-tracking technologies in their GPU chips. This stance is in response to U.S. officials' exploration of such requirements to prevent technology from reaching adversaries like China.

Key Points:

Nvidia's Official Statement:
Nvidia categorically denies the presence of kill switches or backdoors in their GPUs, arguing that such features would undermine global digital infrastructure and trust in U.S. technology.
Historical Context:
Comparison is made to the 1990s NSA Clipper Chip initiative, which failed due to inherent vulnerabilities and undermined user confidence.
Industry Impact:
Embedding backdoors would create single points of failure, making systems more susceptible to hacks and attacks.

Notable Quote:
Nvidia states, "There is no such thing as a good secret backdoor, only dangerous vulnerabilities that need to be eliminated."

4. Dashlane Password Manager Terminates Free Tier

[31:20] Leo Laporte:
Leo brings up Dashlane's announcement to terminate its free tier service, prompting a discussion on the viability of password managers that impose limitations on free users.

Key Points:

Dashlane's Change:
Starting September 16, 2025, Dashlane will no longer offer a free tier, restricting users to their premium plan which allows unlimited passwords and passkeys.
Alternative Recommendations:
Steve and Leo recommend alternatives like 1Password and Bitwarden, which offer more generous free tiers and are open-source, ensuring longevity and reliability.

Notable Quote:
Steve remarks, "I just couldn't believe that anybody... could be using a password manager with a 25 password limit. I just, I don't get it."

5. SonicWall Firewall Compromised

[61:03] Steve Gibson:
The hosts discuss a security breach involving SonicWall's Gen 7 firewalls, where attackers exploited vulnerabilities to deploy ransomware within enterprise networks.

Key Points:

Nature of the Breach:
Attackers exploited previously disclosed vulnerabilities (CVE 2024.40766) through weak password policies during migrations from Gen 6 to Gen 7 firewalls.
SonicWall's Response:
The company advises customers to update firmware to version 7.3.0, reset all local user accounts with SSL VPN access, and implement additional security measures like botnet protection and GeoIP filtering.

Notable Quote:
Steve highlights the severity, stating, "It doesn't get much worse than that," referring to the deployment of ransomware via SSL VPN vulnerabilities.

6. Dell Latitude and Precision Laptops Vulnerabilities

[73:35] Steve Gibson:
A significant portion of the episode is dedicated to vulnerabilities discovered in Dell's Latitude and Precision laptop series, involving the Control Vault 3 firmware.

Key Points:

Vulnerability Details:
Five critical flaws (codenamed Revolt) in Broadcom's Control Vault 3 firmware allow attackers to execute arbitrary code without elevated privileges, affecting over 100 Dell laptop models.
Impact:
The vulnerabilities enable persistent implants that survive operating system reinstalls and can grant admin and system privileges, bypassing Windows login mechanisms.
Cisco Talos' Findings:
Cisco's Talos Security Group reverse-engineered the firmware, uncovering buffer overflows and unsafe deserialization vulnerabilities that compromise system security.
Dell's Mitigation:
Dell has released firmware updates available through Windows Update and their website. Users are urged to apply these patches immediately to secure their devices.

Notable Quote:
Steve warns, "The bugs can be exploited via a Windows API and don't require elevated privileges."

7. AI and Perplexity's Scraping Behavior

[142:20] Steve Gibson:
The episode shifts focus to the controversial behavior of Perplexity, an AI-powered answer machine, as uncovered by Cloudflare.

Key Points:

Perplexity's Actions:
Cloudflare identified that Perplexity bypassed crawling restrictions by altering its user agent and rotating IP addresses to evade blocks. This behavior violates standard web crawling norms outlined in RFC 9309.
Implications for Websites:
Perplexity's disregard for robots.txt directives undermines website owners' control over their content, raising ethical and legal concerns about AI scraping practices.
Perplexity's Response:
Perplexity contends that Cloudflare misrepresented their crawling workflow and that some of the requests attributed to them were from third-party tools like Browser Base.
Debate on Open Web vs. Controlled Access:
The discussion touches on the balance between maintaining an open web and allowing website owners to control automated access, especially in the context of AI training data acquisition.

Notable Quotes:
Steve asserts, "Anyone has a right to say I don't want you visiting my site."
Leo adds, "The whole point of the web is putting that information out there for everyone."

8. Listener Feedback and Tool Recommendations

[107:17] Steve Gibson:
Several listeners' questions and feedback are addressed, including recommendations for tools like Spinrite and DNS Benchmark.

Key Points:

Spinrite on Non-PC Devices:
Steve provides guidance on running Spinrite on devices like Kindles and Android tablets by utilizing bootable USB drives and exposing internal storage as a drive.
DNS Benchmark Pro Release:
Steve announces the upcoming release of DNS Benchmark Pro, highlighting its enhanced features for continuous resolver performance monitoring and statistical significance in results.
InControl Software Issues:
Listener Michael reports an issue with InControl blocking the KB517 16 update, which is crucial for maintaining Windows 10 security patch extensions. Steve confirms the behavior and explains the necessity of updating to prevent forced migrations to Windows 11.

Notable Quote:
Steve emphasizes the importance of backups, saying, "Our listeners knew that for many years I was using and loving the free sync.com encrypted file backup and cross machine synchronization."

9. Sci-Fi News: Alien Earth Series Premiere

[127:33] Leo Laporte:
The hosts segue into lighter content by discussing the premiere of the "Alien Earth" series, a continuation of the iconic sci-fi franchise.

Key Points:

Series Overview:
"Alien Earth" is a Ridley Scott-produced series premiering on FX, set two years before the events of the original "Alien" film. It explores the discovery of an alien ship on Earth and the ensuing chaos.
Reception and Expectations:
Initial episodes received high ratings, and the series boasts a substantial budget with significant participation from actors like Timothy Olyphant and Sigourney Weaver.

Notable Quote:
Steve shares his excitement, "I've watched all of that, all those movies several times and all the follow-ons anyway. So it is with some anticipation that tonight Lori and I will be watching the first two episodes..."

10. Conclusion and Final Thoughts

The episode wraps up with reflections on the evolving cybersecurity landscape, the challenges posed by AI scraping, and the importance of maintaining robust security practices. Leo emphasizes the need for an open web while acknowledging the complexities introduced by AI technologies.

Notable Quote:
Leo concludes, "I think it's complicated. We really have to think about what our fundamental values are when it comes to the web."

Key Takeaways:

Critical Vulnerabilities:
Both Microsoft Exchange Hybrid setups and Dell's Control Vault 3 firmware have exposed significant vulnerabilities that demand immediate attention and patching to prevent widespread exploitation.
AI Ethics and Web Scraping:
The behavior of AI tools like Perplexity raises important questions about the ethics of web scraping, respect for robots.txt directives, and the balance between open information access and content ownership.
Password Management Evolution:
The termination of Dashlane's free tier underscores the necessity for reliable and unrestricted password management solutions, with open-source alternatives gaining favor.
Industry Responses to Security Threats:
Companies like SonicWall and Nvidia are actively responding to security challenges by updating their products and taking firm stands against potential vulnerabilities and legislative pressures.

This comprehensive summary encapsulates the pivotal discussions and insights shared by Leo Laporte and Steve Gibson in "Security Now" Episode 1038, providing listeners with a clear understanding of the episode's content without necessitating prior exposure to the podcast.

Summary

Security Now 1038: Perplexity's Duplicity - Detailed Summary

Release Date: August 13, 2025
Hosts: Leo Laporte and Steve Gibson
Podcast Series: All TWiT.tv Shows (Audio)
Episode Title: Perplexity's Duplicity

1. Introduction and Episode Overview

2. CISA's Emergency Directive on Microsoft Exchange Servers

Key Points:

Vulnerability Details:
A post-authentication flaw permits lateral movement from on-premises Exchange servers to the cloud, posing grave risks to organizations using Microsoft Exchange Hybrid setups.
CISA's Authority:
CISA operates under Section 3553, Title 44 of the U.S. Code, empowering them to issue directives to federal agencies in response to substantial information security threats.
Microsoft's Response:
Microsoft has released an April 2025 patch that reconfigures the authentication process between on-premises and cloud environments, mitigating the vulnerability by introducing a standalone Entra app.

3. Nvidia's Stance Against Hardware Backdoors

Key Points:

Nvidia's Official Statement:
Nvidia categorically denies the presence of kill switches or backdoors in their GPUs, arguing that such features would undermine global digital infrastructure and trust in U.S. technology.
Historical Context:
Comparison is made to the 1990s NSA Clipper Chip initiative, which failed due to inherent vulnerabilities and undermined user confidence.
Industry Impact:
Embedding backdoors would create single points of failure, making systems more susceptible to hacks and attacks.

Notable Quote:
Nvidia states, "There is no such thing as a good secret backdoor, only dangerous vulnerabilities that need to be eliminated."

4. Dashlane Password Manager Terminates Free Tier

[31:20] Leo Laporte:
Leo brings up Dashlane's announcement to terminate its free tier service, prompting a discussion on the viability of password managers that impose limitations on free users.

Key Points:

Dashlane's Change:
Starting September 16, 2025, Dashlane will no longer offer a free tier, restricting users to their premium plan which allows unlimited passwords and passkeys.
Alternative Recommendations:
Steve and Leo recommend alternatives like 1Password and Bitwarden, which offer more generous free tiers and are open-source, ensuring longevity and reliability.

Notable Quote:
Steve remarks, "I just couldn't believe that anybody... could be using a password manager with a 25 password limit. I just, I don't get it."

5. SonicWall Firewall Compromised

[61:03] Steve Gibson:
The hosts discuss a security breach involving SonicWall's Gen 7 firewalls, where attackers exploited vulnerabilities to deploy ransomware within enterprise networks.

Key Points:

Nature of the Breach:
Attackers exploited previously disclosed vulnerabilities (CVE 2024.40766) through weak password policies during migrations from Gen 6 to Gen 7 firewalls.
SonicWall's Response:
The company advises customers to update firmware to version 7.3.0, reset all local user accounts with SSL VPN access, and implement additional security measures like botnet protection and GeoIP filtering.

Notable Quote:
Steve highlights the severity, stating, "It doesn't get much worse than that," referring to the deployment of ransomware via SSL VPN vulnerabilities.

6. Dell Latitude and Precision Laptops Vulnerabilities

[73:35] Steve Gibson:
A significant portion of the episode is dedicated to vulnerabilities discovered in Dell's Latitude and Precision laptop series, involving the Control Vault 3 firmware.

Key Points:

Vulnerability Details:
Five critical flaws (codenamed Revolt) in Broadcom's Control Vault 3 firmware allow attackers to execute arbitrary code without elevated privileges, affecting over 100 Dell laptop models.
Impact:
The vulnerabilities enable persistent implants that survive operating system reinstalls and can grant admin and system privileges, bypassing Windows login mechanisms.
Cisco Talos' Findings:
Cisco's Talos Security Group reverse-engineered the firmware, uncovering buffer overflows and unsafe deserialization vulnerabilities that compromise system security.
Dell's Mitigation:
Dell has released firmware updates available through Windows Update and their website. Users are urged to apply these patches immediately to secure their devices.

Notable Quote:
Steve warns, "The bugs can be exploited via a Windows API and don't require elevated privileges."

7. AI and Perplexity's Scraping Behavior

[142:20] Steve Gibson:
The episode shifts focus to the controversial behavior of Perplexity, an AI-powered answer machine, as uncovered by Cloudflare.

Key Points:

Perplexity's Actions:
Cloudflare identified that Perplexity bypassed crawling restrictions by altering its user agent and rotating IP addresses to evade blocks. This behavior violates standard web crawling norms outlined in RFC 9309.
Implications for Websites:
Perplexity's disregard for robots.txt directives undermines website owners' control over their content, raising ethical and legal concerns about AI scraping practices.
Perplexity's Response:
Perplexity contends that Cloudflare misrepresented their crawling workflow and that some of the requests attributed to them were from third-party tools like Browser Base.
Debate on Open Web vs. Controlled Access:
The discussion touches on the balance between maintaining an open web and allowing website owners to control automated access, especially in the context of AI training data acquisition.

Notable Quotes:
Steve asserts, "Anyone has a right to say I don't want you visiting my site."
Leo adds, "The whole point of the web is putting that information out there for everyone."

8. Listener Feedback and Tool Recommendations

[107:17] Steve Gibson:
Several listeners' questions and feedback are addressed, including recommendations for tools like Spinrite and DNS Benchmark.

Key Points:

Spinrite on Non-PC Devices:
Steve provides guidance on running Spinrite on devices like Kindles and Android tablets by utilizing bootable USB drives and exposing internal storage as a drive.
DNS Benchmark Pro Release:
Steve announces the upcoming release of DNS Benchmark Pro, highlighting its enhanced features for continuous resolver performance monitoring and statistical significance in results.
InControl Software Issues:
Listener Michael reports an issue with InControl blocking the KB517 16 update, which is crucial for maintaining Windows 10 security patch extensions. Steve confirms the behavior and explains the necessity of updating to prevent forced migrations to Windows 11.

9. Sci-Fi News: Alien Earth Series Premiere

[127:33] Leo Laporte:
The hosts segue into lighter content by discussing the premiere of the "Alien Earth" series, a continuation of the iconic sci-fi franchise.

Key Points:

Series Overview:
"Alien Earth" is a Ridley Scott-produced series premiering on FX, set two years before the events of the original "Alien" film. It explores the discovery of an alien ship on Earth and the ensuing chaos.
Reception and Expectations:
Initial episodes received high ratings, and the series boasts a substantial budget with significant participation from actors like Timothy Olyphant and Sigourney Weaver.

10. Conclusion and Final Thoughts

Notable Quote:
Leo concludes, "I think it's complicated. We really have to think about what our fundamental values are when it comes to the web."

Key Takeaways:

Critical Vulnerabilities:
Both Microsoft Exchange Hybrid setups and Dell's Control Vault 3 firmware have exposed significant vulnerabilities that demand immediate attention and patching to prevent widespread exploitation.
AI Ethics and Web Scraping:
The behavior of AI tools like Perplexity raises important questions about the ethics of web scraping, respect for robots.txt directives, and the balance between open information access and content ownership.
Password Management Evolution:
The termination of Dashlane's free tier underscores the necessity for reliable and unrestricted password management solutions, with open-source alternatives gaining favor.
Industry Responses to Security Threats:
Companies like SonicWall and Nvidia are actively responding to security challenges by updating their products and taking firm stands against potential vulnerabilities and legislative pressures.

wavePod

Powered by Wave AI

Summary

Security Now 1038: Perplexity's Duplicity - Detailed Summary

1. Introduction and Episode Overview

2. CISA's Emergency Directive on Microsoft Exchange Servers

3. Nvidia's Stance Against Hardware Backdoors

4. Dashlane Password Manager Terminates Free Tier

5. SonicWall Firewall Compromised

6. Dell Latitude and Precision Laptops Vulnerabilities

7. AI and Perplexity's Scraping Behavior

8. Listener Feedback and Tool Recommendations

9. Sci-Fi News: Alien Earth Series Premiere

10. Conclusion and Final Thoughts

Key Takeaways:

Summary

Security Now 1038: Perplexity's Duplicity - Detailed Summary

1. Introduction and Episode Overview

2. CISA's Emergency Directive on Microsoft Exchange Servers

3. Nvidia's Stance Against Hardware Backdoors

4. Dashlane Password Manager Terminates Free Tier

5. SonicWall Firewall Compromised

6. Dell Latitude and Precision Laptops Vulnerabilities

7. AI and Perplexity's Scraping Behavior

8. Listener Feedback and Tool Recommendations

9. Sci-Fi News: Alien Earth Series Premiere

10. Conclusion and Final Thoughts

Key Takeaways: