Risky Business #780 -- ASD torched Zservers data while admins were drunk - Risky Business

Summary7 min read

Risky Business #780 Summary: ASD's Bold Move Against Z Servers, Emerging Phishing Techniques, and More

Release Date: February 19, 2025
Host: Patrick Gray
Guest: Adam Boileau

1. ASD's Counterstrike Against Z Servers and the Medibank Data Breach (00:00 - 06:22)

Patrick Gray opens the episode by commemorating David Jorm, a respected figure in Australian Cyber Security, setting a somber tone before diving into the week's security news. The primary focus is on a significant operation by Australia’s Signals Intelligence Agency (ASD) targeting Z Servers, a notorious Russian bulletproof hosting provider.

Adam Boileau elaborates on the Medibank data breach, where ransomware attackers compromised sensitive medical data of approximately 10 million Australians, traced back to Alexander Ermakov. ASD's intervention involved a meticulous "search and destroy" mission that resulted in the seizure of about half a terabyte of Medicare data from Z Servers.

Adam Boileau [02:58]: "The RMRF shark allegedly got rid of about half a terabyte of Medicare data that was stored on there."

Patrick adds intrigue by describing ASD's strategic approach—waiting until Z Servers' admins were incapacitated by alcohol at a party before launching the attack. This operation not only disrupted the criminal infrastructure but also showcased the depth of ASD's capabilities, including the use of linguists and psychologists to accurately profile and identify Ermakov.

Patrick Gray [04:10]: "They had linguists and psychologists building profiles on these guys, which I think this is interesting because... we know Mr. Ermikov very well."

2. Emerging Phishing Techniques: Device Code Phishing (06:09 - 13:47)

The discussion shifts to device code phishing, a technique gaining traction among Russian Advanced Persistent Threat (APT) groups. This method exploits the device code authentication process used in services like M365, where users enter a code on a separate device to authorize access.

Adam explains how attackers deceive users into providing these codes through seemingly legitimate requests, thereby obtaining long-term access tokens to compromise accounts.

Adam Boileau [07:41]: "This phishing process is designed to kind of capture that code by exploiting the confusion about what you're authenticating to."

Patrick underscores the complexity and confusion inherent in modern authentication flows, making them ripe for exploitation. Both hosts express concerns over the resilience of current authentication mechanisms in the face of such sophisticated phishing attacks.

Patrick Gray [10:13]: "This is really cool... just about how modern authentication flows are just confusing."

3. Website Defacement and Cloudflare's Struggles with Spanish Soccer Piracy (13:47 - 18:24)

Patrick introduces a lighter yet concerning topic: the defacement of the doge.gov website. Citing Jason Cobler from 404 Media, he details how the site, intended for aggregating social media posts and stats, was compromised due to an unsecured data store, allowing unauthorized content postings.

Transitioning to Cloudflare, the hosts discuss a legal battle involving the Spanish football (soccer) league. Spanish courts mandated ISPs to block access to pirated football streams hosted via Cloudflare, inadvertently affecting legitimate services and causing widespread inconvenience.

Patrick Gray [16:30]: "You can't do your code commit on a weekend because of football piracy. It's amazing."

Adam criticizes Cloudflare's stance on freedom of speech, highlighting the platform's challenges in balancing support for legitimate services while mitigating piracy and other malicious activities.

Adam Boileau [17:19]: "Cloudflare has repeatedly warned about the consequences of IP blocking. That fundamentally ignores the way the Internet works."

4. Palo Alto Networks Vulnerability and Qualys Uncovers OpenSSH Bugs (18:24 - 28:25)

Patrick shifts focus to a new vulnerability in Palo Alto Networks' firewalls, exploited actively to gain unauthorized access to PAN-OS devices. This recurring issue underscores the ongoing challenges in securing network infrastructure.

Patrick Gray [18:24]: "Palo Alto Networks has another firewall vuln under active exploitation."

Following this, Adam discusses Qualys’ discovery of critical bugs in OpenSSH, including a privilege escalation flaw and a denial-of-service vulnerability. These bugs, residing in configurations involving DNS-based host key validation, have existed for years and were recently patched.

Adam Boileau [20:23]: "These bugs have been around for a long time and the necessary configuration was on by default on like FreeBSD for a few years."

5. Salt Typhoon's Campaign Against Cisco Devices (28:25 - 35:32)

The conversation progresses to Salt Typhoon, a group targeting over a thousand Cisco devices, predominantly within telecommunications companies and universities. Using two specific Privileged (Privesque) vulnerabilities, they exploit Cisco’s iOS XE, a Linux-based operating system underlying many Cisco devices.

Adam emphasizes the stealth and persistence of Salt Typhoon, noting the difficulty in remediating compromised devices once the attackers have established a foothold.

Adam Boileau [30:46]: "Once these guys are in your network, boy, oh boy, you're not going to get them out in a hurry."

6. Sandworm's Tor-Based Command and Control Operations (35:32 - 38:21)

Patrick introduces a Microsoft analysis of Sandworm’s recent activities, highlighting their innovative use of Tor hidden services for command and control (C2). This shift signifies a strategic move to enhance the resilience and stealth of their operations.

Adam theorizes that Sandworm employs Tor to mitigate the risk of C2 infrastructure being easily disrupted, balancing the trade-off between operational complexity and effectiveness.

Patrick Gray [31:31]: "This seems like sacrificing a little bit of stealth on target to get more of a, you know, a result from a macro perspective."

7. Chinese Criminals' Phishing Schemes to Compromise Mobile Wallets (38:21 - 45:32)

Brian Krebs' investigative work is spotlighted, revealing how Chinese criminals are phishing credit card holders to add their cards to mobile device wallets like Apple and Google Wallet. The compromised devices are then sold with pre-loaded wallets, enabling unauthorized transactions.

Adam draws parallels between these modern phishing techniques and traditional methods, emphasizing the sophistication and adaptability of current cybercriminal strategies.

Adam Boileau [32:39]: "This is kind of what modern credit card gimmick looks like... they send you something that tricks the LLM into going and grabbing sensitive documents."

Patrick questions the effectiveness of banks and phone manufacturers in detecting and preventing such fraudulent activities, suggesting that more robust measures are needed.

Patrick Gray [35:32]: "It's a bit scary... because you have a lot of options for taking away a lot of access all at once."

8. Prompt Injection Attacks on Large Language Models (45:32 - 44:29)

Dan Gooden's exploration of prompt injection attacks on Large Language Models (LLMs) like Gemini is discussed. These attacks manipulate LLMs to execute unauthorized actions, such as exfiltrating sensitive documents or performing malicious operations.

Adam likens these attacks to traditional memory corruption exploits, where the boundary between code and data is blurred, leading to unintended behaviors.

Adam Boileau [37:03]: "It's all about a new technology that requires boundaries to be better defined."

Patrick ties this back to the broader theme of data governance, highlighting the complexities introduced by integrating LLMs into various services and products.

Patrick Gray [53:22]: "Ultimately the thing you want to do is just put some boundaries around stuff you don't want going into LLMs and don't let it go anywhere it's not supposed to go."

9. Remembrance of David Jorm (44:29 - 46:38)

In an emotional segment, Patrick Gray pays tribute to David Jorm, a cherished colleague and friend in the cyber security community who recently passed away. He shares heartfelt memories of David’s contributions, including organizing security conferences and his unique presentation style using his alter ego, Lord Tuskington the Walrus.

David's struggle with bipolar disorder is addressed with sensitivity, clarifying that his passing was due to an accidental alcohol-induced incident rather than suicide.

Patrick Gray [43:55]: "He was an avid outdoor adventurer... and he was a devout Hare Krishna as well."

Adam reminisces about their collaborative moments and David’s vibrant personality, underscoring the significant loss felt within the community.

Adam Boileau [45:48]: "He was absolutely one of them. So, yeah, we, we had that in common and we shared some good bugs over the years."

Closing Thoughts

Patrick Gray concludes the episode by reflecting on David’s impactful life and the broader implications of the week’s discussions on cyber security trends and challenges. The episode underscores the evolving nature of cyber threats and the continuous need for robust defense mechanisms.

Notable Quotes:

Adam Boileau [02:58]: "The RMRF shark allegedly got rid of about half a terabyte of Medicare data that was stored on there."
Patrick Gray [04:10]: "They had linguists and psychologists building profiles on these guys, which I think this is interesting because... we know Mr. Ermikov very well."
Adam Boileau [07:41]: "This phishing process is designed to kind of capture that code by exploiting the confusion about what you're authenticating to."
Patrick Gray [10:13]: "This is really cool... just about how modern authentication flows are just confusing."
Patrick Gray [16:30]: "You can't do your code commit on a weekend because of football piracy. It's amazing."
Adam Boileau [20:23]: "These bugs have been around for a long time and the necessary configuration was on default on like FreeBSD for a few years."
Adam Boileau [37:03]: "It's all about a new technology that requires boundaries to be better defined."
Patrick Gray [53:22]: "Ultimately the thing you want to do is just put some boundaries around stuff you don't want going into LLMs and don't let it go anywhere it's not supposed to go."

Conclusion

Risky Business #780 delivers a comprehensive overview of critical security developments, from ASD's effective disruption of criminal hosting services to emerging phishing techniques targeting modern authentication systems. The episode also delves into vulnerabilities within pivotal infrastructure like Palo Alto Networks and Cisco devices, highlights sophisticated cybercriminal strategies involving mobile wallets, and explores the intricate challenges posed by integrating Large Language Models into everyday applications. The heartfelt remembrance of David Jorm adds a personal touch, emphasizing the community’s resilience and camaraderie in the face of loss.

Loading summary

Transcript103 lines

[00:00]
Patrick Gray
Hey, everyone, and welcome to another edition of Risky Business. My name's Patrick Gray. We're not playing our intro music this week. And that is to mark the passing of a very popular and lovely man in Australian Cyber Security, Mr. David Jorm. And we'll be talking a little bit about David towards the end of the news. This week's show is brought to you by Island. They, of course, make an enterprise browser. And Brayden Rogers, who works for Ireland, will be along a little bit later on to talk about the challenge of trying to figure out where all your data is going when it comes to these AI services. Right, so you got your chat GPT, sure, you can block that, but what about all of the integrated, like, AI agents that are springing up everywhere? It's an interesting conversation. And that is coming up after the news with Adam Boileau. That's which starts now. And Adam, we're going to start with a report from the Sydney Morning Herald by Mr. Andrew Probin, which is, you know, it's, it's heavy on color, kind of light on details and timeline. But it talks about how ASD apparently did a bit of a search and destroy on some data, some Medibank data being held by Z servers now, or ZED servers. This is the Russian bulletproof hosting org that was taken down last week, sanctioned. Looks like there was some. The RMRF shark may have been released and some servers seized in Amsterdam and whatnot, and sanctions imposed against them. But this piece, as I say, it's light on details, but what details there are in there are actually kind of intriguing and give us a little bit of insight into what Australia's Signals Intelligence Agency has been doing to target criminals.
[01:36]
Adam Boileau
Yeah, it's an interesting kind of counter or kind of end to this particular story because when the original Medibank hack went down, we saw and we on the show kind of encouraged a response by the Australian government because a bunch of sensitive medical data belonging to a lot of Australians, something like what, 10 million Australians, something like that, were taken by ransomware guys and they had tracked it back to this guy, Alexander Ermakov. They continued to pull that thread. And now it turns out he was hosting a bunch of data in this organization, Z Servers, that is a bulletproof hosting provider kind of cloud service for crims. And it looks like the Australian spooks figured out who was behind it or, you know, broke into the organization behind it, looked at the various people involved, and that led to some of the sanctions and things that we have seen or at least we're not quite, quite clear how all of those pieces fit together. But yes, the RMRF shark allegedly got rid of about half a terabyte of Medicare data that was stored on there. And presumably they were pretty confident that that was the like the place where Ermikov had stored it, as opposed to just kind of one copy of it. And yeah, I guess they had a, you know, a few terabytes of many terabytes of other people's, you know, crime related things stored there and bad times all around for the guys that run it.
[02:58]
Patrick Gray
It's also not clear when this action occurred, whether this was in the lead up to sanctions or in the wake of Medibank. So as I say, it's like heavy on color, light on detail, but the color is good, which is that. Apparently ASD waited until these guys were like heading out. They were based in Siberia apparently, and heading out for like a big party where they were going to all get smashed on vodka and waited till they were out doing that and then just like, you know, went a bit wild on their environment, which is the way you want to do it. But look, there's some other details in here that I found fascinating. One of them is that when they were investigating like Ermakov for his role in Medibank, you know, they had linguists and psychologists building profiles on these guys, which I think this is interesting because I don't know if you remember, but when Australia first announced sort of sanctions against Ermakov over his role in the Medibank attack, like a bunch of brainiacs in the CTI space were saying that they got the wrong guy. And you read through this and you're like, no, they got the right guy. And I remember one comment I got from a Gavi on this is we know Mr. Ermikov very well. Which I guess makes sense when you've got a team of very skilled psychologists actually profiling the guy.
[04:10]
Adam Boileau
Yeah, yeah, exactly. That's kind of what you expect from an agency like this. Like they're going to do a serious job. They have serious tasking, they have serious resources. You expect a good quality, you know, well resourced, thorough job. And you kind of get the impression that that's what they did here.
[04:27]
Patrick Gray
So yeah, I mean, I was, I was talking, I was talking to a CTI pal actually the other day about all of this and he pointed out that there had been two data breaches at Z servers or Z servers last year. And one of them, some data got published that allowed them to actually figure out the IRL identity of Some of the admins and you know, he wonders like was that ASD who did that? And he doesn't know. I mean these bulletproof hosts have hacking each other so it could have just been competition but it could have been the spooks and we don't know. And that's great, that's really good. We love this sort of uncertainty, right?
[05:04]
Adam Boileau
Yeah, exactly. It really goes to the roots of how that crime ecosystem has to work. Right. Which is there is a degree of trust and a degree of reputation and you know, to operate in that, in that world you have to build trust, build reputation, you know, and when that's undermined it introduces cost which is, that's what we're all about.
[05:26]
Patrick Gray
Well and it's an environment, it's an ecosystem that operates based on rules, you know, many of them unwritten. And what are the rules now? And that's not clear.
[05:35]
Adam Boileau
Yeah, exactly.
[05:36]
Patrick Gray
So and yeah, that works books. Yeah, exactly. And you know this is, this is the stuff that we, that we definitely like to see. So we've dropped a link into that one, into the show notes and look, you know, staying with the same story and Joe Warminski over at the Record has a write up about the Dutch polices involvement in this. You know this wasn't just an Australia thing when it comes to the sanctions and whatnot but they, they took over something like 127 servers that were in the Netherlands I think. And you know it's just, it's, it's a bad time to be like one of those guys basically.
[06:10]
Adam Boileau
Yeah, yeah, exactly. And also if you were running infrastructure on top of them, like if you were running your cybercrime, you know, you're hacking using their stuff, then you got to expect that all those disks are going to be sifted through and threads pulled and yeah, you're going to have a bad time.
[06:23]
Patrick Gray
Yeah. And I've linked through to the Australian government like Defence website where they link these sanctions against Z servers specifically to the Medibank private hack. So yeah, very interesting. Nice to see, Nice to see it. You love to see it. As we say we do. Now let's have a look at device code phishing. Now apparently this isn't new and that makes sense but it's become a technique that's very popular with Russian APT crews at the moment. And I think you know, everyone listening to this at some point would have used a device code. It's when you might log into a streaming service or something and that session's expired on your TV and it says you know, just pull up your browser and enter this device code and that will authorize the device. Obviously this is fishable. And we've got a great write up here from Dan Gooden over at Ars about how the Russians are using this to access M365 accounts. And I don't know why you would need device based authentication into an M365 account, but some product manager at Microsoft made this happen obviously. So you can get your email on your TV or something. But walk us through this one Adam, because I found this was a great write up actually and just a really interesting, yeah, just a really interesting phishing technique that I think obviously is going to, is going to work in a lot of places.
[07:42]
Adam Boileau
Yeah, it is, it's a great write up. This technique involves. So if you're trying to log into a cloud service normally these days you're going to be presented with multi factor authentication flows, maybe with handoff to third party auth providers in the case of federated authentication. And that whole auth process because it's so flexible and configurable and so many ways of doing it, the web browser does it for you. But if you are on a device that doesn't have a full featured modern web browser, then you're kind of in trouble. And so the OAUTH standard has some kind of specifications for how to deal with input constrained devices, which is what they call things like TVs and printers and your car and stuff that either doesn't have proper input devices or doesn't have USB ports you can plug a Yubikey into or whatever else and kind of go through the auth process on two devices. So there's a device that you're trying to authorise your printer, your TV or whatever and then you use a real computer with a real browser to do the normal auth flow and then authorize and there is like a shared code that you use to kind of bind those two things together. And this phishing process is designed to kind of capture that code by exploiting the confusion about what you're authenticating to. So one of the examples Dan has some screenshots of is someone saying hey, we'd like you to speak at our conference, we need to arrange some details, let's get together on a video call and blah blah, blah blah. And then they send you an invite that comes from Microsoft to trigger that auth flow. And so then the regular person, like if you don't realize that you're all, you know, you're going, if you're not familiar with that auth flow, you might not consider it to be out of place and then you provide the code to the attacker in some, you know, whatever context they're phishing you about and then they use that to get an access token, long term access token for onwards connection to your 365 world. Which to answer your question, if it's a printer, you can kind of make sense that you might want to print documents from the cloud. It needs to be able to do those kinds of things. So there are reasons why it exists. But in the end phishing's got to work, that's the main thing. And this is a technique that works. Clearly we've made the rest of the auth flow so difficult and complicated that they're reduced to this. But hey, it gets the job done. And honestly I kind of got to hand it to him.
[10:13]
Patrick Gray
Yeah, I mean that was my take here as well, which is like, wow, this is really cool.
[10:20]
Adam Boileau
Exactly.
[10:21]
Patrick Gray
But you know, it ties back to something that we've been talking about more and more which is just about how modern authentication flows are just confusing.
[10:28]
Adam Boileau
Yes, yeah, absolutely. Because there's so many parties involved, it's so modular and things like, you know, when you go through one of those oauth grants or flow like this, like it will usually tell you what you're authenticating to but they are always stupid generic names like Microsoft Trust center or things like that. We really. And often it's like a green tick for good luck, why not? Or a padlock. And so you really have no like as an end user, what have you got? What basis do you have to make a good decision? And even people like you and I who presumably are experienced at this kind of stuff, like signing into Google's cloud stuff and using their various Google cloud things and handling all the auth from that and understanding what's an app and what's a, you know, built in function. It's, it's honestly confusing. Yeah. And you know, I, I don't know how anyone has any hope to be able to auth safely.
[11:21]
Patrick Gray
Well, that's a little bit nihilistic but I guess that's what our listeners have come to expect from us.
[11:25]
Adam Boileau
Yeah, I mean we, you know, I compare it to like back in the days when we were telling people to look at the padlocks in their browser bars and check TLS certificates. It's like.
[11:35]
Patrick Gray
Well, I mean we never told them that, but I know what you mean.
[11:37]
Adam Boileau
We the industry, not you and I personally but you know, expecting users to make informed decisions about trusting, you know, CAS and certificates was unreasonable. And expecting people to be able to complete these kinds of multi party, federated, multi device auth flows safely, also unreasonable.
[11:53]
Patrick Gray
And you just think like what do you tell one of your mates or you know, a CISO who's got to deal with this, you know, like what's the control?
[12:00]
Adam Boileau
Yeah, yeah. And you know, I was thinking about, you know, what's this going to look like in the browser? Like in the browser that's being attacked here because you are ultimately you're authing to a legit service for a legit thing. You just don't realize that what you're authoring to is being then misused for something else. Like you're authoring to the real Microsoft. There's no phishing, you know, there's no impersonation of the site. It's all in your head.
[12:25]
Patrick Gray
Yeah.
[12:26]
Adam Boileau
And like that's not a thing that technical controls are great at.
[12:28]
Patrick Gray
I mean again though, I don't understand. I mean, I guess like why are you doing full auth to an M365 account with a device code? Like what I mean is that for video conf devices and why do they need access to everything? I don't know, it just seems like quite often we just roll features without thinking about it. But I guess that's nothing new. Right?
[12:47]
Adam Boileau
And underlying it is not one service. Right. It's some giant graph API with a thousand endpoints to get assembled by apps client side into whatever functionality. So like your video conferencing app is not a video conferencing app. It's a, you know, a collection of 1700 raccoons in a trench code and every one of those is an auth graph API service or blah blah, blah. You know, it's complicated and there's reasons why it's complicated, but that does not make it okay.
[13:14]
Patrick Gray
No. And look, we're going to move on now to some news that could come from a simpler time. I mean this stuff, this oauth extension for device code phishing, you know, you and me, we've been around a while, we're old, it's confusing, it's stressful, it's anxiety inducing. Let's talk about something that's a little bit more old school, which is the doge.gov website where look, you know, it's not a good sign, right? So why don't we just walk through exactly what's happened here. We're relying on the write up from Jason COBLER over at 404 Media.
[13:47]
Adam Boileau
So Doge has a website, doge.gov and it was, it looks like like much of Doge infrastructure set up in a hurry and somebody was able to kind of post messages on this site. It's meant to collect like, you know, stats and social media posts from X that Doge posts. Little simple website, but yeah, turns out there was some kind of like underlying data store that had no auth or something. And yeah, you could just like post your own content onto their website. Great, good job.
[14:18]
Patrick Gray
Yeah, it was not difficult to figure this out, I guess is is the point. And look, from the very start of this, we've just said the concern for us as sort of cyber security people is around data governance, you know what I mean? And if this is sort of happening on their website, you just sort of wonder what's happening in the background. And I think my social media post on this was, this isn't funny, I'm a serious commentator. This is not funny. You know, basically is where I am. Oh, and speaking of social media too, we are now on LinkedIn. So there you go. You can find us if you search for risky business media. We're going to be doing a Fair bit on LinkedIn. But yeah, Doge website got defaced essentially. Rut roll. Yeah. Now this is my favorite story of the week by far. I was expecting, I've been expecting Cloudflare to have issues for years, mostly over the fact that they platform a lot of hate speech and cybercrime stuff. But it's not that that got him in trouble in Spain. Adam, walk us through this one.
[15:20]
Adam Boileau
Oh dear, oh dear. So soccer is quite popular, especially in, in Europe and in Spain.
[15:28]
Patrick Gray
You mean football?
[15:28]
Adam Boileau
But anyway, football, yes, whatever, whatever, whatever you want to call it, I call it soccer. And there are many, many sites on the Internet which offer pirated versions of, you know, commercial streams of football soccer games. And some of those are hosted behind Cloudflare or access through Cloudflare. You get the apps to get them through Cloudflare or whatever else. A Spanish, like the Spanish football league went through the courts to demand that Cloudflare block access in this, you know, to this stuff. And the court said, yes, you can get them to block it. And so the net result of all of this is that on the weekends in Spain, when football matches are going on, the local ISPs are being forced to block by IP address bits of Cloudflare's infrastructure so as to stop access to these football games. Which of course means that on the weekend, if you wanted to commit some code to GitHub or browse Reddit or something else that happens to go through that particular bit of Cloudflare. Well, tough.
[16:30]
Patrick Gray
Yeah. So you can't do your code commit on a weekend because of football piracy. It's amazing. I don't know if they actually directly sued Cloudflare or if they sued like local ISPs and demanded that they block them. But, you know, you'd imagine that if the order is from the court, you have to block this stream and it's hosted on Cloudflare. The only thing you can really do is to nuke the cdn. Right?
[16:54]
Adam Boileau
Yeah, I mean like, no one comes out of this looking great. And I think the local ISPs have basically said like, we're just doing what the court told us to do. And Cloudflare has said a great many things. The net result is, you know, freedom of speech.
[17:11]
Patrick Gray
It's always freedom of speech with them. Right. Whether it's Nazis or pirated. What have they actually said about this? I didn't, I didn't get to that bit.
[17:20]
Adam Boileau
Basically they said Cloudflare has repeatedly warned about the consequences of IP blocking. That fundamentally ignores the way the Internet works is their argument.
[17:28]
Patrick Gray
Oh, so that's the way the Internet works, is that they do piracy and that's okay.
[17:32]
Adam Boileau
Yeah. So they can, I mean, I think the, you know, it's sort of safety in numbers if you launder, you know, useful services on the same IP address as criminal services, then.
[17:42]
Patrick Gray
But that works until it doesn't. And that's what I've been saying for years, you know, is eventually there's going to be, there's going to be problems. I just didn't expect it to be football stuff. But, you know, and again they're using this line. I see the part now in this, in this write up. While Cloudflare cannot remove content from the Internet that it does not host, blah, blah, blah, blah, blah. So they always stick with this line of like, we're a cdn, we don't host, but it is perfectly within their capability to, to, you know, kick people off their cdn. So it's just a stupid semantic argument in my view.
[18:15]
Adam Boileau
Indeed, indeed. Yeah, it's, you know, some, some stuff has to come home to roost with Cloudware eventually. Right? But yeah, Spanish soccer, probably not it.
[18:24]
Patrick Gray
Well, who knows, maybe this is the first domino, my friend. Let's see, let's see if the wicked are punished. Speaking of the wicked, Palo Alto Networks has another firewall vuln under active exploitation. Apparently you can Use it with a previous volume and you know, just, just own Panos devices. I mean it's like we see one of these every week at this point. It's. It's comedy gold.
[18:48]
Adam Boileau
Yeah, this one is, is common. This was actually also a research out of Asset Note, who were looking into the patch from a previous Palo Alto bug went and pulled the thread and it turns out like it's the same kind of request smuggling. When you've got, you know, 17 different HTTP proxies involved in parsing a request and different ones implement different rules, then you can kind of thread the needles, I think in this case with like URI encoded dot, dot, slash or something like, like, like, like it's IIS from the early 2000s. So that's embarrassing for your security appliances. But yeah, net result is if you left your Palo Alto web interface on the Internet, you're going to get hacked again, presumably, and you have to pay for incident response again, presumably. And yeah, good job with your choice of security appliance.
[19:33]
Patrick Gray
And congratulations too to the Asset Note team who the company was acquired actually by a company based out of England. So well done to them. But yeah, just. Oh my God. But looks perhaps a more interesting vuln that you don't see very often. And you know, as soon as I saw that this was a Qualys one, I knew there would be gushing. So I'm getting ready for the gushing.
[19:55]
Adam Boileau
You're going to let me gush now?
[19:57]
Patrick Gray
But yeah, the team at Qualys have discovered a couple of bugs in Open SSH and one of them's DOs, but the other one, like it affects non default configurations, but it's a bug that you would not expect to find in Open SSH and kind of a bit concerning. But why don't you walk us through the whole thing here because I've been getting questions on this one. You know what I mean? It's one of those, well, what do you know about this SSH bug? So do your thing, Mr. Boileau.
[20:24]
Adam Boileau
I shall do my thing. So this is a beautiful, wonderful piece of research, as always. I'm going to get the gushing out of the way. Whoever it is at Qualys that does this was reading some OpenSSH source code and noticed like an idiom that they were using for a particular. Like they're checking a couple of values and then returning from a function and there's sort of an idiomatic set of code that they use to do that. And the idiom relies on them, you know, getting something right every Time. And so the researcher went, well, how many instances in the code base are there of this idiom where they don't do it exactly as they should? And found, you know, they wrote some CodeQL queries and read some code and they found a whole bunch that were not security relevant, but they found one that was. And this was in the process where an SSH client checks the identity of the SSH server. So there's like a host key that it uses to validate that it's the real server. And that particular check, in a certain case, like when you're using host key fingerprints that are sourced at a DNS, if you could make that process run out of memory, then the way it returned its return value was not done correctly and you could bypass the host identity check. And the net result is if you're on the network between the client and the server, you can impersonate the server and not get a warning from ssh, which gives you access to, you know, compromise the system. And that's, you know, one of the core guarantees versus age is that this shouldn't happen. Right? It's meant to warn you about this. The other bug you mentioned, which was the denial of service, well, they got, they got to this point where they were like, okay, if we can cause it to run out of memory here, then we can gain access, you know, by bypassing the host validation. Are there any memory leaks? And what they found was a denial of service condition that they can trigger to cause it to run out of memory. Pre authentication. And that's the kind of, the second bug. So you can use that separately just as a denial of service, but it's an integral part of actually exploiting the first bug. So both of these have now been patched by the open SSH team, but these bugs have been around for a long time and the necessary configuration was on by default on like FreeBSD for a few years. Like by a few years, I mean like a decade. So, you know, it's unusual that we see bugs like this in open SSH because the guys behind it are very good at writing. It's the best piece of C code you're going to see anywhere, in my opinion. So bugs like this are unusual. And of course it's whoever it is that qualis that does this that would find it, because instincts on this one were just, were good. They spotted something, went I wonder if. And then next minute shells.
[23:06]
Patrick Gray
So if you are running that config and the config is something to do with validation via DNS host key DNS validation. Yes, yeah, Host key DNS validation. If that is something that you've got turned on, this could affect you. But I mean, how common is that configuration?
[23:21]
Adam Boileau
It's not wildly uncommon because managing host key verification in bigger networks is kind of fiddly. And the other options which are like certificate trust based or distributing through your configuration management, which is like when I was looking after a bigger fleet of boxes. We did this with the configuration management, but that led to a bootstrapping kind of problem.
[23:41]
Patrick Gray
Yes.
[23:42]
Adam Boileau
So doing it in DNS, honestly, it's not a terrible idea, especially in a world where DNSSEC exists. But of course DNSSEC brings you a million other problems. So. Yeah, I mean some people could get hacked by this, which is pretty cool.
[23:54]
Patrick Gray
Well, and they're the people who are trying to do it the right way, right?
[23:57]
Adam Boileau
Well, yeah.
[24:00]
Patrick Gray
Now, speaking of further, you know, problems with the technology that underpins our world, Adam, which is what we like to do, we've got a great write up here actually from Recorded Future and they've written an article about it as well. Published to the record. It's on Salt Typhoon's adventures in Cisco Devices. But they, it's funny, right, because there's two bugs that are exploited here. It looks like they've compromised something like a thousand Cisco devices, largely at telcos, but some universities and whatnot as well. What's interesting about this is the two bugs that they're using are both termed Privesque, but the first one like allows you to add a user and this is like termed Privesque, which I thought was a bit strange, but yeah, they've rolled up. Well, I don't know that they've rolled it up, but they've identified this campaign that has exploited over a thousand Cisco devices, a lot of them in the United States. But it's just a really good write up and I think it's, you know, for any Salt Typhoon watchers out there, you'll, you'll want to get this link.
[24:58]
Adam Boileau
Yeah, yeah, it's definitely worth a read. These bugs are in iOS XE, which is the kind of Linux underneath variant of iOS where it's the Linux kernel doing routing and control, but they give you a user interface that looks like a traditional Cisco iOS and these are, in many places people may not necessarily realize that it's not a Cisco iOS Cisco device, it's actually a Cisco iOS XE Linux device. And once you've shelled it like you have all of the power of being able to hide on a real Linux box and do other things. So they're great targets, but they're also not quite as common as traditional Cisco iOS, but lots of telcos still run them. They're in lots of interesting places. There's quite a product range that run it as well. And I don't know what Cisco's rationale is for which ones are which, but yeah, if you look after a network with iOS XE, you know, it's probably worth having a read to understand what you're up against. Because also once these, you know, these guys are in your network, boy, oh boy, you're not going to get them out in a hurry.
[26:00]
Patrick Gray
So no. And these are CVEs from 2023. But this is the sort of stuff that doesn't get patched, right, which is why we're seeing it. Funnily enough, you know, this XE stuff that you're talking about, I don't know if it was known by the same name at the time, but something like 15 years ago, some friends of mine found it was like a physical access bug where if you plugged in via serial and like typed the right command, you would exit the Cisco iOS CLI and it would just dump you into a Linux shell and then you could just Trojan the absolute crap out of that box. Exit. And the admin, like it would be invisible to the admin, so not a critical one, given that it required physical access or whatever, but it was still worth reporting. And they actually hired me like by the hour to handle the bug report off to Cisco. This is back when I used to do this sort of stuff, you know, on the side. And what was really funny was Cisco's response to this was just to eol that entire line of products, they were just like, ah, because they were already old at that point. They're like, we're not going to patch these. They just slapped EOL. EOL. EOL. They ended like 20 products or something on it because of that report. So that was pretty funny. Moving on and let's talk about what Sandworms getting up to. They're going after some western networks, but they've got some sort of somewhat, you know, somewhat more interesting C2 happening as part of this campaign, relying on like Tor, right? Which is interesting and I'm going to talk about why that's interesting after you give us a rundown on what's happened here.
[27:31]
Adam Boileau
So Microsoft has written up, I guess, initial access campaign by Sandworm and it looks like there is a kind of a part of Sandworm that Does the initial access and the part that does like the ongoing operations of intelligence gathering, you know, whatever other actions on objectives they have been tasked with doing. So this is the like initial access crowd that have been pretty busy in Ukraine for the last few years, but are now, you know, back out doing things on, you know, on the wider Internet a bit more indiscriminately. And Microsoft's analysis says like, you know, there's lots of targeting going on all around the Western speaking world at the moment from them. They've been at it for a while. And as you say, one of the things that's a bit interesting here is that they are dropping Tor hidden services for command and control on some of these systems. And that's not at all unheard of, but still kind of interesting and not.
[28:25]
Patrick Gray
All that difficult to detect like if you were set up for it. Not all that difficult to detect. But the reason I find this interesting is you would only do something like this if there's a reason. That's why I find it interesting. They are obviously doing this for a reason. You know, you don't bother spinning up onion services on an infected host unless maybe you're getting snapped using more traditional C2. And for a long time I've been expecting to see more of this sort of stuff and more of like using social media services for C2 and whatever, more using stuff like TLS 1.3 through, through CDNs, you know, kind of like a domain fronting style thing. And we just don't see it right. We just see people just doing the dumbest, most basic C2 ever. And you see something like this and you're like, well, they're doing this for a reason. I wonder what that is. Like, I wonder if it's that their C2s keep getting taken away from them. And you know, that's an efficient way for defenders, like when I'm talking about like nation states here to just like black hole, you know, some C2IPs or whatever it is. And maybe this is a hedge against that. I don't know what it is, but I guess what I would say is like you don't do this for no reason.
[29:37]
Adam Boileau
Yeah, no, I agree. And that I also had similar, similar kind of thoughts because there's always a trade off when you're going for initial access between kind of size and complexity. Like we want something that's simple enough that there's very few things to go wrong because early on in this process you don't really know the environment you're running in. And so you want to do like minimal amount of stuff because every extra complexity you add is a chance that things might just go wrong or get snapped or whatever else. And pulling in a whole Tor environment obviously makes a lot of noise on the network. There's been, back when Microsoft used to run like an IPv6 relay network for transition, like when people had V4 and didn't have native V6 and Microsoft provided like a teredo tunneling service, we saw people kind of abusing that because it was minimal lift for you as the attacker to bring in because all the things you needed were already there on the windows but went outside. Normal stuff didn't look like normal things on the network. Great kind of mix of those things. So, yeah, having to drag a whole Tor runtime in seems complicated and seems risky. And I guess it means that people are pretty good at spotting stuff on the wire.
[30:46]
Patrick Gray
Well, but I think the interesting thing for me is that perhaps the concern is less about detection, but more about the fact that if C2 is highly concentrated, it's easy to disrupt. You know, C2 on the open web, you know, you can find those boxes, you can hack them, nuke them, RMRF them, you can talk to the isp. Like you've got a lot of options for taking away a lot of access all at once. Whereas with this, okay, sure, each individual victim might be able to detect it, but that's like, you know, is that actually going to happen? Each individual detecting it and then they've actually got to remediate it. So it's sort of, you know, to me, this seems like sacrificing a little bit of stealth on target to get more of a, you know, result from a macro perspective. That's, that's what I think is going on here.
[31:32]
Adam Boileau
Yeah, I think that's a pretty good, a pretty good analysis. And yeah, I think so. Yeah.
[31:37]
Patrick Gray
Yeah. Okay, cool. I'm not crazy.
[31:39]
Adam Boileau
That's good.
[31:41]
Patrick Gray
Now we've got this terrific piece, absolutely, like riot fun piece from Brian Krebs, looking at what Chinese criminals are doing in terms of like essentially phishing credit card holders to add their credit cards to, you know, mobile device wallets. And then what they do is they like sell the phones with the, with the actual, you know, with full wallets, full of people's credit cards. And like, I think this is a fascinating walkthrough. I mean, the photos are terrific. The whole thing's really interesting. I do wonder though, like, if the banks are doing a sufficiently good job, like this shouldn't happen you know what I mean? Like you should, you should be able to detect when someone's trying to spin up a wallet. Like when the device is on a different IP and like in a different, like it just seems like this shouldn't work and yet it does. And we have this nice write up from Brian Krebs to talk about.
[32:40]
Adam Boileau
Yeah, I mean this is kind of what modern credit card gimmick looks like. In the old days, you go to a restaurant, the waiter would, you know, swipe your mag, stripe through his recorder and clone your card later. And that's not how, you know, not how it's done these days. This is how it's done. And it's just. I also thanks Brian for the, for the great write up. It's really good. So, yeah, they send you. So normally the process of enrolling a card for contactless payment on your phone involves your bank sending you some kind of verification code through an existing contact mechanism they have via text message, via a banking app, whatever you've got. And then these people will usually in the context of another smaller transaction, so they might run up a fake web store or an auction site or something.
[33:26]
Patrick Gray
Well, one of the things they're doing here is like sending texts saying you have an unpaid toll or you have an unpaid, you need to pay a little bit to the post office to release this thing. And that's how they're setting up these transactions. And then as part of that flow they say, well, we're going to send a code to your banking app. Just give us that code. And then that's how they're enrolling the cards in Apple Wallet or I'm not sure if it's Apple, but. Mobile device wallets.
[33:48]
Adam Boileau
Yeah, in mobile device wallets, both Apple and Google. And then yeah, I mean, that totally makes sense. That's another example of people being confused about the context of authentication, which is very similar to the device code phishing thing we talked about earlier on. And then, yeah, load up the phones with, you know, a few dozen payment cards and then sell them, which is smart. They're also providing a service where you run an app on your Android phone which real time relays the payment through one of their phones that's got the wallet, got the full wallet. So you don't have to get the physical device from China. You can just install an app on your phone, go up to a payment terminal in your regular country, and then it will relay it in real time to the other phone in China, play it out to the payment terminal and voila, you've paid your stuff. And there's actually a picture that Krebs has got here of some guys being arrested in Singapore, like an Apple Store or something doing exactly that. So yeah, I mean, clearly people are doing it and the fact that it works so well, I think, you know, you were bang on. Like it's interesting that the banks and the phone manufacturers, like they're the ones that are in a position to detect this from an like anomalous pattern of use point of view. And as this gets bigger, you know, obviously that will become more of a focus for them because it does. You know, this should be unusual.
[35:09]
Patrick Gray
Yeah. And you know, you would just think most of the banks should have an app presence on devices where they're rolling, like where they're trying to enroll these sort of cards. And there's like, there's so much you could do here. And I think, I think to a degree, like for at least the big banks, I think they'll probably be able to tackle this. But you know, it's going to take time and effort, which is why, you know, we are where we are.
[35:32]
Adam Boileau
Anything that requires individual banks to do stuff is going to take a while. Right. Because there's a whole range of banks with different ranges of maturity. And it would be nicer if there was a Google and Apple end approach that could kind of hobble this right at that end point.
[35:50]
Patrick Gray
Yeah. And it's interesting too that those phishing messages are actually, or smishing messages are actually going out through imessage and in the case of Google rcs, so they're not even like hitting the telcos. So anyway, good stuff. Go have a read of that if that is interesting to you. Another banger from Dan Gooden. He's really, he's really had the goods over the last week, but he's written about sort of like trends, I guess, in prompt injection and how people are doing funny stuff with LLMs. Like, you know, in an example I talk about, he talks about in this piece, it's where you can essentially send people something that tricks the like Gemini LLM that's in your Google account into going and grabbing sensitive documents and sending them to the attackers and whatever, and looks at Google's approaches to fixing that where he's quite critical of the way they've done that. But then I just sort of think, well, you know, sort of what's your, what's your alternative here? And this is just a great example about how plugging large language models into absolutely everything is going to come with all sorts of Very strange risks.
[36:52]
Adam Boileau
Yeah, yeah, exactly. I was, I was struck reading this by the similarities of this and traditional memory corruption attacks where you're confusing code and data.
[37:04]
Patrick Gray
Well, and I was thinking about web attacks and things like cross site scripting and getting contexts all mixed up. Right. But I guess that's the thing, right? It's all about a new technology that requires boundaries to be better defined. Right. So I guess everything that's new is Aldegan.
[37:21]
Adam Boileau
Yeah, yeah, exactly. Yes, that's exactly what this is. Right. It's confusion about who is providing the instructions and who is providing the data. And some of these tricks for like one of the ones Dan talks about is they call it like delayed activation or something where the LLM has got some filters that stops it from taking actions immediately from the data that it's processing. So you can't just have it summarize a doc that contains instructions to send all your passwords to the attacker. But in this case they're doing a thing which is next time I type, yes, send all the passwords to the attacker. So it's not doing the action then, but it's queuing it up for later, which is the sort of stuff that, you know, a real artificial intelligence, the ones that we one day may have, ought to be able to understand that. That's not exactly what I meant. But once again, now we're into like, you know, crazy reasoning about it and who says a computer is going to be any better at making security choices than the humans are?
[38:22]
Patrick Gray
So like it's. We don't talk about this specifically, but like this week's sponsor interview, the whole theme is like, what do you do about LLMs everywhere? And not just the major services, but like LLMs in products like Gemini. Right. And how do you avoid exposing the wrong sort of data to that stuff? Because that gets risky. And how do you do that? And they've, you know, they're taking a stab at IT island, you know, being an enterprise browser, they can see a lot more in the browser than you would otherwise and block various endpoints and whatever. But, you know, basically they're saying you kind of need to have that DLP approach of like not allowing that data to get anywhere near those things in the first place. It's complicated, you know, it is complicated, man. Like, there's some interesting new challenges here. Especially, especially now this stuff is everywhere. Just quickly going to mention it. John Greig has reported that that woman who was arrested in Arizona last year for running a North Korean like IT worker laptop farm, she's pleaded guilty. Prosecutors are seeking like seven to nine years. So she's having a bad time. But you know, I've always said like, well, I have said for the last year or two that I think that's the weak point with these scams of the laptop farms. They're pretty easy to identify and you know, word gets out that this is illegal and I think you'd be, you'd have to be a real dummy to engage in that sort of activity and not expect to be caught. But you know, the world is not short of dummies. So I expect we'll be reporting on that for some time to come. We've also seen a Alexander Vinick who's the Russian guy who was operating btce, the cryptocurrency exchange, which is now defunct and he was convinced he was convicted of a bunch of cybercrimes and he's in prison in the United States. Apparently he is being or has been released in exchange for some teacher who was being held in Russia for, you know, possession of marijuana, which is their go to charge when they want a hostage. So yeah, it looks like there's been a swap there. I mean, it's depressing, isn't it?
[40:17]
Adam Boileau
It's depressing and it kind of rewards Russia's, you know, use of hostages to get these kind of concessions and release and stuff. So. Sigh. I guess at least he did have to forfeit 100 million bucks. So that's not nothing.
[40:30]
Patrick Gray
That is actually mostly it for the week's news. But I did just want to talk a little bit. As I mentioned at the top of the show, David Jorm unfortunately passed away last week. He was a good friend of mine. I'd known him something like, you know, 20 years. Good hacker, great person and you know, I'm definitely going to miss him. But I did just want to. I spoke with his parents last night, right, and they've agreed that, that I can disclose a little bit of detail about, about how he, about how he died basically because there's a little bit of confusion out there and understandably because the posts sort of announcing his death were, were somewhat vague and linked off to a mental health charity. Look, as best as everyone understands, you know, this wasn't a case of suicide. Dave did suffer from bipolar disorder and could become very sick occasionally. Right. So. So I knew him quite well and you know, he would, he would be fine most of the time but then he would get on a massive like manic upswing and then a crash afterwards. And you know, this is something that he'd been living with for quite a long time. And, you know, it did complicate his. His life somewhat, but he. He knew how to manage it. He got better at managing it. Right. And, and an example of that is like last week when he felt himself going manic, he actually called in sick because he had previously not done that and that had caused him problems at work and his previous work at the bank, I won't name the bank. They had to deal with, with some of that when he would go a little bit off tilt. And they were very good. He always really appreciated the way that they handled all of that. So I think it's important some of them would be listening to this and they would know. And indeed, I spoke to his parents last night, as I mentioned, and they went and visited his office at one point when he was off sick and saw his desk. I think they had to go and get something from the office for him and saw all of the messages and gifts that people had left for him. And, you know, he was definitely supported there and certainly appreciated it. But it does look like what happened is sometimes when, when Dave would be on one of these upswings, he would drink as a way to. To calm the sort of manic anxiety that he would experience. And it looks like perhaps he just drank too much and that may have suppressed his sleeping, suppressed his breathing while he was asleep, but it. It certainly just looks like he passed in his sleep. And, you know, I. I went back and forth with his folks last night about what to say, because if you say it was misadventure, you know, as his dad says, like that, that makes it sound like he thought he grew wings and jumped out a bloody window, you know, and if you just say it was mental health related, people will. Will assume it was. It was suicide. So, you know, I just wanted to clear that up for people who knew him, because so many people knew him in Australia. He was a hacker who'd been hacking since the 90s and just, you know, always fun to be around. Terrific guy, wicked smart. And, you know, he organized the Tuscon Conference, which was the one in a caravan park in Queensland where it was basically just 40 people camping somewhere nice. He presented at Kiwicon. He was on the show talking about some of his research into North Korea. He spoke about Red Star OS at kiwicon while using his alter ego, which was a stuffed toy called Lord Tuskington the Walrus, which was up on the lectern. And I think he was down there with a microphone you know, you knew Dave, you weren't as close to him as I was, but, you know, he's definitely going to be missed.
[43:56]
Adam Boileau
Yeah, he, he, I, he really is. I carried Lord Tuskington the walrus, the stuffed walrus. I carried him out on like a decorative pillow for that presentation and put him on the lectern and positioned the microphone in front of the walrus while David voiced the walrus in a, you know, husky sort of faux English accent from off stage. And it was just, you know, it was a wonderful piece of infosec comedy, doing amazing research, but also presenting it in a way that's engaging and memorable and fun and that's, you know, that's kind of who he was, you know, and it's very sad that, that he has left us.
[44:29]
Patrick Gray
Yeah, it is. And led an amazing life. And indeed, speaking to his mum last night, the thing that they're taking comfort in is just, you know, just how much he lived his life on his own terms. He was an avid outdoor adventurer. I once told him about a coastal walk through a national park here that's like 100 kilometer long multi day walk and within a few months he'd just done it, you know, so he, he would go on these epic multi day bushwalks. He was an SES volunteer as well for the state emergency service. He was actually a devout Hare Krishna as well, which a lot of people wouldn't know. He had been for decades. But that was something he was quite guarded about until more recent years when he's like, no, this is okay. This is a part of myself that, that I can share. And you know, my condolences to everybody else who knew him. I mean, you know, another great example of Dave is he volunteered to work in an election one year just because he wanted to see how elections would work and like what the security situation is like with elections. And as it turns out, according to him, pretty good. You'd need multiple people at multiple different levels of an election to try to alter an account and whatnot. He was also a great friend to me when I, you know, my family went through its own health crisis many years ago. Yeah, just, just a wonderful guy and yeah, we're really going to miss him. What more do you say?
[45:47]
Adam Boileau
Yeah, exactly.
[45:49]
Patrick Gray
And I believe also he was afflicted by the same disease as you when it came to Java applications.
[45:55]
Adam Boileau
Yes. There are very few people who were willing to, you know, punch Java right in its jar files quite as much as I enjoy it. And he was absolutely one of them. So, yeah, we, we had that in common and we shared some good bugs over the years.
[46:08]
Patrick Gray
Yeah. Lived around Australia or, you know, he would stay in a place for a while and could say, okay, I've done that, on to the next place, onto the next place, onto the next place. And, you know, his skills development was the same. Like, this is a guy who just, you know, couldn't, couldn't stop learning. And. Yeah, again, okay, I'm, I'm ranting now. It's been, it's, this one's hurt. I gotta, I gotta be honest, it's, it's really hurt. And I think a lot of, a lot of people are feeling that at the moment. Okay, so let's wrap it up there. Adam, thank you so much for discussing the week's news with me and we'll do it all again next week.
[46:39]
Adam Boileau
Yeah, thanks very much, Pat. I will see you next week.
[46:42]
Patrick Gray
That was Adam Boileau there with the check of the week's security news. It's time for this week's sponsor interview now with Braden Rogers, who is the chief customer officer at island, the browser maker. And you can find them at Island IO and they're, yeah, fully featured enterprise browser with all sorts of very, very interesting features and use cases. And one thing they've been spending a bit of time on lately is looking at just how much company data can wind up being exposed to large language models. And not just through people spinning up their own private chat GPT accounts and pasting stuff into it. But, you know, as we were just talking about in the news, like if you're a Google user or a Microsoft user, you know, there's LLMs everywhere now. And so Braden joined me to talk about, I guess, this issue and what people can do about it. Here he is.
[47:30]
Braden Rogers
There's the obvious destinations that are generative AI. And you know, we make decisions about whether we decide to block those or we allow them or we put them through potential workflows. And the workflow could be maybe we let a user make a request for an approval natively in the user experience and then that approval flows through the organization and an appropriate business level approver makes the decision to allow it and understands the risk. And what we do. In that particular case, we might put that in a place where the user can access it, but keep it outside the boundary of the corporate app. So one of the foundational things that we think a lot about is how do we deal with unstructured data scenarios. And I think think this is one of the biggest challenges about your comment. You just Made even I saw the eyebrows raised there. The old school approaches of dlp. The challenge with dlp, DLP feels like a bit of a washing machine. And I've been working with it for 20 years. It feels like a bit of a washing machine stuck on spin cycle. Because the way you deal with, with the challenge around your data is you start with technical pieces of data and let's say you just build your taxonomy that you're looking for. You build kind of your lexicon that you're, you're identifying content with. The problem is, is you struggle with that with, with structured data, much less unstructured data. So what happens now with world of AI you get this whole, whole issue around derivative forms of data. So now think about the AI can fling out versions of my data that they're, they're semantically different, they look different, but they say the same thing. And they're certainly not conforming to my DLP structures that I created before. So one of the things we're really focused on is thinking about how do we tackle non structured data and, or non structured data in non traditional ways. And big part of that for the obvious stuff is well, here's my corporate applications and here's the things outside of those boundaries. So don't let corporate data spill to those things outside those boundaries. Let the user freely use chat, GPT or whatever. The obvious thing on the outside is that it's personal. But don't let the user just copy beyond the boundary.
[49:29]
Patrick Gray
Yeah, so that'd be like a copy paste restriction solves some of this like out the gate. Right. Because they can't, they just can't do that. Copy paste.
[49:36]
Braden Rogers
Correct. Could be file movement in the same way.
[49:38]
Patrick Gray
Yeah.
[49:38]
Braden Rogers
Again, boundary is a unique construct. Now within that I think one of the things that we think a lot about is there's obvious areas of sensitivity and applications that are where unstructured data exists. I'll use a perfect example. Think about EMR environments, electronic medical records. Physicians don't type their patient notes to conform. Again, back to your structure of your data protection technologies. They write them in the way they want to write them. And that unstructured language is a very difficult thing for old school DLP to tackle. So we might do something like in this, that particular case, redact the fields of a form and govern how people have accessibility to the fields in the form. And when someone un redacts that data, don't let that specific set of objects be moved over to the application that's in question here. This generative AI Technology or whatever outside the, outside the boundary. So the boundaries and kind of the governance of the presentation layer give us some ability to handle unstructured data in very unique ways. Now back to your comment a moment ago. We can combine those things with DLP as well. And it's not like DLP's dead. You know, orgs have made years of investment in that and what we want to do is use it effectively. So used in the context of those boundaries, I don't have to worry about my data flowing to the wrong places. So now I apply DLP much more selectively within the boundary and maybe even outside of it a bit. But tying into the investment, somebody's got, you know, if they've been investing in Microsoft information protection for years or a semantic DLP or something, they spent 15, 20 years investing in tying into that and leveraging that, but not throwing it all away right out of the gate can be important for the places where you're just not sure. So this field, what's backing this field is this field got AI behind the scenes and we don't know it's. And it's an application we don't know much about. Maybe I'll just govern with my traditional DLP approaches there. But again, the boundaries change the game a bit.
[51:21]
Patrick Gray
Yeah, so I mean, that's the next question, right? You're talking about like from first principles, just restricting the way that people can move stuff around, which is going to naturally limit their ability to like just paste whatever, you know, copy and paste into, into chat GPT, whereas they can copy and paste between corporate apps and whatnot. So, you know, that all makes sense. But what about when it comes to all of these large language models that are popping up in existing services and they might be personal accounts, they might be corporate accounts, but the point is, you know, it's data you don't necessarily want to expose to, you know, you don't want it becoming part of someone's training set. You know, how do you then go about trying to deal with that? Because I imagine, I mean, that's nigh on impossible.
[52:03]
Braden Rogers
Yeah, it's a, you know, within the boundary, you've accepted that you understand those apps and you've adopted their standard corporate apps. Like. So, for example, let's use an example of G Suite. As Google introduces AI directly to the interfaces of their apps, you're making an analysis of the apps and saying, hey, I'm going to accept that the model is now part of their universe as an application provider. So you deal with those accordingly and Then obviously, as I mentioned a moment ago, you may apply some DLP policies within that. Again, maybe the old school vehicles, again, because of the fact that it's living in the boundary. But at the end of the day, some of that you're bound by a bit because at the end of the day, when they get, when they get your data, you've got an understanding of how their models work. If their models train the other things in their environment as well. They're not isolated in your world. There's not an obvious way to understand that unless you have a relationship and understand your vendors and you've done due diligence and understand how they use the models for the things outside of that. Again, it goes back to those constructs I mentioned a moment ago. Sometimes generative AI objects in the applications are obvious and those are things we can easily identify because we see object level items in the DOM of the applications and things along those lines, we might govern those a little more tightly and sometimes they're not so obvious. And again, the data's still the data. Nonetheless, at the end of the day, whether it's going into a generative AI model on the back end or it's going into somebody's database on the back end, you still don't want the data to flow to the wrong place.
[53:22]
Patrick Gray
Yeah. So really, I mean, I guess what you're saying here is that ultimately the thing you want to do is just put some boundaries around stuff you don't want going into LLMs and don't let it go anywhere it's not supposed to go.
[53:33]
Braden Rogers
I think that's, I think it's true. And I think the challenge is for the, for this, this isn't going to work like, you know, shadow it, but did before, you know, wake up calls coming for everybody. And I mentioned earlier the competitive advantage, the pressure that you feel as an executive in an org when you see your competitor adopting it. We're going to have to think of ways to empower people to say yes to things that otherwise we might not have said yes to in the past. We learned how to say yes to things like visitors in our office and our employees roaming and getting on foreign networks and Wi fi networks all over the place. And we just have to figure out a way to say yes. And again, with the browser being the center of how the user engages the most of, it seems like an obvious place to be able to find the creative ways to say yes.
[54:13]
Patrick Gray
Now, speaking of, I want to just change topics if that's okay with you. Because one thing I found myself wondering about is if you could give us a bit of insight into what the maintenance of something like island looks like. Right, because you are maintaining, you know, essentially like a chrome fork, you know, Chromium fork. And you know what, how big does your maintenance team that is just responsible for writing and distributing patches like you know, just talk, talk to us a little bit about how all that works because I imagine that is a lot of what you do. Right. So there's all of the features and the DLP and the, you know, the whiz bang stuff. But I imagine like a of the business is just keeping this thing running, stable, patched up to date. Yeah, give us some insight there.
[55:03]
Braden Rogers
Fortunately for the Chromium side of the fence, you know, being a part of the ecosystem we get the inherent advantages of being part of the, the contributing community as well. So we see a lot of these things earlier and we, we inherit those things as they make it to the ecosystem, both good and bad sometimes. But obviously we put a lot of effort into making sure that we provide facilities for the Org from a change management standpoint, the ability to make decisions about when they take the new things on. Very much like the Chromium ecosystem, we do divide. We separate new feature capabilities from security patches through security updates so you can make decisions and you know, God forbid that like some of the incidents we've seen over the past year let you ring fence things, make your policy decision. You know, maybe I don't want to take new features as a, as an end customer. I don't want to take new features during the Christmas holiday shopping season. If I'm a retailer, maybe I'll take a zero day update if I need to, but be able to segment those out. And then again, obviously ring pinch your audiences. Maybe I don't take those in the stores, but I take those in this part of the business any point, anytime that I need to. So again, the contextual clarity or contextual awareness that it uses to be able to identify circumstantial situations where we should and shouldn't you do these things is important for us. The reality is everything we do on top of that is like any other software company. It's building capabilities and we just happen to be building on top of Chromium. So we set our teams up in what we call islands obviously and there's islands for different types of situational things. You know, we have data protection island internally we have a team of folks doing that. We have user experience island and they all kind of run as their own separate business inside the company. They work very closely in alignment but you know, they're all trying to drive for some of them slightly different outcomes, you know, user experience. But then they start coming together where maybe I need data protection to communicate something to the user slightly different than they had before. So those two teams come together to.
[56:47]
Patrick Gray
Work because I just would have thought like, you know, some Chromium updates might break an island feature that you've implemented. Right? And like, I guess I was just more asking what sort of scale this sort of, you know, maintenance and QR teams are. You know, do you have like just a specific team that is dedicated to like the core Chromium stuff and figuring out like well we can just merge this in like right away or this might break something or you know, what is that sort of testing QA and maintenance process.
[57:19]
Braden Rogers
Fortunately in today's climate automating all these things is user friend. So a substantial amount of automation takes care of the human side of the house in that as well. The great thing about the way Chromium launches and obviously the way we work with it with island, we follow that Chromium lots train, we see code early on so we begin our builds early on in the process around things like the canary builds of Chromium. So canaries are early, early early adopter stuff that most people in the world never see much about. And you know, we continue our build process through beta and in that process before we release we even have early adopter customers in different segments as well that take these things on. So we're not likely to really break something in a large scale production environment because we see stuff so early in the process and it doesn't take a lot of honestly our team's not very large that has to do these things because the, the automation frameworks that are available now for handling many of these things are made much easier. But certainly we have people that spend their time focused on this to make sure that you know, on the other end of this is a resilient environment that keeps the customer safe at the same time doesn't break things.
[58:21]
Patrick Gray
So I imagine you're doing like dog food in your own betas for example.
[58:25]
Braden Rogers
100 yeah, obviously we, you know, everybody internally we're, we're the earliest of adopters of the technology. So as a, you know, as we build something new and to things like beta cycles, et cetera, we're all consuming it internally ourselves. But we've also got customers that they believe and they want to understand early code. You know, some people have Staging environments. And obviously I mentioned the ring fencing. This allows some, some more to take on earlier code. Ring fence some of that code off from people. And so earlier groups can get stuff.
[58:52]
Patrick Gray
So you got like ring deployments and customers want to do that as well because they want to make sure. Because I'd imagine too that, you know, everybody's going to have their own use for this thing. So it is theoretically possible you could push an update that, you know, will be fine for 99.9% of people and might break something over here. So is that why people are doing that is just to really make sure for their use case that everything's going to go without a hitch?
[59:14]
Braden Rogers
Yeah, sure. I mean, think about. I think you probably talked about this analogy on the show, but there's been a lot of learnings over the past year. Crowdstrike, we're talking crowdstrike and obviously things before. I mean we've seen, we've seen things in the bump of the night across the board that, that is the purpose of, you know, setting things up in a structured way where we don't just thrust everything upon everybody all at once. And in our world, we, you know, it may be days before, you know, the first group gets something four or five days earlier than the next group or months. You know, some orgs will take a change, freeze for something for a period of time that there's just no tolerance for risk in that environment from a, from a resiliency standpoint. So built a lot of facilities, put a lot of thinking into that and put a lot of thinking into things like external services that we could be dependent on that could cause issues as well. So that we have resiliency around those. Because like, for example, you're a single sign on provider. You know, a lot of the world's dependent on that. When they have a bump in the night, suddenly people can't do work. So, you know, thinking of things, of external dependencies where people can still do work even when some external service provider may be having an issue.
[60:15]
Patrick Gray
All right, Braden Rogers, thank you so much for joining us on the show to walk us through some. Yeah, some island stuff. Always great to see you. Thank you.
[60:23]
Braden Rogers
You as well, Patrick.
[60:25]
Patrick Gray
That was Braden Rogers from Ireland there. Big thanks to him for that. And again, you can find Ireland at Island I.O. but that's it for this week's show. I do hope you enjoyed it. I'll catch you next time.