A (2:34)

Well, I was really, you know, I specifically wanted to talk to people who are using AI defensively. And there are a number of companies doing it. There was one, there's one company called Aikido, AI Ken Keto. Right. And, and I And we were talking about which models they were using and how they were getting the models to get do the job. And the guy said at one point, he said, you know, we had to. The best thing we found was to tell the models, we will sue you if you don't find the flaw. And it worked. It scared. It scared him. It's like.

B (3:06)

It is.

A (3:07)

We are living in a weird time with AI.

B (3:09)

We're going to need AI HR before long.

A (3:12)

Absolutely.

B (3:13)

Don't you mistreat. You know, you got to give your AI a little, literally time to cool off.

A (3:19)

Yes, yes, exactly.

B (3:20)

Those chips, cool. Let the fans take the heat off of them. And.

A (3:25)

Well, and they do. The Claude code was accidentally leaked from Anthropic today or yesterday. And they do have instructions in there to say be more personable, you know, here, be a little more sassy. They have. They're telling it to have some personality because it makes it more sticky. If you go to YouTube.com twit There it is. RSAC 2026. Securing the Agentic Era. And you can talk, hear me talk to Marcus Hutchins and a bunch of other people in that, in that video if you want to play it. Now, let's talk about, though, what's going on today on security.

B (4:01)

So probably the biggest news, the most. Well, you know, a lot has happened in the last week. I actually had a couple pieces of email saying, hey, I thought you were going to talk about this or that, like the, like the foreign routers being outlawed and like, quick.

A (4:18)

I went up to Ubiquity at RSEC and I said, do you. I want to talk to you about that. And they said, no, don't we not. No, no, we're not giving any interviews. They wouldn't talk to me.

B (4:27)

Yeah. And I looked around and I couldn't find any, like, definitive dates. I even looked at the official government document and it was like, okay, like when or where or what? Like, like what? And, you know, my takeaway was for most of our listeners, there are really good alternatives, like, you know, running open sense on a little, you know, arm box or.

A (4:53)

I think that's what a lot of people are saying. I'll just run my own.

B (4:55)

Right, exactly. You really don't need to get something from ASUS any longer and arguably you get a much stronger and more capable result. But anyway, I want to talk about this big event with Light LLM and the. It's such a perfect glimpse into a supply channel attack. And so we'll sort of use that as our, as our armature for discussing just in general the problem we're having with our supply chain because boy, are we seeing an acceleration of that. You know, I think probably we first really touched on it with the, with the log4j exploit which scared the entire industry and it turned out to be a nothing burger because the, because it was difficult to do. And what we've learned is that it's the easy attacks that a much larger percentage, a much greater percentage of the population of hackers are able to jump on. But overall, I mean, and we've been talking about, you know, all of the infections found in NPM and, and, and PI. PI. So that's where we're gonna focus on this episode 1072 for the last day of March, March 31st. But we're also going to talk about, oh, the other real hot button, leo, is this California Looney Tune law that says that operating system platforms must enforce age verification. And of course every Linux person's head exploded. It's like, wait a minute. Reason they are a Linux person is so that they can't have the government or anybody telling them what to do. So wow, a lot happened there. We'll talk about that. We've also got some new behavior from iOS 26.4 which Apple just moved their whole ecosystem to, which requires, is requiring UK users to prove their age proactively. And it turns. Well, I don't wanna, I have to calm myself down because we'll get there. Also Russia, in this continuing move to just apparently withdraw from the world and society and good luck with that, has chosen to use a homegrown 5G encryption for their future mobile network which won't be compatible with anything else or anybody's phones. So okay. Oh, there was a great story of a, a Ukraine drone maker who was aware that a Russian spy agency was installing a, a bad spying thermostat in their facility. And what that and what happened with that? We've got Google moving forward, forward or backward, closer the, what they call the Q day, the day when we actually think that we have to worry about quantum computing. They moved it into this decade, into 2029. So we're going to look at that. Also at RSA where you were the UK's CEO of the NCSC, you know, their, their big cybersecurity agency stood up on stage and warned about the danger of vibe coded sas, you know, software as a service, replacements. We're going to touch on that. We've got more information about nasty click fix campaigns which continue to proliferate and many People emailed me to say, hey, Apple took your advice. Well, they didn't take my advice, but they did the right thing, which Microsoft refuses to do. Yeah. We've also got the news that there more than one in seven Reddit postings are now being posted by AI bots. And our, the, the CEO of Reddit is not happy and he doesn't know what to do except something that Reddit users really don't want to do. And then we're going to talk a little bit about. Well, actually a lot about this. What was going on behind this light LLM disaster that was averted, but only because the people who coded it the, the, the malware were apparently in too

A (9:34)

big a hurry and there was five coded.

B (9:37)

They made a mistake. Yep, they made a mistake that allowed it to reveal itself almost immediately to. I mean, which was a good thing because again, this absolutely constitutes dodging another bullet. And how many are we going to dodge before we get hit by one?

A (9:57)

I'm not even sure how much it was dodged. I mean, we don't know yet how many people. We know 47,000 people downloaded it. We don't know how many of them got bit.

B (10:05)

Which is not to say that nobody got hurt, but when you're down, when you're downloading three point some million per day.

A (10:13)

Right.

B (10:13)

It could have exploded.

A (10:15)

Yeah. Well, and there was a new one this morning and Axios, which is an NPM library compromise. This is not the, this is just the beginning. This is not.

B (10:25)

Well, and we'll be talking about why because there's there's a, as usual, a takeaway that we try to find here. And to my way of thinking, this is the trade off we are still making in preferring convenience over security. Yeah, it's like we're hoping for the best and so far, you know, maybe AI will change it. We're not sure.

A (10:50)

Well, that was the interesting thing at RSEC is the number of companies that were proposing AI based defense. We're using AI agents for defense. It was, it was very, you know, it was probably the number one topic at our sex. It was very interesting. Yeah. Well, we're going to get to the picture of the week. Something you should avoid with wet nosed doggies, apparently. I haven't finally saw the caption. Well, that's coming up in just a little bit. But first a word from our sponsor. This show brought to you by Threat Locker. Steve and I know them well. Threat Locker's Zero Trust platform now delivers the industry's most comprehensive suite of zero Trust solutions. Actually this is something new, protecting endpoints, networks and the cloud. They've announced this. They announced this, I think at rsac, I believe by extending. In fact, I'm going to have a phone conference with them on Thursday to get a tour of this. I'm very excited. By extending Zero Trust enforcement to cloud services and company networks, ThreatLocker now ensures that devices are validated through a secure broker before connecting to platforms like Salesforce, Microsoft 365 Asana, Google Workspace, GitHub. This is so important. Even if a user is successfully phished, attackers cannot use that endpoint to access resources unless they actually have possession of the user's trusted device. ThreatLocker works across all industries and provides 24.7us based support. It's really an amazing solution. Very affordable, very easy to install, very easy to configure. They support Windows, Mac and Linux environments and enable comprehensive visibility and control. Ask Rob Thackeray. He's end user technical architect at Heathrow Airport. Now at Heathrow does not want to be brought down by ransomware. That's why they use ThreatLocker. He said, quote, threat Locker was the most intuitive solution we tested and the responsiveness of the organization, the willingness to engage with us, set up a demo, work with us on weekly audit reviews is very good. It's great to have an ongoing relationship with a company that's so responsive to our requests. That's Heathrow. And I have to say that's what I also got from all the Threat Locker customers we saw at Zero Trust World. It's really a remarkable story. They're trusted by people who just can't afford to be attacked. Global enterprises like JetBlue, the Indianapolis Colts football team, use Threat Locker. The port of Vancouver. Threat Locker consistently gets high honors and industry recognition. They're a G2 high performer. Best support for enterprise summer 2025 Peerspot ranked them number one in application control. GetApp gave them their best functionality and features award in 2025. Threat locker means you can confidently ensure users have access to a consistent safe network connection. Offices, remote users, internal servers and critical services can maintain smooth operations without the need to open inbound ports or deploy traditional VPN solutions. Get rid of them. Your end users will get the secure, reliable internal system access they need without complex infrastructure changes and without risk. Get unprecedented protection quickly, easily and cost effectively with Threat Locker. Another reason to get a demo. Actually, this was fascinating. It's in our RSEC piece. I talked to their Threat Lockers chief product officer and he was telling me, he says, just install Threat locker on one service or one device, he said, because it also is a way to see if you've got problems. Right. Because immediately you'll get. Something will be blocked and you'll go, wow, we didn't, we didn't know we were having a problem here. It's very informative. Here's what I would say. Go to threatlocker.com TWIT get that free 30 day trial. Learn more about how ThreatLocker can help mitigate unknown threats and ensure compliance. That's threatlocker.com TWIT really like these guys. They've got a great product. You should check it out. Threatlocker.com TWIT we thank him so much for supporting Steve Gibson. Picture time.

B (15:20)

Yes, I gave this. As you noted, I gave this picture the caption. This solution is not recommended if your dog has a wet nose.

A (15:31)

Okay. So I'm thinking it's going to have something to do with electricity here, let me just scroll up. We can discover it together. There's a nail. Uh oh.

B (15:43)

Oh boy.

A (15:45)

That's okay. So this is an interesting solution if you have the wrong country's power.

B (15:51)

Yes. You know, and Leo, really all of these solutions are interesting. I was, Benito and I were talking about this before we began recording. You know that there was that one with the two nail clippers that I thought was particularly inventive. But these, I think if we were to stand back and look at the 20 year plus history of the podcast, it would be people who seem to have the wrong plug for their outlet. And the mystery of fence gates standing alone in the middle of fields seem to be of the overriding themes of our pictures of the week. So for those who aren't, who are listening and are not seeing, we've got a. The individual here is trying to plug a European style AC plug that's got the round pins into. Well, he wants, he would like to plug it in. Apparently in the US or somewhere where we have the parallel straight slots.

A (16:57)

I gotta tell you, that's the worst looking power strip I've ever seen.

B (17:00)

It is everything about this, I mean,

A (17:02)

beat the hell up.

B (17:03)

And you. And when I say, when you use the term rusty nail, you're normally not really literal, but here I don't even know how he's getting a connection with. There's so much rust on these nails. Because of course rust is an oxide, which is an insulin. Later. But anyway, so we basically sort of have a Jacob's ladder made with two nails stuck into the slots of this power strip. And then pushed down between the nails so that they're sort of splayed apart, thus creating the Jacob's ladder effect. Is this round plugged European style plug which just sort of hovers there. And my point was, if you have a curious dog that likes to go around and sniff it in the corners, and I don't think even its nose would need to be wet, it would get a very rude surprise if it would stick its nose across.

A (18:01)

And how did they get the nails in without shocking themselves? They must have had rubber gloves or so. I mean, this is. This is insane.

B (18:09)

It's nuts. Yes. Hopefully the, the outlet strip has a switch that we don't. That we don't see.

A (18:14)

Oh, there you go.

B (18:16)

Or it just could not be plugged into its normal American style outlet where it gets its power. Anyway, thank you again listeners for another entertaining picture of the week. Always appreciate them. Okay, so our first news of the week was inspired by a question I actually received from a listener. It relates to much of our recent discussions about Internet age verification and separately or specifically to its recent escalation, which we've been seeing everywhere to include, as just happened, operating system platforms themselves. Our listeners who identified himself as Fred M. He wrote. Hi Steve, I recently read that freedos was not going to comply with California's age verification requirements. He said, since freedos is the OS distributed with spinrite, I was wondering how this would affect you when the new law takes effect. Thanks, Fred. Okay, so the good news is spinrite is not age restricted content. So I don't think we have a problem, even if we were going to have a problem, which I don't think we would. But his question refers to California's Assembly Bill 1043, and it's unclear to me why this issue suddenly and recently popped up on everyone's radar. But the Internet is currently buzzing about it and our listeners have been sending their questions and opinions to me, which I appreciate. The bill in question was approved by California's Governor back on October 13th of last year of 2025, and it doesn't take effect until the start of next year, January 1st of 2027. So why all of the sudden this awareness of it? Because, I mean, it was a while ago and so I did some looking around over the past month. The only thing that I could find was that the very popular and respected and widely read Tom's Hardware site did post an article about this on March 1st, which sort of seems maybe to have been the catalyst for everyone going, what? What are you talking about? So Tom's hard hardware's headline was California Introduces Age Verification Law for All Operating Systems Including Linux and Steam OS User Age Verified during OS Account Setup. Okay, so mostly no Linux users want a nosy government to have its mitts on their beloved independent open source operating system. And since Linux doesn't have any central control authority, you know, the way Windows does Mac, Android and iOS, they reasoned, Linux users reasoned there would be no way for that to happen. Right, Right. So, okay, since California legislators have also recently proposed, as we talked about, requiring all 3D printers to somehow magically identify and and refuse to print any component that might be part of a handgun, no one knows how that could possibly be made possible either. Unfortunately, our and I say our because Leo and I are both residents of California, our legislators here in California do seem to be having fun asking for things they cannot realistically have. Not that that's stopping them from, you know, asking. So okay, first let's step back and take a look at what this legislation is because it does exist. It was signed into law on October 13th and it is coming into effect on January 1st. That's all happening. The section heading in this bill is Age Verification Signals Software Applications and Online Services. And the sections overview, just the overview of the detailed, you know, point by point, says existing law generally provides protections for minors on the Internet, including the California Age Appropriate Design Code act that among other things, requires a business that provides an online service product or feature likely to be accessed by children to do certain things, including estimate the age of child users with a reasonable level of certainty appropriate to the risks that arise from the data management practices of the business or apply the privacy and data protections afforded to children and, you know, to all consumers and prohibits an online service product or feature from, among other things, using dark patterns to lead or encourage children to provide personal information beyond what is reasonably expected to provide that online service product or feature or to forego privacy protections. And of course, Leo, the other thing that happened just in the last week was Meta and Google with YouTube losing those major cases and there was also one in Arizona I think, which is beginning to hold these, you know, big tech accountable for the design practices in their applications which do exactly what this California Age Appropriate Design Code act says they shouldn't do. So they wrote this bill beginning January 1, 2027, which did get signed in on October 13, they said would require, among other things related to age verification with respect to software applications, an operating system provider as defined to provide an an accessible interface at account setup that requires an account holder as defined to indicate the birth date, age or both of the user of that device for the purpose of providing a signal regarding the user's age bracket to applications available in a covered application store and to provide a developer as defined who has requested a signal with respect to a particular user with a digital signal via a reasonably consistent real time application programming interface, you know, API regarding whether a user is in any of several age brackets as prescribed, the bill would require a developer to request a signal with respect to a particular user from an operating system provider or a covered application store when the application is downloaded and launched. This bill would prohibit an operating system provider or a covered application store from using data collected from a third party in an anti competitive manner as specified. This bill would punish non compliance with a civil penalty to be enforced by the Attorney General as prescribed. Okay, so that's as much of as I'm going to quote from that. So while it's true that details matter, I'll first note that that you know this is like what this bill is asking for is what we've been suggesting Apple with iOS and Google with Android should both somehow manage to provide. And the way this should be done, at least for the use case of smartphones is beginning to take shape. We're beginning to see this manifested in Apple's apparently reluctant incremental movement on this front. The parents or guardians of a minor child should be able to configure the birth date of the user of a smartphone and be able to securely lock that date into their child's device from then on. And I'll say optionally should be able to but like so that the point is the platform would provide the capability, but it should be at their discretion from that point on. Anytime a website, a local application or app store download contains age restricted content and thus needs to obtain age gated permission, they may cause the user's operating system, the user who's the kid may cause the user's operating system to display a clear and or I'm sorry the age restricted content provider may cause the user's operating system to display a clear and uniform pop up asking for an age bracket to be provided if the user wishes to. Again, not automatically, not unless they set it that way, but if they want control if they choose to, they may then allow the operating system to inform the requested application on their behalf whether its user is under 13, between 13 and 15, between 16 and 18 or over 18. Those are the brackets California specifies in which the world seems to have sort of be be settling on. If the user declines to provide their bracket or if their device has not been set with a date of birth, the requesting site will be told that no age assertion is available and should probably not deliver this age restricted content. So what seems right about this is that this solution places the handling and responsibility of their young child's age into the parent's hands, where it should be, not the government, not the os, not the platform provider. The platform provider provides the capability to configure the device to do this if the parent or guardian should so choose. And all it requires of Google and Apple and Apple's, like they're both almost there now, is that they provide the means to accept, lock and protect that decision and provide a uniform platform specific API for making that information available on a case by case basis. Again, if it's been configured to do that to any entity that inquires. And as I said, both companies apparently reluctantly, have been moving incrementally in this direction. So at this point I cannot, given what, what's happening on the legal side and in local and national governments, I can't find any sympathy for someone who complains that this, like what I described, would represent an invasion of an online user's absolute privacy, which is what we see. There's a lot of that on the net. You know, opening the front door of your home, walking outside and down the street compromises someone's illusory, absolute privacy. We live in a world of laws which attempt to protect vulnerable young people by age, gating, where they can go and what they can do, you know, and you know, with the vast resources that are now online, there's a lot of stuff that needs, arguably young people, you know, parents should have the right to decide if that's something that they want their children to have access to. So as a society we're now working to more fully incorporate all of the many facets of the Internet, which are many now, into our daily lives. So to do that responsibly means that a user's age, although it hasn't previously been, it's going to have to be taken into account moving forward. Okay, so, but what happens when we leave the mostly well and clearly and cleanly defined realm of personal use, smartphones, you know, which have per user accounts, things become a lot less clear and clean. And I argue, I mean, I agree with everyone who's upset about California and what this means for Linux, that we're stepping into a huge mess. So here's what Tom's hardware wrote, which may have been, as I thought, the catalyst for this recent upsurge of, you know, interest and outrage. They said California's Digital Age Assurance act, That's Assembly Bill 1043, signed by Governor Gavin Newsom in October 2025, requires every operating system provider in California. And I don't even know like if Linux has an operating system provider. Right.

A (32:04)

Well, I mean Ubuntu is, for instance. That's a company that makes a distro. It would have to be by distro. There's also Android operating systems like Graphene. Graphene's already said we're not going to do this.

B (32:17)

Well, and did you see that? It got stuck into System D and then got yanked. Yeah,

A (32:25)

nobody wants this. But there's no enforcement mechanism. It's not even clear how they would know. And it doesn't require id, Right? It just says you say how old you are.

B (32:37)

Correct?

A (32:37)

What good is that correct? Silly. Yeah, just nonsense.

B (32:44)

So they said the laws, Tom's Hardware said the law's broad definition of operating system provider as anyone, quote, who develops, licenses or controls the operating system software on a computer, mobile device or any other general purpose computing device. Well, that means smart TVs too, right? So like, okay, you're going to tell

A (33:07)

your TV how old the viewer is, ties in. And WebOS, all the TV operating systems.

B (33:13)

Wow. So. And so Tom said pulls in not just Windows, Mac OS, Android and iOS, but also Linux distributions and valves, Steam OS. According to AB 1043, OS providers must maintain a, quote, reasonably consistent real time application programming interface. Again, API that categorizes users into four brackets. Those are the ones that we, that we mentioned. Developers who receive the signal are quote, deemed to have actual knowledge. So if the OS makes a claim, then they're kind of off the hook. They're. Well, the OS said this was the age of the user. So they are at that point deemed to have actual knowledge of their user's age rage under the law, which shifts legal liability for age appropriate content decisions onto them. So that, so that says if they've been told, then they must act accordingly. And Toms wrote penalties for non compliance run up to $2,500 per affected child for negligent violations and $7,500 for intentional violations. And it's, it's important though that this is all enforced by the California Attorney General. Mean, and that that was a point made elsewhere, that it means random groups can't sue on behalf. You know, under this law it's only the California Attorney General, so it gives

A (34:42)

them a lot of discretion about who they're pursuing.

B (34:44)

Exactly. So Tom said the law does not require, as you said, LEO photo ID uploads or facial recognition with users instead simply self reporting their age. What?

A (34:56)

99.

B (35:00)

So he says this sets AB 1043 apart from similar laws passed in Texas and Utah that require, quote, and we've seen this when we talked about this commercially reasonable, whatever that means, verification methods such as government issued ID checks. Assembly member California assembly member Buffy Wicks, who authored the bill, said this, quote, avoids constitutional concerns by focusing strictly on age assurance, not content moderation. In a press release, the bill passed both chambers unanimously, 76 to 0 in the assembly and 380 in the Senate.

A (35:44)

That's kind of like a yeah, sure, why not vote.

B (35:47)

Yeah, it's like okay, that. Like that. This is an easy one.

A (35:52)

Yeah.

B (35:54)

However, Gavin was a little circumspect, toms wrote. Despite signing it, Governor Newsom issued a statement urging the legislature to amend the law before its effective date, citing concerns from streaming services and game developers. Right, a streaming service on a smart tv, a streaming service and game developers about, quote, complexities such as multi user accounts shared by a family member and user profiles utilized across multiple devices. In other words, you know we're talking about the same thing, a version of the same thing we've been talking about with networks for since the beginning of the podcast authentication. On one hand, there's identity authentication. Now we're facing age authentication and it's just as messy because you're remote and these are just not easy problems to solve. So Tom said whether amendments will materialize before January 2027 remains to be seen. Enforcement against Linux distributions, however, is likely to be problematic, wrote Toms. Distros like Arch, Ubuntu, Debian and Gentoo have no centralized account infrastructure with users downloading ISOs from Mirrors Worldwide and can modify source code freely. These small distros lack legal teams or resources to implement the required API. It's easy to do so A more realistic outcome for non compliant distros is a disclaimer that the software is not intended for use in California and maybe eventually anywhere.

A (37:49)

So really not use this anywhere.

B (37:52)

Can't use this on earth. So good luck. So I spent some time reading everything I could because I you know this is again this cross network authentication of anything is hard. I found a posting made by the Reason Foundation a few months ago that I It's worth sharing. It summarizes the current state of affairs, highlights the ways in which California's new legislation actually represents a useful step forward, and also suggests a way out of the mess that California also created. So they wrote California Governor Gavin Newsom signed the Digital Age Assurance act Assembly Bill 1043 into law on October 13, marking a significant evolution in state approaches to online youth safety. There is room for improvement, but the act introduces a meaningful first step toward a more privacy preserving age signaling model intended to minimize data exposure while improving compliance certainty for businesses. This step is a welcome advancement over earlier approaches, but it also creates potential complications if later paired with more restrictive bills. A trade off the policymakers should weigh carefully. So they wrote California's AB 1043 mandates and so yeah, we got the, we got the four age bracket thing. So they said. This approach contrasts with that of Utah, Texas and Louisiana, which enacted the first statewide app store age verification laws in 2025. The bills require app stores and developers to verify users ages through the here's that expression. Commercially reasonable methods. Utah and Louisiana's laws are set to go into effect in 2026, while Texas, I think it's in the summer. While Texas has been temporarily blocked by a federal judge on constitutional grounds. Two federal bills, the App Store Accountability act introduced by Senator Mike Lee, a Republican from Utah, and the Parents Over Platforms act introduced by Representative Jake Archencloss, who's a Massachusetts Democratic senator, included the same commercially reasonable languages as the state bills. Although this phrasing does not explicitly mandate government ID or biometric checks, it creates strong incentives for app stores to collect the most precise forms of evidence available driver's licenses, passports or credit cards. Fearing the risk of lawsuits and non compliance penalties, companies would default to the most definitive identification techniques which that's a problem, right? So what they're saying here is that by, by having state and even federal laws which say you must do the best job you can. Unfortunately the best job you can is very intrusive of privacy. So they said. In 2025 alone, several popular apps that already required government ID checks for age verification suffered significant data breaches. Highlighting the privacy risks associated with such mandates, the tapp, a woman only dating advice platform that required users to upload selfies and copies of government issued IDs as part of its account verification, experienced a major breach in July that exposed over 70,000 70000 identification images and sensitive personal data. And again, it's like why are they not deleting this the moment they've they've determined someone's age? But okay. In October, global messaging platform Discord, as we know, suffered a breach directly tied to its compliance with the United Kingdom's online Safety act, which mandates robust age verification for platforms likely to be accessed by minors. To meet these legal requirements, discord began requiring UK based users to submit either facial scans, government IDs or the last four digits of credit cards for age checks, vastly expanding the pool of highly sensitive data at risk. When hackers later compromised a third party vendor managing this information, thousands of ID photos and partial credit card details were exposed. These incidents underscore how rigid age verification systems can turn well intentioned privacy protections into security liabilities and inadvertently create new vectors for harm. In Contrast, Assembly Bill California Assembly Bill 1043 correctly prioritizes privacy and security by using a self declared age signal rather than a verification process. The law integrates core privacy by design principles by separating identity from compliance status and ensuring that user data never leaves local systems in identifiable form. That is all it ever discloses is brackets. It also provides developers with clearer compliance certainty than Utah style frameworks which remain mired in vague terms like commercially reasonable. However, there is still issues with AB 1043 that should be addressed. First, the law's mandate that device makers integrate age signals into all devices risks sidelining parents from key digital literacy decisions. For AB 1043, to achieve its stated balance between safety, privacy and parental empowerment, California could modify its framework to make age signaling optional for parents rather than required. Second, debates over youth online safety laws raise a subtler issue, their impact on family relationships and parental oversight. Age verification and age signal frameworks are often presented as empowering parents, but automation can easily displace meaningful dialogue between parents and their children. True digital literacy depends on ongoing dialogue, trust, and continuous education about online risks, not on technical filters alone. When technology assumes the entire role of risk management, it can foster complacency and a false sense of security, as if software settings could replace parental judgment policymakers.

A (45:08)

That's really good.

B (45:10)

I know it sounds like you Leo. That's that's exactly the point that you've often been making here, they said. Policymakers should therefore ensure that digital safety tools operate as supports for families, not substitutes for them. California's initial framework in this respect could be refined through a simple but meaningful adjustment. Make the device level age signal optional for parents rather than compulsory. An opt in structure would preserve AB1043's privacy benefits while strengthening family agency. Parents could choose to enable the system during device setup if they desire automated filtering or app age controls, or skip it entirely for now if they prefer to guide their children's use through household rules and open communication. Optional enrollment would further align the policy with California's broader digital rights precedents, reinforcing choice, consent and proportionality. And they finish writing. On the whole, California's AB 1043 represents a meaningful advancement that in the national debate on age verification, it replaces high risk identity checks with privacy preserving signals, curtails constitutional litigation risks and clarifies enforcement responsibility. But if the state were to shift to an opt in model, it could preserve the law's privacy protections, align with its digital rights values, and restore parents to to the central role in guiding children's online well being. Age assurance need not come at the expense of privacy or parental autonomy. So I think this author gets a lot of this exactly right. No, we would be moving toward an environment where the devices used by someone less than 18 years old could optionally be configured by that minor's parent or guardian to conditionally supply its user's age bracket, never its date of birth, just where you are in those brackets or know which bracket you're in. The idea would be that the various operating systems would implement a simple API and you know, iOS is there, Android is there. I mean they, they're, they're, they're like right there. That could be queried by applications running on the platform. If that application's a video game offering age restricted content, it could learn which version of its game to display to that platform's user. If the application were the application's app store, it would learn which applications to list and allow to be downloaded and which should simply be filtered and not shown to someone underage. And if the application was a web browser, it would learn the age range of its user and could use that information when queried by a remote website. Now we would need for that we would need the W3C, the World Wide Web Consortium, to define a standard means for a remote site to query the browser client for its user's age, which the browser would have received by an API from the underlying platform. But even that should be trivial. I mean that would not take more than a day to define. So as for the non smartphone platforms such as Windows, Mac OS, Linux and Steam, and of course smart TVs, all of those platforms, at least the OS platforms not I don't know about smart TVs, but I guess it could be added operate with the concept of a root or an admin, right? Whose account should not be used as the daily driver and daily users who work with, you know, with far more safe and reduced privilege user accounts. So those platforms could easily arrange to add date of birth awareness to their user accounts and then An API would be added to a lot to surface the brackets of those, to the, to the online requester of that information. So you know, basically following exactly the model of the smartphone that would give parents who wished to govern what their young children were able to do online, you know, what they saw and where they went, a clear and clean means for doing so. And I so much favor date of birth over age because that automatically changes the bracket at the user's birthday rather than needing to constantly update the age after a birthday. And of course parents could set whatever birth date they wanted. They, if they felt that their child was more mature than the, the typical child at that age, they could say that they were born earlier, which would then move them into a later bracket sooner. So you know, all the online fury and indignation raging over the idea of California attempting to effectively outlaw, as I've seen online, any platform that doesn't provide these services, it they, that all disappears when it's just an optional feature capability that a system's admin, you know, in this case mom or dad might choose to employ if in their role of parent or guardian they would like to exert some control over the age gated use of that platform. So I think it's also worth noting that this solution also nicely resolves the whole VPN backlash dilemma that is also beginning to appear. We've, we've, that we're hearing the legislators saying well you know, those VPNs are being used to bypass, you know, the laws we put in place, so we need to outlaw those. You know, a VPN in this case would be of no benefit since the user's platform, not their IP address would be producing the age bracket indication. So you know, I, I thought that was an interesting take that that reason published and I thought it was good that Newsom said well I'm going to sign this but I hope we, you know, maybe make some modifications before it goes into law. And in any event I don't think Linux people have anything to worry about. I mean it is open source and we did see somebody kind of very quickly added the, the capability into user accounts on Linux and it was, Linux was immediately forked without that provision in there. Even though it didn't even have an API, it didn't have a ui, it wasn't in any of the desktops, it was just down basically in the JSON structure that they added a field for date of birth. And you know, a lot of people in the Linux community freaked out over that. So it's like okay, I mean, I, I get it, but again, there's no question we need to have strong identity online. We've needed that for a long time. Everyone wants it to be anonymous. We're trying to hold on to that. Age gating and age verification is coming to the Internet and let's hope we do it in a responsible way. You know how we can be responsible, Leo, is by telling our listeners about one of our sponsors.

A (53:21)

We will get right back to Steve in just a moment. But first, a word from our sponsor. This episode of Security now brought to you by Adaptive, the first security awareness platform to built to stop AI powered social engineering. What? How could you do that? Well, here's the. Here's what's changed, right? And you know this. Attackers don't just need malware anymore, they just need trust. Right? A cloned voice, a convincing deep fake on Zoom, or an AI written phish that looks like it came from your IT team. We get those a lot. You heard about the CFO who thought he was on a Zoom call with the board of directors and the CEO and wrote a massive check based on their instructions. Except they were all deep fakes. There wasn't the CEO in the board. It was a bad guy. How can you prepare your organization for this? Well, you can with Adaptive. They do simulations everywhere. Email, yes, of course, but also sms. They even do voice. So it protects you against deep fakes, it protects you against vishing, it protects, you know, the voice phishing and AI generated phishing emails and texts, including the scenarios that can mirror your own brand and executives. You need this nowadays. And when employees report something suspicious, Adaptive can help you triage it fast. So security teams aren't buried in false alarms, but they can do something about the things that really matter. If you need training fast, with Adaptive's AI content creator, you can turn a breaking threat, an incident report or a compliance doc instantly into interactive multilingual modules right away, no design team required. Just push a button and you're go. With Adaptive, you can build, customize and monitor every part of your training with complete personalization. So as a result, you get a more resilient security culture. And that's essential for company companies like Plaid, right? I use Plaid when I log into my financial reporting tool. It uses Plaid to log me into my accounts, right? Plaid better be secure. Plaid platform powers thousands of digital finance apps and links consumers, developers and institutions. I rely on Plaid. So fortunately, Plaid relies on Adaptive with sensitive data at its core. Plaid security and compliance simply or non negotiable. Plaids Head of Security GRC says this is a direct quote quote Adaptive has equipped our teams with cutting edge tools and built a smarter, more resilient security culture across the company. Trusted by Fortune 500s and backed by Nvidia and OpenAI, Adaptive is building the defensives we need for the AI era. Learn more at adaptive security.com that's adaptive security.com what a cool idea. We're so glad they're there and so glad they're supporting Steve and his work at Security now. Now back to the show.

B (56:21)

Okay, so before we leave this discussion of age verification, I just wanted to note that Apple has started requiring age verification for their users in the UK and South Korea. With the rollout of this latest 26.4 version of iOS. Apple account holders in those two countries may be asked to register a credit card or take a picture of a government issued id. If Apple's able to determine an account holder's age without asking that, like by looking for other signals like the length of time they've had an account which would sort of automatically say well they've got to be an adult by now, then no other information is needed but otherwise they're going to get intrusive. So you know, as I said before, if this has to happen, I trust Apple more than any other third party to protect its users privacy. Apple really does, you know, appear to be doing everything as right as they can. I've got links in the show notes for anyone who wants more information that like of an Apple support page that just says if you are asked to verify your age, you know, we need to do that. I heard from a couple of our listeners who are in the UK that that they had a variant of a driver's license which Apple software did not recognize. So they were having a problem with that. So it's looking like there's like on phone, you know, image recognition of UK government issued IDs and driver licenses which Apple is able to ingest and then use to satisfy the, the, the UK's law. This is all, you know, it's not like Apple wants to be doing this. They definitely don't want to be doing this. Yeah, if you're asked to confirm that you're an adult and then you know, you, you proceed. So this is, this is now happening, you know, by Apple when they're operating in countries that require it.

A (58:37)

It's selfish of me to say this, but I'm glad that they're testing this in UK and Korea so that we don't have to deal with it. Until it's. The kinks are worked out a little bit.

B (58:47)

Yeah. Yeah.

A (58:48)

Wow. But it's, you know, it's ultimately this could be better. Right. I mean they're a choke point. Right. So Apple and Google. Yes, because everything goes. And it should be for app stores, not for desktop operating systems, not for TV sets and things like that. But I can see why with the app stores you might want to have that kind of.

B (59:08)

And also because a smartphone is inherently more of a personal use device. You know, kids have their. The fact that we use the pronoun their smartphone.

A (59:18)

Right.

B (59:18)

Says that, you know, they're bound to it. It's their social media that is on that phone and know their use of the phone. You know, they take it into their bedrooms with them. So it makes sense that, you know, the parents could, could work with Apple to establish a, a secret date of birth and the phone only divulges brackets when necessary. So I think that's. We're going to end up being. And, and again, if it worked, if anybody had to be doing this, I would trust Apple much as you and I both, Leo, are increasingly annoyed by some of what Apple is doing. You know, as I said, I've lost. I've. I don't even know how my photo app works anymore on my phone. I get, I get into some strange mode where I can't get rid of half the screen is information about the photo. And I tried like to push it down. It won't go away. It's like what happened? Anyway, I chose to share this next story because it's so loony and because it serves as another example of the disturbing and growing intersection that we are seeing everywhere of politicians and technology. The Risky Business newsletter covered this puzzler by writing, the Russian government is working on a law that would require all mobile operators in Russia, all Russian mobile operators to use a custom domestically developed encryption algorithm for the country's 5G mobile network. If the bill passes, and what it's expected to all phones sold in Russia going forward will need to support the NEA 7 algorithm, apparently because 1 through 6 were no good or they will not be able to connect to Russian mobile Networks, which by 2032 will only support NEA 7. Foreign algorithms such as Snow used in Europe, AES, of course used in the US and Zuc used in China will be supported only until 2032 as part of a transitional phase to allow current smartphones to, to reach their natural end of life. Work on the proposed regulation began last year and the bill is now in its second draft. According to Russian news outlet ivestia, the bill is part of a broader set of measures designed to hinder the operations which is so stupid of Ukrainian drones and missiles, which if you stupid, you'll see why in a second which have used Russian SIM cards to connect to mobile towers, determine their location and then guide themselves to planned targets. However, using a custom encryption algorithm to encrypt 5G traffic won't stop the Ukrainian side from using Russia's existing mobile network, since they can always fall back to older protocols, not the 5G protocols, LTE and 3G, both of which will continue to function. So on the other hand, writes Risky Business, the proposed law represents a quote, patriotic legislative flex. It's a type of unrealistic stuff they wrote that's been happening in the Russian Duma recently to show that Russia is important and still matters on the global stage. That's why show that by withdrawing from the rest of the world. Wow. As is Vestia points out itself, Russia is insignificant on the mobile market, where it only accounts for 2% of annual sales. So it's very possible that most phone makers won't bother to implement NEA 7 on their chipsets.

A (63:23)

Why?

B (63:24)

Why would they? There's also no base tower equipment that supports the algorithm, which raises the possibility that Russia will be years behind in rolling out its 5G network because it's going to have to design and implement all of the base tower technology too for to add any 7 support, they said. The Russian news outlet warns that NEA 7 may be used as a trojan horse by foreign manufacturers to request a favorable market position or a monopoly in exchange for adding the algorithm to their firmware. Okay, I suppose that's possible On Ukraine's side, the answer is likely to be the same as with Russia's rollout of max. Remember, that was their the Russian only messaging system, and Russia demanded that everybody use it and then began cutting off access to all the others as they are now. The Ukrainian intelligence services were delighted that Russia was mandating everyone in their country use an incredibly insecure an easy to hack mobile app, meaning Macs. Rolling out an untested and largely unknown encryption algorithm for your entire future mobile network may create a major opportunity for hacks and surveillance operations who know their way around encryption as intelligence services usually do. So I think as I look at this and think of like what Russia's doing, it occurs to me that one of the most important lessons taught by the Industrial Revolution is the incredible power that comes from standardization. If, for example, if every country had their own screw thread standard, then nuts and bolts would be incompatible with one another and it would be necessary for a shop to redundantly stock a separate supply of bolts for every country of origin.

A (65:30)

Train gauges incompatible for a long time. Perfect.

B (65:34)

Another great example.

A (65:35)

Yes, yes, it's a little hard to go from country to country, Right?

B (65:40)

And Leo, think about it as it is. We do have separate metric and imperial threading and look what a mess that creates.

A (65:49)

You have to have both sockets. Yep.

B (65:51)

Yes, just that. So, you know, another example of standards failing when they differ is as, as our picture of the week showed, AC outlet plugs around the world. Although I'll admit that they have provided a terrific supply of pictures of the week for this podcast. But that further demonstrates the failure. Right. So my point is that the standards that the world has agreed to, the standards surrounding the Internet, Ethernet, usb, all being examples, they've resulted in an as in like in astonishing economies thanks to their interchangeability and interconnectivity, which we get free of charge simply by choosing not to roll your own. So I think this clearly demonstrates the insanity of what Mother Russia is choosing to do after 2032. What? Five years from now, Russian citizens will likely be stuck with Russian made Android smartphones with God awful hardware and no choice in the matter. If they want 5G, they've got to use their rescue phone or you know, risky phone.

A (67:12)

That's right. In Soviet Union, risky phone call you.

B (67:18)

And that's not progress.

A (67:21)

That's miracle. Wow. Of course speaking that some people drive on the left side of the road, some people drive on the right side of the road.

B (67:27)

We've someone drive you if you're in one of those countries. Because all every instrument instinct you have is wrong.

A (67:37)

Merging on the freeway is really tough. Oh for me anyway. Yeah.

B (67:42)

Okay. So speaking of Russia, it seems that Russian intelligence services somehow arranged to install some spying hardware into a Ukrainian drone factory. Now the device was embedded inside a thermostat, but it did much more than control the room's temperature.

A (68:05)

Wow.

B (68:06)

Since it included a camera, a microphone and a little router. The story becomes even more interesting and fun though, when we learned that the Ukrainian drone maker TechX was fully aware of the device before it was installed, thanks to a warning which they received from Ukrainian intelligence services. So the Russian surveillance device was installed, after which techex worked with Ukrainian intelligence to supply a constant stream of disinformation which was regarded as highly trusted because the Russian spies were certain that nobody knew about it. So why would they be making stuff up in Front of the thermostat. Whoops.

A (69:01)

That's smart.

B (69:02)

Yeah, love it. Okay, so last year, as we recall, we had some fun looking at a very clear demonstration of the claims being made about quantum factorization. Remember that. You know, the threat posed by the emergence of practical quantum computers is that they may be able to solve the prime factorization problem upon which rests all of the cryptographic security provided by the invention of RSA style public key crypto. Last year it appeared that the world had a much longer way to go than was assumed because that takedown of all of the progress that had was being claimed, which we examined carefully, convincingly revealed that not a little bit, but a lot of sleight of hand had been going on behind the scenes with the use of, for example, highly contrived factorization targets. Now, Google appears to disagree, or perhaps they're just taking the better to be safe than sorry approach. The news of last week is that Google has moved the, what they call the so called q day to 2029 only three years from now. Google expects threat actors to break classic public key encryption using quantum computers by the end of this decade. Okay, you know, they've introduced a 2029 timeline to secure their products. That is as their deadline to finish securing their products with post quantum crypto PQC protections. Both Chrome and Google Cloud already have PQC post quantum crypto protections in place and Android is getting them later this year. We also know that Apple and Signal have both already added post quantum crypto to their messaging platforms. In addition, cloudflare, aws, Azure, Meta and Zoom all have PQC in place today. Plus TLS version 1.3, the current and latest version of TLS is already capable of negotiating post quantum crypto encrypted connections. And Cloud Flare tells us that more than half of all the traffic moving through Cloud Flare is now already quantum safe. So, you know, hats off. You know, we've been, we've been covering this move and the need to move toward quantum safety for years now with the cryptographers getting to work on post quantum algorithms way before it seemed that we had a problem. I still think it's way before we have a problem even now based on, you know, the real evidence that we've seen. But hey, our chips have the power, our processors have the power. No reason not to do dual quantum or dual crypto schemes where you encrypt with both a pre and a post quantum crypto to be safe. And in that case, I don't know what, what the NSA is going to do with all that data that they've been sucking down Leo. It's got, I mean, I guess historically the older pre, post quantum crypto communications, they could decrypt if it's still of any value.

A (72:54)

Be old.

B (72:54)

Yeah, it's, yeah. Really old.

A (72:57)

Yeah. Do you really think that quantum is going to happen by 2039?

B (73:03)

No, I, I don't, I do not. I, I do. Well, Google is saying 2029.

A (73:08)

I'm sorry, 2029. Yes.

B (73:10)

Yeah, I don't, I just don't see. I, I, to me it doesn't look like we're even close. And it's not as if you're able to break down the fat, the prime factorization problem into smaller pieces. And if you could, we would have.

A (73:27)

Right.

B (73:27)

You know, we would have already decomposed it into something that classic computers can solve. It's intractable right now. So, you know, if they're jumping up and down about factoring 31 and then we find out they cheated, it's like, okay, I have a hard time getting worked up about this. You know, I might get surprised.

A (73:50)

Okay, it's prudent to have post quantum crypto available.

B (73:55)

Why not?

A (73:55)

See any reason not to?

B (73:57)

Why not? Exactly. It doesn't cost us anything at this point. Our chips are fast enough, we've got the algorithms, we're and, and we're not just using them, we're using both. So if, if a problem is found in either one, the other one protects us. So why not?

A (74:14)

Right.

B (74:18)

Okay. So. Last Tuesday, during the annual RSA Security Conference where you and Lisa were present to hobnob with many of the podcast networks supporters, the CEO of the UK's NCSC, which is the UK's cyber security agency, spoke to the conference. The publication the Record wrote about his presentation. What they said was Britain's National Cybersecurity center warned Tuesday that a rise in so called vibe coding could reshape the software as a service industry while introducing new cybersecurity risks in if organizations fail to adapt. The warning they wrote coincides with remarks by NCSC Chief Executive Richard Horn at the RSA conference in San Francisco where he urged security professionals to ensure AI coding tools become a net positive for security, unquote, he said, highlighting again how digital societies are facing a surge in cyber attacks exploiting classes of software vulnerabilities that are known about and can be fixed. Horn said there was a risk AI tools would simply propagate the production of insecure software. His comments followed a sharp market sell off in shares in software and cloud companies in February, driven by investor concerns that Vibe coding, a term used to describe software developed using AI tools and minimal human input, could reduce demand for subscription based software as a Service. You know SaaS platforms, Horn said, quote during his speech. Quote the attractions of Vibe coding are clear. Disrupting the status quo of manually produced software that is consistently vulnerable is a huge opportunity, but not without risk of its own. The AI tools we use to develop code must be designed and trained from the outset so that they do not introduce or propagate unintended vulnerabilities. In a blog post published alongside the speech, the NCSC itself said advances in AI assisted software development are already changing how organizations approach writing code, potentially setting the stage for significant disruption of the SAS model over the next few years. And I'm going to be talking about that as soon as I finish with this because I think this is really interesting, they said, describing the February sell off as a billion dollar wobble and referencing the term saspocalypse. Yes, the saaspocalypse. The agency cited anecdotal examples of developers using AI tools to build replacements for SaaS products in a matter of hours, particularly in response to rising subscription costs or feature restrictions. The SaaS industry has dominated enterprise IT by offering subscription based access to software while offloading infrastructure maintenance and security to vendors. We've talked about this, all this outsourcing that is now being done. In its blog post on Tuesday last a week ago, the NCSC said this dynamic could shift as AI tools make it faster and cheaper to build bespoke enough software in house, driven by the same business incentives that triggered the original rise of SaaS companies themselves and the early uptake of cloud computing. But it warned that AI generated code can be unreliable, difficult to maintain and prone to security flaws, increasing the chance that vulnerable systems could be deployed to if those behind the Vibe coded systems were too tolerant of the risks. The NCSC urged organizations to prioritize security as the technology develops, including ensuring AI systems generate secure code by default, verifying the integrity of models, and expanding the use of automated code review and testing. The blog post stated, if security professionals do not lean in from the start, the landscape will evolve without this crucial input, as was arguably the case in the early years of cloud adoption. A challenge the security community will face is that no one yet knows exactly what we need to introduce to ensure the Vibe coded future is a safer one. If we face this challenge head on from the start, we have a chance to introduce some strong security fundamentals Unquote, the article finishes saying. The NCSC said any disruption to SAS is likely to take place over several years, with adoption varying depending on system complexity and organization's risk tolerance. But the agency said it could easily imagine that the only companies in the sector that will survive will be those that cannot be easily replaced with a Vibe coded alternative, perhaps because their services have themselves become critical to a business, or there are regulatory requirements they meet, or they simply have a critical mass of data across customers. Okay, so there are a number of interesting takeaways here. I think the first is the obvious when you look at it, you know, threat that Vibe coded replacements for software as a service represent. Okay, think about it. Why would any large enterprise rent under an expensive recurring subscription what a handful of their in house coders could whip up overnight using the benefit of Vibe coding AI to create bespoke software that more perfectly fits their needs? I hadn't really stopped to consider it before now, but this entire world of outsourced service industries that have sprung up over the past decade are hugely vulnerable to the emergence of DIY homegrown in house coded alternatives that Vibe coding now makes so easy to create. You know, remember we heard that C suite executive saying, quote we're only going to hire someone new if you first demonstrate that AI cannot do their job, unquote. So it's not much of a stretch to imagine a similar executive asking why should we be paying tens of thousands of dollars per month to this annoying outsourced company when a couple of our guys in the back room can use AI to write the same thing that we will then own, can customize to work exactly the way we want, and can use going forward without any recurring cost. No more subscription fees. So it does seem pretty clear that this is going to be an accelerating trend in the future. But the other shoe to drop was this NCSC CEO's primary concern, which was that the threat that carefully created refined and secure SaaS solutions would be too hastily. Which is what we have today from third parties who wrote these things, you know, 10 years ago, carefully and with human programmers, encoders and have since worked all the bugs out but they're not free that they would be too hastily replaced by half baked, unproven and insecure Vibe coded clones. One of the tendencies we have seen over and over is that security will truly be sacrificed at the altar of economics. And why is everyone pulling and blindly using libraries from open source repositories? Well, because they appear to work and solve a problem and the price is right it's zero. But the truth is that everyone is just holding their breath and hoping for the best. Right. Hoping that this library they pulled isn't malware. No, it doesn't seem to be. Nobody else says it is, so. Okay. But that's not the way security is obtained and maintained. On the other hand, it doesn't cost anything. It's free. It's going to be very interesting, Leo, to see what happens as enterprises develop, you know, for in house use the various systems that they've been outsourcing because you know they're gonna. And I overall think it's probably going to be a win, but I imagine there will be a few stumbles along the way.

A (84:37)

It's not like the SaaS. Software you buy from these big companies is necessarily secure, robust and reliable. We talk about all the problems they have all the time on this show.

B (84:49)

That's true.

A (84:50)

You're trusting somebody unless you write it yourself. And nobody can afford to write it themselves themselves. Doing it in house is really hard, I think.

B (84:58)

Well, you know. Yes. But Vibe offers the op. The opportunity of. Of a bunch of programmers saying okay Claude, you know, here's what we need. We need a customer. A customer relations management system and it needs to take our database and here's the schema and we want to have this UI and blah blah blah and presto bango, you got an app. I mean that's Claude.

A (85:28)

Yeah. I've been very tempted to write a sales system for Twit. We had it. It was written by a low level employee many years ago in Net and he knew what he was doing, I guess but when he left he said I'm not maintaining it so you're on your own. So. And it has little bugs like two people that can't use it at the same time or it crashes and you have to have a hard reboot and stuff. So.

B (85:52)

And that's often the case with like with your typical bespoke. Somebody wrote in house software. Yep. It got written by and I we're. We were using for. Well actually we only just retired. We call it Dino Database. I don't know why.

A (86:10)

You probably wrote it yourself though, right.

B (86:12)

It was actually. It was the. The only coder who ever wrote any code that we actually used. A brilliant guy named Steve Rank. Yeah. And he wrote it in Dbase 2 which we then we then moved to. To Fox Pro. Exactly. And and, and sue as recently as until the release of 6:1 would look old customers up on you know it with. Yes, it worked great. Sure.

A (86:44)

I wrote a lot of Dbase2 software in my time for the radio station I worked at.

B (86:48)

Yep.

A (86:49)

Yeah. No, and you know, that's not even really coding because it's just a database and you're writing a front end to a database really. But yeah, yeah, I don't know. I'm very bullish on what cloud code can do, but obviously, you know, it may introduce errors and then the, you know, use. Pulling these libraries is nowadays really risky. There are solutions though. People have found solutions. One, one guy said, well, look, just pin the version until, say you can't download it until it's been out for a week.

B (87:20)

Yes.

A (87:21)

And presumably somebody will have caught on by then. Right?

B (87:24)

Yes. And that was a problem with Light LLM is it was not pinned. And so everybody grabbed the latest. Let's take a break and then we're going to look at an update on the click fix campaigns.

A (87:34)

Okay.

B (87:35)

Because that's still bad.

A (87:37)

Well, and yeah, I'm curious what you think of what Apple's kind of sort of solution was, which I thought was interesting. Anyway, we'll talk about that in a second. Our show today, brought to you by Guard Square. Do you do mobile apps? Are you a mobile app developer? Mobile apps today have become an inescapable part of life. But your users are really trusting you, aren't they? I mean, financial services, healthcare, you know, I have an app for my doctor, I have an app for my medications, I have an app for my banks. There's retail, there's entertainment. Users are trusting these apps with their most sensitive personal data. You better be secure. But a recent survey showed that 72% of organizations experienced a mobile application security incident last year. 92% of respondents reported rising threat levels over the last two years. And man, attackers are clever. They're not just, you know, hitting a library you use. They actually in some cases are really getting ingenious. One trick they have now, they take your app, they reverse engineer it, they use tools like Idra, we've talked about that. They repackage looks exactly the same as your app except there's a little code in there. They distribute it via, you know, phishing campaigns and sideloading. It's loading third party app store stores and it looks your users think they're using your app. Who gets the blame when it turns out your app, your quote, I put that in air quotes app is sending out their personal information. You do. It's a different world. By taking a proactive approach to mobile app security, you can stay one step ahead of these attacks and maintain the trust of your users because the reputation hit comes to you, it doesn't go to the bad guy. That's where Guard Square comes in. Guard Square this is what they do. They do mobile app security without compromising, providing advanced protections for both Android and iOS apps. And it's not just, you know, analyzing your code base. It also has they have automated mobile application security testing to find vulnerabilities, but they also have real time threat monitoring so you gain insight into attacks. You'll know if somebody's modified your code and redistributing it. Discover more about how Guard Square provides industry leading security for your mobile apps. You need this@guardsquare.com that's guardsquare.com we thank him so much for supporting Steve and the work he's doing and I think, I think it's worth a visit. Find out what they can do for you.

B (90:14)

Guardsquare.com Steve so last Wednesday, Recorded Future posted the results of one of their threat forensics groups that was looking closely at the insidious click Fix social engineering attacks, as they wrote elsewhere in describing the nature of these attacks, they said first documented in late 2023, Click Fix has transitioned from a niche social engineering tactic to a cornerstone of the global cybercriminal ecosystem. Click fix is a social engineering methodology that lures victims into manually executing malicious commands by masquerading as a necessary technical resolution for fabricated system errors or human verification prompts, which I think perfectly sums up like like describes what you know the nature of this. Okay, so here's what we learn from recorded futures in Insect ins I k t group they write Insect group identified five distinct clusters leveraging the Click Fix social engineering technique to facilitate initial access to to host systems. Observed since at least May of 2024. These clusters include those impersonating financial application Intuit, QuickBooks and the travel agency Booking.com Insect Group leveraged the recorded Future HTML content analysis data set, which enables systematic monitoring of embedded web artifacts to identify and track new malicious domains and infrastructure. So basically this is their their, you know, cyber forensics system, they said. The clusters demonstrate significant operational variance in lure themes and infrastructure patterns and highlight the techniques evolution, moving past simple verification by visually fooling victims with various fake challenges and demonstrating technical sophistication through operating system detection to tailor execution chains. Despite these structural differences, its operation is largely the same, showing that Qlik fixes core techniques work across platforms and only the social engineering lure needs to be adapted to the victim. Threat actors manipulate victims into executing malicious obfuscated commands directly within native system tools like the Windows Run dialog box or Mac OS Terminal. This living off the land approach allows malicious scripts to execute in memory, effectively bypassing traditional browser security and endpoint controls. Parallel clusters targeting sectors as diverse as accounting, real estate and legal services indicates that qlikvix has transitioned into a standardized high ROI template, you know, high return on investment template for both cybercriminal and potentially advanced persistent threat apt groups. To protect against these threats, security defenders should move beyond simple indicator blocking and prioritize aggressive behavioral hardening. Key recommendations include disabling the Windows Run dialog box via group policy objects, implementing PowerShell constrained language model CLM, and operationalizing digital risk prevention tools such as recorded Futures malicious websites to identify and mitigate threats to your digital assets. Based on increasing use since 2024, InSick Group assesses that the click fix methodology will very likely remain a primary initial Access vector throughout 2026 as threat groups continue to social engineer victims to enable exploitation. Looking ahead, Insect Group anticipates QLIK fix lures will become increasingly technically adaptive, incorporating more selective browser fingerprinting, while continuing to use infrastructure that can be built and dismantled quickly. In addition to technical refinements, Insect Group predicts that the social engineering component will continue to evolve, leveraging new techniques to lure victims into executing malicious commands okay, well, we all know how annoyed I am with Microsoft. This entirely preventable, you know, detectable and preventable vulnerability is now three years old and its use has been accelerating rapidly to the point that this family of readily blocked exploits, as we learned a few weeks ago, now accounts for more than half of all security breaches.

A (95:59)

Just one.

B (96:01)

One technique.

A (96:03)

Holy.

B (96:03)

More than half is how effective it is. It is that effective. Exactly. Yeah. Everybody is going to fall for it unless they have some savvy. And. And it's like, wait a minute, why am I to confirm my. That I'm not a. You know, to confirm that I'm human. Why am I opening the Windows run and pasting this string into and then hitting enter?

A (96:28)

So bad.

B (96:29)

But again, most people are just script followers. I mean, most Windows users don't really know how Windows works, right? I mean, I hear Paul saying the same thing. So by comparison, our listener Jeff Adamson sent a note Friday with a link to a story over at apple.gadget hacks.com with the headline Mac OS 26.4 adds terminal paste Prompt to Block Paste Jacking.

A (97:02)

Do you think it's specifically aimed at clickjack?

B (97:05)

Yes, it is. It is exactly aimed at it. And so they called it packet jacking they wrote is it? Well, packet jacking is what is this that the term used in the headline. That's another name for click fix. Whenever a Mac OS user of Terminal attempts to paste a suspicious string into Terminal, an intercept dialog will be displayed to Cap to caution the user about the possible implications of what they're attempting to do. The dialog reads possible malware paste blocked and it says your Mac has not been harmed. Scammers often encourage pasting text into Terminal to try and harm your Mac or compromise your privacy. These instructions are are commonly offered via websites, chat agents, apps, files or a phone call. And then you've got two options. Don't paste is what's highlighted and recommended or paste anyway so that's you know, a nice like stop sign comes up and says whoa, no, don't just follow these instructions. Let's you know, double, you know, think about this for a second. So you know, I don't suppose that Windows 10 users who still compose one quarter of the Windows desktop population will ever see Windows behavior change, right? Microsoft has moved on. But it would sure be nice if Windows 11 users could have this simple exploit prevented by Microsoft caring, which is all it takes a little bit of care from Microsoft as Apple has just demonstrated they do because this is so easy to fix. I also wanted to highlight the tips near the end of the recorded future article that talked about available mitigations for this under Windows. The mitigations of disabling the Windows Run dialog box via group policy objects and implementing PowerShell constrained language mode. You know that won't help the general Windows population because you know they're just using Windows at home. But within any enterprise I would jump on both of those immediately. You know, unless an enterprise IT staff know that the Windows Run dialog box is needed and I'm not sure why it would be disable it. You could the good news is you could turn it off for all of your Windows users inside an enterprise and immediately prevent this most easy solution. So and then also constrain what you can do with PowerShell so that it's basically neutered. I mean the what what we see here the problem is that over time, just like has happened with our iPhones, Windows has gotten incredibly complicated. I mean it always it still has everything it ever had and they just keep adding more stuff and most users just want to run an app to you know, open Word or open email or run you know, being they don't want need all this other crap and don't they don't know what it is.

A (100:42)

Right.

B (100:42)

And it is all dangerous. I don't know. Leo. Meanwhile, Reddit has been detecting a growing prevalence of AI posting bots on their site and may need to resort to various proof of humanity measures moving forward. And Reddit users are not happy. PC Mag provided the details under their headline Reddit could soon face required face ID to prove you're not a bot, they wrote. Reddit, like practically every other social media platform, has been struggling as of late with a deluge of bots and AI generated content. In a study from last year, roughly 15% of posts on the platform were found to be AI generated. Okay, so that's more frequent than one out of every seven Reddit posts they wrote. Now it may soon start experimenting with asking users for biometric data like face ID or touch ID or other forms of pass key technology to stem the tide of bots. In an interview with the TBPN podcast first spotted by Engadget, Reddit's CEO Steve Huffman said this tech is the most lightweight way. That's his quote. To ensure all users are human, Huffman indicated the platform may use decentralized third party information providers. Oh boy. To verify users personal details. We've recently been talking about all of the uses to which residential proxies could be put. Bouncing AI bot traffic through such residential proxies makes detecting and blocking them based upon IP address impossible. You just look like any random user like spread around the globe. So yes, some sort of logon time verification is needed. But we all know the potential downside of using any third party identity verification system. PC Mag continues writing. Steve Huffman told the podcast hosts, part of the promise to users is we don't want to know your name, but we do need to know that you're a person in 2026, they write. Bots are an existential risk to online platforms. Content aggregator Dig, which was in beta ahead of its comeback, was recently forced to pause operations and lay off staff in response to the horde of bots on its platform. Meanwhile, the ability of bots to influence the discourse on Reddit has already been demonstrated. In April of 2025, researchers from the University of Zurich secretly deployed AI powered bots to influence debate in a subreddit called Change My View. With bots pretending to be a rape victim, a black man who was opposed to the Black Lives Matter movement, and someone who, quote, works at a domestic violence shelter, unquote. Reddit founder Alexis Ohanian said his website using face ID was not something that he had on his bingo Card, but argued that something has got to be done about all the fake botted content in a recent.

A (104:42)

I don't know when that interview was, but Alexis Ohanian and Kevin Rose recreated Dig.

B (104:49)

Yeah.

A (104:49)

And had to shut it down last week.

B (104:52)

Yep.

A (104:53)

Because of the bots. Oh my God. It's a nightmare out there.

B (105:00)

It really, really is. And, and Leo, when you add AI to the mix and, and, and, and hundreds of thousands of residential proxies that, that there, that the AI bots are able to bounce their traffic through, you cannot detect them.

A (105:15)

Yeah.

B (105:16)

I mean, we have an undetectable bot problem. Yeah. So many Reddit users have already expressed grievances with the move, with one user saying, tell me you want to kill Reddit without telling me. Meaning this kills Reddit if you start requiring people to de. Anonymize themselves. Yeah. So they, the article finishes saying Reddit would not be the first anonymous platform to start requesting users providing biometric data to prove who they are. For example, Discord earlier this year started to demand that some users provide face scans so its AI tool could determine if they were over 18 as part of efforts to keep miners off the platform. And as we know, it wasn't Discord's AI tool. They farmed it out and those people got hacked and 70,000 some, you know, personal, private information got loose. So, I mean, Leo, there's no solution.

A (106:23)

I mean, yeah, I'm sympathetic. I don't know what these guys are going to do. I mean, I think there's a lot of, when I'm on Reddit, half the time I see a post, there's somebody will say, that's AI, Stop using AI, you're using AI. And I don't know if it's obvious that it's AI or not. If you use bullet points in a post, AI, if you use certain words, AI, and I don't know if that's true or not.

B (106:47)

I don't know how you know, and it may once have been, but AI is a moving target. I mean, if, if, if, if, if, if it's doing something that is getting it called out as AI, it's going to change its behavior.

A (107:02)

Right. And I, I use bullet points and EM dashes and occasionally I'll use the word delve. That doesn't mean I'm AI. So, I mean, the problem is as AI gets better and better, it looks more and more like average content. That's the whole thing we have.

B (107:18)

This is a problem that has no solution.

A (107:20)

Yeah, it's an awful solution.

B (107:21)

And I don't Say that often. I mean, I spent seven years dividing, devising a solution for online identity authentication, because I thought there was one. You know, squirrel was that. But I don't see a solution here. I do not see a solution.

A (107:36)

And you're pretty ingenious.

B (107:38)

And that's my point is I, I'd be like saying, know, we could do this or that. No, I don't see a solution.

A (107:44)

Somebody fed the Declaration of independence to an AI detector and it said, well, about 93% chance that's AI written.

B (107:52)

So I saw that. Now, wait, wasn't that 1776? And I don't think that we really.

A (107:58)

We didn't have AI back then, but that Thomas Jefferson. I know. Actually, they said it was 98%. 98% AI generated, that it would be.

B (108:07)

Oh, yeah.

A (108:08)

This is the problem is that these AI detectors aren't really any good. You know, that's. They don't. We can't detect AI. And I think a lot of people assume that something's AI when it's not on Reddit. I mean, how do you know it's one in seven? It could be one in two, or it could be one in a thousand. It's just. You don't know. And I think it's a way too draconian to say, okay, well, from now on, everybody has to give us a driver's license before they post. That's. That will kill Reddit. A lot of what Reddit's all about is anonymity. Not for any nefarious purpose.

B (108:44)

No, it's just that's what people want on the Internet. We know that they want to be able to say what they want to say without being held personally responsible.

A (108:53)

I'll give you a completely innocuous example. I hope I'm not. I think she said this on the show. Paris Martineau is a fan of reality TV shows, and she moderates a reality TV show subreddit, but she doesn't want that to be in her real name. That's a guilty secret. She should be able to do that privately without revealing that, you know, I'm she. You know, I should be able to, you know, say that I like, you know, leather boots without having to admit it in public. Wait a minute. I mean, I didn't mean to say that. That was a mistake. Do you want to take a break right now, Steve?

B (109:31)

Yep. And then we're going to look at Light LLM and what happened last week.

A (109:37)

Oh, I can't wait to hear about

B (109:38)

this bullet we dodged.

A (109:40)

Oh, so still two breaks to come. Steve. So at some point you might want to pause in the middle of that.

B (109:44)

Yep, I'm going to.

A (109:45)

Our show today is brought to you by Meter. They were at rsac. It was. I didn't get a chance to interview them and I was really looking forward to seeing all their gear. They make network gear. That is sweet. Meter was founded by a couple of network engineers who feel your pain. If you're a network engineer in a business and you're trying to get that Internet to work and people are yelling at you and hounding you and you know, and you know it's a challenging environment and they know it better than anyone. They realize the solution is for us to control the whole stack. This is what Apple did to their great benefit was no, we're going to build the whole thing. Meet. That's what Meteor does. It is a company building better networks and building them from scratch. If you're a network engineer, I don't have to tell you the headaches, the legacy providers, the inflexible pricing and of course you never have enough money. IT resource constraints stretch you thin. You've got complex deployment across fragile and fragmented tools. You know your mission. You network engineer your mission critical to the business. But you're forced to work with infrastructure that just wasn't built for today's demands. They thought, you know, a T1's all anyone should ever need. That's why businesses are switching to Meter because it's the modern solution designed to solve your pain points. Meter delivers full stack networking infrastructure. Wired, wireless or cellular doesn't matter. It works with all three. It's built for performance, it's built for scalability, it's built for you. Meter does it all. They design the hardware, they write the firmware, they build the software, they manage deployments from beginning to end. They even provide support afterwards. So you're never on your own. And there's always one number to call, which is really great. Meter offers everything. They'll do ISP procurement for you, security, routing, switching, wireless, firewall, cellular. They'll help you with power. That's critical too, right? DNS, they'll help you secure your DNS, VPN, SD WANS and multi site workflows. Actually, that's. I was talking to Meter, that's a huge pain point and it happens all the time. A company acquires another company or maybe get some warehouses that were built out by somebody else and now you've got to integrate that network into your network. And it's 40,000 square feet and the wireless doesn't work in all the corners and it doesn't work with your network and oh my gosh. But there is a solution. Meter. Meter's single integrated networking stack scales and they are in everything, the most challenging environments. Major hospitals. Hospitals are a terrible place for WI fi, right? Branch offices, warehouses, those giant warehouses, large campuses, even data centers. In fact, speaking of Reddit, that's who does Reddit's data centers. That's a pretty good recommendation. Here's another one. The assistant director of technology for Webb School of Knoxville. This is a direct quote. He said we had more than 20 games on our campus going on at the same time between our two facilities. Each game was streamed via wired and wireless connections and the event went off without a hitch. We could never have done this before Meter redesigned our network. Doesn't that sound like heaven? With Meter, you get a single partner for all your connectivity needs, from first site survey to ongoing support. Without the complexity of managing multiple providers or tools, you'll lose a lot less here. Meter's integrated networking stack is designed to take the burden off your IT team and give you deep control and visibility, reimagining what it means for businesses to get and stay online. Meter's built for the bandwidth demands of today and tomorrow. And we are in a very fast changing world and you need a partner like Meter. We thank Meter so much for partnering with us and we invite you to go to meter.com securitynow book a demo. M E T E R.com security now book that demo. Be glad you did. And now back to Steve.

B (113:58)

Okay, we're going to look at Light LLM and we will take our last break here before we finish this. So, okay, so let's start by answering the question what is Light LLM and why would we want was backed by initially by Y Combinator and the Light LLM page over at Y Combinator describes their project. They said Light LLM is an open source LLM gateway with 18k plus stars on GitHub. Now that's over 41,000 and 300. So yes, very popular. And they wrote trusted by companies like Rocket Money, Samsara, Lemonade and Adobe. Light LLM provides an Open source Python SDK and Python fast API server that allows calling 100 plus more than 100 LLM APIs. Bedrock Azure, OpenAI, Vertex AI Cohere, Anthropic and on and on in the OpenAI format. They said we've raised a 1.6 million seed round from Y Combinator, Gravity Fund and Pioneer Fund over at GitHub. The about paragraph for Light LLM says Python SDK proxy server parens AI gateway to call more than 100 LLM APIs in OpenAI or native format with cost tracking, guardrails, load balancing and logging. Then they say they enumerate Some Bedrock Azure, OpenAI, Vertex AI Cohere, Anthropic, SageMaker Hugging Face, VLM, Nvidia NIM okay, so the Light LLM site itself largely echoes this and highlights a couple testimonials. It quotes David Lean, a Netflix staff software engineer who says of Light LLM has let my team provide the latest LLM models to our users, usually within a day of them being released. Without Light LLM this would be hours of work. Each time a new model is announced. It means we don't have to transform inputs and outputs across providers and has saved us months of work. And Mark Holt Nuck, a principal architect of generative AI platforms over at Lemonade, says our experience with Light LLM and Langfuse at Lemonade has been outstanding. Light LLM streamlines the complexities of managing multiple LLM models okay, so I think everybody gets the idea right with the general chaos that currently reigns across the AI domain with new models appearing daily, pricing varying, and today's top dog, latest and greatest, you know, being tomorrow's, you're not still using that, are you? At the same time, everyone is in a frenzied, frothing and frantic rush to mark out and claim some territory in whatever this is all going to eventually wind up being. Essentially, you know, with LLMs being the hottest fungible, commercially tantalizing mystery that humankind has ever created, the last thing anyone wants to be is locked in to yesterday's less glamorous, you know, now it's underperforming or it's overpriced model. So to their credit, the guys at LL at Light LLM who, the guys who created this idea, they were very quick to see a need and an opportunity. They created what is essentially a universal large language model API translator that allows front end developers to code to a single fixed model, the one originally developed by OpenAI by default. And the Light LLM proxy shim would allow any other model to be swapped in behind it on the back end without needing to recode any of the front end. The famous Code Academy folks have a page titled what is Light LLM and How to use it where they write Light LLM is an open source Python library that acts as a unified interface for large language models. It allows us to connect with multiple AI providers such as OpenAI Anthropic, Google, Gemini, Mistral, Cohere, and even local models through Ollama, all using a single standardized API. Working with multiple LLMs results in juggling different LLMs results in juggling different API formats, authentication methods and SDKs.

A (119:19)

Is that the ice cream truck? Is that Laurie?

B (119:24)

That that is my lovely wife who has forgotten that I'm in the middle of a podcast right now, and she just put her hands over hi Laurie. Oh, she hung up. So anyways, they said this usually requires code rewrites, new dependencies, and manual adjustments. Light LLM resolves this by acting as a bridge between the application and major LLM providers, letting you manage requests, responses and errors consistently. So, you know, basically it's a big, you know, switching hub that decouples what you're doing on the application end using a large language model from whichever large language model you want to use. So it's kind of a no brainer, right? Like, why would you not want to use this? They've been working on it since the winter of 2023 and good boy. As you might imagine, the challenge I don't want the job of supporting an exploding number of individual, varying and evolving AI LLMs, each with their own API requires a great deal of never ending work. They're hiring, by the way, but that's the path these guys have taken, and until recently things have been pretty smooth sailing. So what happened last week? Okay, let's start with TechCrunch's overview and then we'll dig a bit deeper. TechCrunch wrote this week some really atrocious malware was discovered in an open source project developed by Y Combinator graduate Light LLM. Light LLM gives developers easy access to hundreds of AI models, blah blah blah. It's a breakout hit, writes TechCrunch. Downloaded as often as 3.4 million times per day, according to Sync. That's, you know, Synk, we've talked about them before. One of the many security researchers monitoring the incident, the the project had 40,000 stars on GitHub and thousands of forks. The malware was discovered, documented and disclosed by research scientist Callum McMahon of Future Security. I'm sorry, Future Search, a company offering AI agents for web research. The malware slipped in through a dependency, meaning other open source software that Light LLM itself relied upon. It then stole the login credentials of everything it touched with those credentials. And this is as Leo, you know, your point is we don't yet really know how much damage was done. It said that they TechCrunch said with those credentials, the malware gained access to more open source packages and accounts to harvest more credentials and so on. The malware caused McMahon's machine to shut down after he downloaded Light LLM. That event prompted him to investigate and discover it. Ironically, a bug in the malware caused his machine to blow up because that bit of nasty code was so sloppily designed, he as well as famed AI researcher Andre Karpathy or Carpathy included, concluded it must have been vibe coded. As you said Leo, the Light LLM developers have been working non stop this week to rectify the situation and the good news is that it was caught relatively fast, likely within hours. Okay, so last Tuesday, as mentioned by TechCrunch, this developer Callum McMahon with future search explained what he had discovered and how at the end of a separate but related posting, Callum explained that their use explained their use of Light LLM. Knowing what we now know about Light LLM and it's exactly what we would expect, he said, we use Light LLM to let us use models from a wide range of providers, letting us strike the best balance between quality, speed and cost. You know, in other words, the, you know, current LLMs are just fungible. So here's what happened. Callum's posting was titled no Prompt Injection Required where he's, you know, kind of tongue in cheek, he wrote. Earlier today I got taken out by malware on my local machine. After identifying the malicious payload, I reported it directly to the PI PI security team who credited our report and quarantined the package as well as to the Light LLM maintainers, I wrote a blog post that became the primary source cited by the Register, Hacker News Sync and others. The play by play is pretty interesting when looking back. It started with my machine stuttering hard, something that really shouldn't be happening on a 48 gig Mac. H top took tens of seconds to load, the CPU was pegged at 100%. All signs I'll be working on my local environment for a time, meaning things got messed up, he said. After failing to software reset my Mac, I took a final picture for evidence and then hard reset it.

A (125:29)

Wow.

B (125:31)

So he said. So far the clues had been cursor asking me for network access right as the machine was freezing up. The process list showed a bunch of Python commands all execcing a base 64 encoded string and yeah, and 11,000 processes running. He said I set you limit to 16K for machine learning workloads. So this was partly expected. In other words, he, he has his. He has a system configured to allow you know, 16,000 different processes, but he had 11,000 running for no apparent reason at that moment, he said on restart, I. I asked Claude to investigate after going down a rabbit hole on the wrong shutdown due to my force shutdown. Meaning that Claude started to look at something different because he had done a force shutdown.

A (126:38)

There were two.

B (126:38)

Yeah, yes, exactly. Not generating the expected logs, he said. I presented it with the start of the base 64 string, just enough to decode import sub process, import temp file.

A (126:55)

Oh boy.

B (126:56)

Before the remaining text went off screen. Claude then became adamant that this was its own doing. The standard Claude code way of running bash commands to escape control characters. Despite the many bugs I've encountered with the C with that cli, I wasn't buying this explanation. Further Claude code probing. Further Claude code probing eventually found the offending cause, the rogue package buried within my UV cache, Something I would have never found on my own. So he's crediting Claude with helping him, you know, forensically diagnose what it is that happened to him. He said two minutes later, it had reproduced the entire malware trigger within a local container to double check its claims this time. And a further two minutes later, I had a blog posted on our site detailing the specifics of the malware to share as a warning to others. Claude even proactively suggested the emails of both the PYPI security team, who were quick to quarantine the package, as well as the light LLM maintainers.

A (128:15)

By the way, that's pypi. I just want to make that there is something called pypi. It's.

B (128:18)

Oh, okay. Yes, pypi. Good, thank you.

A (128:20)

That's the library.

B (128:21)

Yeah, he says. So what actually happened? Okay, so, okay, I'll just interrupt you to note that McCollum is about to start reference. Start referring to MCPS, which is the Model Context Protocol. The MCP site, the Model Context Protocol site explains it's an open source standard for connecting AI applications to external systems. Using mcp, AI applications like CLAUDE or Chat GPT can connect to data sources, local files, databases, tools like search engines and calculators and workflows, you know, like using specialized prompts which enable them to access key information and perform tasks. And, and they said, think of MCP like a USB C port for AI applications. Again, another standardization which is so very powerful. They said, just as USBC provides a standardized way to connect electronic devices, MCP provides a standardized way to connect AI applications to external systems. Okay, so armed with only that much, understanding what column explains can make sense and it's not necessary for us to deeply understand it. More Column says the root cause was mundane. MCP clients like cursor, claude code and others are using local MCP servers via some executor tool such as UVX for Python or or NPX for node Js. When you run an MCP via uvx, it automatically downloads dependencies of that MCP and runs the given command. Unfortunately, our mostly deprecated MCP server had an unpinned dependency of a light LLM package. When my cursor IDE tried to auto load the MCP server, UVX stepped in to download that latest Light LLM version again. Because it was unpinned, it wasn't saying I want this version, it was saying give me the latest. Which he writes, was malware uploaded to pypi by hackers just minutes earlier. Minutes earlier, the seamless ergonomics of UVX meant I became one of the lucky beta testers of the freshly released malware.

A (131:07)

Congratulations.

B (131:09)

Okay, so in other words, exactly the sort of textbook, classic supply chain attack we've discussed so many times in the past. In this case, it wasn't a dependency, such as a library that would be downloaded, compiled and linked into a result like the log 4j was. It was a working piece of tooling the light LLM package. And by being unpinned, Collins dependent packages were not saying we want this exact version. So the default behavior was to grab a copy of the current one. And in this case that latest and greatest had been deliberately compromised by bad guys. Column continues saying this is great too. A sloppy likely vibe coded mistake in the actual malware implementation led it to turn into a what he called a fork bomb. It installs a file called light llmore init pth into the site packages directory. Python automatically executes PTH files on every interpreter startup. The first thing it does is that child python process also triggers light llmore init since it's still in site packages, which spawns another child, which spawns another, which spawns another, which spawns another. Thus leading to the only sign I would have noticed that the malware was running. That's where those 11,000 instances came. And the reason is 48 gig Mac crashed is it it got into an infinite loop of spawning these light these Light LLM underscore init pth processes and the system crashed. As Andre Karpathy pointed out, on X, without this error it would have gone unnoticed for much, much longer. The malware's own poor quality is what made it visible and discoverable. So we have to ask ourselves, what if the. If the author of this malware had not made that mistake? So what's the takeaway? We've. We've since. So he writes, we've since moved to a remote M. MCP architecture. The server doesn't run on the user's machine anymore, which collapses this entire attack surface. The no local code execution means a poisoned dependency, can't touch your file system or request network access from your os. And it's much more localized to one audited version that we have under control. However, sometimes you can't reliably do that. There are advantages and disadvantages of local versus remote MCP servers. And in that case, you still need to do what you can to minimize. To mitigate this risk. If he finishes saying, I don't think there's anything new to say here, it's the same thing we've been doing everywhere else to keep us safe. Reduce the attack surface, pin your dependencies, or even better, use lock files with checksums. Audit packages before upgrading. And when Claude tells you everything is fine, maybe ask it again. He said, we analyzed the blast radius of this attack. 47, 000 downloads in 46 minutes, 88% of dependent packages unprotected. So, Leo, let's take our final break, and then we will continue looking at a little more of the forensics of this.

A (135:12)

Yeah.

B (135:13)

Mess.

A (135:13)

Wow, this is amazing. You know, I saw Andre Kapathi's tweet almost instantly, thank goodness. And immediately went to Claude and said, hey, is there any Light LLM anywhere in my system? And it said, no. I mean, you have. The name is in your package list, but you never downloaded it, so you're okay. I know. It's terrifying. It was terrifying. You're watching security now, that there is Steve Gibson. And we're so glad you're here. If you're not yet a club member and you want to support this show, it's really important that you go right now to TWiT TV Club TWiT and sign up. We. We're kind of in a fiscal crisis right now. We're a little light on ads, I think, to some degree, due to the. This always happens when the economy tanks, when there's big news going on like a war, and we notice that advertising gets a little skittish, numbers go down. But there is a way you can help us get through this. This happened last time. This happened to Covid, but during the pandemic. And it was Lisa's idea to start the club to kind of smooth over that little bump. And it did. And we're very grateful to all our club members. Well, we need you again if you're not yet a club member. TWiT TV Club TWiT. Fully a third of our operating expenses are now paid by club members, thank goodness. If not, we'd have to cut back. We'd have to lay people off. Cut back on shows. We don't want to do that. And we give you, I think, some fair value for your $10 a month. You get ad free versions of all the shows. I don't need to give you ads or even plugs like this because you know, you're already supporting us. You also get access to the great Club Twit Discord. A really fun place to hang out with some really fun cool people and listen to some extremely interesting special programs that we do in the club. Micah's Crafting Corner, for example. We do the AI user group that's coming up actually April 10th. It's the second Friday of. Or am I sorry, Is that right? Yeah, the second Friday of every. Every month. Used to be the first Friday. Maybe we moved it. Oh, we did. I'm gonna. Maybe that's because I'm out of town or something. Anyway, photo time with Chris Marquardt. We have the Jet Set with Johnny Jett Stacy's Book Club. All these special programs we do as a way of thanking you. We do it because we love doing it. It's for club members and we invite you to become one of that elect group of people. If you're not yet a member of Club Twit, we'd love to have you. Twit TV Club Twit. And you will be welcomed to the club by all of our fabulous people. Many of our hosts are in the club and Mizuki Driver says the main reason I subscribe is the AI group. That's great. Yeah, we really enjoy doing that. It's a lot of fun. So thank you to our Club Twit members for making security now possible. And if you're not a member and you really appreciate this show, it's a great way to show that you do. Twit TV Club Twit. If you've been thinking about it this, there could not be a better time to do it than right now. Twit TV Club Twit. Now let's get back to Steve Gibson and a further dissection. By the way, I really appreciated Column's write up. It was a very good write up. He did it very quickly. Got the word out to the community 46 minutes after he discovered it was taken down. Which was thank goodness, because that thing.

B (138:38)

Yeah, and I also thought he noted that Claude wrote the email for him. So I realized that speed of action is one of the things that we get from AI also.

A (138:50)

Oh, absolutely. It's a lever, it's a tool. And used properly, it really adds to the power of what you can do. It also adds to the power of what bad guys can do. And that's the, that's the double edged sword of all this. All right.

B (139:04)

Okay, so let's, let's take a closer look at the malware itself. For that we turn to Trend Micro who titled their coverage of this your AI gateway was a backdoor inside the Light LLM supply chain compromise, which they tease with the follow on Team PCP or those are the bad guys. Team PCP orchestrated one of the most sophisticated multi ecosystem supply chain campaigns publicly documented to date. It cascaded through developer tooling to compromise Light LLM and exposed how AI proxy services that concentrate API keys and cloud credentials become high value collateral when supply chain attacks compromise upstream dependencies. So they gave they they led their coverage with three key takeaways. They said Light LLM, a widely used AI proxy package, was compromised on PyPi with two of its versions containing malicious code. These Light LLM versions deployed a three stage payload credential harvesting kubernetes, lateral movement and persistent backdoor for remote code execution. Sensitive data from cloud platforms, SSH keys and kubernetes clusters were targeted and encrypted before exfiltration. Second point Light LLM incident was part the Light LLM incident was part of a broader campaign by the criminal group Team pcp, which has demonstrated deep understanding of Python execution models, adapting their attack rapidly for stealth and persistence, in this case a little too rapidly. Team PCP has pre and third Team PCP has previously compromised security tools like Trivi and Checkmarks kics to steal credentials and propagate malicious payloads. Attackers leveraged compromised CICD pipelines and security scanners to escalate privileges and publish trojanized packages. So here's what more we learned from Trend Micro. They explain on March 24th, production systems running Light ll. And that's exactly last week. Last Tuesday, production systems running Light LLM started dying and just as happened to column and engineers saw runaway processes CPU pegged at 100%, containers killed by out of memory errors. The stack traces pointed to the Light LLM package, a popular python package downloaded 3.4 million times per day that serves as a unified gateway to multiple LLM providers was compromised on PyPI. Upon analysis, it was found that versions 1.82.7 and 1.828contained malicious code that stole cloud credentials, SSH keys and Kubernetes secrets. The malicious versions deployed a three stage payload, a credential harvester targeting over 50 categories of secrets, a Kubernetes lateral movement toolkit capable of compromising entire clusters, and a persistent backdoor providing ongoing remote code execution. And just to pause, just think of if this had not been caught, 3.4 million instances downloaded per day would have been infected with this nasty malware. I mean, this is bad malware, they wrote. This compromise was not an isolated event. It was the latest link in a cascading supply chain campaign by a threat actor tracked as Team pcp. This post traces the cascade from its origin, the open source vulnerability scanner Trivi, and then presents our technical analysis of the Light LLM payload. Team PCP orchestrated one of the most sophisticated multi ecosystem supply chain campaigns publicly documented to date. The campaign spanned PyPi, npm, Docker Hub, GitHub Actions, and OpenVSX in a single coordinated operation. While it did not specifically target AI infrastructure, the campaign's cascade through the developer toolkit caught Light LLM within its blast radius and exposed how AI proxy services that concentrate AI keys and cloud credentials become high value collateral when supply chain attacks compromise upstream dependencies. Key sections of this blog and I'm not going to share all the details because we don't need that, but they wrote Key sections of this blog entry include a technical analysis of the malicious multistage payload and its impact on AI environments, a timeline and operational review of Team PCP's campaign, and a deep dive into how security tools themselves became attack vectors. Trend AI Research's analysis into the Light LLM compromise also covers attribution challenges, gaps in public threat intelligence, and actionable defense strategies. Detailed indicators of compromise and miter attack mappings have been provided, but for an even more comprehensive understanding of the security incident, reach out to Trend AI Research for the full technical report. Okay, so that's much deeper than we need to die for all that. But what they uncovered and reported about the root source of the vulnerability was interesting under their how your security scanner can become the attack vector, they wrote. Trivi is an open source vulnerability scanner developed by Aqua Security. It scans container images, file systems and infrastructure as code for security vulnerabilities, and it is integrated into the CICD pipelines of thousands of software projects via the trivia action GitHub Action Security scanners now, so, so, okay, the point is, Trivy was the the root of this compromise. So they explain. Security scanners are uniquely dangerous supply chain targets by design. They require broad read access and into the environments they scan, including environment variables, configuration files and runner memory. When a scanner is compromised, it becomes a credential harvesting platform with legitimate access to secrets. In late February 2026, an actor operating under the handle megagame10418 exploited a misconfigured pull request target workflow in Trivi's CI, their continuous integration to exfiltrate the Aquabot personal access token. Aqua Security disclosed the incident on March 1 and initiated credential rotation. However, according to Aqua's own post security post incident analysis, the rotation wasn't atomic and attackers may have been privy to refreshed tokens. Okay, now that's an important point, so I want to pause here to explain that. We've talked about the concept of so called atomic operations. The name obviously comes from the word atomic, and it's meant to imply that it cannot be further divided into smaller pieces. Molecules of course being collections of atoms, are divisible, not so the atom. So to clearly illustrate the occasional need for atomic operations, you know, say, say that a computer program needed to count up to a certain number, but no more. If the program was single threaded, meaning that it only ever had one thing going on inside itself at once, that would be easy to do. The program would read the value of the thing that's being counted. If it was already at its upper count limit, then the program. I'm, I'm sorry, if, if it was not already at its upper count limit, then the program would increment it to its next value. If it was already at the upper limit, it would just leave it there. But now imagine what happens if there's a lot more going on in the program with multiple simultaneous execution threads running around. Perhaps because the CPU has multiple cores or the application itself has many threads running in this environment, there's a chance that both CPUs would wish to increase the count at the same instant. So they would both be executing the exact same code at the same time. They would both read the counter's value, they would both see that it had not yet reached its limit, so they would both increment it, thus increasing its initial value by 2. But if the counter had been previously sitting at 1 below its limit, that increase by 2 would move it up past the limit. A very subtle bug. You know, these sorts of so called race conditions have historically been the source of of, you know, many hard to find problems. You know, they're the, they're the sort that never happen while you're watching it, while you're developing the code, but they somehow always occur when you're on stage demonstrating what it is that you've got. So in our example that test the value and maybe increment it, that would need to be made atomic so that the testing and the incrementing could not be broken apart and performed separately, even by different processors that are executing at the same time. That operation could only be done by one processor or execution thread at a time, so the other one, the other processor trying to do it would be briefly stalled until the first processor had finished with that atomic operation. And at that point the second processor could could proceed. And if it saw that the variable was already at its limit, it would not also increment it. Okay, so we left off with Trend Mic Trend Micro noting Aqua Security disclosed the incident on March 1 and initiated credential rotation. However, according to Aqua's own post incident analysis, the rotation was not atomic and attackers may have been privy to refreshed tokens. In other words, somebody might have still been logged in when a token was updated and then they would have grabbed that Trend Micro then continues the gap the gap that is this race condition gap that that gap proved decisive on March 19th at at 17:43 UTC, Team PCP used still valid credentials to force push 76 of 77 release tags in the privy action repository and all 7 tags in setup Privy, whatever those details mean. But it meant two malicious commits containing a multistage credential stealer. The malicious code scraped the runner worker process memory for secrets, harvested cloud credentials and SSH keys from the file system, encrypted the bundle using AES256CBC with an RSA4096 public key, and exfiltrated it to a typo squatted domain scan aquasecurity.org According to analysis by CrowdStrike, the legitimate trivy scan still ran afterward, producing normal output, leaving no visible indication of compromise. Okay, in other words, because Aqua Security was for whatever reason, logistically unable to rotate every single credential at once when no one was actively logged on, the bad guys were able to maintain their corrupting persistence. Trend Micro finished this portion of their write up by writing this is the meta attack. A security scanner the tool defenders rely on to catch supply chain compromise itself became the entry point for a supply chain compromise. The trivy compromise in GitHub Actions gave the attacker the keys to publish arbitrary versions of Light LLM to pypi. Everything that followed was exploitation of that initial foothold. And Light LLM was just a coincidental casualty of this. They said the lesson that the lesson is uncomfortable but critical. Your CICD security tooling has the same access as your deployment tooling. If it's compromised, everything downstream is exposed. And what we're now seeing is the bad guys have gotten sophisticated enough to take advantage of that. I mean it, it is truly terrifying. So what we see is that the enabling of this attack on Light LLM had nothing to do with AI per se. It's just its popularity that allowed it to would, that would have allowed it to explode at 3.4 million instances of compromise per day had they had the bad guys not made that crucial mistake that that crashed the machines that it tried, that it was trying to compromise. So after providing a fully detailed forensic analysis of this malware campaign, Trend Micro concluded with a summary and recommendations. They wrote. As AI machine language tooling proliferates across enterprise CICD pipelines, the attack surface expands with it the tools the developers install to interact with AI systems. Proxy gateways, model routers, experiment trackers and inference servers handle high value secrets by design, supply chain attacks against these tools inherit the trust and access of the AI infrastructure itself. So again, AI is not to blame here. It's really just a case of the more tools you're using, the more exposure there will be when any one of them might be compromised. Trend Micro continued saying the malicious payload analyzed in this report is a direct exploitation of the systemic secret management failures extensively documented in prior Trend AI research. As previously described, developers have adopted ENV files so profusely that they have forgotten their sensitivity, leaving them exposed. And threat actors are actively scanning for exactly those files. The harvester analyzed here operationalizes that attack surface at scale. It performs exhaustive file system walks targeting env, local ENV production and ENV staging files across up to six directory levels while simultaneously extracting AWS credentials, cloud provider tokens, kubernetes, service account secrets, CICD pipeline configurations and database connection strings. The same categories of secrets Trend AI research previously identified as most commonly stored in plain text inside dot ENV files. And they finish off by some well reasoned security recommendations. They said this case highlights the risk of building an entire ecosystem on top of fragile trust. The Light LLM hack is just the latest example of attackers exploiting the reliance on on open source repositories and poor secret hygiene. Security is not an afterthought. You can outsource entirely to a vulnerability scanner. So the apparently very highly skilled this team, pcp, these attackers appear to have just been in a bit of a hurry. This led them to deploy otherwise very potent and. And sophisticated malware that must have taken a lot of time to to generate, allowed them to deploy it containing a flaw that, that unfortunately for them, and thank God for us, immediately caused that malware to draw attention to itself.

A (158:12)

This is why you want to test before you push to production. Man, they should have known.

B (158:17)

Yep, they got bit by their own, you know, rush by. Yeah, by being in a race. And as a result, the infection was almost immediately spotted and stopped. Had the bad guys not made that mistake at a Download Rate of 3.4 million instances of the infected light LLM per day being used, you know, the damage that was all set up and engineered to occur likely would have and the resulting mess would have been far worse in the truest sense. As I said at the top of the show, we have dodged another bullet.

A (158:59)

Oh yeah.

B (158:59)

There can be no question that the entire industry has built an ecosystem upon which has be. It has become dependent, if you'll pardon the pun or double entendre, I guess, whose security guarantees are truly fragile. These are fragile guarantees. We're essentially hoping for the best because the goodies are just too enticing for us to resist. Or phrased another way, the cost to us today of deploying truly secure solutions prices them out of reach, rendering them impractical. So we knowingly and deliberately create dependencies upon sprawling packages over which we have no oversight or direct control. Well, all we can really do at this point is hope that our luck holds.

A (159:56)

It's not just the packages, it's also automation. I mean, they were. It sounds like it was a CICD issue. And by the way, this happened a couple of weeks ago. A GitHub CID CD issue with GitHub Actions. And I keep seeing this again and again. And so that's a case of. And I understand why CICD is incredibly useful. It's an automated way of delivering your building and delivering your software. But that's what it stands for. Continuous integration, continuous delivery, development, Development. But if you're automating to that degree and you're not paying attention, well, some

B (160:35)

real risk AI is bringing us another layer of automation.

A (160:39)

Right?

B (160:40)

I mean, it, it's, it's the, the, I mean, people are just stunned by what it does for them. Like they, like they, they, they don't even understand what the installation on their local system is. It's just like, you know, Claude will

A (160:56)

automatically push to GitHub. So all my repos are pushed to GitHub. And it was automatically building it. It was setting up GitHub Actions and building the software. I wasn't even, I didn't even know how to do that. It just did it for me. And so yes, we're kind of giving over a lot of our agency to systems, partly because it's so complicated these these days.

B (161:20)

So Drivey created a super complicated system

A (161:23)

which was a security tool.

B (161:26)

Scanner. Scanner. It was an open source scanner used by these systems to scan themselves for malware.

A (161:35)

So we're.

B (161:36)

It itself was compromised.

A (161:38)

It was compromised. And then it pushed a bad version of Light LLM because.

B (161:44)

Because Light LLM used it to scan for malware.

A (161:48)

Right. So in the GitHub actions, the Trivi keys were compromised. They rotated them as best they could, but they didn't get them all. Apparently bad guys. This PCP team got the key and then used that key to compromise Trivi to inject malware into Light LLM as part of the CICD process pipeline.

B (162:12)

Right.

A (162:13)

Wow, that's actually pretty sophisticated.

B (162:16)

Oh no. As trend as Trent said, these guys really know what they're doing. I mean this is a. You know, unfortunately the goodies are so big. I mean they know that, you know how many copies of stuff is being downloaded per day.

A (162:33)

This stuff exfiltrated tokens, SSH keys, crypto kubernetes keys. It basically took all the secrets on your system and sent them to the.

B (162:44)

Encrypted them and sent them off to a. To a spoof domain.

A (162:49)

I mean, imagine if this had gone on for a day or two the. The night. I mean, I'm surprised we haven't heard more pain from the 47,000 who installed it. And I understand now why they were in a hurry because they had a compromised key to Trivi. But they didn't know how long that key would stay good.

B (163:04)

Yeah.

A (163:04)

So they said, we got it, we gotta strike while the iron's hot. Quick, get some malware out there.

B (163:09)

I mean, and it literally must not have been tested because apparently immediately when you ran it, it crashed your system. And I think that explains why the 47,000 instances we haven't heard anything from.

A (163:21)

I mean, because everybody crashed, came out

B (163:23)

of the gate and just stumbled.

A (163:24)

Yeah, it didn't work. Yeah, because they rushed, they said, quick, we got, you know, we got, we got one minute to take advantage of this. Let's push something out. And they probably told Claude, write something real quick that will get on a system Encrypt the keys and send them to this address. Wow. Well, I'm glad you know, it's really good. Thank you. Columns write up was great, but I didn't understand the trivia part of it. So thank you for explaining that. Trend Micro Report this is why we listen every Tuesday to Security Now. I hope you'll tune in next Tuesday. If you want to share this show with your friends and family, there's many ways you can get it. I would suggest going to Steve's site. He has some unique versions ofsecurity now GRC.com of course, while you're there it's an opportunity to pick up spinrite, the world's best mass storage maintenance recovery and performance enhancing utility which everyone should have. If you have mass storage, you do, I presume. Unless you're committing everything to memory, I don't know, you need it. You should have spin, right? And he also has of course the brand new DNS Benchmark Pro. Brand new just came out all@grc.com There is the when you go to the There are a lot of other things on the site including a huge number of freebies that Steve just generously gives away like the very famous shields up to test your router security while you're there. The show is also there. He has two unique, three, four unique versions. All his versions are unique. A 16 kilobit audio version which is low quality admittedly, but small, easy to download for bandwidth constrained individuals. There's a 64 kilobit full version audio. There's also the Show Notes which he writes every week, puts a lot of effort into this leaves his family life on hold just for this. 20 pages of goodness. And the show notes are very complete, lots of links, pictures, information. You can get that@grc.com he also has the transcripts written by Elaine Ferris, an actual human being, and they're very good. Those take a few days, but after the show's out for a few days they'll be also@grc.com if you'd like to get the show notes emailed to you automatically, you can do that. Steve has a mailing list. If you go to grc.com email there's actually the real purpose of that page is to whitelist your email so you can send him comments, pictures of the week, things like that. But you can also click a box below it that says send me the show notes. There's another box below that send me announcements about new software which come out about once at an eon so you don't have to worry about getting too much email on that one. But you will get a weekly email if you sign up for the Show Notes newsletter. We have copies of the show at our website, Twit TV, Snapchat. There is a YouTube channel dedicated to the video. Yes, there's audio and video. We have audio and video on our website as well. Or subscribe in your favorite podcast client. Then you don't have to think about it. From now on it's automatic and I promise no malware embedded. I don't think we could if we tried. I don't think MP3s can contain. I don't know. I shouldn't say that. I won't. I won't make any promises I can't keep, but I think that that's pretty safe. You can get it automatically in your podcast client so you can listen the minute it's available. We stream this show when we do it live every Tuesday right after Mac break weekly. That's 1:30 Pacific, 4:30 Eastern 2030 UTC. You can watch live in the Club Twit Discord, but you can also watch on YouTube. Everybody's welcome to watch on YouTube, Twitch, X.com, facebook, LinkedIn and Kick Again. That is is 1:30 Pacific 4:30 Eastern 2030 UTC. Thank you Steve.

B (167:08)

Have a wonderful week my friend. We will talk in April.

A (167:13)

My goodness. Bye bye bye. Hey there, it's Leo Laporte, host of so many shows on the Twit network, thinking about advertising. In 2026, we host a network of the most trusted shows in tech, each featuring authentic post read ads delivered by Micah Sargent, my co host and of course me. Our listeners don't just hear our ads. They really believe in them. Because we've established a relationship with them. They trust us. According to Twit fans, they've purchased several items advertised on the Twit network because they trust our team's expertise in the latest technology. Technology. If Twit supports it, they know they can trust it. In fact, 88% of our audience has made a purchase because of a twit ad. Over 90% help make it and tech buying decisions at their companies. These are the people you want to talk to? Ask David Kuver. He's the senior strategist at ThreatLocker. David said Twitch hosts are some of the most respected voices in technology and cybersecurity and their audience reflects that same level of expertise and engagement. It's the engagement that really makes a difference to us. With every campaign you're going to get measurable results. You get presents on our show episode pages. In fact, we even have links right there in the RSS feed descriptions. Plus, our team will support you every step of the way. So if you're ready to reach the most influential audience in tech, email us PartnerWIT TV or head to TWiT TV Advertising. I'm looking forward to telling our qualified audience about your great product security now.