Security Now 936, Transcript

Please be advised this transcript is AI-generated and may not be word for word. Time codes refer to the approximate times in the ad-supported version of the show.

Leo Laporte (00:00:00):
It's time for Security Now Steve Gibson is here. He is going to talk about the Linux distro that's being bought by private equity. Oh no. We'll also talk about what's going on with those SanDisk and Western Digital SSDs and why you should not buy them, and then a fascinating case study of a problem Microsoft has. Maybe you've heard about it with setting server clocks to ridiculous values and maybe why it's happening. Steve does a deep dive. [00:00:30] That's fascinating. All that more coming up next on Security Now.

(00:00:46):
There's a security now with Steve Gibson. Episode 936 recorded Tuesday, August 22nd, 2023 when heuristics. This episode of Security Now is brought [00:01:00] to you by Pan Optica. Reduce the complexity of protecting your workloads and applications in a multi-cloud environment. Pan Optica provides comprehensive cloud workload protection integrated with a p i Security protect the entire application lifecycle. Learn more about Pan Optica at Pan Optica app and by Collide. Collide is a device trust solution for companies with Okta Collide ensures if a device isn't trusted and secure [00:01:30] it can't log onto your cloud apps. Visit collide.com/security now to book an on-demand demo today and by delete me, reclaim your privacy by removing personal data from online sources. Protect yourself and reduce the risk of fraud, spam, cybersecurity threats and more by going to join delete me.com/twit and using the code twit or 20% off. It's time for security now the show [00:02:00] we cover the latest news from the security ecosphere with this guy right here, Mr. Steve Gibson of g c.com. Hello Steve.

Steve Gibson (00:02:10):
Hello Leo. Great to be with you as we embark on year 19. Oh my goodness. Of this illustrious podcast and as we learned last week, there may be a year 20 and even a 21. I think that I was shedding a tear to myself [00:02:30] for your free time that we would probably not be together when Eunuchs time wrapped around 2038, huh? Yeah, I thought now I don't know. I'll be here. Maybe you will.

(00:02:45):
Good, I'm glad to hear it. That's exciting. Yes. Today's episode is titled When Heuristics Backfire Inspired by actually the Norwegian [00:03:00] engineer who brought this back to everyone's attention after seven years of pain and anguish by sending me a tweet to that effect. But anyway, of course we're going to get to that. We're going to answer some questions first, which Linux distro is selling itself to private equity capital and what could possibly go wrong with that plan? Will Android soon be talking to the sky? [00:03:30] What's up with the trouble Sand disk and Western Digital are in over their SSDs? Are children still being tracked on YouTube's made for kids channels? Has cryptocurrency become any safer? And what dangers are posed by the use of multi-party wallets is Fido two ready with post quantum crypto? What's the latest on H T T P S by default? And after looking at some feedback from our terrific listeners, [00:04:00] which will generate some additional commentary as opposed to one word.

(00:04:07):
Oh, that was a good idea. We're going to examine, we do have some of those though, but we're going to examine in nature of heuristic programming algorithms with a case study in what can go wrong, what could possibly, you got to say, possibly, and by the way, I'm just doing a little research on Wolf from alpha of how many weeks [00:04:30] from today to the end of the Unix epoch, and I think he got it wrong. I think Wolf of Malfa thinks that the end of the Unix epoch is 53 years from now, which is that right? No, you are exactly right. It's 2038. Yeah, yeah, yeah. So let me just, weeks are, what's the date? Is it December 31st, 2038? You could add 4.3 billion to January 1st, 1970. [00:05:00] Well, let's say it's roughly 801 weeks, so we will be at episode 1,737 piece of cake. Easy. We're already halfway there. Yeah, think of it that way. We're halfway there. We've already passed. We're over the hump.

(00:05:24):
So yeah, starting counting 15 years, four months, nine days. And [00:05:30] you know what? If you decided at any point, maybe even today that that would be the last episode is at the end of the Unex epoch. We'll stop honey. I have a U S B cord. All I do is pull it and that's it. I I'm gone. The ripcord. It's gone. He's dead. He's history. Well anyway, we will endeavor to make it another 15 years. That would be good. That would be good. Yeah. I think as our [00:06:00] illustrious William Shatner said, don't die. Just don't die. It's not a problem. That's both of our jobs now for the next 15 years. Don't die. Do not die. Our show today brought to you by Oh, this is a good sponsor. Pan Optica. In the rapidly evolving landscape of cloud security, Cisco Pan Optica is at the forefront revolutionizing the way you manage your microservices and workloads.

(00:06:24):
With a unified and simplified approach managing the security of cloud native applications over [00:06:30] the entire life cycle. Pan optica simplifies, cloud native security eliminates all those multiple tools and vendors and complexity by meticulously evaluating your cloud native apps for security threats and vulnerabilities. Pan optica, make sure those applications are secure and resilient. Pan optica detect security vulnerabilities on the go and development in testing and production environments, including any exploits in open source software. [00:07:00] It also protects against known vulnerabilities in container images and configuration drift all while providing runtime policy-based remediation as Cisco's comprehensive cloud application security solution. Pan Optica ensures seamless scalability across clusters and multi-cloud environments. It offers a unified view through a simplified dashboard experience, reducing operational complexity and fostering collaboration among developers, SREs and SecOps [00:07:30] teams Take charge of your cloud security and address security issues across your entire application. Stack faster with precision.

(00:07:38):
Embrace Pan Optica as your trusted partner in securing APIs, serverless functions, containers and Kubernetes environments allowing you to transform the way you protect your valuable assets. Learn more about Pan Optica Simple. Uur l Pan Optica app. P A N O P T I C A Pan optica [00:08:00] app. And I love the word it would be C everything, right? Right. Panopticon. Well it comes from, was it Bessemer's conception of a prison? The panopticon where prisoners would be under surveillance but they wouldn't know. They knew that they could be, but they wouldn't know when the jailers were watching them so that the jailers would not have to watch all the time because the prisoners just, they wouldn't know. They just think we could be watching [00:08:30] and we all live in a panopticon now actually come to think of it. That's a depressing thought. Alright, picture of the week time, Steve.

(00:08:37):
So this was one I had in the pile in reserve and I liked it and I think the caption is perfect for it. It shows sort of an idyllic setting. We have a slow moving river in the background and a little grassy knoll sort of lawn thing in the front and what looks like [00:09:00] a gate from the 14 hundreds, I mean it's like out of time somehow two stone pillars on either side of a gate, but there's no gage going off in either direction. So it's just this gate segment, right? I mean there's nothing to keep you from going around and we've of course had many of these similar gates that we've had fun with on the show in the [00:09:30] past, but in this case we have four sheep and for reasons that are not explained by the photo, they are stuck behind the gate.

(00:09:42):
Actually, one of them is kind of peeking around wondering if maybe it might be all right to proceed. The other three, they're just at the gate waiting apparently for it to open despite the fact that you could easily go around on either side. And of course I gave [00:10:00] it the caption. This is why they're sheep. Yes. So yes, because they don't know any better. They're just like, oh, the gate's closed. Damn. Love it. This explains all the previous gate without wall pictures you've had. They're for sheep. Yeah, they were. Exactly. The sheep had apparently not yet arrived. We know had they arrived, they could not have left. So they would still be there waiting for the gate to open, but or maybe some nice person would come along and say, oh, you poor sheep [00:10:30] will let you through. And clearly this one stick in his head around the side is the troublemaker.

(00:10:35):
The black sheep. Yeah, exactly. He's looking around, why are we standing here on this side of the gate that has no sides. Dunno. Anyway, I wanted to take just a moment of everyone's time to thank the many listeners who let me know after last week's podcast how glad they were to learn that I would not be retiring from this weekly communication after podcast 9, 9, 9. [00:11:00] It had become clear to me that my plan to quit for no particular reason after 9, 9, 9 would've felt very weird as that day was approaching. Right? I mean it would've been like, okay, sad. It would've been sad. Now we know that's not going to happen. So yay. And thank you everyone for sharing your sentiments with me. We're so happy.

(00:11:26):
I'm not certain whether it will matter to anyone here, [00:11:30] but I wanted to note that the currently public company, Susie spelled s u ss e, the company behind the open Susie Linux distro has announced its plans to delist itself from the Frankfurt Stock Exchange and allow itself to be purchased and taken over by a private equity firm. Oh God no. I know their announcement read in part E Q t. Private equity has [00:12:00] underscored its commitment to supporting the company strategically and financially and to cooperate closely with Susie's c e o and its leadership team Dirk Peter Van Lewen, C e O of Susie said, I believe in the strategic opportunity of taking the company private. It gives us the right setting to grow the business and deliver on our strategy with the new [00:12:30] leadership team in place. Oh no, E Q T private equities and Susie's partnership, he says in a private setting has been fruitful before and we're excited about the long-term potential of the company and our continued to collaboration right now.

(00:12:50):
The whole truth is as you've already been bemoaning properly, Leo, it's unclear what this means for the future of open Susie in [00:13:00] general. As we've witnessed a number of times in our own PC and security industry, private equity firms do not purchase tech companies out of their love of tech. They typically purchase them because they perceive pockets of unexploited profit potential and some means of squeezing money in the short term from the golden goose. This is typically done through aggressive layoffs, cost cutting, selling off the less [00:13:30] profitable pieces and in general, squeezing the remaining life and the future out of their new acquisition users who have made their own investments in the future of such enterprises like by adopting open Susi as their Linux should be forewarned that if nothing else change is coming, we don't know what kind of change, but it may not be good.

(00:13:56):
So anyway, I just thought I wanted to let everyone know open SUSI [00:14:00] may not be quite so open in the future. I mean Novell's own suse forever, but open has always been the open version of it, right? Yeah. Yeah, that's terrible. Yeah. Okay. If imitation is the strongest form of flattery, it appears the Google is enamored of the satellite communications capabilities that Apple added to iOS 14. It appears that [00:14:30] Google is testing a similar new Android feature that will allow its users to send S O Ss messages via a satellite connection in the case of an emergency. Now this nascent feature was spotted in the code for Android 14, which is slated for release like any moment, like within days it's supposed to be the of August and we don't have much August left. The feature is unannounced and we should not expect to see it going live anytime soon. [00:15:00] According to Android OSS expert Mishal Rossman, the feature is not part of the main Android 14 OSS and is just tagged as demo code in the source. So it's going to need accompanying radio hardware I'd imagine in order to talk to satellites. But anyway, Android users can probably assume that a feature similar to apple's will be arriving at some point.

(00:15:30):
[00:15:30] I should mention in case any of our listeners might be impacted by this news that SanDisk my own preferred manufacturer of solid state mass storage and Leo, I think yours as well. Not anymore. Not anymore. I know. And SanDisk and Western Digital are both currently in the doghouse over what is alleged to be their willing and knowing sale of defective [00:16:00] SS s d products and not just a little bit defective. The allegations are disturbing. Here's the start of what ours Technica had to say about this. Ours wrote Amid ongoing pressure to address claims that its sand disc extreme SSDs are still erasing data and becoming unmount despite a firmware fix. Western Digital is facing a lawsuit over [00:16:30] its storage drives. A lawsuit filed last Wednesday accuses the company of knowingly selling defective SSDs, Western digital branded sand disk series of extreme V two and Extreme Pro V two portable SSDs and they're often being recommended or were by tech review sites.

(00:16:54):
Ours wrote, if you've considered a portable drive, it's likely you've come across the popular series in your search. [00:17:00] And of course I'm wanting to let our listeners know because they are popular and they may not have heard about this yet. So ours wrote numerous owners of the drives, including ours, Technica own Lee Hutchinson, encountered a problem were the drives seemingly erased data and became unreadable. Lee saw two drives fill approximately halfway before showing read and write errors. [00:17:30] Disconnecting and reconnecting showed the drive was unformatted and empty wiping and formatting did not resolve things. Oh really? You mean your data didn't magically come back when you wiped and formatted? Yeah, complaints about the drives, littered sand discs forums and Reddit and ours then provided four example links of typical postings for at least four months before Western Digital released [00:18:00] a firmware fix in late May. The page for the update claims products currently shipping are not affected, but the company never noted customers lost data claims.

(00:18:12):
It did however, name the affected drives, so we have the SanDisk Extreme portable four terabyte, the Extreme Pro portable four terabyte, same thing in two terabyte and one terabyte. That is the Sandis Extreme Pro portable and also [00:18:30] the Western Digital, my passport for terabyte. And then they finished subsequent reports from the Verge, which received a replacement ss SS D and some Reddit users though claim the drives were still broken. Western Digital didn't answer requests for comment about newfound grievances. Okay, so for what it's worth, I just wanted to inform our listeners that this has been [00:19:00] an apparently still is a problem and if I were storing important data on any of those name drives, I'd be a little nervous. I wouldn't maybe store any more data on 'em.

(00:19:14):
Now hearing and I actually have sort of maybe an explanation of why hearing that the drive started having trouble when they became around half full was interesting to me as an engineer. I have been astounded [00:19:30] in shaking my head when I learned the links to which today's SSDs are going to achieve. The storage densities they offer, for example, get a load of this. Remember first that NAND style S s D storage cells, which is what we are using the storage cell is really just a capacitor. It's an itty bitty, and yes, that's an engineering term. It's an itty bitty [00:20:00] speck of metal sitting on top of an insulating coating. The act of writing to that cell involves cranking up the voltage internally to deliberately break down that layer of insulation to inject and strand electrons on that itty bitty island of metal. Once there, their presence can be sensed thanks to the magic of field [00:20:30] effect transistors.

(00:20:32):
But the point is the number of electrons which have been stranded on that electrostatic island is an inherently analog quantity. Now the designers of the earliest flash memory, which regarded the fact that all of this worked at all to be a miracle, were quite content to only either fully fill or fully [00:21:00] empty the islands in order to store zeros and ones there. But then management came along and demanded more density. The engineers explained that they had already made the electrostatic islands as itty bitty as possible, but then one of them made the mistake of suggesting during a brainstorming meeting that they might be able to store two bits of data on each island by storing varying amounts of electrons, [00:21:30] thus doubling the effect of storage density of the same number of itty bitty memory cells. Instead of storing a boring old zero or one, it would be possible to store a zero, a one-third, a two-thirds, or a one since this gives us four separate storage levels.

(00:21:57):
That's two bits of data, whereas [00:22:00] the original NAND memory cells were known as SS L C for single level cell. This next generation were M L C for multi-level cell and of course once you've opened Pandora's box of storing what are essentially analog levels of electrostatic charge in cells, why stop at two bits? How about three or four? Okay, so with this bit of background, here's what I learned that made me shake my head. [00:22:30] The SS s d manufacturers are aware that storing fewer bits per cell is better. It's faster to read and write and it's more reliable. So believe it or not, today's most advanced SSDs start out by storing fewer bits per cell because it's faster and more reliable. It makes their product benchmark faster when it's mostly empty, [00:23:00] but as their users continue to fill them up with data, the SS s d begins to run out of storage at that lower, faster and safer density.

(00:23:13):
At some point of fullness, it needs to switch over to storing more bits per cell in order to actually deliver. Its promised and rated full storage capacity to do that. It starts [00:23:30] reading and rewriting existing data which was stored at the lower bit density into higher bit density. Essentially it's on the fly cramming more bits into fewer cells because as it turns out, its owner actually wants to use the storage capacity that they purchased. The extra complexity that had to be built into the controller to track [00:24:00] and accomplish. All of this is somewhat mind boggling, but it's obviously worth it to its products developers. The flakiness inherent in how far S S D storage density has been pushed is one of the reasons I became certain that a continuing investment in spin right would be warranted into the future. Okay, now only sand discs. Engineers know why when their drives are storing about half of their [00:24:30] rated capacity, they suddenly developed a problem that crashed the entire drive.

(00:24:36):
It could be that the drive had actually filled itself with data stored at half density and now needed to get serious about doubling up on density and that some flaw in the drives firmware was then triggered, will likely never know. This brings to mind something else that happened and was discovered [00:25:00] last week by one of Spin Wright's testers on one of their thumb drives, but I've already taken up a lot of time on this, so I'm going to share that interesting story about something else that happened and was really interesting next week also. Wow. By the way, just to correct the record, I just looked through my Amazon orders. I've never bought a sand disk. SS s d I always do the Samsung Evos. Oh, you're right. Samsung is also what I was thinking. That's not We like [00:25:30] the Samsungs. Yeah, yeah. I don't have any sand disk. I buy their SD cards. They're solid state memory cards and I have a bunch of sand disc thumb drives because I like those. Yes, and I do too. It's the Samsung N V M E beautiful memories or even like the two and a half inch or even the Big S sd. Yes, good. I'm glad you directed that. Samsung is not Sam disc, thank goodness. Right.

(00:25:58):
Okay. I ran across [00:26:00] a blurb of news that read YouTube Children's Privacy. An analytics report found that advertisers are still tracking viewers of videos made for kids despite a 2019 promise from YouTube to stop delivering personalized ads on these types of videos and senators are now seeking a formal inquiry [00:26:30] into the company for breaching its US COPA, C O P P A laws. So COPA stands for Children's Online Privacy Protection Act. So I was curious about this, so I followed the analytics link. Analytics appears to be a scrupulously neutral ad tech industry watchdog. They make a point of saying they don't do not accept any money [00:27:00] from the ad tech industry because they don't feel they could do so without an inherent conflict of interest, which I think is obviously true. Their report is long, but I'll share just the top few takeaways which will give everyone the gist.

(00:27:16):
They said first YouTube c e o said in 2019 that the platform would limit data collection and use and use online videos made for kids only [00:27:30] to what is needed to support the operation of the service, which is like being logged on. I suppose however, YouTube appears to be setting or transmitting advertising cookies and identifiers on the devices of viewers who are watching Made for Kids videos as of last month, July, 2023. So that promise was not kept. Second, YouTube, [00:28:00] c e o said that in 2019 that the platform would stop serving personalized ads on made for kids content. However, demographically and behaviorally personalized ad campaigns appear to have ads being served on Made for Kids YouTube channels as of last month, July, 2023. YouTube is serving ads from many adult Fortune 500 advertisers and major media agencies [00:28:30] on YouTube channels that are labeled as made for kids.

(00:28:34):
These include major brands such as Mars, Proctor and Gamble, Ford, Colgate, Palm, olive, Samsung, and many others. In some adult brands personalized ad campaigns, the top YouTube channels by clicks or click-through rate are popular made for kids YouTube channels. In other words, kids are clicking on these things and get this such as choo [00:29:00] tv, nursery rhymes and kids songs, co kalon, nursery rhymes and kids songs or Kids Diana show are clickthroughs are happening for the ads that are on those and they're going to adult brands, not kids brands, the viewers of Made For Kids YouTube videos appear to be clicking on ads and brands websites such as Michigan Steak Police, [00:29:30] Disney, B M W, Hyundai and Verizon, and those companies are harvesting and sharing metadata on those viewers with dozens of data brokers upon a click-through. This raises the possibility that brands have data poisoned their first party data sets with data derived from thousands of viewers of made for Kids videos.

(00:29:54):
Anyway, all of this sounds like YouTube is absolutely not taking the [00:30:00] requirements of COPA for granted. I mean Copa, seriously, they're just blowing it off. Anyway. Anyway, the report goes on and on like that and this is clearly not what the COPA Act had in mind. So it's hardly surprising that the US Senate, which has been all worked up over TikTok recently as we know, is wondering what's going on with this popular US owned property. In the show notes, I titled this story, you asked for it [00:30:30] since that's clearly what Google is doing. I mean they're just blatantly ignoring this entire tracking and data brokering industry seems to me needs a flushing and at this rate that might not be too far away since we were just talking about the danger of losing access to an email forwarding service. I got a kick out of this little bit of news.

(00:30:54):
Apparently the operators of the eight base numeral eight [00:31:00] base ransomware operation lost all of the data that they had previously stolen from their victims when the Anon files cloud hosting file storage service closed down without notice last week, and I saw elsewhere the announcement from Anon files, they just said, we are so disgusted [00:31:30] and we are so fed up with trying to offer, trying to do the right thing and offer for the value for the sake of the internet, an anonymous file hosting service. It is we are being overrun with malicious use of our anonymous files hosting. So they pulled the plug and with it they took a bunch of data that had been exfiltrated from some victims of the eight [00:32:00] base ransomware group. So yay for that.

(00:32:07):
Okay. Meanwhile, the blockchain security firm Cerate, who often provides interesting tidbits that we talk about here, says that a group of Canadian scammers are responsible for stealing millions of dollars during the past few years. The group's members operate [00:32:30] by hacking the discord servers used by cryptocurrency communities and posting phishing links to hijack their users' wallets. Serer K claims to have identified the real world identity of one of the group's members going by the pseudonym of faint F A I N T. The individuals believed to have stolen more than $1 million worth of assets since late 2022. Faint is the group's second publicly [00:33:00] identified member after another blockchain investigator exposed a hacker named soup last month. So anyway, I just tossed that one out there to remind everyone that nothing much appears to have changed in the crypto sphere of late. It remains a wildly immature and insecure mess still.

(00:33:23):
And one other bit of crypto news, there's another example of this fundamental immaturity within [00:33:30] the entire industry, major crypto industry players jumped onto an unproven and not fully tested algorithm due to the promise of what it offered. And of course, isn't that the story of this entire cryptocurrency phenomenon? Earlier this month during black hat researchers from Vera Chain disclosed three vulnerabilities in a cryptographic [00:34:00] protocol called T SS S, which is used to create multi-party crypto wallets known as MPCs. Okay, here's how Binance, one of the prominent users of this new t s s algorithm describes it on their site. T s s is short for threshold signature scheme. They said threshold signature scheme. T s s is a cryptographic [00:34:30] primitive for distributed key generation and signing the use of t s s in blockchain clients is a new paradigm that can provide numerous benefits, especially in terms of security.

(00:34:45):
Whoops, in the broader sense they wrote, t s s can influence the design of key management systems such as crypto wallets and lead the way for native support in defi use cases. [00:35:00] Having said that, they wrote t s s is still a new technology, so the risks and limitations should be considered. Unfortunately, apparently they didn't take their own advice or if they did, they didn't consider them enough because the last part they got right, the Vera chain researchers named their attacks on T S SS T S S H O C K, so ts shock [00:35:30] Ts shock exploits vulnerabilities in some of these M P C, this multi-party crypto wallet technology through their implementation of the threshold elliptic curve, digital signature algorithm, elliptic curve, digital signature algorithm, E C D S A. And so this is a new THRESHOLDING style. The exploit of TS shock can allow threat actors to steal cryptocurrency [00:36:00] from individual users or major institutions while leaving no trace of the attack on the client site.

(00:36:11):
And here's the good part. Major companies like Binance, Zen Go multi chain, Thor chain and I N G Bank use exactly these vulnerable threshold elliptic, curved D S A software implementations. [00:36:30] And on top of that TS shock is the second major multi-party crypto wallet vulnerability disclosed this month, the first being Bit Forge and Leo, after taking our second break, I'm going to tell everybody what happened earlier this month with Bit Forge. Oh Lord, I bet it's good. Oh, can't wait. Yeah. Well, yeah, it's always fascinating. By the way, I did a little research. The Unix epoch ends [00:37:00] when it crosses over the 32 bit threshold on January 19th. So the early 2023, early 2023, in which case, I'm sure we'll still be here. We only have 752 more episodes after this. Yeah, like I said, we're like way past the halfway point, so I just wanted to give you a heads up. I'm feeling great, Leo. I hope you're feeling great. It's only 14 years. I think I can make, I'll [00:37:30] be 80. That's not so bad. Our listeners who were having their first children born at the beginning of the podcast will be grandparents by the time. You know what? By the time, let's put a pin in it. I'm planning on it June 19 I think, because we could then talk about the new year Y two K problem, the Y 2 38 problem. That's right. And then wrap things up.

(00:37:59):
January 19th, [00:38:00] which is a Tuesday by the way. Perfect. 2038. Perfect. I like our, we don't even have to do a special, our show today brought to you by Collide, K O L I D E. It's a device trust solution for companies with Okta. You use Okta for your verification. Your authentication collide ensures not just at the person's authenticated, but that the device they're using is trusted and secure. And if it's not, it [00:38:30] can't log into your cloud apps. Now, if you work in security or it your company is using Okta for authentication, then this is for you. You got to listen. This is awesome. Maybe you've noticed in the past few years, the majority of data breaches and hacks we talk about on the show have something in common employees, right? They're the weak link. Nothing wrong with employees, we love employees, but sometimes an employee's device gets hacked because of unpatched [00:39:00] software plex or sometimes an employee leaves sensitive data in an unsecured place.

(00:39:09):
Your SS s H private key in your downloads folder, things like that. And of course it seems like every day somebody breaks in using credentials phished from an employee spearfishing. But I want to say the problem isn't your end users. The problem is the solutions you use to prevent these breaches. They're not doing their job, [00:39:30] but it doesn't have to be this way. Imagine a world where every single device that logs into your network is guaranteed secure. Only secure devices can access your cloud apps in this world. Phish credentials useless. You can manage every oss, including Linux, windows, Mac, all from a single dashboard. Plus you can get employees to fix this is really cool. It will love this. Fix their own device security issues without creating more work for your IT team. But it doesn't just [00:40:00] save them work. It also gets the employees on your team, on your side understanding why security is important and how to ensure it.

(00:40:08):
This is good news all around. Well, you don't have to imagine that world because guess what? That's collide right there in a nutshell. Just start using collide K o l i d.com/security now to book an on-demand demo today. See how it works for yourself. It works great. It really does. K O L i de.com/security now, [00:40:30] and we thank Coly so much for their support. You can just, by the way, the demo is easy. You watch it, you get an idea, and I think you'll be very, very impressed. K O L I D e collide.com/security now. And now back to Steve. So for the sake of painting a full picture of just how rocky things still are in the crypto industry, I should also touch on this earlier discovery, which I referred to Bit Forge, which [00:41:00] was made by a group known as Fire Blocks two weeks ago on August 9th, fire blocks posted their discovery under the title Fire Blocks.

(00:41:10):
Researchers uncover vulnerabilities impacting dozens of major wallet providers, and they explained in their posting today fire blocks cryptography research team announced the discovery of multiple zero day vulnerabilities in some of the most used [00:41:30] cryptographic multi-party computation M P C protocols, including GG 18, GG 20, and implementations of Lindell 17. If left unremediated, the exposures would allow attackers and malicious insiders to drain funds from the wallets of millions of retail and institutional customers in seconds with no knowledge to the user or [00:42:00] vendor. The series of vulnerabilities dubbed Bit Forge impact popular wallet providers like Coinbase, W A A S, and I guess that's Wallet as a service to which you have to ask what could possibly go wrong with that. We also have Zen Go and Binance using this. They said following industry standard 90 day responsible disclosure processes, Coinbase, w a s [00:42:30] and Zen go have since fixed and resolved the identified issues.

(00:42:35):
They don't mention Binance there. They said in addition, the academic papers, which had the details of their flaws redacted have been revised. The fire blocks cryptography research team findings were presented during the black hat U S A conference on Wednesday, August 9th and will be shared at DEFCON on Thursday the 10th. Paval Begot [00:43:00] co-founder and chief technology officer at Fire Block said, as decentralized finance and web three continue to gain popularity, the need for secure wallet and key management providers is evident. While we're encouraged to see that M P C, that's the multi-party stuff is now ubiquitous, wow, I'm not encouraged, but okay, is now ubiquitous within the digital asset industry. It's evident [00:43:30] from our findings and our subsequent disclosure process that not all M P C developers and teams are created equal companies leveraging web three technology should work closely with security experts, with the know-how and resources to stay ahead of and mitigate vulnerabilities.

(00:43:48):
Maintaining and updating core infrastructure technologies like Web three wallets is crucial. Get this in preventing thefts and attacks, which amounted [00:44:00] to ready for this nearly $500 million in just the first half. Just the first half. Leo of this past year, 2023, half billion here, half billion there. It starts to add up. Yeah, and where is this? Who has all this money that's being lost? Well, they don't anymore. It's just an astonishing amount of money is being drained out of people. Wow. Anyway, wallet [00:44:30] as a service from the beginning. No wrong. Yeah. I'll tell you what the service is. We'll take your money then we'll take your money wallet as a drain plug. Anyway, from the beginning of this cryptocurrency odyssey, our one constant piece of advice here has been to keep your wallet safely offline off. Okay? Dont forget you get your password, forget. Don't [00:45:00] forget, whatever you do, do not format the hard dis where you had your 50 Bitcoins.

(00:45:06):
That's right. Boy, that was a dumb one. Oh, don't even just forget that ever happened. Anyway, enough said, if you want to play with crypto, just please be careful and heed the age old investment advice to never gamble more than you're able to lose. See this? We didn't gamble anything. It costs you nothing to get that 50 Bitcoin [00:45:30] only heartache after I formatted the heartache. Yeah. I never have purchased Bitcoin. It was all donated, so we didn't gamble anything but people were buying Bitcoin. Not now. I hope not. Anyway. Well, and in all fairness at when I was in Boston with you, Leo, when we did the event there and had a whole bunch of our podcast listeners show up, we made some Bitcoin millionaires.

(00:45:58):
There was a guy came [00:46:00] up and said, thank you Steve. I listened to your Bitcoin podcast. I got involved. I'm now retired. I've never have to work a Jack Holy cow. And this was a young guy. Nice. Very nice. So that was very cool. Yeah. Unfortunately I didn't follow my own advice anyway. Whoops. No, good. Okay, so does anyone want a quantum resilient Fido two security [00:46:30] key? Yes. Well, it may be of more interest once it's possible to use pass keys widely, but in any event, Google has developed the first ever version of a FI oh two security key that includes protections against quantum computing attacks. Wow. Exists. I didn't know we'd had a way to do that. Yeah. Well, remember we have those nascent algorithms like di lithium and of course, yeah, [00:47:00] because of quantum and they exist. So the implementation comes from a new version of what's known as open SK as in open security key, which is an open source project on GitHub that provides firmware for security keys.

(00:47:18):
Google says this new open SK firmware version uses a novel E C C. So that's elliptic curve, crypto di lithium hybrid [00:47:30] signature scheme. Its engineers developed along with academics from E T H Zurich. The project doesn't yet appear to be production ready. It's definitely still experimental and not ready for prime time, but it appears that when quantum computers eventually happen will be ready, even if there still aren't many sites supporting pass keys, at least those that do, you'll be safe. And actually, this is important [00:48:00] for pass keys because it uses public key crypto, which is the form of crypto, which quantum computers are expected to crack. Symmetric crypto that's not quantum unsafe. So all of the symmetric crypto that we have, that's fine. It doesn't need to be changed. It's the public key crypto that is the problem. So it's nice that we'll be ahead of the game.

(00:48:30):
[00:48:30] Chrome 16, which is today's current release, contains a not enabled by default feature, which is scheduled to be enabled by default in Chrome 17 at the start of September, so a couple weeks from now. The feature is called Safety Check Extensions, which will allow Google to display notifications to Chrome users when one or more browser extensions [00:49:00] that they currently have installed and running are removed for some reason from the official web store, the notifications will be shown when an extension is marked as malware, the extension is removed for terms of service violations or when the extension is unpublished by its developer. Now that seems like an uncontroversial. Good thing though. It's a bit surprising that Chrome doesn't already [00:49:30] do that, but certainly good that they're going to be adding that it's in there now you can turn it on, but it's not on by default.

(00:49:37):
It'll be on by default with the next release of Chrome. And speaking of defaults, even with T L SS certificates now being free, we're still not all on board the H T T P S train. So last Wednesday in a posting titled towards [00:50:00] H T T P S, by default, Google announced their next move. They wrote for the past several years, more than 90% of Chrome's users navigations have been to H T T P S sites across all major platforms. Thankfully, that means that most traffic is encrypted and authenticated and thus safe from network attackers. [00:50:30] However, they wrote a stubborn five to 10% of traffic has remained on H T T P allowing attackers to eavesdrop on or change that data. Okay, now just wait a minute. It's not stubborn Google. It's just ignoring you. It doesn't care. Imagine that Now, okay. As we know, [00:51:00] this is certainly traffic that really doesn't need any security of any kind and is 100% completely happy being unauthenticated and out in the open, but it apparently annoys Google.

(00:51:16):
Nevertheless, I have an example in the show notes of exactly such a site. I refer to it constantly while working on spin. Right? Since it contains a comprehensive list of [00:51:30] every PC interrupt from zero zero to FF all of their sub-functions and their arguments, it is wonderful and I'm very thankful for it. I've copied the entire site against the inevitable day when it finally disappears. It's http slash slash www.ctyme.com/ir/int.htm. [00:52:00] And yes, it is proudly http and I'm pretty sure that it's never going to change. As an aside, it also makes my own website look quite modern by comparison. It even has the old mailbox icon for email. Anyway, Google is still annoyed. So here's what they're going to do. They said Chrome shows a warning in [00:52:30] the address bar when a connection to a site is not secure. But we believe this is insufficient. Not only do many people not notice that warning, but by the time someone notices that warning, the damage may already be done.

(00:52:47):
Right. What the damage from looking up some interrupts in a table anyway, maybe some dastardly Russian is going to do that to subvert spin. Right? I don't know. We had this [00:53:00] argument, not argument with discussion about my site where we don't have any logins. Exactly. Why does it need to be secure? Exactly. I mean, you can make an argument that it could be impersonated, but then still, what are they going to get? There's no login. Yeah, exactly. It's just some data that someone wants to share on the internet. That's it. It's some data that somebody wants to share in the internet. The irony of this Interrupt jump table is it's hosted by Computer [00:53:30] Time, which is a web hosting company that is also not H T TP s. So apparently now one can't really discern from that. Look at that. There's John c Deak and I get no spam.

(00:53:47):
This has got to be just a site that's been around for a while and is dead. Yes. I think you just scrolled past an Apache icon on the left. Oh my God, this thing is ancient. [00:54:00] Wow. Computer time. I think this is the guy who used to provide AK with his spam filtering, which is wild outbound spam filtering. So it's just some guy. Yeah. He says, yeah. He says, if you saw the John c Deak article, the death of email in PC Magazine or show 18 on this Weekend Tech. This is literally 15 years ago. We can provide you with the individual Mark's mail accounts you want, huh? [00:54:30] We do host John's email. I wonder, I wonder if it's still, anyway, very cute. I guess he doesn't have time for https, so it's a perfect example of a site that's like, Hey, it doesn't need it.

(00:54:44):
Doesn't need it. Yeah. Go stop. Look at me. I just want to put some stuff on the internet. His spam filter, by the way, is HT T P s, so he knows enough to do it when it's needed, right? Yeah. Yeah, exactly. And that's old school. [00:55:00] Old school hands, I would argue hands. Yeah, it's just fine. Anyway, Google says the damage may already be done if you go to a site that isn't HTTP s. So there literally, we believe they say they wrote, we believe the web should be secure by default. That's right. No insecure traffic allowed. Wow. You think they were selling certificates, but they're not. I think they're getting a little far over their skis with this thing, but after all, they're [00:55:30] just a web browser. Right. Anyway, so here it is. H T T P S first mode. That's what they're calling this new thing.

(00:55:39):
It let H TTP first mode, let's Chrome deliver on exactly that promise. Nope, no insecure interrupt tables by getting explicit permission from you before connecting to a site insecurely. Oh, great. So anyway, thank goodness. I'm over here on Firefox where that's not [00:56:00] happening. They said our goal is to eventually enable this mode for everyone by default. While the web isn't quite ready to universally enable H T T P S first mode today, we are announcing several important stepping stones toward that goal. Chrome will automatically all http slash slash navigations to https [00:56:30] slash slash Even when you click on a link that explicitly declares http slash slash, they said this works very similarly to H SS T S upgrading, but Chrome will detect when those upgrades fail, for example, due to a site providing an invalid certificate or returning an HTTP 4 0 4 and will automatically fall back to the http [00:57:00] slash slash that you originally asked for.

(00:57:04):
This change ensures that Chrome only ever uses insecure, and I would argue not secured, but no insecure H T T P when H T T P S isn't truly available and not because you clicked on an out of date insecure link. We're currently experimenting. They [00:57:30] said with this change in Chrome one 15 working to standardize the behavior across the web and plan to roll out this feature to everyone soon. While this change cannot protect against active network attackers fine. It's a stepping stone towards H T T P SS first mode for everyone and protects more traffic from passive network eavesdrops again, for sites nobody [00:58:00] gives a crap about. Okay, so all that said, overall this is a good thing. It would be annoying to need to push past another warning screen before being allowed to access an H T T P site. That does seem like overdoing it, but certainly trying first to access A U R L over port 4, 4 3, bring up a T L S handshake and see [00:58:30] whether that http colon slash slash URL is also available via https.

(00:58:36):
That makes sense. However, it is worth noting that technically HTTP URLs and H TTPs URLs are actually referring to different resources. Nothing anywhere ever says that the URLs [00:59:00] of those differing protocols always or ever needs to or should refer to the same web resources. It's true that they generally do. Most web servers serve the same content regardless of whether their visitors come in via h TTP or H s, and these days most attempt to come in via H T T P are immediately redirected to the same U R L [00:59:30] over H T T P S to fix the link. But that doesn't necessarily need to be. So it's just the way things have typically evolved over time. So I can see why Google is being cautious. They clearly want to kill H T T P entirely, and I'll bet they even want to remove its support from Chrome, but it doesn't look like it's going to go away quietly.

(00:59:54):
So it's putting up a bit of a fight. One last bit before we get [01:00:00] to our listener feedback. I wanted to note that WIN RAR is now at version 6.23. I've long been a fan and I'm a registered owner of WIN rar. So I wanted to note that a recent update to version 6.23 earlier this month closed a couple of maliciously exploitable holes that attackers could use in a targeted attack to run their own code on their victim's system. So if you are like I [01:00:30] am a WIN raw user, you want to probably go over there and grab it. I fired up my copy nowhere. Is there an update check for update check for new version or anything like that? There is a link to go to their website automatically, but they make you do that. And actually, I'm not sure that's a bad thing, although it would be nice to be notified if an important update were made available.

(01:00:54):
This actually happened earlier this month, weeks ago, and I didn't know about it until [01:01:00] I ran across a mention of it elsewhere. So anyway, now all of our listeners know that's why you have to listen. We're going to be, we're going to tell you That's exactly right. That's exactly right. Until 2032 when the internet will finally end at 2038. Yes. Don't rush. Don't rush me. No, no, no, no. That's right. We're going to wait till the bitter end. So I am pie test. That's his Twitter handle. He said hello, hope your weekend is going well. Relating to [01:01:30] this week's episode, I thought you might find it interesting to know you block origin disables topics by default. Oh, interesting. It does this. He said yes by modifying the permissions policy header. Thanks for the podcast and have a nice day. So as we mentioned last week, there is, again, Google is wanting to be really, really kind and gentle about this.

(01:01:57):
It is possible for a website to add [01:02:00] a header that turns off topics completely, and so that every time the web browser receives any content from a site, if that there's a permissions policy header says no topics, then they're disabled for that site. And I suppose we should have expected this from Gore Hill, right? I mean, he makes Dvorack [01:02:30] seem all giddy. He's a cranky fella. He is, yeah. Yeah, he really is. In the GitHub dialogue on this. Gore Hill quoted a comment from someone else which read, and then he was quoting Stephen Hawk 8 0 5 4 who said, gave more thoughts to this and I think we should add it to you. Block filters privacy list. I don't think a user interface component for this is the way to go given that so far it's an [01:03:00] a p I supported only by one browser and that the A p I is to serve advertisers in the first place.

(01:03:10):
Now, as we know, topics is a new component of the underlying chromium browser core. All of the many chromium based web browsers will at least have the opportunity to support it easily if they don't deliberately block it. And initially some of those may choose to block it just because [01:03:30] Yes, privacy, privacy, privacy focused ones, right? And this is the sort of major change that can be expected to take time and will require a great deal of reeducation, which we at least began on this podcast last week. I know, just look, Google's like all pissed off. The H T T P still works and good luck on takes a while. Killing that off does take a while. Everyone here enjoys at least knowing [01:04:00] where the bleeding edge is and we always find it. So some patients will be needed. The E F F will likely never come around to the idea of helping websites to monetize their visitors by providing advertisers with any information at all about who's visiting their pages and who knows, maybe they're right.

(01:04:20):
It might be that all this profiling which grew out of tracking, which was itself an unintended side effect of cookies, has always been something that [01:04:30] data brokers have been just been getting away with. Only until the much slower moving government regulations finally catch up. Perhaps absolute anonymity is what we will eventually get thanks to legal frameworks rather than technological frameworks. So anyway, no matter what happens, we're going to have fun following it here on the podcast. There's a white paper, which you've probably read from Mozilla about this and their complaint. We've talked about it since your show last week on several [01:05:00] of our shows. Their complaint was that it's possible to anonymize this topic information. If you visit enough sites, it's possible to anonymize it. And that's of course always the concern if you can keep it anonymous. I think its, I see the white paper.

(01:05:16):
I did not see the white paper. I will look at it. I don't know how that's possible, so I am wanting to find out. Yeah, well, they may be making the assumption, which isn't probably wrong, that anonymization is [01:05:30] easier in many cases than one would expect. We've seen a lot of cases where, wow, you can anonymize that. I'm curious because there's a whole bunch of de anonymization stuff in there anyway, so if topics were to succeed and it got universal Krause cross browser adoption and industry endorsement while Gore Hill's U Block Origin continues to block it, then we'll ask [01:06:00] Gore Hill for an easy to use exception switch as he has done on his UI for other things in order to turn it back on. Or if he refuses to do that, then he just may feel like, okay, blocking it is our job then I'm sure it's possible to tweak the rules in order to allow it.

(01:06:18):
It may be moot. Has he said anything about manifest three? Because Google is planning to, I think, do what will essentially disable you block origin in the long run. [01:06:30] So it may be moot, as I have said, and you have said it might be better just to use Mozilla and have done with it. I mean, that was Corey Rio's complaint is not so much topics, but just that Google's attempt to really monopolize. They already monopolize online advertising both as a buyer and seller and they would love to monopolize browsers as well. And that's the problem. And I'm kind of feeling sad about this because I'm feeling less and less charitable [01:07:00] toward Google all the time. I feel sad about it as well. And I feel the same way when I put a search into Google, I used to get a clean page of links, not anymore.

(01:07:09):
And now it's not that anymore. It's really changed the real tic. He said, hi, Mr. Gibson, I love security Now I noticed a slight logical flaw on SSN 9 35 regarding the G P L. The G P L only [01:07:30] requires that you make available the source code of your modified G P L code. With the distribution of that code, Russian citizens could safely honor the G P L without actively contributing to open source. Okay, now first of all, it sounds like he's been listening to ANT with this Mr. Gibson business. I appreciate the gesture of respect, but please, everyone, we've been together for 18 years. I'm just Steve [01:08:00] and I do appreciate Varian's classification or clarification, sorry about the G P L after I fumbled my mention of it last week. But even so, assuming that Russia invests in modifying Linux to suit their own purposes and thus acquires an inherent feeling of propriety over their result, who would imagine that Vladimir Putin's minions will have any interest in providing [01:08:30] their citizens with the source code any more than Microsoft does with Windows, or that they would make it available to anyone including the Linux project in any form or fashion?

(01:08:43):
What benefit would Russia accrue from doing? So? I'd be willing to bet that what we're going to see here is the Linux source forked and never shared again. I would be surprised if anything else happened. But anyway, thank you Verin for the clarification. [01:09:00] Emma Sachs tweeted, I just finished listening to your latest podcast and I've been doing some thinking on your concerns about an email forwarding service like FastMail just choosing to shut down. I've come to the conclusion that that concern is no different from Gmail or Outlook shutting down their servers, which millions of people rely on at any point. Any common email providers could just choose to not host email [01:09:30] anymore, and tons of people would be forced to change their emails all over. The only way to get around it is by running your own email server, which you mentioned. And most people aren't willing to go that far.

(01:09:43):
So for most people, we might as well just accept that we're relying on other people's servers for things. And so just do your research to make sure you're choosing one that seems to be the most reliable to you as in owned by a big company versus a single person, et cetera. [01:10:00] And thank you, Emma. I think you're exactly right. I think I'm sensitive to the fact that we do see services come and go, even from major providers. Mozilla once offered a terrific file transfer service, which they too shut down because it was being abused to transfer malware. And we've seen several companies stop offering ephemeral credit card numbers, which was a useful service while it was there. The difference with those services is [01:10:30] that they don't incur the same level of persistent dependence that an email forwarding service does when it's used to anchor online account recovery.

(01:10:41):
So Emma's right, I think that the optimal thing to do is to choose your email forwarding provider with your eyes open and with an awareness of the importance of any such services, continuing support and their existence going forward. And if you ever receive any notice of any pending service discontinuation, [01:11:00] don't wait to migrate your existing forwarded accounts to some other provider. So just recognize the level and nature of that dependency. AM Sather, he said, Hey, Steve, topics sounds great, but what's to stop site operators from storing the topics supplied to them and aggregating it to sell to [01:11:30] advertisers? He said, love the show longtime lister and spin. Right six owner. So happy you're not stopping after 99. Okay, this is one of the trickier bits of the topic's a p i, and I do hope that its subtlety does not keep it from being appreciated.

(01:11:52):
Remember that brain twisting part about which topics a requester could receive from [01:12:00] a browser. One of the things to appreciate about the browser's role in this that is in topics is just how much of the burden for enforcing the user's privacy has been placed on the browser? Virtually all of it. And because it's client side, that's where its strength and privacy enforcement comes from. The browser with topics needs to keep track of all kinds of information [01:12:30] for its user. But fortunately, that's only needed on a moving four week window, which is actually part of the clever trade-off that's been made. It does not need to keep it longer than four weeks. So in order to obtain those three interest topics from a user's browser, when the user's visiting a website, the requester who would typically be an advertiser serving ads across the internet must [01:13:00] have previously queried that user's browser at some site, which the browser associates with each of the topics that would be returned to the requesting advertiser.

(01:13:16):
And I know it's like this is hard to put into words. So here's again an example. Three topics will be chosen, one for each of the past three weeks based upon the domain [01:13:30] the user's visiting because of that hash function, which chooses one topic from among the top five for during each of the three past weeks. So say that one of those three selected topics which would be returned to someone requesting them on a given site. An advertiser say that one of the three topics is Phish. This would happen if the user's use of their web [01:14:00] browser during the previous three weeks has temporarily taught their web browser because of the websites they've chosen to navigate to that they currently have an interest in Phish. So Phish would be among their current top interests, but at this time they're not at a website that their web browser associates with Phish.

(01:14:27):
They're at a site that their web browser associates [01:14:30] with gaming for example. But nonetheless, an advertiser on that gaming site is asking for the three chosen topics of interest to this user now, and here's the crux. Phish will only be returned as one of the three topics to that advertiser if sometime during the preceding three weeks, that same advertiser queried for this user's three topics [01:15:00] at a site which the user's browser associates with Phish. In other words, in order to be told that this user at this gaming site has an interest in Phish, that same advertiser needs to have recently, previously encountered this user's browser at a website that the browser associates with fish. And unless that's true, fish will [01:15:30] be redacted. It'll just be eliminated from the three topics that will be returned to the user and nothing will be substituted in its place.

(01:15:38):
The advertiser just gets less information. So anyway, there's just no easy way to explain this, but that's it again. Okay, but now what does that mean? Because now back to our listeners' question, what does that mean? He said, what's to stop advertisers from storing the topic supplied to them and aggregating them to sell to [01:16:00] advertisers? And that's part of the subtle beauty of this system. Ask yourself what topics a browser will return to any static website. Unlike advertisers, websites don't encounter their visitors' browsers at other websites. Only third party advertisers have that sort of cross website reach Websites have a first party relationship with their visitors [01:16:30] so they never see them anywhere else. That means that the tricky topics filter will only ever return the same topics to a website that the browser associates with that website. This means that websites are unable to learn anything they didn't already know about their visitors.

(01:16:58):
And of course, note [01:17:00] that this makes it completely different from flock, which was blabbing with that cryptic hash token to every site someone visited, whether or not they'd ever even been there before, not. So with topics. Again, I'm a little worried because it is complicated and the world has a hard time dealing with complicated things, especially when they're asked, doesn't that sound great? [01:17:30] They go, what's for dinner? So anyway, let's hope Robert Goul or gald, G A U L D, he said at S G G R C in SSN 9 35, I think consecutive characters refers to sequences as in A, B, C, D, E, F, 5, 6, 7, et cetera. Okay? So [01:18:00] yes, thanks to Robert and many other listeners. Remember Leo, that ridiculous set of password rules and we had a lot of fun because they said no two consecutive characters. And I said, wait a minute, was it never more than two consecutive characters?

(01:18:20):
So how could you have a password greater than two characters if you can't have more than two that are consecutive? Anyway, Robert and many of our listeners said, Steve, I think [01:18:30] they meant sequential. Oh yeah, but they didn't say sequential. They did not say sequential. And there were several of those rules that were kind of fumbles. Remember one was a proper subset of the other, so you didn't even need that second one because the first one was a full superset of what that second one was. I mean that set of rules was a mess. But anyway, I wanted to thank all of our listeners who said, [01:19:00] I think they didn't mean consecutive, they meant sequential. Yeah. Okay, and finally, yeah, Rob Mitchell said, you know what would be great if you posted your picture of the week for each episode here on Twitter, you could include a link to each episode, so you'd also be doing some promotion too.

(01:19:20):
I rarely take the time to find the photo of the week, but I'd surely find it here and rob your request. And actually I saw it several times. It must've been in [01:19:30] the wind somehow this past week because no one ever mentioned it before, but a bunch of people did this time. Maybe because the pictures lately have been a little obscure and they've required a great deal of explanation in order for me to do it over a non-visual medium. Anyway, from now on, and I already did it earlier today, the podcast picture of the week will accompany the link to the show notes on Twitter. How you using Twitter? Right? That's just as they changed [01:20:00] their name to X. Speaking of which, Leo, he took tweet deck away from me. He did that. God, people are very upset about that. Yeah. Oh my God. Using the normal, her face is awful.

(01:20:16):
No tweet deck was a godsend, but on the other hand, I refuse to pay that SS o b $89 a year or something. I'm not paying for this, so I'll tough it out with this awful [01:20:30] user interface that is the web browser. It took me years to get you use Twitter now it's going to take me years to get you off it. I know, but that's all right. You don't like change. I got it. I still, I do not. I do like change. My first wife's abbreviation for me was c o h and I was for to ask what that stands. Fortunately it stood for Creature of Habit. Yes, that's true. So that's true. I'm programming assembly language, darn [01:21:00] it. And that's what I learned when I was four and I'm sticking with it. Anyway, our last break and then we're going to talk about when heuristics backfire. Oh, that's me. Okay, I'm thinking about C O h. I kind of am too. Come to think of it actually, that's nothing wrong with that. You know it. Well, you have relearn. [01:21:30] All of our neighbors only see Lori and me walking in black, black and they often comment, why are you in all black? It's like, well easy. It's very easy. It's always color coordinated. It hides the soy sauce.

(01:21:45):
Now, if this weren't another show, I would have that be the show title, but okay, show today is brought to you by Delete Me. And this is a service that we've used and has made a big difference. And some of you may need this. If you've ever searched [01:22:00] for your name online, if you've not done it, maybe best not to, but I bet you you have. It's amazing, isn't it? How much personal information is there? That's those darn data brokers. Your address, how much money you make, rightly or wrongly, your phone number, your cell phone number. Does that make you feel exposed or unsafe since 20 10, 13 years? Now delete me when we've needed it for 13 years has been on [01:22:30] a mission to empower individuals and organizations, allowing them to reclaim their privacy and help you remove personal data from online sources.

(01:22:42):
Yes, this is something you could do with great labor for yourself probably, but the problem is there's more data brokers every single day. How do you know where they all are? It's a full-time job in some cases. The Delete Me team is driven by a passion for privacy [01:23:00] and a commitment to make it as simple for you to use. Delete me. It reduces a risk from, well, I think you can imagine identity theft, credit card fraud, robocall, spam, stalking, harassment, cybersecurity threats, unwanted pictures, unwanted communications overall, delete Me is the most trusted privacy solution out there, helping thousands of customers remove their personal information online. I haven't used it, but Lisa [01:23:30] has. It's worked very well. She's been using it for several years. Other of our hosts have used it as well. Did you know the average person has more than 2000 pieces of data about them online that Delete me can confined and remove?

(01:23:44):
You could do it by hand, as I said, but that's a lot of time plus a lot of expertise you'd need. One customer said quote, I signed up and they took it from there. Awesome service already seeing results. So this is how it's going to work just [01:24:00] to get you ready for the onboarding process. First, you're going to sign up. Yes, you're going to have to submit basic personal information. That's how they're going to find it so they can search for it. They have very expert skilled staff that's been doing this, as I said for a long time, so they know where to go to find and remove your personal information from hundreds of data brokers, which reduces your online footprint, keeps your family safe. But this is the best [01:24:30] part. Once the removal process starts, you're going to get a detailed report within seven days and it doesn't stop there.

(01:24:37):
Delete me will continue to scan and remove personal information every three months. You have to do this stuff because it grows like weeds. You can't just pull weeds once. You've got to keep pulling them. And with automated removal opt-out monitoring, they'll ensure that records don't get repopulated after being removed. That happens all the time. You go to a site bad site, [01:25:00] you remove your stuff and it's back the next day. We're talking names, addresses, photos, emails, relatives, phone numbers, social media, property value and more. And the data broker industry has just been growing without any checks, without any restrictions. The Lead me continues to add new sites and new features to make sure their service is both easy for you to use, but effective in removing personally identifiable information. And [01:25:30] since privacy exposures and incense affect individuals differently, their privacy advisors are there to talk with you, to give you the support you need to help you understand what's there, what they're doing about it.

(01:25:42):
Very important. You're not alone. That's really the most important message. Delete me is there for you. Protect yourself, reclaim your privacy. Here's the website, join delete me.com/twit. Okay? Use that whole thing. I want them to know you heard it here, right? Join delete me.com/twi. [01:26:00] The promo code twit at checkout get you 20% off. It really works. Join, I've seen it for myself. Join delete me.com/twi. The offer code twit for 20% off all privacy plans. Delete me. It's too bad we need this, but we do. Unfortunately, it's only getting worse. Seems like a clear win. Yep. Alright. Okay. So Wikipedia defines the term [01:26:30] heuristic. First of all, heuristic comes from the ancient Greek heco and there it meant to find or discover. So a heuristic technique is any approach Wikipedia says to problem solving or self-discovery that employs a practical method that is not guaranteed to be optimal, perfect or rational, but is nevertheless sufficient for reaching an immediate short-term goal or approximation where finding an optimal solution is [01:27:00] possible, impossible or impractical heuristic methods can be used to speed up the process of finding a satisfactory solution.

(01:27:08):
Heuristics can be mental shortcuts that ease the cognitive load of making a decision. Examples that employ heuristics include using trial and error, a rule of thumb or an educated guess. Okay, so before I take some lessons or we all take some lessons from the implementation of a heuristic that has [01:27:30] been causing Microsoft Enterprise customers years of mysterious pain, I want to note that I'm a big fan of heuristic methods. I often use heuristics in my own code when I'm dealing with uncertainties. An example from the nearly finished spin, right six one code comes to mind. Modern operating systems all incorporate the concept of device drivers because the operating system needs to be informed how to talk to the wide range of peripherals it might encounter [01:28:00] for all spin rights from version 1.0 through 6.0. This was never an issue because spin right was able to access the system's mass storage hardware through the bios, which functioned as an abstraction layer.

(01:28:16):
Essentially it contained permanent built-in device drivers so that it knew how to talk to the hardware on its own motherboard. The problem was that the BIOS APIs were designed 40 [01:28:30] years ago and mass storage devices have evolved not only in their capacity but also in the rich metadata that they're able to offer to anyone who knows how to ask. Unfortunately, the BIOS never did. So to pull off what Spin right six one needed to do, it could no longer use the bios to serve as its intermediary. It needed to talk to the motherboard hardware directly in order to gain direct access to all of the modern hardware capabilities. [01:29:00] But unlike all modern operating systems, which are able to use a rich collection of modular device drivers to talk to the hardware spin, right? Needed to have what was essentially a single universal built-in driver that could figure out for itself and on its own how to talk to any hardware that it might encounter.

(01:29:28):
And we're talking about 40 years worth [01:29:30] from long since disappeared manufacturers and so forth, and that's where heuristics comes in. While Spin write is starting up, it spends its time literally getting to know the hardware it's running on by performing a series of experiments in a classic heuristic process to work out and learn exactly how the underlying hardware operates. It tries things and [01:30:00] learns things and keeps a record of what it has learned about every mass storage adapter and device in the system so that it then knows how to interface with each one. There was an appreciable amount of time during these past three years where I wasn't 100% certain that I was going to be able to successfully weave a path through all of the hardware owned by myself and by Spin rights now 759 [01:30:30] individual testers. But a path was found, and it's been quite a while since any hardware has stumped spin, right?

(01:30:39):
It doesn't matter how old or new or from which manufacturer. Spin right six one now has what is essentially a universal smart driver driven by a heuristic learning process that's able to interface with any I D E A T A or A H C I mass storage hardware that [01:31:00] has ever been built. And one non-obvious feature of the inherent flexibility of this approach is that the benefit may not only be retrospective, it's likely also prospective giving spin, right? The ability to figure out things that not only came before it, but may also arrive after it. So that's an example of the application of heuristics. One way to think of it is as [01:31:30] code that figures things out, often working from an initial starting place of uncertainty, the trouble is being somewhat rule of thumb and inexact. Anyone deploying heuristic approaches needs to build in safeguards against their code drawing the wrong conclusions.

(01:31:51):
And this appears to be where a heuristic approach incorporated into Windows servers by Microsoft back [01:32:00] in 2016. Actually it's not just Windows servers. It's 20 from Windows 10 on both desktop and server platforms back in 2016 has fallen down, backfired, and caused unappreciated problems for the past seven years. Last week, a Norwegian data center engineer named Simon, spelled S I M E N, [01:32:30] reached out to me via Twitter dmm and explained that people who listened to this podcast said that I'd probably be interested in what he had discovered. Given that it became today's topic, it's clear that our podcast listeners have come to know me pretty well. The best way to introduce the seven year old problem that Simon uncovered would be to share ours technic coverage of it, which Simon pointed [01:33:00] me to in his direct message because it's about him. So last Wednesday's piece in ours, Technica was titled Windows feature that resets system clocks based on random data.

(01:33:17):
Ouch is wreaking havoc and the subtitle was Windows Secure Time seeding resets clocks months or years off the [01:33:30] correct time. Ours wrote A few months ago, an engineer in a data center in Norway encountered some perplexing errors that caused a Windows server to suddenly reset its clock to 55 days in the future, the engineer relied on the server to maintain a routing table that tracked cell phone numbers in real time as they moved from one carrier to the other. A jump [01:34:00] of eight weeks had dire consequences because it caused numbers that had yet to be transferred to be listed as having already been moved and numbers that had already been transferred to be reported as pending. The engineer who asked to be identified only by his first name, Simon, wrote in an email with these updated routing tables. A lot of people were unable to make calls as we didn't have the correct state. [01:34:30] We would route incoming and outgoing calls to the wrong operators. This meant for example, children could not reach their parents and vice versa.

(01:34:43):
Ours wrote, Simon had experienced a similar error last August when a machine running Windows Server 2019 reset its clock to January, 2023 and then changed it back a short time later. Geez, I know Leo, it gets [01:35:00] worse. Troubleshooting the cause of that mysterious reset was hampered because the engineers didn't discover it until after event logs had been purged. The newer jump of 55 days on a machine running Windows Server 2016 prompted him to once again search for a cause, and this time he found it. The culprit was a little known feature in Windows known as secure time seeding. Microsoft introduced [01:35:30] the secure time seeding timekeeping feature in 2016 as a way to ensure that system clocks were accurate. Windows systems with clocks set to the wrong time can cause disastrous errors when they can't properly parse timestamps in digital certificates or they execute jobs too early, too late or out of prescribed order.

(01:35:57):
Secure time seating Microsoft said [01:36:00] was a hedge against failures in battery powered onboard devices designed to keep accurate time even when the machine is powered down the old CMOs clock. Remember that we still have those Microsoft engineers wrote quote, this is Microsoft ours, quoting Microsoft. You may ask why doesn't the device ask the nearest time server for the correct time over the network? Since [01:36:30] the server is not in a state to communicate securely over the network, it cannot obtain time securely over the network as well. Unless you choose to ignore network security or at least punch some holes in it by making exceptions to avoid making security exceptions. Secure time seating sets the time based on data inside an SS S L handshake [01:37:00] the machine makes with remote servers. Okay, so when I first read that, I thought what ours explains some things we know but adds some new bits They wrote, these handshakes occur between two devices connecting using secure sockets layer protocol.

(01:37:20):
The mechanism that provides encrypted H T D P S sessions. It's also known as transport layer security. They say as we know because secure time [01:37:30] seating, s t s used SS s L certificates and windows already stored locally, it could ensure that the machine was securely connected to the remote server. The mechanism Microsoft Engineers wrote helped us to break the cyclical dependency between client system time and security keys including S S L certificates. Okay, now backing [01:38:00] up a little bit, Simon wasn't the only person encountering wild spontaneous fluctuations in Windows system clocks used in mission critical environments. Sometime last year, a separate engineer named Ken began seeing similar time drifts. They were limited to two or three servers and occurred every few months. Sometimes the clock times jumped [01:38:30] by a matter of weeks. Other times the times changed to as late as the year Leo.

(01:38:38):
This will even be after us the year 2159. That doesn't seem possible. I know it should not be. That shouldn't happen. So let's just pause here. Sounds to me, lemme see if I understand it. It sounds to me, so this all makes sense so far, [01:39:00] which is if I've lost contact with the outside world, I can't set my clock, but I need to set my clock in order to get outside world access. So I have some internal computers that I'm communicating with over S S L. Yes. Does SS S L then say, Hey, I think it's quarter past four, what do you think it must be? You're going to get to that. There is a timestamp in S S L. That makes sense. So I don't need, given that I've lost access to the internet for the time being, [01:39:30] I don't need it to be right.

(01:39:31):
I just need to be roughly right. So I'm going to presume that that SS s l certificate isn't too far off. So I understand the logic Microsoft had here. So we're going to get an approximate time, which will then let us fix this problem maybe down the road, but at least we'll be closer than if we were just making it up, right? That's good. Yes, unfortunately, and what you described is a useful heuristic with an exception [01:40:00] and we will see like a bad exception, but even so this is an example of a very poorly designed and thought out heuristic. Now we don't understand yet in detail what's going on. No one does. Microsoft is not telling us and they don't share their source code. So we don't know exactly what Windows is doing to obtain as time of day and date information, but we don't need to yet.

(01:40:27):
The very fact that [01:40:30] it's even possible, as you said, Leo, for a server last year in 2022 to believe that it's now 2159. Yeah, that should never happen. 137 years in the future conclusively demonstrates that the designer of this system left out a crucial concept, which is very important in heuristic systems. My own name for them is [01:41:00] sanity checks and our listeners will have heard me refer to them from time to time because they're integral to creating robust systems. As the name suggests, a sanity check is a reasonability filter that's applied. Once an answer is obtained from a heuristic system, it prevents believing ridiculous or impossible things. Okay, so what sanity checks might be applied here? [01:41:30] Well, the Microsoft engineers were bragging about how they could rely upon the machine's locally stored t l s certificates to allow them to obtain a secure connection. So would it be reasonable to expect those certificates to have valid expiration dates, right?

(01:41:49):
That'd be reasonable. 137 years in the future, it couldn't be all of those certificates will have expired. So that would appear to fail. [01:42:00] Problem number one, the reasonability test. And what about operating windows? What operating Windows server would have all of its certificates expired? Well, more than a hundred years ago. Or how about asking the local Windows update service for the timestamp on the most recently received monthly update? There you go. Is it reasonable to imagine that the machine has not had a security or feature update [01:42:30] in 137 years given Microsoft's track record for bugs?

(01:42:37):
No. I have a theory in my mind what's happening is you've got two servers that are disconnected. So the first one asks the second one, well, what time is it? And he tells them, and then the second one asks the first one, what's time? And they're advancing each other in a loop till they get hundreds of years. In the future, that would be bad. Your sanity check would've stopped that, right? [01:43:00] Just don't keep going. And if it gets too far, obviously you've gone too far. You say they don't know why this is happening. We're going to get to it, Leo. It's worse than you can imagine. Oh dear Ken, who also wants to remain anonymous, wrote in an email quote, but he's been driven crazy by this. It has exponentially grown to be more and more servers that are affected by this. In [01:43:30] total, we have around 20 servers VMs that have experienced this out of 5,000.

(01:43:37):
So it's not a huge amount, but it is considerable, especially considering the damage this does. It usually happens to database servers. When a database server jumps in time, it wreaks havoc he wrote and the backup won't run either as long as the server has such a huge offset in time for our customers, [01:44:00] this is crucial. Okay, so gee seems like the backup system is smart enough to say, ah, something's wrong here. But windows itself appears to be blissfully ignorant. Simon and Ken who both asked to be identified only by their first names because they weren't authorized by their employers to speak on the record soon found that engineers and administrators had been reporting the same time since [01:44:30] 2016. In 2017, for instance, a Reddit user in assist admin forum reported that some Windows 10 machines, the user administered for a university were reporting inaccurate times in some cases by as many as 31 hours in the past.

(01:44:49):
Okay, so here again, another missed opportunity for a sanity check. In our current reality time stubbornly only moves forward. [01:45:00] It turns out that this really simplifies things, but that means that discovering that many files in its file system are suddenly timestamped 31 hours in the future might give any well-designed heuristic algorithm pause. In any event, ours writes, the Reddit user eventually discovered that the time changes were correlated to a Windows registry key [01:45:30] and then they note H key local machine system current control set services W 32 time secure time limits. Additional investigation showed that the time changes were also linked to errors that reported valid SS s l certificates used by the university website were invalid when some people tried to access it. Of course, yeah, because the machine's time was now off, the admin [01:46:00] reached the following conclusion. Windows 10 and 11 have a feature called secure time, which is on by default.

(01:46:12):
It correlates timestamp metadata from S S L packets exactly like you've been surmising Leo and compares them with in time with the machine's local time. Then what this guy wrote is it processes these [01:46:30] various times by means of black magic and sets the system clock accordingly. Unfortunately, this feature has the tendency to flip out and set the system time to a random time in the past or the future. The flip out might be caused by issues with SS S L traffic. This person surmises other examples of people reporting the same behavior date back to 2016. Shortly after the rollout of this SS [01:47:00] t s and many more recent reports of harmful S T SS induced time changes have been reported. One Reddit user wrote, we've run into a show stopping issue where time on a bunch of production system jumped forward 17 hours. If you've been in the game more than a week, you know the havoc this can cause.

(01:47:27):
Okay, so what's going on To [01:47:30] determine the current time, we know two things. S t s pulls two pieces of metadata contained in the SS S L handshake. It pulls the server Unix time, which is a date and time we've been talking about already. This podcast obtained from the number of seconds that have elapsed since 0 0 0 U T C on January 1st, 1970. [01:48:00] The other is cryptographically signed data obtained from the remote servers S S L certificate showing whether it has been revoked under a mechanism we've discussed here at length. Also O C S P, the online certificate status protocol. So finally, here's how ours explains what it was told by Microsoft's engineers. Ours wrote, Microsoft [01:48:30] Engineers said they used the server UNIX time data they wrote, assuming it is somewhat accurate exactly as you suggested Leo, but went on to acknowledge in the same sentence that it can also be incorrect to prevent s t s from resetting system clocks based on data provided by a single out of synch remote server.

(01:49:00):
[01:49:00] S t s makes randomly interspersed SS s L connections to multiple servers to arrive at a reliable range for the current time. The mechanism then merges the server UNIX time with the O C S P validity period to produce the smallest possible time range and assigns it a confidence score. When the score, the confidence score reaches [01:49:30] a sufficiently high threshold, windows classifies the data as SS T S H C short for secure time seed high confidence. The T SS H C is then used to monitor system clocks for gross errors and correct them. So what we've all just heard is a perfect textbook example [01:50:00] of a heuristic algorithm. It doesn't get any more heuristic than that unfortunately. It is also apparently somehow prone to misfiring badly to become highly confident about very wrong times. Ours says, despite the checks and balances built into H T S to ensure it provides accurate time estimates, the time jumps indicate the feature [01:50:30] sometimes makes wild guesses that are off by days, weeks, months, or even years.

(01:50:36):
Yes, even 137 years. Ken wrote in his email At this point we're not completely sure why secure time seeding is doing this being so seemingly random it's difficult to understand. Microsoft hasn't really been helpful in trying to track this either. He said, I've spent [01:51:00] sent over logs and information, but they haven't really followed up on this. They seem more interested in closing the case. Simon meanwhile said that he's also reported the time resets to multiple groups within Microsoft. When reporting the problems on Microsoft's feedback hub in May, he said he received no company response. He then reported it through the Microsoft Security Response Center in June, the submission [01:51:30] was closed as a non M S R C case with no elaboration. Simon then tapped a third party specializing in Microsoft Cloud security to act as an intermediary. The intermediary relayed a response from Microsoft recommending s t s be turned off when the server receives reliable timekeeping through the network time protocol meaning if N T P, [01:52:00] which is what everything has always used is fine, then use it and turn off s t s, which obviously is able to override that Simon wrote in an email.

(01:52:11):
Unfortunately, this recommendation isn't publicly available and it is still far from enough to stop the wrongly designed feature to keep wreaking havoc around the world. Simon said he believes the s t s design is based on a fundamental misinterpretation [01:52:30] of the t l s specification. Microsoft's description of S T s acknowledges that some SS s L implementations don't put the correct system time of the server in server Unix time field at all. And here it comes, Leo. Indeed, these implementations, most notably the widely used open SS SS L code library starting [01:53:00] in 2014 populate the field with random data.

(01:53:10):
Well that explains it. Oh boy. Well there you have it. They're getting, geez, they're interpreting noise in incoming S S L connections and every so often enough of the noise happens to line up [01:53:30] that they believe a wrong date and jump ahead or forward because the heuristic will reject a lot of terrible timestamps. It does have some sanity checking. It's just well, but again, what we're seeing it do is obviously wrong. So it's got, it has it basically it's believing its own prs [01:54:00] always a mistake. It's receiving nonsense and every so often the nonsense, the planets align the nonsense looks like sense and it goes, oh my God, it's 137 years earlier than or later than I thought and it jumps the clock forward. That's insane. Yeah, well they misinterpreted the t l s spec, that's all, or made assumptions about it that were incorrect [01:54:30] and then failed to put a reasonability filter on the result of their heuristic.

(01:54:38):
Well, I guess, I mean they maybe don't want to admit it because it might break the whole SS t s mechanism if you can't trust what you're getting back, this whole system might be a faulty system. The whole system is a faulty system. Basically. This is someone's bad design from, well, it seemed like a good idea that they're [01:55:00] in love with from seven years ago that they can't let go of it and it is just effing things up and it's causing real damage to their customers and Microsoft doesn't want to hear about it. They like it. I mean, I'm sure it got elevated to someone who said, no, no, that's it works. It's got heuristics would be worse. Not having any system for correcting the time, which means you never have any hope of getting a time from an N T P server maybe or [01:55:30] trying to get something.

(01:55:33):
They just need better heuristics. Right? That's really the conclusion. Yes, this is bad. It's not a bad in theory, but knowing now that they could get random data, they need a much better sanity. And Leo, they could have fixed it seven years ago. Well, I'm trying to think that maybe they thought, well we can't abandon this. It's better than nothing, but obviously it's not better than nothing. Yeah, no, we had working systems in [01:56:00] before 2016, right before they did this, things were fine. They weren't wreaking this kind of habit. They need a better heuristic. So Simon said the false assumption is that most SS s L implementations return the server time. This was probably true in a Microsoft only ecosystem back when they implemented it at because wass no open SS L being run. Yes. Right. But at that time when S S SS was introduced open S SS L was already sending [01:56:30] some random data.

(01:56:31):
Wow. Okay. So now maybe they're hoping to get the open ssss L guys to fix their code. Maybe they say it's their problem, it's probably a privacy problem. I mean, I imagine open S S L is randomizing this because first of all, obviously it doesn't have to be right because open s s l works just fine and it's probably leaking information about the exact time that the open S S L server thinks [01:57:00] it is. And you could use that in order to do some de anonymization stuff. So while official Microsoft talking points play down the unreliability of S T SS Ryan Rise, whose LinkedIn profile indicates he is a senior Windows escalation engineer at Microsoft, wasn't as reticent when discussing SS t s on Twitter last year, and I have in the show notes [01:57:30] a copy of Ryan's posting on Twitter. He says, and he's got a big beard, so it's be true, you can believe him.

(01:57:37):
Big gray beard. Yeah. He says, Hey people, if you manage active directory domain controllers, I want to give you some unofficial, that's all caps advice. That is solely my personal opinion. Disable secure time seeding for W 32 time on your domain controllers. [01:58:00] Well, there you go. There it is. January 31st, 2022. So that he was heading into New Year's Eve and he thought, let's just give everybody a heads up for the new year. So someone named Brian Clark replied to Ryan's tweet. He said, and why do you think we should do this? And Ryan says, because it's just a matter of time wink before it bites you in the butt. [01:58:30] So they've known about this. Yep. Made no attempt to fix it. Nope.

(01:58:38):
So again, this was a senior Windows escalation engineer at Microsoft several hours who clearly, clearly see it happen. He'd seen it happen. He knew it was going to happen. Yeah, of course. Several hours after ours post, I think this is what's happened to Microsoft Leo. It has become too large and sprawling. It's just no longer responsible for itself. [01:59:00] Anyway, several hours after ours first posted this, a Microsoft representative emailed ours the following statement, this is from Microsoft Secure time seeding feature is a heuristic based method of timekeeping that also helps correct system time in case of certain software, firmware, hardware, timekeeping, failures. The feature has been enabled by default in all default windows configurations [01:59:30] and has been shown to function as intended in default configurations. Time distribution is unique to each deployment and customers often configure their machines to their particular needs. Given the heuristic nature of secure time seeding and the variety of possible deployments used by our customers, we have provided the ability to disable this feature if it does not suit your needs.

(01:59:58):
Our understanding [02:00:00] is that there are likely unique proprietary complex factors in deployments where customers are experiencing secure time seeding issues, and these customers do not benefit from this feature right as it is currently implemented. Of course, they're not going to change the implementation apparently in these isolated cases. The only course of action we can recommend is to disable this feature in their deployments. It's your, in other words, fault for using open [02:00:30] S S L is what they're saying, I think. Yep. For having it around. Yep, exactly. And they say we agreed that the overall direction of technology with the adoption of T L Ss version 1.3 and other deployments in this area could make secure time seeding decreasingly effective over time. What do you want to bet, Leo? That T LSS 1.3 explicitly randomizes that field for the sake of privacy? And this is the way they're saying it.

(02:01:00):
[02:01:00] We agree that the overall direction of technology, Jesus, with adoption of T L s 1.3 and other developments in this area could make secure time exceedingly decreasingly effective over time. But that's not our fault. That's right. But we are not aware of any bugs arising from their use. It would be possible to build in a sanity check that would at least prevent the most egregious Yes. [02:01:30] Yes. So they could fix this Leo, look at the recent Windows update time. When did the most recent Windows update occur? Was it 137 years ago that you updated windows? There's ways to look at this. Unlikely. Yeah. Was it six months? No, it was within a month or two.

(02:01:53):
And you have file system activity. Yeah. Is it reasonable that no files have been written [02:02:00] in the last month? Well, can you query, there are things you could query about that. Right? Because we can presume that the machine I'm using is not accurate. Time is littered. Machines are littered with time clues Interesting. Seems like this is solvable, but they may have said it's just going to get worse and worse. And increasingly, especially with TLS 1.3, we're not going to get any real time signals that we can trust. So we [02:02:30] just want people to turn off, so we're going to keep using them. Yeah, well that's not the right answer obviously. So the well-known personality HD Moore, the c t o and co-founder at Run Zero who also developed a Metasploit framework project foundation, the pen testing suite, he speculated on signal that the cause is some sort of logic bug in Microsoft's code.

(02:02:56):
So HD Moore wrote, if Open SS s l has [02:03:00] been setting random Unix times in t l s responses for a long period of time, but this bug is showing up infrequently, then it's likely harder to trigger than just forcing a bunch of outbound T L s connections to a server with bogus timestamp replies. If it was that easy, it would happen far more frequently. Either the s t s logic relies on different root certificates as the signer or some variety in the host names ipss or only triggers [02:03:30] on certain flavors of random timestamp like values divisible by 10 24 or something. It smells like a logic bug that is triggered infrequently by fully random timestamps and likely just some subset of values and with some other conditions like multiple requests in some period of time to multiple et cetera. And then ours wraps up their coverage of this by writing as the creator and lead developer of the Metasploit Exploit framework.

(02:03:59):
A pen tester and [02:04:00] chief security officer Moore has a deep background in security. He speculated that it might be possible for malicious actors to exploit S T Ss to breach Windows systems that don't have s t s turned off. One possible exploit would work with an attack technique known as a server-side request forgery. Microsoft's repeated refusal to engage with customers experiencing [02:04:30] these problems means that for the foreseeable future, windows will by default continue to reset system clocks based on values that remote third parties include in SS s l handshakes. Further, it means that it will be incumbent on individual admins to manually turn off S T s when it causes problems. Of course, by that time it's too late because it caused a problem, which could be really bad. [02:05:00] That in turn they said is likely to keep fueling criticism that the feature as it has existed for the past seven years does more harm than good.

(02:05:11):
Wow. Simon wrote SS t s is more like malware than an actual feature. Holy cow. He said, I'm amazed that the developers didn't see it, that QA didn't see it, and that they even wrote about it publicly without anyone raising a red flag and that [02:05:30] nobody at Microsoft has acted when being made aware of it. Yeah. So wow. In the Registry HQ local machine system current control set services, W 32 time config contains a Reg D word value named utilize SS SS L time data. [02:06:00] That makes it pretty clear. And now that we know that the SS s L time data that's present in open SSLs handshakes is random noise. That doesn't seem like a good thing to leave enabled in my WIN 10 machine, that value was set to one to enable this feature in Windows. It's not set. It is now set to zero and anyone else who's concerned by this consent theirs to zero after [02:06:30] rebooting windows.

(02:06:33):
It will rely upon your local machine's clock and the reliable network time protocol to set it and keep it set correctly. End of story. Well, I started out observing heuristic rules of thumb approaches can be extremely valuable. They make spin right six one [02:07:00] possible as it is, but they need to be designed with care and protected from going badly wrong. It appears that Microsoft has done neither of these things in a system that has already and may still damage their users chimney Christmas and they don't care. It's a fascinating case study though, in yes, attempting to solve a problem with a very kind of clever hack, but not doing it right, [02:07:30] I guess is the answer. And that's the problem with Clever Hack. Could I could have titled this podcast. You're doing it wrong, you're doing it wrong. Wow. And seemed to be unwilling to fix it, which is even weirder. Wow.

(02:07:46):
Really good case study. I think I like this idea that you should start doing like your professor of law where you come up with a case study and what do we learn from this? I love this. [02:08:00] You could do more of that. I know that our listeners do too, so when I can, I certainly will. Yeah. Thank you Steve. Steve Gibson is@grc.com. That's his website that Gibson Research Corporation. Well, you'll find many wonderful things there. Of course, spin right is his bread and butter, the world's best mass storage, maintenance and recovery utility, perfect for your failing SanDisk. SS S D 6.0 is the current version 6.1, only being better with SSDs and that's out [02:08:30] imminently. I love this that you wrote an A P I that figures out what the hardware is and then how to talk to it. It's kind of like the handshake of a modem, right?

(02:08:41):
Where you go, well, does this work? Does this work? That's a very good point. It's like the old days where do understand that it kept trying different levels of connection in order to figure out how fast you go. That's a heuristic, right? Yeah. Yep. That is. Talk to me. Can you hear me? Do you understand me? Yep. Fascinating. Anyway, 6.1 is imminent. You'll get a free [02:09:00] copy if you buy 6.0 Right now, everybody who has a hard driver in SS s D should absolutely have spin, right? There's no doubt about that. Steve also puts copies of this podcast on his site. Of course, he has the traditional 64 Kilobit audio. That's kind of the mainstream MP three version, but he also has a 16 Kilobit MP three for the bandwidth impaired, nice small for file size. He also has human written transcripts from Elaine Ferris that are really great [02:09:30] for either reading while you're listening, reading without listening or searching.

(02:09:35):
So all of that's at grc.com. You go to our website, we've got the 64 Kilobit audio. We also have video. That's our unique format. We do security now every Tuesday right after Mac break weekly. So that time varies. Usually around one 30 to 2:00 PM Pacific. That's 4:35 PM Eastern Time. That's 2030 U T C. The live stream is operative all day [02:10:00] and night. It's not always new content. Sometimes it's reruns, but if you're lonely and up in the middle of the night go to live twit tv, there's audio and video there, we'll be there to keep you company. If you're watching live, you can chat live in our irc open to all IRC TWIT tv. Your web browser work is fine there. Of course, I invite you to join the club. Then you get access to the Club Twit Discord. Also club members get ad free versions of this show.

(02:10:27):
All the shows ad free, tracker free. [02:10:30] We'll get rid of all those redirects. You also shows we don't put out anywhere else, hands on windows with Paul Thoro, hands on Macintosh with Michael Sargent Home Theater Geeks with Scott Wilkinson, the GIZ V with Dick d Barolo, and on and on and on. We've got a special event coming up in about an hour and a half. Jason Howell will be interviewing Dan Patterson, former C B Ss journalist, and he's had a very interesting career teaching, for instance, security like signal and encryption [02:11:00] to dissidents in countries where it's not safe to speak your mind. He's got a lot of very interesting anecdotes about that as well. That's tonight just one. We have events going on. I mean, how much would you pay for all this ad free versions of the show? You get access to the Discord, which goes all the time.

(02:11:16):
People always chatting about Geek Topics, not just our shows, but everything under the sun, the special feeds with stuff before and after shows that we don't put out as podcasts. That seems like it's worth a lot. We only charge $7 a month, a couple [02:11:30] of lattes a month, and you get all of that. There's a year plan, there's a family plan, there's a corporate plan. Find out more. You can even buy this show individually for 2 99 details at twit tv slash club twit, twit tv slash club twit, and thanks in advance. You club members really make a big difference. If we're going to get to episode, what did I say? 1,688 of this show, we're going to need [02:12:00] your help. I really think that's how we do it. Twit TV slash club twit, not a penny goes in my pocket. It goes in Steve's pocket and the people who work here and keeping the lights on and all of that. Thanks Steve. Have a great week. We'll see you next week on Security Now. Bye.

Mikah Sargent (02:12:19):
Oh, hey, that's a really nice iPhone you have there. You totally picked the right color. Hey, since you do use an iPhone and maybe use an iPad or an Apple Watch or an Apple tv, well, you [02:12:30] should check out iOS today. It's a show that I, Micah Sargent and my co-host, Rosemary Orchard, host every Tuesday right here on the twit Network. It covers all things iOS, tv, oss, HomePod, oss watch, oss, iPad, oss. It's all the OSS that Apple has on offer, and we'd love to give you tips and tricks about making the most of those devices, checking out great apps and services and answering your tech questions. I hope to check it out.