Security Now 989 transcript

Please be advised this transcript is AI-generated and may not be word for word. Time codes refer to the approximate times in the ad-supported version of the show

0:00:00 - Leo Laporte
It's time for security now. Guess who won the most epic fail award. We'll talk about that. A backdoor found in RFID access key cards that are used almost everywhere, and then this is a propeller hat episode. We're going to have a lot of fun. Steve is going to explain a really clever technique that may solve this certificate revocation problem. We're going to study cascading bloom filters, and it's fascinating. But that's all coming up. Next on Security Now Podcasts you love.

0:00:36 - Steve Gibson
From people you trust.

0:00:39 - Leo Laporte
This is Twit. This is security now with steve gibson, episode 989 recorded tuesday, august 27th 2024 cascading bloom filters. It's time for security now, your favorite show every week, every tuesday. We wait all week for this moment to talk and listen to Mr Stephen Tiberius Gibson. There he is, hello, steve.

0:01:12 - Steve Gibson
Oh, leo, uh-oh, I've taken a deep breath because, boy, do we have a brain-melting podcast today? Oh no, but in a good way today. Oh no, but in a good way we're going. This is, you know, we've also referred to them previously as our propeller beanie podcasts, the, you know, the deep dive podcast, and it actually it's one of the things that our listeners keep saying that they really like oh yeah, as much or more than anything else absolutely the problem is there just isn't always something like that to talk about.

But we have something today for Security. Now, episode 989, for this last podcast of August when did that month go? Yeah, titled Cascading Bloom Filters, and although this is going to be, this is like one of those podcasts where, if you are operating heavy equipment, keep your focus on the heavy equipment because that's more important able to split their attention and come away feeling like, wow, I understood that because it's it's and I don't mean to overplay its complexity, it's not, but it's brand new, it's pure, beautiful, intellectual computer science and I know that a bunch of our listeners are going to get a big kick out of it. But we have other stuff to talk about first, although I should say that our overall page count is down, because I'm quite sure that our listeners' brains are going to saturate before you know by the time we get to page 16. So I don't think anybody will find anything missing here. Crowdstrike's president appeared in person to accept the most epic fail award. We'll talk about that Also.

This is something that I want to talk about for a couple of weeks, but and I just didn't have a chance to get it in to the last couple of podcasts, but it just it upsets my stomach because a Chinese backdoor was discovered in in Chinese made RFID access key cards and what this portends about our supply chain is really worrisome. We've got counterfeit and poorly functioning Cisco brand networking gear that were being sold to pretty much the who's who I wanted to share. A startling customer bit of feedback about his SSD performance improvement and I've got screenshots which he took and sent. Also a little bit of a rata, also a little bit of errata when is Bing actually Edge? And another couple things. Also another national public data breach check service.

0:04:35 - Leo Laporte
We're going to answer the question. What are cascading bloom filters and why am I talking about them? It has nothing to do with gardening, I'm assuming yes.

0:04:39 - Steve Gibson
Nothing to do with gardening? No, okay, why do they offer the promise of 100% browser, local and instantaneous certificate revocation detection? Wow, this is what Mozilla has been working on for four years, and if people pay attention, everyone will be able to go. I understand about cascading bloom filters, and boy will you be the hit at the next cocktail party.

0:05:16 - Leo Laporte
It's a great way, I think, to meet people and say, hey, have I told you about cascading bloom filters? And then they go oh no, but please do but please do, yeah.

0:05:25 - Steve Gibson
Well, or if it's really someone obnoxious who you do not want to talk about, you can just launch into a cascading bloom filter. There you go, dissertation, and they'll say, oh, I'm sorry, I I have to pee or something I mean they'll come up with. Oh, is that my doorbell? I think it's my doorbell. Hold on.

0:05:43 - Leo Laporte
Yeah, we asked AI Leo in our Discord what cascading bloom filters mean, and I don't know if his answer is right, because I don't know what it is. But according to AI Leo, there's a term that can make even the most seasoned programmers' eyes glaze over faster than a donut and a cop convection. It's a nifty way to test whether an element is a member of a set. Is that right? Yeah, cascading them is like stacking pancakes great for efficiency, but a bit messy if you don't manage your syrup. It was good so far, right up up to that point, that's right.

0:06:24 - Steve Gibson
Now is it on one of your shows that you were talking about printing pancakes. Is the pancake printer yes?

0:06:34 - Leo Laporte
That was a. We thought that was something that Craig Newmark owned at home. That's right, Because he took so many pictures of it on his Instagram but it turns out he just is in a lot of airport lounges.

0:06:45 - Steve Gibson
But he does. He pre syrups the plate that the pancakes drop onto, his technique, as Craig always does. He's an innovator, he's leading the pack and I should mention that all, leo, we have a really good picture of the week. This one, this one, is going to be fun. I haven't seen it, but I do have it all queued up for you everybody should be ready for a lot of fun for the next hour and a half or so.

0:07:10 - Leo Laporte
Okay, steve, that will be the topic of the day in just a little. But first a word from our sponsor, the great folks at thinks canary, something everybody should have. If you have a network, you I'm sure have excellent perimeter control. You, you know you'd protect your network from people entering it. But what happens if somebody's in your network, if they got through, or maybe a malicious insider wandering around, how do you know if you've got intruders? Right your perimeter safety, your, your, your firewalls they're not going to tell you anything. You need a things canary. What is the things canary? It's a honeypot. It's easy to deploy. Right your perimeter safety, your firewalls, they're not going to tell you anything. You need a ThinkScanary. What is a ThinkScanary? It's a honeypot. It's easy to deploy. You can get it set up in minutes.

And then if somebody is in your network accessing the ThinkScanary which, by the way, is posing as a SCADA device or an IIS server or a Linux box my case it's a Synology NAS, and when I say posing, it is a very credible pose. They even duplicate the MAC address. They've got the real login screen. It looks just like the real thing. But as soon as the bad guy accesses it, you're going to get an alert, and only the alerts that matter, right? No false alerts. They also allow you to make the Kinkscanaries allow you to make what they call lure files, little PDFs or docx files or Excel spreadsheets. You can name them whatever you want. They look valuable. You know, I have a, for instance, employeeinformationxls file. If somebody opens it, boom. Immediately your ThinkScanary will tell you you have a problem. No false alerts, just the alerts that matter. So how does this work? You choose a profile for your ThinkScanary from their console. There are literally dozens of things it can be. You register it with the hosted console for monitoring and notifications. And, by the way, you can choose notifications in almost any way, of course text messages, phone calls, emails, syslog. It supports webhooks, it's got an API, so really the sky's the limit. But the key is you're only going to get notifications when somebody tries to brute force your server, tries to get into your SSH server or maybe opens one of those lure files. So you just wait and an attacker who's breached your network, a malicious insider, any adversary, will make themselves known immediately by accessing your things canary. This is a must-have tool. On average, companies don't know they've been breached and we know this because we hear about these breaches all the time. Months after the fact, right. On average, it takes 91 days for a company to figure out hey, we've been breached.

Now you want? You want some Thinks Canaries. I know you do. Here's what you do you go to canarytools slash twit. For $7,500 a year, you get five Thinks Canaries. Now you might want hundreds.

Many big operations have many hundreds. A small operation like ours might only have a handful, but, just as an example, five Thinks Canaries, $7,500 a year. Of course, that includes the hosted console, all upgrades, all support, all maintenance for that whole year, and if you use the code TWIT in the how Did you Hear About Us? Box, you're going to get 10% off the price, not just for the first year, but for as long as you're a customer, for life. Here's another thing that will reassure you, because I know this may be as new technology to some of you.

Get it because you can always return your things canaries. They have a two-month, 60-day money-back guarantee for a full refund, so there's zero risk involved. I should point out, though, that there may be. Maybe you're going to fall in love with your things canary during all the years that twit has partnered with things canary. That refund has never been claimed. Nobody's ever asked for their money back because it works so well. Visit canarytools slash twit. Enter the code twit in the how did you hear about us box. The thinks canary. Canarytools, slash twit. We thank. We thank them so much for their support of Steve Gibson and security. Now there is Steve. Once again, steve.

0:11:10 - Steve Gibson
I have a picture of the week and we're ready for your candid first look.

0:11:19 - Leo Laporte
Leo, okay, that's a kid First laugh Cause I wasn't on camera, but absolutely, this is, this is a winner. Let me pull it up for you.

0:11:30 - Steve Gibson
So we're aware of the bragging signs that factory floors sometimes have, where they say you know no accidents for the last 263 days, right, and they've got like little pegs where every day somebody changes the number and they're really impressed with how they're doing. And I couldn't remember what it was, but we had something similar once where it was a smoke detector stuck on the ceiling and it said like change by or something. And it but and meant the idea was you were or installed by or something and you were supposed to put the date in there and somebody put something completely you know non-sequitur in there instead. Anyway. So here we have, thanks to one of our listeners, a wonderful some signage. It says this work center has been accident free since. And then there's a big white field where you know someone's meant to be like putting in the date Right, like it's been accident free since some date, and instead it says this work center has been accident free since. Joe left, poor Joe.

0:12:50 - Leo Laporte
Poor Joe.

0:12:51 - Steve Gibson
Yeah, and I did get a listener. I've already sent out 8,747 pieces of mail with the summary of the show, this picture of the week, the link to the show notes and so forth to those listeners of ours who have signed up to receive that every Tuesday morning Someone wrote back and he said is that on the White House?

0:13:17 - Leo Laporte
Anyway.

0:13:18 - Steve Gibson
Joe has not left the building yet, at least not in body. So anyway, just I'd love that, since Joe left Right. Ok, so PC Magazine's piece was published on August 12th to set the time, which was two weeks ago yesterday, but I felt that it was important enough to share, and we've had our hands so full with, you know, over the top two plus hour podcasts the last few weeks. Elaine always tells me she says, oh, it's going to take a while to transcribe. Okay, elaine, no problem, take your time. Anyway, I just didn't have a chance to get to this, but I wanted to share it because I thought it was very cool.

Pcmag wrote CrowdStrike's reputation has taken a beating after last month's massive IT outage, accepting a cybersecurity humiliation award for most epic fail at the DEF CON hacking show. The annual Pony Awards recognize achievements and major blunders in the cybersecurity industry. Past winners and it has that in air quotes of the most epic fail include Microsoft, the TSA and Twitter. This year, there was no question that CrowdStrike would receive the notorious title after the company accidentally distributed a faulty security update that bricked millions of Windows, pcs and servers PCs and servers. Although CrowdStrike could have easily ignored the award, crowdstrike's president, michael Santonis accepted it in person, which elicited applause from an audience made up of other cybersecurity professionals. Santonis said it was important he accept the award so that CrowdStrike could own its mistakes Quote. He said definitely not the award to be proud of receiving. I think the team was surprised when I said straight away that I would come and get it because we got this horribly wrong. We've said that a number of different times and it's super important to own it. He said he will prominently display the trophy. I wonder what the trophy looks like, you know, like garbage can or who knows? Anyway, he will prominently display the trophy he received at CrowdStrike's headquarters in Texas quote because I want every CrowdStriker who comes to work to see it. Our goal is to protect people and we got this wrong. I want to make sure everyone understands these things cannot happen and that's what this community is about, anyway. So the article finishes saying the gesture received praise from other cybersecurity workers, since it's rare for a company to accept the most epic fail award from the ponies.

Still, crowdstrike faces a long road to repair its reputation. A pair of class action lawsuits have already been filed against the company, demanding it pay damages for causing last month's outage. In addition, delta Airlines, which was forced to cancel thousands of flights due to the disruption, is also considering a lawsuit against CrowdStrike and Microsoft, which we talked about before. Anyway, I just thought it was so cool that CrowdStrike's president went to the trouble and had the class to show up in person and also that the attendees of DEF CON had the good sense to applaud his in-person appearance. So you know, yeah, lots of damage caused and you know him doing this in no way influences lawsuits that are pending and class actions and all the rigmarole and hubbub that will result. That will result, but still, you know, as a gesture of already overflowing, so I didn't have a chance to share it, but I think everyone needs to hear this.

The news has had some coverage in the tech press, but Catalin Simpanu's Risky Business newsletter had the most comprehensive coverage I've seen. So here's what Catalin wrote. Had the most comprehensive coverage I've seen. So here's what Catalin wrote. He said a security researcher has discovered secret hardware backdoors in RFID key cards manufactured by a major Chinese company. The backdoors can allow threat actors to clone affected smart cards within minutes actually quicker than that and access secure areas. They impact smart cards manufactured by Chinese company Shanghai Fundan Microelectronics that were built using MyFair classic chips from NXP and you know NXP is Philips' new name and you know NXP is Phillips' new name. The chips have been on the market since 1994 and have been widely used over the past decades to create smart key cards and access badges for hotels, banks, government buildings, factories and many other places. Catalin then has a snippet in his reporting of a tweet from Rob Joyce, who notes for those who don't know, these are the RF key cards that are used in the electronic locks for hotels and other businesses. This backdoor allows trivial reading and duplication of the key card for those that had the backdoor key. So Catlin continues the chips have been on the market since 1994 and have been widely used over the past decades to create these smart key cards. To create these smart key cards, you know again, hotels, banks, government buildings, factories and even the military has these.

Because they've been on the market for so long, they've not escaped the prying eyes of the cybersecurity community, which has previously found several ways to break their encryption and clone Mirage-based cards with attacks named Darkside, nested Authentication, hard Nested and Static Nested attacks. You get the sense that there's something about nesting in the weakness of these cards. Over the years, vendors have developed improved versions of their smart cards that shipped with various improvements designed to boost security and prevent some of the discovered attacks. Two of the most popular and these are the upgraded card designs are the FM-11RF08 and the FM-11RF08S, where the S stands for Security Improved Version.

But in a paper published last week, and so this would be a few weeks ago from now, quark's Labs' Philippe Twen says that while researching FM-11 RF-08S cards the improved ones he found what proved to be a secret back door baked inside Fudan's cards. He discovered the back door while fuzzing the card's command sets and noticed that the card was answering to undocumented instructions within a specific range. He said, quote apparently all FM 11 RF 08 S implement a backdoor authentication command with a unique key for the entire production and we broke it. And we broke it For the Fudan FM11RF08S cards. That key was A396EFA4E24F. That's the backdoor that opens up any of those cards. Then, taking his research further, he also found a similar universal backdoor authentication key for its predecessor, the FM11RF08 cards. That key is A31667A8CEC1. This also impacted many other Fudan card models, and then we get a list of numbers. It also impacted card models from Infineon and Philips, now NXP, suggesting that these companies had likely licensed their card technology from the Chinese company.

According to Tuen the backdoor, the researcher who found this, the backdoor seems to go as far back as 2007, meaning that many access key cards distributed over the past 17 years can be cloned with brief physical access within seconds In and out. Above, these RF access cards are based on MyFair Classic, which were already considered insecure, but that was due to design errors and not a backdoor. Attackers would still have to spend minutes and physical resources to crack and dump a card's data in order to clone access keys configured to it, but the backdoor makes that possible and it adds a whole new threat matrix cell. So what I find upsetting about this is that this is an example of the true danger we face when we're outsourcing and importing proprietary microelectronics that cannot be readily audited, and this is an example. I believe that's crucially important because this is not just a theoretical attack. Right, you know, a theoretical attack is bad enough, like you know, the fact that it would be possible to install extra chips on a motherboard to establish a secret backdoor for a theoretical attacker, but there's nothing theoretical about what was just found. This backdoor capability was actually secretly installed into countless supposedly secure and supposedly even more secure, like you know, there's their successor, enhanced security rfid access cards.

So this wasn't a mistake. This was deliberate um, and we're never going to know the deeper backstory here. We'll never know exactly why this was done, from how high up in Chinese industry or government the decision was made to subvert an extremely popular family of authentication chip technology, and why. And it doesn't really matter. What matters is that someone said we'll make super secure chips forpect about the servers that they'll be installing into their data centers. We were talking about this after their announcement. At the time, that seemed like some really cool over the top security precautions. Now it seems not only prescient but quite necessary.

We really do have a problem with supply chain security, and the only way it's ever going to get better will be when some means is made to thoroughly audit the design and operation of the technologies we use. The problem is that the extreme benefit of the level of integration that we have today buries literally the circuit diagram, the logic diagram of this technology, under layers of silicon and masks and etching and everything that goes into building chips, older chips, and we've seen this before. It's possible to pop the lid off the chip and vertical stripes running back and forth that are like oh, that, look, that's a, that's a transistor and that transistor is connected to this one, and they can unravel that back into a, an actual circuit diagram. We've seen it done with like the 6502 and the 8088 and early generation ICs, but now that they've gotten to be multi-layer and deep and in some cases deliberately obfuscated, it's possible to hide this stuff. It's just not feasible anymore. So I don't know what we do. You know, what we've seen happening over the 19 years so far of this podcast is all of the use of the Internet and our technologies moving rather rapidly from, you know, cat videos on the Internet to be utterly dependent upon this networking technology for financial and military and governmental security and it's coming up wanting.

Unfortunately, and on a related topic, we have Bleeping Computer recently carrying a piece with the headline CEO charged with sale of counterfeit Cisco devices to government and health orgs. They wrote on or XOXO on. Our XOXO was indicted for allegedly selling more than $100 million worth of counterfeit Cisco network equipment to customers worldwide, including health, military and government organizations. According to the criminal complaint, the 38-year-old Florida man ran a massive operation between at least as early as 2013 through 2022, between at least as early as 2013 through 2022, importing tens of thousands of modified low-quality networking devices for as much as 95% to 98% off of Cisco's MSRP for the same devices. That devices of these were purported to be from Hong Kong and Chinese counterfeiters through a network of at least 19 firms in New Jersey and Florida. The indictment alleges these devices were sold as new and genuine Cisco products through dozens of Amazon and eBay storefronts to customers across the United States and overseas, some ending up on the networks of hospitals, schools, government and military organizations.

The fraudulent Cisco devices sold by pro-network entities came with performance, functionality and safety issues that led to failures and malfunctions, which, in turn, generated significant damages to customers and operations and networks. This happened because the counterfeiters who sold the fraudulent Cisco equipment to Axoy were modifying older, lower model products, some previously owned, to make them look like genuine models of new and more expensive Cisco devices. A US Department of Justice press release reads, quote as alleged, the Chinese counterfeiters often pirated Cisco software and unauthorized low-quality or unreliable components, authorized low-quality or unreliable components, including components to circumvent technological measures added by Cisco to the software, to check for software license compliance and to authenticate the hardware. Finally, to make the devices appear new, genuine, high-quality and factory-sealed by Cisco, the Chinese counterfeiters allegedly added counterfeited Cisco labels, stickers, boxes, documentation, packaging and other materials. In other words, total front to back, soup to nuts counterfeiting of the entire unboxing. And you know receiving experience. Bleeping Computer said.

Axoy's companies, collectively known as pro-network entities, generated more than $100 million in revenue, with millions lining the defendants' pockets. However, despite his efforts to fly under the radar by using fake delivery addresses, submitting forged paperwork and breaking shipments into smaller parcels, between 2014 and 2022, customs and Border Protection agencies seized roughly 180 loads of counterfeit Cisco equipment shipped to the pro-network entities by co-conspirators in China and Hong Kong. In July of 2021, law enforcement agencies seized 1,156 counterfeit Cisco devices worth over $7 million after executing a search warrant at Axoy's warehouse. To top it all off, doj says that between 2014 and 2019, cisco sent seven letters to Axoy asking him to please cease and desist his trafficking of counterfeit goods. Axoy allegedly responded to at least two of Cisco's cease and desist letters by quote, causing his attorney to provide Cisco with forged documents.

So you know he was trying to play the game too, and you know Cisco would have seen this equipment on sale at Amazon and eBay and probably bought some of it and opened it up.

You know there was a squirrel in a cage inside instead of, you know, an actual multi-core processor capable of doing what their product alleged it could do, and of course, this hurts Cisco reputation a lot, in addition to just lost revenue.

So the defendant was arrested in Miami on June 29th two years ago, 2022, and was also charged in the District of New Jersey the same day with multiple counts of trafficking counterfeit goods and committing mail and wire fraud.

If the charges stand up in court and Axoy gets sentenced to prove the truth of the allegations, this serves to show how easy it could be to infiltrate critical networks if a threat actor uses a similar approach selling genuine but backdoored networking equipment photography to identify the authenticity and providence of every single component on their servers as the beginning of the process that they go through before they let one of these servers get plugged into their super secure data center. So it's very clear that the bad guys have figured out that we're implicitly trusting the supply chain every step of the way and, unfortunately, subversion of one step to break the security of the entire chain and, unfortunately, the way we are doing things at the moment, we're vulnerable to that. Ok, so, leo, at this point let's take a break for our next sponsor, and then I want to share some sort of amazing performance improvement news courtesy of a Spinrite listener.

0:34:48 - Leo Laporte
All right, we'll get right back to security now in just a moment, steve, but first a word from our sponsor for this segment, this portion of the show, 1password. Actually, this is such a great happy story, 1password, which has been around for a long time I know a lot of you use it as your password manager acquired another one of our sponsors, Collide. It must be almost a year ago now. Collide specialized in enlisting your end users to help you maintain security. In addition to the authentication part, what Collide did was authenticate the devices and the software the user was bringing in. So the user was authenticated and then the device and software authenticated. Well, of course, 1password has the first part of that equation. They said they were brilliant. Oh, what if we marry the two, and 1Password extended access management was born. I'll tell you why you need it.

Let me ask you a question Do your end users always work on company-owned devices and IT-approved apps? I don't think so. So how do you keep your company safe, especially your data, when it's out there that data's sitting on all those unmanaged apps and devices, the BYOD phones, the laptops, the shadow IT? One password is an answer to this 1Password Extended Access Management. It helps you secure every sign-in for every app on every device. It solves the problems traditional IAM and MDM can't touch. You don't need MDM.

Imagine your company's security like the quad of a college campus. You got the nice brick paths leading from ivy covered building, the ivy covered building. Those are the company-owned devices, the it approved apps, the managed employee identities. And then there are those you know dirt paths worn by people who actually just go in the shortest distance between building a and building b. You know they're. They're not going to go on the brick path, they're just going to cut across. Well, those are the unmanaged devices. Those are the shadow IT apps. Those are the non-employee entities like contractors. Most security tools work on the happy little brick paths, but of course, a lot of the security problems take place on the little dirt shortcuts. That's why you need 1Password Extended Access Management.

It's the first security solution that brings all these unmanaged devices, all these apps and identities under your control. It assures that every user credential is strong and protected, every device is known and healthy and every app is visible. It's security for the way we work today, now generally available to companies that use Okta for authentication. So it's a great add-on. It also they've, you know, ever since the acquisition with 1Password, they've been expanding this. It now works with Microsoft Entra. It's in beta for Google Workspace customers. So if you use any of those authentication systems, you absolutely need to check out 1Password Extended Access Management. 1passwordcom slash security now the number one. P-a-s-s-w-o-r-d dot com slash security. Now, that's a wonderful marriage made in heaven. Thank you, 1password, for supporting what Steve does here. Thank you for supporting us by going to that site. 1passwordcom slash security now. Now let's get back to Steve Gibson slash security now.

0:38:17 - Steve Gibson
Now let's get back to steve gibson. Okay, so this is from uh, a listener of ours who identified himself as sandor and he said uh, thank you for spin right. He said I have a 10 year old toshiba satellite laptop. I installed a western digital blue ss SSD just over five years ago and actually he doesn't say it in here, but it's a one terabyte. So it's a one terabyte WD Blue SSD just over five years ago. He said the warranty just expired.

This Windows laptop was acting sluggish. I could not immediately identify the issue, so I ran down the checklist of items, checked for updates and ran check disk no problems. Check disk optimization Barely any fragmentation. Check the firmware on the SSD it was up to date. Ran a quick smart check Everything was okay.

I pulled out Spinrite and ran level one and checked my system afterwards. The sluggishness was still there. And that's what we would expect, because level one is just a read pass, he said. Thinking about what to check next. I remembered Steve mentioning Spinrite's benchmarking utility. Utility ran the benchmark and the issue revealed itself. The front, middle and end read speeds were way off. Get this 2.489, 17.224 and 11.642. And those are all megabytes per second. So wow, 2.489 megabytes per second. I think floppies do better than that, anyway, he said. Then he said see benchmark before dot JPEG, and I've got that in the show notes. Then he said ran Spinrite at level three and that's what he wants. He said, after level three completed, I reran the benchmarks which showed how the SSD returned to its proper performance. So now, remember, before we had 2.489, 17.224 and 11.642. Now 564.353, 563, three point two, eight, five and five, six, four point two, two, two. In other words, back to, you know, from down at two and a half, 17 and 11 megabytes per second to five hundred and sixty four megabytes per second across the board. And he said see benchmark after JPEG. He said the sluggishness I noticed is gone. The satellite laptop is performing as I would expect for a 10-year-old system. And I've got, for anyone who's interested, in the show notes he took a picture with his smartphone of the benchmarking output results before and after.

The other thing interesting is that spin right looks at the speed in the middle of the drive as the best estimate of the drive's average performance and it uses that to guess at, you know, to give the user a thumb ballpark, you know, estimate of how long a Spinrite scan will take, due to the low performance in the middle of the drive. Before, spinrite was estimating that that one terabyte drive would take it about 17.72 hours to scan. Of course that's what old Spinrite 6 users were accustomed to seeing from a one terabyte drive, not so any longer. After he ran the level three, spinrite now estimates that it would be able to scan that one terabyte SSD in 32.6 minutes. So from 17.72 hours to 32.6 minutes and of course the entire drive's performance is restored to its original factory throughput. You know we are seeing more and more examples of this.

Initially, when we first discovered this we were shocked, but we know what's going on. It's that especially at the beginning of the drive where the OS files reside, they are almost exclusively read. Ssd problem, known as read disturb, actually causes the storage levels in the bit cells to be disturbed, meaning altered, when neighboring regions are red. So the SSDs are extremely good about trying to get that difficult-to-read data back. They do all kinds of re-thresholding in order to set different threshold points for what are basically analog storage cells. They end up getting your data back, but at a huge cost in performance, simply by rewriting all the data, which SpinR's Level 3 does all the ones are really ones and the zeros are really zeros, and the drive comes back up to its factory original speed. Just like me, that's right. Glad to have you back at your factory original speed, leo.

0:43:48 - Leo Laporte
You know what happened? It's really hot here, it's almost 100 degrees, and I think comcast just died. Uh, and fortunately yesterday we put in starlink, so I'm talking to you now via space.

0:44:01 - Steve Gibson
Wait you look perfectly synchronized. It's amazing latency starlink is fantastic.

0:44:08 - Leo Laporte
It works. Yeah, latency is really low, in some cases lower than the terrestrial internet with comcast, and it's enough bandwidth to do the show, wow. So if you want to take a break now, you already took a break without me, I think I did, yeah, I, I, I, I you should have.

0:44:29 - Steve Gibson
I created both sides of a standard break and we will do another one here at the beginning of our main content.

0:44:38 - Leo Laporte
So continue on and I apologize for my no problem. Nobody saw that I had disappeared, but I had, and it was always crazy what was happening was coming back. So we have failover. The ubiquity fails over to Starlink. So when Comcast dies, about 10 seconds later, I come back and the way this works, I don't have to be. I'm not originating the call, so you'll continue on without it. What happened was Comcast would drop, starlink would come up and then it would come back. Starlink would drop. It was a mess, so I manually unplugged Comcast.

And I might leave it that way. Anyway, continue on, my friend you know Elon is such a challenge.

0:45:20 - Steve Gibson
Yes, but he does manage to induce people to create technology. It's amazing. He's like what do you mean? We can't have low Earth orbit satellites? I'm going to throw some up in the air myself.

0:45:31 - Leo Laporte
Thousands of them up there, yeah.

0:45:34 - Steve Gibson
Wow, okay, so I have two pieces of errata to share. First, it's been brought to my attention that I've been referring to Microsoft's Edge web browser as Bing, understandably.

Which is obviously their illustrious search engine facility, and I'll confess that the two have occupied approximately the same undesirable location in my head. So yeah, they were confused. But now that I'm aware of this glitch I will work to be more conscientious of my tendency to lump edge in with Bing, because you know they're both four letters and they're both MF MSFT. Wow Okay, the second issue was obvious in retrospect, but it just didn't occur to me last week, and that was that the national public data breach search facility at pentesterscom requires the choice of a US state. That's not something non-US listeners who were likely affected by the breach, at least those in Canada and the UK would have. So everyone was saying hey, gibson, I'm in Canada. What state is that in the US?

0:46:51 - Leo Laporte
Oh yeah, that's a problem. I might mention, though, that and you know him well Paul Holder, who is a Canadian he grabbed it, A resident of both of our fine forums did an interesting thing. Let me pull this up. He downloaded the data from the NPD breach Both of the monster files, yeah, from the NPD breach.

0:47:11 - Steve Gibson
Both of the monster files, yeah.

0:47:13 - Leo Laporte
And he wrote a little utility because he's a programmer that went through it and he says he can't confirm there's anything in the database other than US addresses. The bad guy said it was US, canada and the UK.

0:47:26 - Steve Gibson
Ah, that's true, okay so what Paul got and we talked about this in detail when we went through what Troy Hunt had found Troy did see evidence of pollution of the national public data, breach data with other lists that had been lumped in.

0:47:48 - Leo Laporte
Look at this Calgary, alberta, canada, in the state of Texas. That's definitely corruption, yeah yeah, yeah, yeah.

0:47:58 - Steve Gibson
So so it may well be that what paul got was the good data from from national public data, um, and that there was additional junk that was added in just to sort of salt it and make it look bulkier and, and you know, more worrisome. Who knows?

0:48:16 - Leo Laporte
anyway, you may not have missed anything if you're not in the us. Maybe good point luck that very good point.

0:48:22 - Steve Gibson
That may not not be. You know anything that they're doing. So I got some feedback. Listener mike wrote. He said hi, steve, just got off the pen test site after doing a name lookup. Yep, I'm there, but nothing very new. We froze our credit at four separate sites many years ago and nothing is showing up since before that happened. We moved to our current house 10 years ago and that address does not show up, thought you might like to know. And then yesterday, listener Kevin White wrote. He said hi, steve, very longtime listener. If you count tech TV, I think you and I and Leo go back before security now existed.

And yes, that would be because it was during a call for help episode with you and I were filming in Toronto that you said what would you think about doing a weekly podcast on security? And I said a what?

0:49:19 - Leo Laporte
cast Smartest move I ever made. Steve, I just got to say no, me too.

0:49:24 - Steve Gibson
Good move, this has been really good, leo. It still is so. He said last week you gave us a link to the Pentester site's NPD breach check web page. I just wanted to note that for those of us with a fairly common name oh, and he's Kevin White Pentester's check page doesn't always give out complete information. Now he masked his middle initial. Now he masked his middle initial. He said my name is fairly common and pen tester's check page gave up listing similar names after first name, then middle initial B and then last name. He said, for example, b being the middle initial on the breach list. Then I checked Now here's the key the NPD breach dot com site, a different site, npd breach B-R-E-A-C-H dot com site against my name and current zip code and I confirmed I'm on the breach list.

Then he said sad face, the benefit to the Pentester site is that it appears to show you the full number of entries there are for you on the breach list, whereas the NPD breach site appears to just give you a somewhat distilled version of the results. Just give you a somewhat distilled version of the results. He said a single entry for all breach list items with the same social security number. I think he says so. It's best to check both sites, especially if you have a common name or if you've lived in a bunch of different places. He said checks against social security number, not by state. One colloquial data point he said a friend was on the list but it did not have any recent addresses for him, nothing in the past 15 years. But his wife was on the list with their most current address. And he finishes. I guess that's.

What's somewhat nice about these circumstances is that the breach list appears to have some data reliability weaknesses. That might make it a little more difficult for someone to hijack an updated or recent account. Thanks and see you tomorrow. And he wrote this yesterday, signed Kevin. So I wanted to make sure that everyone knew about the HTTPS colon slash, slash npd breach dot com website. It also appears to be safe and legitimate. They allow the npd breached data to be retrieved by name and some address info or by providing a full social security number or a full phone number. However, now that might seem dangerous, but the site explains that the users provided social security number or phone number are blinded by hashing locally on the browser. They similarly hashed that same data at their end and then indexed their database with those hashes. That allows the user to retrieve their records with those hashes without the data that they're submitting to the site being exposed.

0:52:48 - Leo Laporte
That's how Troy Hunt does password searches and have a phone same thing yeah, not that it makes that much difference anymore, since, as we know everything is now out there flapping on the internet.

0:53:00 - Steve Gibson
So, wow, yeah, um, uh, oh. And I should mention that I did get a piece of email from someone. Uh, I think it was titled the seven circles of trans union login hell oh boy. Oh, and I actually had the occasion to need to log into my trans union data last week. Boy, is that site broken. Oh, I mean it's just so broken no, it's it.

0:53:34 - Leo Laporte
It's my opinion that all these sites they don't look. They don't want to give you credit freezes, so they make it, but they're legally required to, in fact, they're legally required to do it online, so they just make it broken oh yeah, I mean every, every trick in the book in order to get logged in, and Lord knows, I know the tricks.

0:53:56 - Steve Gibson
But for someone who doesn't, it's like they're just going to say, oh well, they'll probably just give them a phone call and hope that they can talk to somebody.

0:54:07 - Leo Laporte
In fact that's what I think it was Experian. I had the same login issue. I showed it on Windows Weekly. A I had the same login issue. I showed it on Windows Weekly a few months ago, but then you call them and I don't know why they you wouldn't think they'd want to call.

0:54:20 - Steve Gibson
No, you would think that would be, but I tell you that's what they're driving call traffic.

0:54:26 - Leo Laporte
Yeah, okay.

0:54:28 - Steve Gibson
So this is from Darren in New South Wales, australia. This was just a really nice note and I wanted to share it for, not for the flattery but that he gives to us, but for the perspective of a recent listener that I thought was valuable. He said Hi, steve, longtime follower of GRC, short time follower of Security Now. Early last year I was looking so early last year, right 2023, I was looking for a new podcast. When I stumbled across Security Now, despite being a longtime GRC Steve Gibson follower from the late 90s and visiting your website a lot, particularly in the early days of firewalls for the obligatory shields up test on reinstall of Windows, for some reason I never clicked on the security now link. When I came across the podcast last year I saw your name and I thought to myself this guy knows what he's talking about, I might have a listen. This guy knows what he's talking about, I might have a listen. He said it was episode 909, how ESXi Fell, and I was hooked, he wrote. He said I spend quite a bit of time in the car and I listen to the podcast. So I quickly caught up and was waiting for the podcast for next week when I remembered you and Leo speaking about the fact that GRC has all the previous podcasts available and I thought why not? So I downloaded episodes 1 through 100 and pressed play. He says what a different world it was back then when you could afford the time to spend a number of weeks telling us how the Internet works and how PKI works, as opposed to today when it just seems like there's a never ending collage of security disasters, vendor mistakes and just plain carelessness just plain carelessness. Additionally, he said I really liked the episodes on Netstat that was number 49, and the history of virtualization, number 50. He said, as Leo mentioned recently, compiling your tutorial sessions into a consolidated package would be very valuable for the beginner, which is why I wish I'd come across your podcast back in the day, as I'm an RF engineer who somehow found myself in the murky world of IT and I'm still wondering how that happened. The way you can explain a complex and sometimes abstract concept in simple and understandable terms is an enviable ability At work.

I have to frequently provide a translation service between engineering and operations, and I've used your examples and explanations a few times to great effect. So my routine is this I will listen to episodes 1 to 10. Then I will listen to the current podcasts, usually two weeks' worth, given the time it's taken me to listen to 10 episodes. Then I listen to episodes 11 through 20. Then the current ones I've missed, et cetera. I'm now up to episode 102.

I'm wondering what my listening schedule will look like as your episodes get longer and longer over time. I'm thinking I may have to drop back to only five episodes from the before times before tuning back into the current podcast. Otherwise I'll be too out of date and I don't want that to happen. I would recommend to all late comers to Security Now to go back to the start and revel in the glory that is Security Now security now. Wonder at how naive we were back then and remember a time when a couple of gig of ram was overkill and way too expensive. Congratulations on a fantastic podcast, a great website and hopefully we can all be here listening to you and Leo describe the hopefully soft landing after the end of Unix time.

0:58:35 - Leo Laporte
Thanks and regards Yep Darren from New South Wales, Australia. That's awesome.

0:58:41 - Steve Gibson
So I also wanted just to share this as an example of how different our feedback from email can be from the. Here's a link messaging through Twitter. Now, don't get me wrong, I know there's a place for both, but the nature of our feedback is now completely transformed from you know the way it was and in a way that I think works for the podcast. And Darren's point about those older podcasts still being relevant really is true. You know, probably after we finally retire the podcast, leo, I will, I'll go back and, you know, pull together some tutorial retrospectives that you know. What do they call those evergreens that you know just continued, continued to have value and until then, people can of course do it themselves.

0:59:34 - Leo Laporte
At your site we also have uh, you know all the episodes good, well, you've got the high quality ones, which is good, and video for the ones that there were video for.

It's a little tricky because you have to, you know, kind of go back a page at a time. But I'll give you a little tip the URLs if you type twittv, our uniform, yeah, slash, sn, and then a number, not with a zero, but just a number like SN1. That's the very first Security Now episode, so you can and probably be easy enough, to write a scraper to take advantage of that fact. There's SecurityNow or two, and so you can also do it this way, one by one, but you are going back in time to the year 2005. Well, look at this one SecurityNow 4. We just discovered passwords.

1:00:28 - Steve Gibson
That's very exciting. What is a password? What do you know?

1:00:39 - Leo Laporte
Here's your personal password policy, part two. You're probably talking about password haystacks I do. I do like alliteration, don't I? Yes, you do keyboard snooping. Remember that bluetooth snarfing, ah, and that what were they? Using rot 13 to encrypt the keyboards? Those were the days, my friend, we thought they'd never end.

1:00:56 - Steve Gibson
Actually it was a fixed X or a mask. That's what it was X or X oring.

1:01:01 - Leo Laporte
It's crazy, crazy with a fixed mask.

1:01:04 - Steve Gibson
And, on that note, we should do our our third and second to the last sponsor, because I'll I'll take a break here in the middle and everybody you know, maybe some ice water against your forehead?

1:01:17 - Leo Laporte
uh, because, you want a propeller hat episode? Your brain is gonna heat up. You're gonna get one.

1:01:22 - Steve Gibson
Yeah, your brain it's gonna heat up. But I tell you, this is a new concept. There will be a new concept for many people. It is so friggin cool, so I'll make sure I Leo listens and Leo, actually I was thinking of you and your own coding of your, of your problem solving annually.

1:01:47 - Leo Laporte
This is there's some, there's some value in this, oh yeah, this is what I do every December the advent of code calendar. I'm stuck on day 22, I think from last year, december 22nd, but every one of them is about is really about algorithms and using algorithms, and so, yeah, I've always wanted to learn algorithms.

1:02:06 - Steve Gibson
This is a new algorithm. This is a very cool algorithm.

1:02:09 - Leo Laporte
Can't wait. All right, we'll get to that in just a bit. Thank you, mr G, but first a word from our sponsor, the fabulous Experts Exchange. Now, I know you listen to this show because Steve's an expert right and has great information. Wouldn't it be cool if there were a website where you could go and people like Steve would answer your specific questions? That's the whole point of Experts Exchange. I was a longtime member. I used Experts Exchange for years, somehow lost track of them. I met him again a few months ago and I was just saying you guys are still around. This is fantastic, especially nowadays, in a day of ai hallucination and misinformation.

Experts exchanges a network of humans trustworthy, talented tech professionals, people like steve where you can get instant industry insights, you can get advice. These are this is, people who are actually using the products in your stack instead of paying for expensive enterprise level tech support that often, let's face it, leaves something to be desired. Get the answers from Experts Exchange. It's the tech community for people tired of the AI sellout. Experts Exchange is ready to help carry the fight for the future of human, human intelligence.

With Experts Exchange, you get access to professionals in over 400 different fields. You got coding. In fact, I get access to professionals in over 400 different fields. You got coding. In fact, I'm going to use it this December for Advent of Code. What was I thinking? Microsoft, aws, devops, everything you'd need to know, even enterprise level issues with regard to governance and compliance. And, unlike other places, you've probably gone to other sites where you get the snark right. Oh, that's a. We've heard that question before. That's already been answered, that kind of thing.

Unlike other places, expert exchange says duplicate questions are encouraged and there are no dumb questions. In fact, the contributors at the experts exchange are tech junkies who love answering all questions. The reason this is the secret which I think is really important is the people who have expertise. One of the real supreme rewards for attaining expertise Steve's a perfect example is how fulfilling it is to pass your knowledge on to help somebody else. That's why we do these shows, and the experts at Experts Exchange feel exactly the same. So they're not going to snark you, they're going to say great question. Let me help you with that. One member said I've never it's a quote, direct quote I've never had GPT. Stop and ask me a question before that happens.

All the EE is proudly committed to fostering a community where human collaboration is the key. Their expert directory full of experts to help you find what you need, including, by the way, steve Rodney Barnhart, who's a big security now fan. He's a VMware V expert. People like Edward Von Bilgen, who is an ethical hacker and a Microsoft MVP. He can give you lots of really useful information. There are Cisco design professionals. There are executive IT directors they're just from every level of information and that's exactly what you need.

Other platforms this is really important betray their contributors you know, look at Reddit and others by selling their content to train AI models. And, by the way, their content is your content. It's the stuff you put up there, not an experts exchange. Your privacy, your information, is not for sale. Experts exchange stands against the betrayal of contributors worldwide. They have never and will never sell your data, your content, your likeness. They block and strictly prohibit ai companies from scraping content from their site. By the way, that is a challenge. That's a chore. You got to really constantly pay attention. Experts exchange does that. They don't want them to steal your stuff to train their llms and make money on it, and the moderators strictly prohibit direct use of LLM content in their threads. So it is a place by humans for humans. That's why you're going to love Experts Exchange, because experts deserve a place where they can confidently share their knowledge without worrying about a corporation stealing it to increase shareholder value. And you deserve a safe haven from AI where you can get the answers you need without worrying about a corporation stealing it to increase shareholder value. And you deserve a safe haven from AI where you can get the answers you need.

Experts exchange Now. This is the best part. They know there are people like me who have lapsed right. Just kind of they fell off my radar for some reason. So they're offering you now 90 days to try it, absolutely free, no credit card required. It'll be up to you. If, after 90 days, you say, yeah, I want to stick around, I think you will, but hey, why not try it for free for three months? E-ecom slash twit. You can learn more at Experts Exchange and that tells you something. They've been around for a while. Dot com slash to it. We thank experts exchange so much for their support of security Now and the good work, the important work that Steve is doing right now. All right, steve, okay, part one of our subject of the hour cascading something or other bloom filters.

1:07:36 - Steve Gibson
As I said at the top of the show, I am well aware that this podcast enduring favored feature is pure and clean, theoretical deep tech explaining. And, of course, leo, you used to introduce me here as the explainer in chief.

1:07:52 - Leo Laporte
Yes, I'll start that up again.

1:07:55 - Steve Gibson
I forgot about that I don't know that we're going to be able to do that all the time, right?

I don't know that we're going to be able to do that all the time, right. You know we were able to do far more of that back in the beginning, which you know, 19 years ago, before pretty much everything had been thoroughly explained, at least once, and in some cases, multiple times. So you know, but I know that this is what people want. So I'm always on the lookout for something to come along that we have not yet explained. So I'm always on the lookout for something to come along that we have not yet explained, and it's the nature of those things to become increasingly rare, because by the end of the next hour we will have done bloom filters and if the topic ever comes up, we've ever had which, and I have to tell you I'm excited about it too, because it's just so cool.

And I just want to also say that I understand. We have listeners who write to tell me that, while they do very much enjoy the podcast and pick up useful tidbits every week, they only, by their own appraisal, feel that they understand around 5%, they often say, of what is sometimes discussed here. And, by the way, that's me, no. Anyway, I'm right in there with you kids. I'm feeling somewhat self-conscious that today's topic is likely to further reduce that percentage.

1:09:31 - Leo Laporte
I'm going to try really hard, Steve.

1:09:33 - Steve Gibson
Everybody's going to get it. But again I saw an email from someone who says he listens to the podcast while swimming laps and I'm just afraid he's going to drown because I don't know, Sink or swim time kids.

For me and I know, for a bunch of our nerdy listeners, there's nothing more gratifying than the moment when a new concept is grasped and understood and becomes clear, when a new concept is grasped and understood and becomes clear. So I predict that many of our listeners are going to find a lot of new ideas in what follows. So here it is. Today's topic is a technique in computer science known as a Bloom filter. It was so named back in 1970 after its inventor, Burton Howard Bloom. And just to get everyone warmed up here I'll explain, and everyone's going to get it completely by the end. But a Bloom filter is an extremely clever and resource-efficient probabilistic data structure that's used to test whether an element is a member of a set.

1:10:43 - Leo Laporte
Oh, and you do that a lot in computer science.

1:10:46 - Steve Gibson
Yes, that's a very common issue Is a revoked certificate, a member of all certificates. This would speed up.

1:10:55 - Leo Laporte
OCSP.

1:10:58 - Steve Gibson
It would probably be the answer to our dreams which is where we're headed.

Okay, so a probabilistic data structure that's used to test whether an element is a member of a set. But it's got some problems, although false positive matches are a well-known and well-understood likelihood, so this thing can false positive. False negatives are impossible. They don't occur. Either a datum may be a member of the set or this datum is definitely not a member of the set. Now, bloom's invention is deliberately information lossy, which is where it obtains its efficiency. But, as we'll see, this prevents members from being removed from the set, and as more members are added to a Bloom filter, the greater the probability of false positives becomes. So all of the math is understood and it's all very cool, and so it's easy to optimize the Bloom filter for the things you want. Okay, so why in the world have I suddenly, apparently out of nowhere, decided to talk about Bloom filters to efficiently know whether something, some item, might be a member of a set of other items, and I just gave that away earlier Whether a website certificate might be a member of the set of all currently revoked and non-expired certificates, if we have a really large number of revoked certificates and we now have web browsers reaching out to scores of other sites. You know, all of the certificate authenticated TLS connections need to be checked, so we need to have some really fast and very efficient means for instantly determining whether any of the many TLS certificates the browser receives, even just reading one page because, as we know, pages now reach out to all kinds of different servers in order to construct themselves whether any of those certificates have been revoked. And it just so happens that Burton Howard Bloom's 54-year-old invention from 1970 is the best way to do that today, in 2024. One additional point is that today's podcast is not just titled Bloom Filters, it's titled Cascading Bloom Filters. The reason for this, as we'll see, is that the use of a cascade of successive Bloom Filters elegantly completely solves the false positive problem that's inherently created by the Bloom filter's efficiency. And, as it turns out, this Bloom filter technology comes in very handy in computer science and it's everywhere without us really being aware of it.

The servers of the massive content delivery network Akamai use Bloom filters to prevent the so-called one-hit wonders from wasting their cache space. One-hit wonders are web objects requested by users. Only once that these one-hit wonders were needlessly tying up nearly three-quarters of their entire caching infrastructure, they placed Bloom filters in front of their cache to detect a second request for the same object. Only if an object was requested a second time would they bother to save that in the cache. Would they bother to save that in the cache? Google's BigTable, apache's HBase and Cassandra, ciliadb and PostgresQL all employ Bloom filters to bypass get this to bypass disk lookups for non-existent rows or columns. That is, the Bloom filter can definitely say something's not there. It's not so good about saying for sure it is there. That is just a simple Bloom filter. We'll see how that's been fixed. But this is useful because quickly knowing when something is for sure not in a database significantly increases the system's overall performance well, and you do that all the time.

1:16:06 - Leo Laporte
I do that all the time in coding because I want to know should I add this to a list? I don't want to duplicate it, just like the caching problem. It's the same. It's the same thing, right, right. I don't want to duplicate it, so I'll just say is it here yet?

1:16:19 - Steve Gibson
no, it's not good, I'll put it in there yep, I think it's going to come in handy and, and it might, it might say it is when it's not right, I understand but that's better. You know getting a no most of the time, right? Well, actually you, if you ever get a no, you know it's correct no is reliable, it's the's the yes, it's not.

Correct Exactly, and we're going to see exactly why that's the case here in a second. Also, google's Chrome browser used a Bloom filter to identify potentially malicious URLs. Every URL was first checked against a local Bloom filter and only if the filter returned a positive result was a full check then made of the URL. That's how Google handled the false positive problem. Save Microsoft Bing and yes, I really do mean Bing and not Edge uses multi-level hierarchical bloom filters for its search index, which is known as BitFunnel search index, which is known as BitFunnel. Even Bitcoin once used Bloomfilter to speed up wallet synchronization until some privacy vulnerabilities with the implementation were discovered Though it wasn't the filter's fault, it was the implementation and the website Medium uses Bloomfilters to avoid recommending articles a user has previously read. Ethereum uses Bloom filters to quickly locate logs on the Ethereum blockchain. So you know. My point is this is a well-understood, very powerful technology that everybody's going to understand by the time we're done, and we don't really care about Akamai, bigtable, hbase, cassandra, postgres, ql, bing, bitcoin, ethereum or Medium, but we do care about Mozilla and Firefox and about the fact that Firefox has always appeared to be leading the pack when it comes to actually protecting their users from revoked certificates. As we've all now seen, the other browsers, most notably Chrome, just pay empty lip service to revocation. I mean, they've said they do it and they weren't, as I showed 10 years ago. I should note, though, that Vivaldi is also a browser who's, in its default settings, is also properly doing revocation, I'm sure using OCSP at the moment, the way Firefox does, and, as we know, there's a bit of a problem with that. Actually, I'm going to get to that in one second here. So what do we know about Mozilla's plans for next generation CRL Certificate Revocation List-Based Revocation?

Four and a half years ago, in January of 2020, mozilla's blog posting was titled Introducing CRLite C-R-L-I-T-E. You know, they said all of the web, pki's revocations compressed and Privacy 2017. That compresses revocation information so effectively that 300 megabytes of revocation data can become one megabyte. It accomplishes this by combining certificate transparency data and internet scan results with cascading bloom filters. Well, there you have it Building a data structure that is reliable, easy to verify and easy to update. They said since December, so that would have been 2019, december. Firefox nightly has been shipping with CRL light, collecting telemetry on its effectiveness and speed.

As could be imagined, replacing a network round trip with local lookups makes for a substantial performance improvement, meaning Firefox is not needing to do any querying of OCSP or a certificate authority's certificate revocation list. It's able to do it locally, they said although not all updates are currently delivered to clients, use of OCSP in favor of requiring a return to the original certificate revocation list approach. We were wondering what? How does that make any sense? Revocation lists were no better, and arguably worse in some ways. So before we dig into what Bloom filters are and how they work, let's take a moment's public key infrastructure PKI, included the idea that website certificates oh, I should mention something new is mentioned here that had never occurred to me before.

Certificates would be revocable to indicate that they are no longer safe to trust, perhaps because the server they were using was being decommissioned or there had been a security incident. In practice, this has been more of an aspiration, as the imagined mechanisms showed their shortcomings. In other words, we'd like to know if certificates have been revoked, but we just can't figure out how. So, they said, certificate revocation lists quickly became large and contained mostly irrelevant data, so web browsers stopped downloading them. The online certificate status protocol, ocsp, was unreliable, so web browsers had to assume, if it didn't work, that the website was still valid, as we talked about, you know, failing open, they said, since revocation is still critical for protecting users. Browsers built, administratively managed centralized revocation lists, firefox's one, crl, combined with safe browsing URL, specific warnings, provide the tools needed to handle major security incidents.

But opinions differ on what to do about finer-grained revocation needs and the role of OCSP and, as we know, although they didn't mention it here, chrome said oh yeah, we have CRL sets, we're all covered. It's like, yeah, but they don't work. We proved it 10 years ago. So, they said, much has been written on the subject of OCSP reliability. They said much has been written on the subject of OCSP reliability and while reliability has definitely improved in recent years, they said per Firefox telemetry for failure rate, it still suffers under less than perfect network conditions. Here it is, which historically has above average connectivity over 7% of OCSB checks time out today. So 7% of OCSB. You just don't get a response from whomever you are asking. They said because of this, it's impractical to require OCSP to succeed for a connection to be secure and in turn, an adversarial monster in the middle can simply block OCSP to achieve their ends.

Mozilla has been making improvements in this realm for some time, implementing OCSP must staple, which was designed as a solution to this problem, while continuing to use online status checks whenever a server fails to staple a response. We've also made Firefox bypass revocation information for short-lived certificates. However, despite improvements in automation, such short-lived certificates still make up a very small portion of the web PKI, because the majority of certificates are long lived, and I should just mention here that when they talk about short lived, they're talking about hours or days, not months. Thus, they consider let's Encrypt's 90 day certs to be long lived, as they should, because that's now the majority of the web. And what Mozilla says next is quite interesting. It's something we've never considered before they wrote.

The ideal in question is whether a certificate authority's revocation should be directly relied upon by end users. What they said there are legitimate concerns that respecting CA revocations could be a path to enabling CAs to censor websites. This would be particularly troubling in the event of increased consolidation in this certificate authority market. However, at present, if one's certificate authority were to engage in censorship, the website operator could go to a different certificate authority. It was just route around it.

Yeah, and they said if censorship concerns do bear out, then Mozilla has the option to use its root store policy to influence the situation. Is the way they put it, in accordance with our manifesto they wrote. So that's quite interesting. They must not be talking about typical certificate authorities in the US, but perhaps CAs located in repressive governments which might be forced to revoke the certificates of websites whose certificates had been issued by them, which the government later no longer approves of, of certificate authorities being used as censorship enforcement. That's where Mozilla's root store policy would come in, with them completely withdrawing all trust from any such CA's signatures. You know much as the industry recently did with Entrust. And then they finish up saying legitimate revocations are either done by issuing the certificate authority or by the issuing certificate authority because of a security incident or policy violation, or they're done on behalf of the certificate's owner for their own purposes. The intention becomes codified to render the certificate unusable, perhaps due to key compromise or service provider outage, or, as was done in the wake of Heartbleed Choosing. Specific revocations to honor while refusing others dismisses the intentions of all left-behind revocation attempts. For Mozilla, it violates principle number six of our manifesto, limiting participation in the WebPKI security model. In other words, as I said, they would be upset with any certificate authority that attempted to play games with their customers certificates revocation status. So they kind of like being able to decide for themselves rather than always have it be the CA. And that's one place where requiring stapling of OCSP status becomes a problem. This allows the browsers to retain more control of that. And then, switching from issues of policy back to issues of technology, they said there is a cost to supporting all revocations. Checking OCSP slows down our first connection by around 130 milliseconds. It fails open if an adversary is in control of their web connection and it periodically reveals to the certificate authority the HTTPS web host that the user is visiting. Okay, so they said, luckily, crlite gives us the ability. I guess I should just say CRLite gives us the ability to deliver all the revocation knowledge needed to replace OCSP and do so quickly, compactly and accurately.

Can CR Lite replace OCSP? Firefox nightly users are currently only using CR Lite for telemetry, but by changing the preference in some of their settings it can be entered into enforcing mode. And they said there's not yet a mode to disable OCSP. There'll be more on that in subsequent posts, and that was four years ago. There certainly is, as we discussed last week in Firefox, an OCSP setting. It's enabled by default. You can turn it off and we see the effect of it being turned off. I've not tried I don't think I've tried turning OCSP off and then turning on CR Lite, although I'm not on Firefox nightly and I think it's still not everybody who's got this. It's only their beta testers who are able to play with this. Okay, so let's talk tech.

We can broadly classify major cryptographic algorithms into two classes lossy and non-lossy. All encryption is non-lossy, meaning that encrypting a source plaintext into a ciphertext does not lose any of the original's information, because decryption, the reverse process, perfectly recovers the original text. By contrast, cryptographic hashing is a deliberately lossy process, and for what a hash provides? That's what we want. As we know, a hash, also known as a digest, takes an original plaintext of any size and reduces it to a single, fixed length output consisting of some number of bits. The number of bits is chosen to be high enough so that the probability of two different texts hashing to exactly the same combination of every bit is astronomically small. Now, common sense tells us that it would not be possible to take the entire text of war and peace, hash it into a tiny 256 bit comparatively tiny 256 bit digest, then somehow reverse that process to get the original text back. War and peace is definitely not all in there in those 256 bits, even though every character of war and peace has an effect upon the hash's final output.

Ok, so now let's look at the design of bloom filters, an entirely different system which, like a hash, is similarly deliberately lossy. Any Bloom filter starts with a large array of binary bits all set to zero. The optimal size of the large array is determined by many interacting factors, but for our purpose we're going to use an array containing 1,000, I'm sorry, 1,048,576 bits. That's exactly 128 K bytes. It actually happens to be 2 to the 20th, so that's a nice number. So basically a megabit, right? 1,048,576 bits.

Now imagine that we want to add an awareness of a revoked certificate to this currently empty Bloom filter, this 1 million bits which are all initially set to zero, this one million bits which are all initially set to zero. We need to use some fixed characteristic of the revoked certificate. All certificates contain a thumbprint. It was traditionally generated by taking the SHA-1 hash, producing 160 bits of the entire certificate, and later that's been upgraded to 256. Entire certificate, and later that's been upgraded to 256. So older certificates have 20 bytes or, as I said, 160-bit thumbprints, and newer certificates have 32 bytes or 256-bit thumbprints, but every certificate has a thumbprint.

Now, one of the cool things about a cryptographically strong hash function like SHA-1 or SHA-256, which we've talked about before, is that all of the bits in the hash are equal. That is created equal. A smaller hash can be taken simply by using some subset of the whole hash's entire value, and it doesn't matter which smaller subset is chosen. So for our example, we're going to take the lowest 20 bits of the revoked certificate's thumbprint hash. Thanks to the thumbprint bring a hash, these are effectively pseudo-randomly set bits, because 2 raised to the power of 20 is that 1,048,576,. The lowest 20 bits of a thumbprint can be used as the index into our bit array. In other words, it can be used to select exactly one bit from our one megabit array and we set that chosen bit to a one.

Okay, now let's say we add more, many more revoked certificates to this blossoming bloom filter. Let's say that we add a total of 100,000 revoked certificates, since adding each certificate entails taking the lowest 20 bits of its pseudo-random but fixed thumbprint and setting the corresponding bit in the bit array to a 1,. This would mean that up to 100,000 bits out of our total of 1 million would have been set after we added those 100,000 revoked certificates. I say up to 100,000, though, because there's a problem. There would be a good chance that, out of those 100,000 certificates, many of the certificates could share the same lower 20 bits. No certificate is going to share its entire thumbprint, 160 bits or 256 bits. The chances of that are astronomically low, but we're deliberately taking only a piece of the whole hash. So collisions are possible and, as we know, the surprising fact is that the number of these collisions turns out to be higher than we might intuitively suspect. We've talked about the birthday paradox, which explains why the probability in this case of any two certificates sharing the same lower 20 bits is higher than we would think. So in practice, this means that fewer than 100,000 bits settings will have been made, changing these bits to one, due to collisions where the bit that was set by a new certificate being added had already been set to one by the addition of a previous certificate. Okay, now also note that after adding 100,000 certificates less than 10% of our total bit space of 1 million a little over 1 million has been used.

Bloom, to his credit, realized that this was inefficient and he had a solution Instead of only setting one single bit per certificate, let's set several, and we could do that easily by taking successive 20-bit pieces of the certificate's thumbprint and using each successive 20-bit chunk to set an additional bit. So let's set five bits in the one megabit array for every certificate we add to it. So we start again with an empty array with all of its 1,048,576 bits set to zero. We add the first certificate by taking each of five chunks of 20 bits Remember it's got 160, so we're just going to use 100 of those. We take each of five chunks of 20 bits from its thumbprint and using each chunk to determine which bit to set.

After adding that one certificate, we'll almost certainly have five bits set.

It could be that a certificate might collide with itself, though the chances are slight.

So that, my point being that, since we're taking five 20-bit chunks, it's like there's a one in a million probability that two of them actually, it's lower than that, but I mean it's more probable than that that some pair of them might have the same 20 bits. So it's possible, but probably five bits are set which are representative of 100 bits of that certificate's thumbprint bits of that certificate's thumbprint and then, as before, we're going to add a total of 100,000 certificates. So each certificate will be setting its five very specific bits to a one. Now we'll have somewhere less than half, but close to, but less than half of the arrays bits set due to collisions, but we'll be very nearly at 50% right, because we've got 100,000 certificates. They're trying to set five bits each. So that would be 500,000 potential, which is half of our one megabyte. So about half the bits are set, a little less than half due to collisions and leo I see that you've got the the, the cold soda can on your forehead.

1:40:13 - Leo Laporte
That's good so far, I'm following you, though. This is good. This is good so everyone's though this is good. This is good. We've got basically a megabit picture with five bits set for each certificate. That tells us, really the only thing it tells us is there's a collision, that that certificate, if those five bits are set, is colliding with another certificate.

1:40:35 - Steve Gibson
Not that they're 100% matching Well yeah, so far, but so all we're doing, basically, we're oring ones into the bit array, right? So what we have is, as you said, a picture, but we may have collisions. We haven't yet used it, but we're going to next, let's take our last break. I'm loving this, used it, but we're going to next, let's take our our last break and then I'm going to show people how we use this to determine something about a certificate okay, I think I, I kind of think I know where you're going on.

1:41:11 - Leo Laporte
I know this is it's cool stuff. It's not that comp. It's not really complicated. It's not really complicated. Have we got to the cascading part yet? No, and that's where you're really going to need two cans.

1:41:21 - Steve Gibson
You need two cans of soda on your forehead okay, um, all right, thank you, steve.

1:41:29 - Leo Laporte
Uh, our portion, this portion of security now I love this stuff is brought to you by our friends at aci learning. If you love this stuff, you're gonna love aci learning. They're the the folks behind it pro we talked about it pro tv for years, right, binge worthy video on demand it and cyber security training. Really, if you're listening to this show, this is the stuff you love. This is the stuff you love and it can also be the stuff that you make a living at right. It's a great way to make a living at right. It's a great way to make a living in stuff you love. With IT Pro, you're going to get cert ready and getting a job at IT is really all about getting that cert, especially that first job, getting those certifications. With IT Pro, you're going to get cert ready with access to a library and it's getting bigger all the time 7,250 hours of absolutely current, up-to-date training In every aspect of IT stuff. Like this stuff you're going to dig, you're going to watch, because the trainers are people working in the field with a real passion, just like Steve a real passion for what they're teaching and that communicates to you. It makes you excited about what you're learning and guess what. That's a better way to learn anything. Premium training plans also include practice tests. That's the best way to take any exam is to take the test before you take the test. This way, you know you're ready before you pay for the exams. It's a brilliant idea and I highly recommend it.

Also, the premium training plans also for virtual labs and I. This is fantastic. It means you can set up a windows network with servers and clients and everything and completely break it and no big deal. Just close the tab and go on. You can do this in an html5 browser, but those virtual labs are fantastic way to learn. They're also great. A lot of msps use them as a way to test a configuration change to see how this stuff integrates into your existing setup. Uh, all without any risk. I just love this. It pro from aci learning.

They make training fun like this show, and you won't need the can to cool your forehead either. All training training videos are produced at their studios. They have, I think, seven studios running all day, monday through Friday. They do it with an engaging kind of talk show format. It's truly. They call it edutaining. I think it's just really it works because you're having fun and you're learning, and that makes a big difference.

Take your IT or cyber career to the next level. By the way, yes, it's not just for starters. A lot of people who watch this show who are already in the business take these courses because it helps them get a better job, be better at their existing job or just to expand your mind. Be bold, train smart with ACI Learning. Want to know more? Visit goacilearningcom slash twit. Yes, of course, we have an offer code SN100. Sn100. Use that at checkout to save 30% on your first month. Or if you sign up for a year, your first year of IT Pro training. That's a lot of savings. By the way, goacilearningcom slash twit the offer code SN100. Thank you, aci Learning, for providing a product every one of us can really use and get into and get a better job or get their first job in IT. Goacilearningcom slash twit. Don't forget, for 30% off, that offer code is SN100. All right, let us get back to Bloom filters. And are you ready, because it's time to cascade? Not yet.

1:45:18 - Steve Gibson
First we have to see how they actually work. So we've designed a filter where five bits get set, based on five pieces of information from a certificate's thumbprint, which is the hash of the certificate. And we've added 100,000 certificates, 100,000 revoked certificates, to this filter.

1:45:43 - Leo Laporte
And I understand how this works, because if those bits are set, you can pretty. If they're set, you say that that means there's a likelihood, but not a guarantee, that that certificate's in the megapixel. But if it's not there you know it's not there, right, it couldn't possibly exist. That's exactly it, yes that makes sense.

1:46:04 - Steve Gibson
So let's say that our web browser receives a certificate it wishes to check, it wants to ask the question has this certificate previously been added to this Bloom filter? To answer that question, we take the same five sets of 20 bits from the candidate certificate's thumbprint and that's a fast thing to do oh yes, that's the other thing.

All of this is super fast. We successively use each set of 20 bits to test each of those five bits in the bloom filter. Here's what we learn from that and think about this if any, as you said, leo, exactly if any of the five tested bits are zero, then we absolutely positively know that the certificate in question could never have been previously added to the Bloom filters bit array.

1:47:01 - Leo Laporte
You could see why this would be fast. In assembly language those compares are almost instant right.

1:47:07 - Steve Gibson
Yes, In fact Intel has a single instruction for querying a bit in a large field. Are you set?

1:47:14 - Leo Laporte
Yeah.

1:47:14 - Steve Gibson
So yeah, so if any of the five bits that are tested are zero, then we absolutely positively know that the certificate in question could never have been previously added to the Bloom filter's bit array, because if it had been, then we know that all of its bits would be ones. So if any of the five bits are zero, it's not revoked. The certificate is definitely not revoked. Tested bits are ones.

Is that we cannot be certain that this is not a good certificate whose five chosen bits just happen to collide with bits that were set by any of the other hundred thousand revoked certificates. And remember, at the top I said earlier, although false positive matches are a well-known and well-understood likelihood, false negatives are not. So in other words, a test using a Bloom filter can return either a datum may be a member of the set or this datum is definitely not a member of the set set. The definitely not a member of the set is what we get when at least one of the five bits are zero, since that can only happen if this certificate was never added to the filter.

1:48:37 - Leo Laporte
This is efficient also because it cuts short the search the minute you find the zero you're done.

1:48:42 - Steve Gibson
You don't have to keep going.

1:48:43 - Leo Laporte
You are indeed a coder, my friend, and if you had fewer than five bits, collisions would be more likely. If you had more than five bits, collisions would be less likely. I guess that they figured out five is kind of a nice balance.

1:48:58 - Steve Gibson
Oh, the math is hair curling. It's got all kinds of calculus that you don't want to even think about.

1:49:04 - Leo Laporte
But you can also do it by trial and error.

1:49:06 - Steve Gibson
Given the size of the various sets, it's possible to exactly zero in what you want what's?

optimum. Okay. So what do we do about this false positive problem which is created by a Bloom filter? First, it's worth noting that many applications of Bloom filters are not sensitive to false positives. If Akamai occasionally caches a one hit wonder file because the files bloom bits happen to collide with another file, who cares? Right, an extra file gets cached Big deal. Or if Medium is using individual, per user Bloom filters to avoid having users see the same article twice but that occasionally misfires and shows them something they saw before, again, who cares? Or if a database mistakenly believes that a record exists and goes to look for it instead of immediately rejecting the request thanks to a Bloom filter failure, that's okay. So before we solve the problem of Bloom filter false positives, I want to clearly make the point that a simple Bloom filter that is able to almost instantly make a go-no-go determination, which never generates a false negative but occasionally generates false positives, can still be an extremely useful tool in computer science.

1:50:28 - Leo Laporte
Sure, you just have to use it in the appropriate place, right?

1:50:32 - Steve Gibson
Yeah, that makes sense. Yep, there are. Now. There are several important points and you already touched on one which are worth pausing to highlight here. The first is that in return for the Bloom filter's discrimination fuzziness, we get amazing efficiency. The hashes of 100,000 certificate thumbprints can be sorted, but they cannot be compressed because thumbprints are by definition incompressible pseudo-random data. Each modern SHA-256 thumbprint is 32 bytes, so any simple list of those 100,000 revoked certificate thumbprints would require 3.2 megabytes just to store the list. Yet our trained Bloom requires only 128K. So in return for some inaccuracy, we obtain a factor of just shy of 25 times compression. So it is super efficient.

And then there's speed. As you said, leo, searching a 100,000 entry sorted list is still time consuming, and more sophisticated tree structures consume more space and still take time to traverse. By comparison, consider our bloom filter. The certificate we want to test already offers its thumbprint. We need to perform five tests, each one which directly tests a single bit of the Bloom array. For those who are not coders, any coder will tell you that directly addressing and testing a bit in an array is one of the fastest things a computer can do and, as I mentioned, intel has an instruction that it does exactly that. That's all it does. You issue the instruction, you get the result instantly. So nothing could be faster than these tests. Now consider that, with the Bloom array having fewer than half of its bits set, each of these tests has a better than 50-50 chance of selecting a zero, and that the instant we hit any zero in the array when we're doing our five tests, we know that this certificate being tested cannot be represented within this array. So with five tests, each super fast and each having a better than even chance of giving us an immediate out and go ahead, this has got to be the fastest, most efficient and economical way of classifying a certificate as being a member of a larger set. But unlike Akamai Medium and the databases that can tolerate false positives, this application of Bloom filters for certificate revocation absolutely cannot tolerate any false positives. We can never tell a user that a remote server has just served them a revoked certificate when it has not. So now what do we do? You get extra credit if you guessed.

This is where the cascade enters the picture. Yes, to pull this off, it is necessary for the creator of the final CR light bloom filter cascade to have access to the entire real-time active certificate corpus, in other words a record of every single unexpired certificate, both valid and revoked. How big is that? It's big, but we don't need it. Just the person building the filters need it Now. Although this might appear to be a tall, if not impossible, order, the PKI public key infrastructure actually already has all of this in place.

All certificate authorities are required to publish every certificate they issue into a certificate transparency log. That log exists and it's available, so check this out. A first and largest Bloom filter bit array the one we've been talking about, is first populated by adding all known revoked certificates. As we've seen, this will generate an array with lots of one bits set, bits set, and we know that once this has been done, any certificate that has any zero cannot be a member of the set of all revoked certificates. We also know that each of the five tests has a better than even chance of returning a zero. So most good certificates will be identified almost instantly. But for this application we must enforce a zero-tolerance policy.

Every non-revoked valid certificate in existence is then run through this first stage bloom filter to explicitly detect every possible false positive that the first level bloom filter produces. And what do you think we do with those. That's right. Those false positives are used to train the second level filter in the Bloom filter cascade. In other words, the first filter is trained on revoked certificates, then all the non-revoked certificates are passed through it and any that come out because they're valid. Those represent false positives created by the first level. So those certificates are added to the second level Bloom filter to contain all of those. So this second level cascade, the second level, can be thought of sort of as a whitelist to handle the false positives which are generated by the first level bloom filter. Thus any certificate that is not in the first level must be valid. We know that that's the immediate okay. Be valid. We know that that's the immediate okay.

Then any certificate that was identified by the first level which we might call a candidate revoked and is not also in the second level, must actually be revoked, since the second level was trained on valid certificates that were thought to be bad by the first level. We know that Bloom filters false positive but they never false negative. So any certificate that the first level finds which the second level does not find must not have participated in the second level's valid certificate training. So we absolutely know that it had to have been revoked. However, there's one last bit of mind-melting logic to cover.

Since bloom filters are known to produce false positive matches, there's a chance that the second level Bloom filter might produce a false positive that would lead it to believe that a revoked certificate that was found by the first level filter and had been found to be good by the second level filter should be trusted.

So, believe it or not, a third level filter is used to catch and categorize those cases that may slip through the second level filter.

But that third level filter is the final stage of the Bloom filter cascade and its decision is final. So if the first level filter does not produce a match, we immediately know that the certificate must be valid, since that first level was trained on revoked certificates and Bloom filters never false negative. But if that first level filter does produce a match, we then test the certificate against the second level filter. If it does not produce a match, we absolutely know that the certificate must have been revoked, since the second level filter was trained on valid certificates and, again, bloom filters never false negative. And finally, since the third level filter is again trained on revoked certificates, if it does not find a match, we absolutely know that the certificate is good. And if it does find a match, thanks to the pre-weeding out of the earlier filters, we can finally know with certainty that the certificate is a member of the revoked set and must not be trusted. It's sufficient to do three levels.

2:00:17 - Leo Laporte
Yes, exactly.

2:00:19 - Steve Gibson
And I should note that since the second level, Bloom filter only needs to be trained on the valid certificates that mistakenly false positive match at the first level. That total number of certificates is very small, so much so that a much smaller bit array and smaller filter will suffice. And that's even more true for the third level that's only dealing with really exceptional cases. So we obtain significantly greater efficiency with successive levels of the cascade.

2:00:58 - Leo Laporte
You don't need a megabit on level two Right, nothing near that, maybe half that and then half again, or something like that.

2:01:04 - Steve Gibson
And so although this I get it is all a bit mind bending oh, super cool though it is super cool what we now have is a way of constructing an efficient means of rapidly categorizing certificates as valid or revoked.

In order to do this, we need to train a trio of Bloom filters on every possible valid and revoked certificate that they might ever encounter in the wild, and that's actually not impossible. We can do it. Once this has been done and Mozilla has been doing this now for several years, four years we wind up with a small local certificate classifier that every user can efficiently run in their own browser, and it can instantly identify any revoked certificate from among millions of candidates without ever making a single error. Without ever making a single error. This amazing local browser capability is supported and made possible by a massive, continuous behind-the-scenes effort to produce and distill, four times per day, those three simple Bloom filter bitmaps, which are then made available to every browser over a common content delivery network. Individual Firefox browsers reach out to obtain the latest set of bitmaps every six hours. If or when all browsers have access to these filters, we will finally have solved the certificate revocation problem with both low latency and total privacy, since every browser will then be empowered to make these revocation determinations locally.

So, cool, it is so cool.

2:03:06 - Leo Laporte
And now as an exercise for the listener why is it that you're testing revoked? Keeping track of revoked certs instead of keeping track of good certs Should be easy to figure out. It's kind of fun. I love this.

2:03:23 - Steve Gibson
I bet you.

2:03:24 - Leo Laporte
It'll be an advent of code this December.

2:03:28 - Steve Gibson
He's very timely with his algorithms and it's just, it's a such a cool technique to to, to use in order to classify something. And you know, you, you, the fact that most things are going to immediately reject the top level bloom will immediately reject most good, you know, valid certs only where there are collisions. Do you then need to train the second one to on on the valid certs that are known to collide? Uh, and it's just, it's elegant, uh and uh, and, and I'm impressed. I mean, to me it feels like Mozilla is out there paving the way for all the other browsers to steal the cool tech that they come up with. And then I mean, because this is all just going to get copied by everybody else, yeah, Well, as it should be.

2:04:25 - Leo Laporte
This is a great replacement for OCSP. This is it I mean, it is it.

2:04:31 - Steve Gibson
The problem is, as we know, mozilla is endangered, firefox is endangered.

2:04:36 - Leo Laporte
Yeah, because yeah, but I could see Google adopting this pretty quickly. Yeah, I mean, this seems like a very clever and it's nice because all the heavy calculation, which is calculating the hashes, is done on server side. They just push these small bitmaps. There are maybe a mega. Let's see a megabit is what 1K it's 128K. So maybe you're throwing every six hours 156K or something. It's nothing, it's nothing Brilliant and instantaneous results?

2:05:12 - Steve Gibson
yep, now I still have to understand why you only need three layers to guarantee you're doing 20, the, the, the math is there and it turns out that you can show that the first filter will have, will have resolved everything that the third one would got it so, so, so now it's a loop.

2:05:36 - Leo Laporte
All the mistakes are all the mistakes are taken out yeah, very interesting. I will read up on this. And it's uh, and professor bloom, if you thought this all 1970, many years ago, I was a freshman in high school and he's like if you had a lot of bits and you needed to get them straightened out.

This is what you're going to do I want you to, someday, when we've got some time and there's no security issues to talk about, do the Dykstra algorithm, edgar Dykstra's search algorithm? I bet you could explain that pretty clearly. That's fun, really good stuff. This is why we love Steve right. Aren't you glad you listened to this episode? And if it's all a mishmash in your mind, listen again. It'll come clear. And by doing so you're building brain cells, you're making yourself smarter.

You're having much less room for trivia smarter, you're having much less room for trivia.

2:06:35 - Steve Gibson
I have no idea who jason momoa is married to or not, doesn't it's not in my head because I got bloom filters. Like I said, you want to terminate an annoying conversation over at a cocktail party.

2:06:44 - Leo Laporte
Bring out the bloom filter but I have to say, if the person you're talking to says, oh, that's interesting, you've got to keep her, Right Now you know, now you've got something. That's true. Somebody you're going to want to talk to, some more.

2:06:56 - Steve Gibson
That might be a good first date question. No, it's not. Maybe save that for later.

2:07:02 - Leo Laporte
SteveGibson at GRCcom, the Gibson Research Corporation. His bread and butter is there too, of course spinrite, the world's mass best mass storage, performance enhancer, uh maintenance utility and even recovery utility. 6.1 is the current version even better than ever, just brand new. Uh, go get it at grccom. It's what keeps steve and ham sandwiches. So get yourself a copy and get one for your friends too. He also has a lot of freebies, including Validrive. What's that new one? I can never remember the name? Is Boot Secure? It's because it feels like it's a caveman. Is Boot Secure? But it's a great little tool. He writes these all in assembly language. They're about this big. You download them in seconds and they do amazing things. It's all at GRCcom, as well as Shields Up, which anytime I put a new router online, I run Shields Up to make sure it's doing the right thing. Grccom. While you're there, you can also get a copy of the show Steve maintains, as he mentioned, the full archive Going back, as he mentioned the full archive going back to episode one, he has for every one of those a 64-kilobit audio version.

That's the high-quality MP3. And a 16-kilobit. Do you have all of them in 16? Probably not. Everything, really Everything. So that's for the bandwidth impaired. That's a nice small download, a little scratchy, but you know fine. A little scratchy, but you know fine. Also, he's got the even smallest version of this, which is the transcripts written by Elaine Farris. She does a great job. Take a couple of days to come out because she's actually doing it by hand. All of that is at GRCcom.

We have audio and video at our website, twittv slash SN, and we also go back to episode one. We didn't do video for the first couple of hundred episodes because Steve said why would anybody want to see us? But I convinced him. I convinced him and now the stash lives on. You can watch us do the show live and I think a lot of people do because they want to participate in our chat rooms. We use chat on discord, twitch and youtube. Uh, actually, xcom, facebook and linkedin also have chat so you can interact with us. Uh, as we're doing the shows every tuesday right after mac break, weekly, that's usually around 1 30 pm. Pacific 4, 30 eastern, uh, 20, 30 utc, and then the streams I said are every twittv slash SN will have a list of all the stream channels. We will be back next Tuesday for another gripping edition.

2:09:42 - Steve Gibson
September and we have you. How many more weeks?

2:09:45 - Leo Laporte
I'll be here next week and then I'm going to be out for two weeks. Okay, cool, See you next week. Yeah, but I'll see you next week and then I'm going to be out for two weeks, Okay, cool.

2:09:50 - Steve Gibson
See you next week. Yeah, but I'll see you next week.

2:09:53 - Leo Laporte
Thank you, Steve, we'll see you next time. Bye, bye. Security Now.