SN 1080: Vulnerability Debt Repayment - Will Mythos Change Cybersecurity Forever?

[00:00:00] It's time for Security Now! Steve Gibson is here with lots to talk about. Cisco freaking out over Mythos, the amazing results Firefox is getting finding vulnerabilities with AI, Microsoft's mitigation for the yellow key BitLocker bypass, and a serious vulnerability in Ubiquiti routers. That and a whole lot more coming up next on Security Now!

[00:00:27] Podcasts you love. From people you trust. This is TWIT. This is Security Now! with Steve Gibson, Episode 1080, recorded Tuesday, May 26th, 2026. Vulnerability Debt Repayment. It's time for Security Now! The show we cover the latest in security, privacy, computer use, science fiction, vitamin D, and more.

[00:00:56] And the reason it's so eclectic is because of this guy. He is a man, a Renaissance man for our time. Mr. Steve Gibson, hello sir. Ah yes. ADD much? Well, I don't know. We pretty much stick to security for like 90% of the show, don't worry. Well, and overwhelmingly we're getting feedback from people who are engaged in the security implications of AI.

[00:01:23] I heard from one grumpy listener who said, I'm tired of hearing every podcast you do now is about AI. It's like, hey, you know, if it weren't all about changing the entire complexion of software and security and privacy, then yeah, I would be, I would carve out a little piece to just talk about my own interest because I haven't, I mean, I've become a user of it.

[00:01:51] And in fact, something occurred to me that I'm going to share mid podcast that caused me to realize why the line I almost used last week was the only way I could imagine somebody doesn't understand is if they're not using it.

[00:02:10] That is to, you know, if, if you use it, then I don't know how you could not. And then I realized, oh, I do know how you could not. I know. I understand what people might not have done. That makes all the difference in their experience that converts it from just a search engine into something more. So we'll be talking about that. Yes, I know more AI, but actually this is another, we have another major AI episode because stuff is happening.

[00:02:39] And I actually think that that's going to change in the long term, which is why today's title is vulnerability debt repayment. And if you can imagine that, that that's about the vulnerability debt that all of our software currently has, there's going to be some pain while we repay that debt.

[00:03:06] But contrary to what some people think, which I'll talk about that, what one guy from Cisco thinks that the whole CVE system is just, you know, going to be buried forever and unrecoverable. I don't think that's the case, which is not to say that it doesn't need to get fixed. We're going to talk about some of the changes that need to happen. But anyway, we've got a bunch of fun stuff to talk about. Cisco meets mythos.

[00:03:31] Can the aging CVE system survive AI? Patch deployment latency and what that means in the AI age. Microsoft responds officially to last week's discussion. Well, not our discussion, but the last, the fact of yellow key, which is the BitLocker bypass with a mitigation, which is very clean.

[00:04:01] And we learn a little bit more about the nature of it from them. Ubiquity has patched five serious vulnerabilities. All Ubiquity users need to make sure that they are current. But yeah, I'm going to do that right now. See you later, Steve. Three are critical. Two are serious, but they're bad.

[00:04:22] Drupal's being attacked by a post-greSQL infection, which is wreaking havoc. Microsoft, the first major company to terminate SMS as a second factor authentication mechanism. So props to them. GitHub, speaking of Microsoft, GitHub got hacked, lost all of their source code.

[00:04:52] So whoops. Also, it turns out that our source code, their source code. Right, right, right, right. GitHub's own internal, like 4,000 some repositories of internal stuff. Yikes. And we'll look at how that happened. Guess it's open source now. Open, open.

[00:05:15] Also, after the Ukraine, Russia's attack of Ukraine, their access to Western software was cut off largely. Turns out that's having some interesting consequences we'll talk about. Also, I am going to, as I mentioned, going to dip into a little bit of my own revelation about AI and why people may not have understood what you and I understand, Leo.

[00:05:44] Also, I'm going to touch on briefly a new sci-fi show that dropped on Thursday on Netflix. And then the biggie is what we have learned from Mozilla's use of mythos. Very good. And, of course, we have a great picture of the week. And, of course, I'm not going to look at it. Try not to because this one's got a nice punch on it. It's part of the fun for me is to scroll up.

[00:06:13] I could see, and I'll show everybody what I could see right now because I can see the caption that you write. Yes. But I can't see anything below it. Because the previous do not trespass sign was often ignored and ineffective. I love, you know, so I can look at that and I go, okay, I see where we're going here. This is going to be another weird fence or another, yeah. I mean, this has been a specialty of yours.

[00:06:42] The oddball real world security. Well, entirely thanks to our listeners. Entirely thanks to people saying, I mean, and they're like taking a walk on some trail and they see something and they're like, oh, I had to capture this for the podcast. Gotta give that to Steve. Yeah. We'll tell you how you can do that, by the way, later in the show. If you have a picture you'd like to share for the picture. If you survive. If you survive. That's coming up. But first, a word from our sponsor for this segment on Security Now, GuardSquare.

[00:07:11] Now, this is really aimed for the mobile app developers or people who are thinking about being mobile app developers in the audience today. A great space to be in, right? Okay. Live on our phones these days and we do everything on them from financial services to healthcare, retail, of course, entertainment.

[00:07:35] And the thing is, your users are trusting your apps with their most sensitive personal data. That's why the bad guys are going after you. A recent survey showed 72% of organizations experience a mobile application security incident last year. 92% of respondents reported rising threat levels over the last two years. They've seen it. You've probably seen it if you're a mobile app developer.

[00:08:05] Meanwhile, attackers who want your users' personal data are looking for and constantly finding new ways to attack your mobile app. Here's one way that's devastating. They take the app. Nowadays, with AI, it's very easy. Use Ghidra and AI to reverse engineer it. Repackage it. It's indistinguishable from the real thing, except they have modified it. They've put malware in it or spyware. Then they distribute the app, the modified app.

[00:08:35] They do phishing campaigns. Hey, we've got an update. Send out emails. Side loading. They go into third-party stores. There's all sorts of ways to get to your customers who think they're downloading your app. Instead, they're downloading malware. This is why it's so important you take a proactive approach to mobile app security. That's just one way. Many ways they're attacking you, and you have to stay one step ahead of these attacks because the trust of your users is absolutely vital.

[00:09:05] That's where GuardSquare comes in. GuardSquare delivers mobile app security without compromise, providing advanced protections, both Android and iOS apps, combined with automated mobile application security testing. So it helps you find vulnerabilities, which is also nice. That's a very nice feature. And real-time threat monitoring so you can see those attacks that are incoming before they bite you.

[00:09:33] Discover more about how GuardSquare provides industry-leading security for your mobile apps. You can find out more at GuardSquare.com. That's GuardSquare.com. Mobile app developers, you need this. GuardSquare.com. We thank them so much for supporting. Security now! So again, the caption I gave this was,

[00:09:57] because the previous do not trespass sign was often ignored and ineffective. Okay. And I'm going to scroll up here. Let's see what we can see. Now that's funny. So the do not trespass sign has been replaced with more of a consequences if you do.

[00:10:25] It says, in big, bold, all caps, white letters, do not cross this field. And then kind of parenthetically below, unless you can do it in nine seconds, because the bull can do it in ten. Oh, Lord. Which, of course, is the old, I don't have to run faster than the bear. I just have to run faster than you. That's right. That's awesome. And what I like is, over on the left, Leo,

[00:10:53] the center rung looks like it's been bent by somebody standing on it and going over the fence in that location. Climbing over. So it's like, yeah, there actually somebody did. And you can kind of see something in the far distance. You think that's the bull over here? I think that's the bull way back there. There's some other over to the right of the sign, too. That's great. You know, that is a whole category of witticism,

[00:11:21] is the don't trespass sign in our rural areas. They're always or often very humorous, as well as threatening. On with the show. Okay. So I titled this first short note, Cisco Meets Mythos. Of course, in honor of that fabulous classic cartoon short, which was called Bambi Meets Godzilla. Cisco recently. Very short. Very short.

[00:11:51] End of the point. Yes, memorable. Cisco recently produced a slick eight-page PDF document titled, well, they borrowed a name I'm quite familiar with, Shields Up, they said, Guidance for Defending in the Age of AI-Enabled Attacks. And I'm only going to share the introductory executive summary from this piece, but I wanted to start with it because it nicely serves to introduce us

[00:12:17] to what Cisco themselves have now realized is about to happen to the industry. The executive summary says, in early April, 2026, Anthropic announced that it would be holding back on releasing their new AI model, Mythos. Due to deep concerns around the offensive cyber capability of that model,

[00:12:44] Anthropic decided to work with select companies, including Cisco, so that those companies could use the model to find and patch security vulnerabilities. Cisco is changing our near future threat modeling of AI-enabled attackers in view of our experience with Mythos. That in turn has changed how we defend ourselves

[00:13:12] and led us to develop a set of defensive recommendations for customers. While the capabilities of Mythos may not be widely available, we do anticipate that this capability and more will become widespread as AI technology advances across the board. This paper lays out what Cisco has seen so far from AI-enabled capabilities and what we believe the new threat landscape will look like. Whether these models are wielded by attackers,

[00:13:42] leveraged by researchers, or operating as agents within your own environment, the security implications are significant. Subject to appropriate safeguards and controls, we will share what we've implemented based on this new understanding and lay out our recommendations for customers. The threat surface is going to change in some ways dramatically. Defenders must take the time

[00:14:11] to understand what the new normal will look like and evaluate what changes their environment must make to stay secure. Cisco is committed to being a partner through that transformation. So, it's pretty clear, reading between the lines, that Cisco got a wake-up call from their experience with Mythos. I have a link in the show notes to Cisco's full report.

[00:14:39] Though, you know, it's an eight-page glossy sort of thing. You know, I didn't find anything there that was really that interesting or worth sharing. It appears, you know, to be far removed from Cisco's trenches where Cisco developers appeared who have run out of expletives to express their degree of astonishment and concern. So, link in the show notes toward the bottom of the second page. But, speaking of running out of expletives,

[00:15:10] Cisco's security blog poses some interesting questions about the future and specifically the practicality of our existing time-tested CVE, which we're talking about every week, the Common Vulnerabilities and Exposures System. and the impact of AI vulnerability discovery on that. Now, my own expectation, as I teased earlier,

[00:15:40] differs from Cisco's. So, nevertheless, I want to share Cisco's thoughts since they're Cisco's and that matters and they're worth understanding. So, under their title, when AI finds faster than humans can patch, when AI finds faster than humans can patch, disclosure must evolve. So, they write, Project Glasswing

[00:16:09] is an amazing initiative by Anthropic. Cisco's one of the main participants, and I, writes this author, have been honored to work on it since it started. And then, here it is. This is not, all caps, this is not hype. Claude Mythos has discovered thousands of, now he's not talking about his own stuff because he's, you know, very politic here,

[00:16:38] thousands of zero-day vulnerabilities across every major operating system and web browser. The CVE program, already buckling under 50,000 entries a year, was never designed for this. We need to talk about what comes next before the flood arrives. As you probably have heard from many sources, Claude Mythos Preview found a 27-year-old

[00:17:07] remote crash vulnerability in OpenBSD. It found a 16-year-old bug in FFmpeg that survived 5 million automated fuzzing runs. It chained together Linux kernel vulnerabilities to escalate from unprivileged user to full system control with no human guidance. And it did this in days, not decades. Key technology providers are finding and fixing

[00:17:36] hundreds of vulnerabilities. Participant organizations are also finding thousands of open-source vulnerabilities and working on a coordinated disclosure timeline. That is the responsible move, but it also forces an uncomfortable question. What happens when this class of model becomes commonplace, meaning mythos? What happens when mythos level everybody can have it? He says,

[00:18:05] when the vulnerability discovery rate jumps from thousands per month to hundreds of thousands. Okay, so I'll just pause you to note that the title of today's podcast, Vulnerability, Debt Repayment, looks at this at the end of the podcast. And my conclusion is not the same as this author's, as I said, but I thought this was interesting because this guy is on the front line of Cisco meets mythos.

[00:18:34] Yeah, he's scared. Yeah, he was, yes, he was obviously deeply affected by what happened. If you remember Bambi, well, anyway, since he's an employee of Cisco and obviously wants to keep his job, he's not talking in detail about what they found. But again, how much sleep is he getting? I wonder. It doesn't take much imagination given what we know of Cisco's own rickety past with security.

[00:19:05] One could just imagine. I mean, it's got to be similar to what Microsoft is going through. Anyway, this guy continues writing, the answer is that every piece of infrastructure between discovery and mediation, disclosure norms, the CVE system, patching pipelines, and the human workflows that connect them will need to be re-architected, not updated. We must rethink how to scale.

[00:19:34] The problem is that the CVE system was built for a different era. The Common Vulnerabilities and Exposures Program turns 27 this year. It was designed when the security community measured vulnerability disclosures in the hundreds per year. For example, 321 CVEs were issued throughout all of 1999. By 2023,

[00:20:05] the number had climbed to nearly 29,000. And a 2026 forecast projects a median of roughly 59,000 CVEs this year with the realistic upper bound scenarios reaching 100,000. And that forecast was published before Project Glasswing was announced. So, 100,000 at the high end, median estimate

[00:20:34] around 60,000 before this all happened. At RSAC 2026, he writes, CVE board members acknowledged the program needs an overhaul. GitHub reported a 224% increase in vulnerability reports over the last three months alone. Again, that's the current volume before AI-scale discovery tools were going

[00:21:03] wide. When a single AI model can surface thousands of high-severity vulnerabilities in a few weeks of scanning, assigning an individual CVE to each one, enriching it with CVSS scores, routing it through the NVD, the National Vulnerability Database, and waiting for human analysts to triage it, becomes illogical.

[00:21:33] Not wrong in principle, but extremely challenging in practice. The bottleneck is no longer discovery. It's everything that comes after. The CVE system assumes a world where vulnerabilities are found one at a time by human researchers disclosed individually and patched on human timelines. AI-scale discovery breaks everyone

[00:22:02] of those assumptions simultaneously. Individual CVEs may no longer be the right unit. Here's the heretical idea that needs to be said. When a model like Mythos scans a code base and produces 300 findings in a single pass, buffer overflows in some parsing library, null pointer dereferences across related system calls use after

[00:22:32] free conditions in the same memory management subsystem. The one CVE per bug model no longer serves defenders. It buries them. Okay, now, again, we'll notice that this guy never said what's happening when Cisco's, when Cisco met Mythos, but if it had happened, if what we expect happened had, we wouldn't be surprised. He continues, what defenders

[00:23:02] actually need is a vulnerability summary, a grouped, contextualized disclosure that says, quote, this code base has a class of memory safety issues concentrated in these five modules with these representative examples and this aggregate severity profile, unquote. In other words, a vulnerability class report,

[00:23:31] a VCR, rather than 300 individual CVE tickets. So, it certainly does sound like this may be what exactly happened to him. And if it had, it's understandable, right? He's down in the trenches following the original 27-year-old CVE model, which requires that each and every discovered vulnerability be cataloged, described,

[00:24:02] evaluated, listed, and resolved. It's not a big deal when you field one or two, but when 300 drop on you during the first pass scan of just one piece of one's massive code base, what are you supposed to do? Really? So, I do see this guy's point. The existing piecemeal approach becomes immediately impractical. So, he writes, this is not about hiding

[00:24:31] information. Every individual finding should still be documented and available to the maintainer, the CNA and the downstream consumers who need it. But the disclosure unit, the thing that gets published, tracked, and acted on by defenders, should be the summary, not the avalanche. Think of it as the difference between receiving 400 individual package tracking notifications and receiving

[00:25:01] a single shipment manifest. The manifest tells you what's coming, how critical it is, and what you need to do. The individual tracking numbers still exist, you just don't need to process them all at once to take action. Here's the stat, he writes, that should keep every CISO awake. The median enterprise patch deployment time is approximately 20 days. The median,

[00:25:31] that is to say the point where there are just as many quicker as there are slower, that point is 20 days. At 20 days, half of the patches take longer than 20, the other half take fewer than 20 days. He says, but in March of 2026, two months ago, researchers observed active exploitation

[00:26:22] of a patch cycle that human driven patch cycles cannot keep pace with AI driven discovery. If models like Mythos are finding vulnerabilities at machine speed and adversaries with similar models will exploit them at machine speed, then remediation has to move at machine speed too. This means we need to use AI

[00:26:52] to scale fix and patch, but code changes must be carefully reviewed and tested. This must become a standard part of our lives. It also means organizations need autonomous patch deployment pipelines for the most critical categories, not we'll schedule it for the next maintenance window. No, not it's in the backlog. No, automated testing, staged

[00:27:22] rollout, and rollout capabilities that can absorb a continuous stream of patches without human bottlenecks at every stage. The pieces are assembling. What's missing is the operational framework to use them at scale. Again, I believe that by the end of the podcast, I'm going to be able to make a strong case for the thing this guy's missing, but I think what he says still bears hearing. He says,

[00:27:52] the CVE program must adapt. Let's be direct, he writes. The CVE program in its current form cannot handle what's coming, not because the concept is flawed. A universal identifier for vulnerabilities is valuable, but because the implementation assumes human speed discovery, human speed enrichment, human speed consumption, all three assumptions are collapsing. The national vulnerability

[00:28:22] database enrichment backlog is already a known problem. CNAs, the CVE numbering authorities, are already overwhelmed with submission volume. And downstream consumers, the vulnerability scanners, security information, and event management systems, and risk platforms that ingest the CVE data, are already struggling to provide actionable signal rather than noise. Several adaptations

[00:28:51] are necessary and they need to start now. Machine readable first, human readable second. CVE records need to be designed for automated consumption as the primary use case with human readable descriptions as a secondary output. This means structured fields for affected components, exploit preconditions, environmental factors, and critically, machine readable patch references

[00:29:21] that automated deployment systems can act on. Now, okay, actually, all those things I agree with completely. Modernizing our 27-year-old CVE system to take advantage of everything that's been learned since its original design, and the fact that, you know, again, 1999, 321 CVEs, even 2023 was tens of

[00:29:51] thousands. So, even pre-AI, just the sprawl of software has created a far greater demand. We don't even have Adobe with Flash anymore keeping us busy. So, I think it makes a ton of sense to revisit the CVE system under today's world, and that's what the RSA guys were looking at. It should be designed to be

[00:30:21] deeply automated, to be managed, ingested, and digested by machine. Why not? That's overdue already, and as I said, that's what the CVE board members who met during the 2026 RSA conference acknowledged about the CVE program needing a complete overhaul. And again, not specifically due to AI or mythos, that hadn't happened during RSA 2026, just because

[00:30:51] we could now do such a better job of what has become a critical need. So, the Cisco guy considers the shape of some of those changes that we would need. He writes, so, should we use hierarchical identifiers, a parent vulnerability class report identifier with child CVEs for the individual bugs? Defenders who need to take action at the class

[00:31:20] level can operate on the parent. researchers and tooling that need the granularity can drill down into the children. Scanners and SBOMs, software bills and materials, can index either level. This gives organizations the ability to respond to, your TLS library has a family of parsing vulnerabilities rather than individually tracking 47 separate advisories.

[00:31:50] CVSS, the Common Vulnerability Scoring System, was designed for human assessors making static judgments. EPSS, the Exploit Prediction Scoring System, moved toward probabilistic exploit prediction. The next step is continuous AI updated risk scoring that incorporates real-time threat intelligence, proof of concept availability, attacker tooling trends, and the defender's own

[00:32:20] environment context. So, what should defenders do now? He writes, you don't have to wait for the CVE program to reinvent itself. The practical steps for security teams are clear, even if they're painful. Remove and migrate away from end-of-life software and hardware. Well, okay, generic security advice, always good. Stop treating every CVE equally. If you're

[00:32:50] patching by CVSS score alone, you're already behind. Use EPSS, CISA, KEV, the commonly or the known exploited vulnerabilities, and real-time threat intelligence to prioritize by exploitability and environmental relevance. The volume is about to make score-based patching physically impossible. Next, know your inventory.

[00:33:20] Yes, actually know it. You cannot respond to a flood vulnerability disclosures if you don't know what software you're running, where it runs, and how it was built. Software bills of materials are not a compliance checkbox anymore. You need them. They're the only way to answer, does this affect me at machine speed? And finally, invest in autonomous patching infrastructure, automated

[00:33:50] testing, canary deployments, staged rollouts, an automated rollback. If your patch deployment requires a human to click approve for every single update, your cadence will be measured in weeks when it needs to be measured in hours. He finishes writing, Project Glasswing's findings will flow through these normal channels as patches land. Your job is to be ready when they arrive,

[00:34:19] and the window is closing. Anthropic chose not to release Mythos preview publicly. That decision buys the industry time, but not much. Frontier AI capabilities and open weight models will advance substantially within months. The capability to autonomously discover and exploit software vulnerabilities at scale is no longer theoretical. It's only an engineering problem, and

[00:34:49] multiple organizations are solving it the vulnerability disclosure system we built over 27 years was a remarkable achievement for its time. It gave us a shared language, a coordination mechanism, and a way to hold vendors accountable. But it was built for a world where a prolific researcher might find 50 vulnerabilities in a year. We're entering a world where a single AI system can

[00:35:19] find that many before lunch. The choice is not between perfection and action. It's between adapting now with grouped disclosures, tiered timelines, AI generated patches, federated databases, and autonomous remediation. If nothing else, we've just heard the somewhat panicked reaction from someone inside another

[00:35:48] major enterprise that obtained early access to Mythos. Though this author was careful to talk about the software security industry at large, it seems pretty clear that it was his own direct experience when Cisco met Mythos that drove this posting. He's essentially saying that there are so many problems that we cannot even count them. So at least for the first

[00:36:18] pass, we're just going to classify them by generic type because enumerating them individually seems pointless and probably really sad. So I think the major takeaway from this is that yes, indeed, it is time to update the industry's aging coordinated vulnerability management system. And while we're at it, since AI has arrived in full force and it's obviously never going to leave, let's incorporate AI

[00:36:48] friendliness into the new system. Where I disagree with this author is in the long term effects of AI's involvement. I think it's going to be different. I'll make my case for that once we get to today's main topic. Nice. And Leo? It strikes me that this is just one aspect of how AI

[00:37:18] is going to change the speed that everything is happening. It's certainly true in vulnerabilities but it's going to be true in software, it's going to be true in customer service, it's going I've talked before about how I purchased some next generation servers for GRC last year since one of them has 256 gigabytes of error correcting server

[00:37:48] memory. I'm glad I bought it as I now have three different machines they will be three VMs. Anyway the reason I'm saying all this is that what happened was I was in the process of adding

[00:38:18] some additional purchasing methods to GRC's e-commerce system to lower purchasing friction because I'm going turns out PayPal would refuse to connect to my server because although I support TLS 1.2 I don't support

[00:38:48] a couple of the later ciphers and I never will. I can't on that server platform so that's driven me to advance my plan of upgrading GRC servers the point is I'm working with Claude that is basically a massive knowledge base to help me in the same way that you used it to set up that Linux system from scratch yes I could have done

[00:39:18] it yourself but I know what I want and so it's like how do I do saved hours and hours of time I could have done it but now I don't have to because and think about this Leo this is what boggles my mind all that there is is bazillions of of parameters in a massive

[00:39:47] matrix which contains this knowledge it's astonishing what we have created it's read all the manuals so you don't have to yes the knowledge and as I said last week a book doesn't have understanding itself because it's printed text but it's just it's a captured it's captured language but a book does contain knowledge because when we read it we get we obtain that knowledge and so but it's just

[00:40:17] it's just this mass of of parameters and I'm able to it's mind boggling but his point about the speed with which this is happening there is a little bit of an impedance mismatch because the speed the AI is operating at is a lot faster than the speed we can operate at you know which means

[00:40:46] I think and this may be not a good result that we are going to be more and more dependent on AI for instance in vulnerability it's not merely detection we're going to rely on the AI for remediation because only the AI can act as quickly as the detection can act and I think that we're going to have more and more dependency on AI just to keep up and the main point here is not just in vulnerabilities it's going to be in every aspect this is what computing has wrought

[00:41:16] before the invention of the internal combustion engine we got on bicycles and pedaled to where we wanted to go and we steered the handlebars in order to aim the bicycle and we went somewhere now we sit on a throne enclosed and twist a wheel and it just whispers along we're still driving we're still steering although that's now well and you know what the chief danger on the road is the human

[00:41:45] behind the wheel I love to ride my bicycle that's my favorite form of exercise because you're actually doing something you're going somewhere so much fun I watch people who are clearly staring at their phone or their console and they weave around and wander and I'm thinking I'm glad I'm not on a bicycle I stopped riding bicycles I

[00:42:38] a moment but first a word from our sponsor Doppel I love this you know I gotta play it again I have so much fun playing this this is an example of why you need Doppel this is a well see if this sounds like me hey Burke this is definitely not Leo asking you to buy gift cards but seriously can you grab me

[00:43:08] Anthony generated this fake phishing voicemail in about with about four minutes of my voice on his desktop with a local model it is now that easy so you might you know get that voicemail message that urgent message from your CEO maybe it is from the CEO or maybe it's a deep fake trying to target your business Burke don't mail those Apple gift cards okay that

[00:43:38] was that was not me AI as I mean I just demonstrated it can impersonate trusted individuals and that's why you need Doppel Doppel and the platform illustrates they've actually did a test how frequently users fall for these phishing attempts they did a voice call simulation deployments on the Doppel platform targeted users spent on average six minutes conversing with a deep fake yeah well yeah and a hundred percent

[00:44:08] of them believed the AI was human if you got that message from me and it didn't say don't do it you might believe it too it sounded just like me you know the other day you did the story about shiny hunters putting an ad in the paper for a female because they wanted a female voice to do their phishing because they had plenty of guys who could do the social engineering but they needed some ladies this is a scary world

[00:44:38] doppel is the AI native social engineering defense platform doppel strengthens human risk management by training employs to recognize deception while doppel digital risk protection detects and disrupts attacks across every channel you know i said it's not just cves attackers are turning the AI to power increasingly sophisticated strikes doppel uses it to fight back you need AI

[00:45:07] to fight with automated takedowns multi-channel coverage and AI defenses that build intelligence with every fight doppel works relentlessly to protect people brands and trust doppel offers best-in-class integrations and partnerships to seamlessly integrate into your existing security tech stack don't worry doppel's industry awards and testimonials speak for themselves they're recognized as a winter 2026 g2 leader in more than one category users most likely to

[00:45:37] recommend momentum leader and best support join hundreds of people from social engineering attacks you need it doppel outpacing what's next in social engineering learn more at doppel.com that's d-o-p-p-e-l dot com doppel you know as in double as in doppelganger and that was a doppelganger of me that was pretty darn credible d-o-p-p-e-l dot com

[00:46:06] doppel you need it it's terrifying out there we found out that we got phished in January they broke into our google workspace account fortunately they did very little and we got a notification from google the other day 121 days after they broke in they had 121 days but you know what i think is going on they have so many successful breaches it's

[00:46:36] they are it's too fast for them the bad guys can't keep up so they didn't get around they did a little sniffing they read some emails and stuff but they we're so vulnerable out there steve it's terrifying on we go with the show okay so there remains

[00:47:06] one massive problem that no one is talking about and this is particularly worrisome for a company like cisco and that problem i'll call patch deployment latency it seems very clear that cisco meets mythos was a massive wake-up call and that cisco like probably every other enterprise any large enterprise having

[00:47:40] significant ai driven re-engineering of much if not all of their existing code base but as we all know too well having chronicled this for literally for years decades now having fresh updated and for the first time ever largely if not completely bug-free code ready to deliver is entirely

[00:48:09] different from having that massively improved and far more now secure code actually installed and running across its entire user base it should be very clear to everyone that mythos daybreak and codename m dash scale improvements are going to be sweeping across the entire industry's software and that the result

[00:48:39] of that will be basically soup-to-nuts improvements in the operation and security of that software but getting those improvements into the hands of its users this remains an unsolved problem for our industry you know really what we want to do is we want to remove all traces of the previous software because in retrospect these AI tools have shown us or are showing us will

[00:49:09] be showing us that it should have never been shipped in the first place but we didn't know any better at the time we do now so this is going to be a big problem as I said we patch Tuesday baby Apple with their Mac OS and various

[00:49:38] mobile OS can do this I just had the opportunity while I was waiting for the podcast to update one of my phones with a 26.5 I think it is iOS on the phone and since the security of our web browsers is paramount and since browsers are by definition connected to the internet browsers have long had the ability to keep themselves current so that's all great you know and now the major

[00:50:08] Linux distros are beginning to acquire this ability so what we've seen is that Microsoft Apple and the browsers and now Linux is kind of catching up have made it difficult to not remain current I mean you basically it's done for you you have to like actively say no and I think Windows update allows you to postpone an update for seven and then it's hey you're getting updated whether you like it or not

[00:50:37] so this this tendency to update autonomously and more or less continuously for these people it's likely to pay off handsomely I think in the coming months we already saw Microsoft able to brag that the four critical vulnerabilities in which code name M dash I hope they change the name or come up with a good name which it discovered in their TCP IP stack had already been

[00:51:07] patched by the time of their disclosure last on patch Tuesday but unfortunately these few companies are the exception right of like having like being really patch forward they're not the rule today many of this industry network appliances which are seriously vulnerable because we keep seeing problem after problem after problem you know they they inherently suffer

[00:51:36] from an attitude that's a you know like a decade ago they if it's not broke don't fix it philosophy so I have a difference in the security between what's running now and what should be running becomes far more significant than it you know the delta than it ever

[00:52:06] has been it's one thing to like patch a problem and say oh well you know this is a double point release because it'd be good to have it but it's not you know house on fire like one problem is being fixed and you could almost understand somebody who's busy who doesn't want to take the equipment down because it's in use like I don't want to fuss around for some problem that is probably not going to affect me but when this landslide

[00:52:36] which is what we can expect to see coming from Cisco when the landslide hits there's a huge difference I mean like a huge benefit to patching and so it's going to be interesting to see what happens I'm really grateful Leo that this podcast did not stop at 999 because we're having more fun with internet security and its implications now

[00:53:05] with AI than we have for a long time last week we talked about the BitLocker bypass which I was reluctant to label a backdoor despite a number of security professionals kind of teasing that description Microsoft was quick to jump on this even though it's released by the hacker which we know was calling themselves nightmare eclipse was deliberately timed to leave this

[00:53:35] exposed for the longest time possible which is to say until June's patch Tuesday

[00:54:09] the bypass referred to as yellow key the proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices we are issuing this CVE to provide mitigation guidance that can be implemented to protect against this vulnerability until the security update is made available okay so then the executive summary offers a breezy FAQ

[00:54:39] Q&A which asks and answers asks should I leverage the temporary mitigation and they respond and I'll be sharing what that is here in a second they respond Microsoft recommends that you consider implementing these mitigations if you are concerned your devices and data are at risk of being compromised or stolen in other words yeah implement it

[00:55:09] take their work devices home or on business travel okay so maybe if the device is at higher risk what impact to service availability and management could be caused by implementing the mitigation they reply mitigating implementing these mitigations will not impact service availability or management operations okay so one can imagine that that'll be part of next patch Tuesday if there's no downside do

[00:55:39] customers need to revert the changes made to mitigate the vulnerability once the security update to protect against this vulnerability is available answer no the security update will maintain the mitigations behavior once the security update is installed in other words this kind of does read like a whoops we should and we're not going to undo it even

[00:56:09] if we fix the underlying problem and finally they ask I'm using TPM plus pin am I at risk of this vulnerability being exploited answer no if you are using TPM plus pin the vulnerability is not exploitable so that's an interesting data point we learn from this that among other things as I suspected and contrary to

[00:56:41] last week there is no pin bypass possible and anyone who is already using a pin will be protected and the CVE description that has another FAQ a secondary one which is a little more interesting question what kind of security feature could be bypassed by successfully exploiting this vulnerability and they answer a successful attacker could

[00:57:10] bypass the bit locker drive encryption feature on the system storage device an attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data and finally is there and this leads us to the mitigation is there a script that I can copy and paste to implement a mitigation what do you know yes this script is an interim security fix

[00:57:40] that helps to reduce the risk of exploitation of registry value since boot execute runs programs very early in boot even in recovery mode removing this entry prevents that executable from

[00:58:10] running in a high privilege environment reducing risk again shouldn't have never been there after you run the script it image editing its offline system registry to remove the entry if present then safely committing changes and resealing WinRE so

[00:58:40] bit locker trust remains intact it's designed to be safe if the auto fstx.exe entry is not there it anyone who might have concerns that a local system might be abused in this way can now run to remove the vulnerability to the hack that Nightmare Eclipse

[00:59:09] discovered and publicly disclosed to spite Microsoft this will presumably be more formally fixed by next month's June Patch Tuesday I provided the link to Microsoft's CVE disclosure which contains the script in the show notes at the bottom of page eight so I didn't think it

[00:59:46] vulnerability does not appear to be the result and this is significant of a software flaw of the type that Mythos Daybreak or Microsoft's own codename Dash Vulnerability Discovery System would detect and remediate in other words this appears to be an architectural design flaw where Nightmare Eclipse while examining the mechanics of Microsoft's deliberate

[01:00:16] design cleverly realized that a side effect of one of the system's deliberately designed features could be abused to cause the system's bitlocker drive to be and to remain decrypted following an interrupted recovery boot so the reason so that while our emerging AI systems very clearly promise and I would say it's beyond promising they're delivering you know

[01:00:45] eliminating entire classes of software coding mistakes not every security problem we're going to see is the result of a coding error so we need to remember that it's very possible for a sufficiently complex system even without outward bugs that is where the software is doing what the coder intended it could still exhibit unintended behavior by

[01:01:15] design now I should also mention that actually since I wrote the show notes I run across some discussion of the next generation of AI security which addresses this it says okay once we've got all the bugs cleaned up what about mistakes in design and so that will be the frontier after the one we're on and I mean

[01:01:46] whoever has a chance even to catch their breath these days Leo it's just crazy I know it's overwhelming oh my goodness yeah um I actually big problems I'm here to catch your breath for you and I can't I'm really I'm sitting here looking at my ubiquity dashboard waiting to hear

[01:02:15] what I need to do because so this will be you can bet I'll be paying close attention to the next segment before we get there though pay close attention to this our sponsor for this segment of security now cyber hoot man you need cyber hoot it's a subscription based security awareness training platform that is the best we just started using it and I can tell you it is the best if you've ever rolled

[01:02:45] out security awareness training and thought and I know I have this feels more like a compliance exercise than actually teaching me security that is a very common actually that kind of feeling I mean just doing this because we have to but you should take this seriously because you do have to we you know as I said earlier we got bit we got phished and this was before we implemented cyber hoot and it's one of the reasons we did

[01:03:15] implement cyber hoot because we and I'm sure you in your business really need to keep an eye on these things most training works kind of the same way you try to catch users making mistakes so these platforms they send fake phishing emails to inboxes they wait for someone to click and then bam you click and you're going to get assigned training after the fact and it can honestly it feels pretty punitive it is

[01:03:48] that's where cyber hoot takes a really different approach instead of trying to trick your users cyber hoots hoot fish love the name the logo is an owl right so cyber hoots hoot fish focuses on teaching them first not in their inbox after a mistaken click but in their browser through a trusted realistic phishing simulation so you're not simple to

[01:04:17] build instinct before the click ever happens and actually I watched Lisa go through the cyber hoot process I looked over her shoulder while she was doing it and I was really impressed cyber hoot is automated training campaigns reminders escalation to managers if you need it reporting all of that's handled for you so instead of chasing users down you get clear visibility into who has

[01:04:47] completed what and where your risks are and here's something interesting cyber hoot also adds and I think this really is cool a light opt in social layer because you're going to get these little badges right users can connect with co-workers and actually engage in a friendly competition around training progress it's not forced gamification it's just enough and people I think people really dig it to increase participation it's not you know we're not building a gotcha system here we're just making it fun and it is

[01:05:17] G2 review I've seen people you know put their little owl their little award right there in the slack G2 reviewers rate cyber hood 4.9 out of 5 stars that's pretty good that's as good as you get what reviewers like they repeatedly praise ease of use high participation brief content non punitive training full automation and strong support if your organization is ready to stop punishing people for being human

[01:05:46] and start actually building cyber smart employees head over to cyber hoot dot com slash security now now do me a favor use the code security now at checkout you're actually doing yourself a favor because you're going to get 20% off your first year that's cyber hoot c-y-b-e-r h-o-o-t cyber hoot dot com slash security now the promo code security now 20% off your first year just remember to always laugh learn and hoot up with cyber

[01:06:16] hoot and you're going to get a little owl it's so cute it works make it fun don't make it don't make it a chore make it fun it's it's common sense and I and I think it works I do all right Steve back to you okay Leo since I know that you and many of our other listeners are users and fans of ubiquity I'm sitting on my update page right now waiting to hear what you have to say about

[01:06:46] this so I wanted to make sure yes that everyone knew that it was once again patch time for ubiquity okay now recall that two months ago in March ubiquity patched a maximum severity flaw affecting the unify network application that allowed attackers to take over user accounts as well as another vulnerability that could be exploited to escalate privileges yikes yeah since census the internet

[01:07:15] shows that the internet currently has 100,000 publicly exposed unify OS endpoints with nearly half of them 50,000 IP addresses located in the US any known and unpatched flaws in ubiquity devices will tend to draw bad guys attention and in fact that has been the case and there are some ubiquity focused campaigns so well and it

[01:07:45] explains why ubiquity products have been targeted by both state backed hacking groups and cyber criminals in recent years there's a big inventory they were the hijacked devices were used to build botnets and proxies so everybody wants to stay current last last week ubiquity released security updates to patch three maximum severity vulnerabilities in unify os

[01:08:15] that can be exploited by remote attackers without privileges in other words as bad as it gets so yeah so just to be clear the unify os is what powers the unify consoles and helps manage it infrastructure including networking security and other services as well as unify applications such as unify network unify protect access talk and connect so

[01:08:45] the first flaw which is cve 2026 349 08 enables attackers to make unauthorized changes to targeted systems by exploiting an improper access control weakness that exists in unify os the second one 349 09 allows them to access files on the underlying system by abusing a path traversal vulnerability can you believe we're

[01:09:15] still having path traversal problems leo this could be manipulated to access an underlying account the third maximum severity vulnerability that's 349 10 makes it possible for malicious actors to launch a command injection attack after gaining access by exploiting an improper input validation vulnerability so that was earlier in the week than on Thursday another critical command injection

[01:09:44] flaw CVE 2026 330 00 I guess that'd be easier I should say 33,000 was patched along with a high severity information disclosure and that's 349 11 so all of these affect all Unify OS devices now there is a piece of good news here as bad as these are they are not known to have been exploited

[01:10:14] in the wild so these are not zero days unlike nightmare eclipses deliberate campaign of malice against Microsoft and thus sadly against Microsoft users right because users are the ones you ultimately lose all of these flaws were responsibly discovered and disclosed and reported through Ubiquity's participation in the

[01:10:43] HackerOne bug bounty program so it's not house on fire the hackers are not out there scanning but they're going to be doing that so definitely make sure that if you are Ubiquity user that you've updated yourself to whatever is the latest available firmware for your devices you know for a long time and this is years ago Ubiquity had a bad reputation they'd put out a few bad updates and the device was yeah always oh don't do auto

[01:11:13] updating on Ubiquity but I they've been fine and I turned on auto updating a few years ago because it is so important and I haven't had any problems at all so I noticed I'm completely up to date and I presume those are all the latest patches so nice that's a relief you know and I would suggest anybody who remembers those bad days of Ubiquity's updates they've been they've been very good and well and you know there are always people behind those right I mean and and people leave

[01:11:43] and new people come or heads roll after a problem like that so so I mean it really is the case that I mean look at I would argue Microsoft security has been a roller coaster there have been good times and bad times and good times and bad we don't I don't know what determines like why but it just it's like they're so big right the changing of the guard or or they get a new VP that really

[01:12:12] understands you know how to do something or and then he burns out and leaves and somebody is stuck in there who doesn't and you know and and nothing changes overnight right it's always sort of a decay and then and then a rebuilding so anyway for what it's worth I think you're really you're exactly on point Leo we were just talking about especially with what's coming imagine when Ubiquity has access to as everybody will mythos

[01:12:42] scale daybreak scale AI finds new problems they want to find them before the bad guys do and they want their customers to have them the problem is once AI starts creating massive blobs you know massive inventories of improvements it's one thing for the publisher to have them they've got to get into deployment and so especially for a device like Ubiquity that's on

[01:13:11] that is internet facing that is where you want and they update frequently more frequently than any router I've experienced before and seamlessly you're not even aware of the updates happening and all my Ubiquity devices have auto updates that's the only workable model and people go oh yeah but what if they make a mistake well so what so you know you wake up one morning and you don't have connectivity that's not the end of the world it's much better not

[01:13:43] device you may have missed this story earlier today HP sent out a BIOS update which bricked their high-end laptops through Windows update so and it's things like this that make people turn off updates and that's you know there is one such person right there on the screen yes he's damned if he does damned if he doesn't this was the high-end HP ZBook

[01:14:13] XG1 these are beautiful laptops these were critical BIOS updates pushed through Windows update that that bricked the computers and apparently it's been very

[01:14:43] all you are out then is a lack of connectivity until you fix it right and that's not again it's not the end of the world what is the end is that having your router not updating itself and there being this window of opportunity for the bad guys to crawl in and that could be that's catastrophic yeah because I mean we have this

[01:15:13] the fuse blows right it's like oh darn electricity is off yes because would you rather have a fire yeah there that's a really good analogy don't don't put a penny in your fuses so they won't blow that's a bad idea actually you can't do that anymore but in the old days you could I don't think pennies are copper so so so consider that having auto update is

[01:15:43] it could be a false positive but that sure is better than not having it and letting the bad guys crawl in yeah yeah well now I'm reassured and I'm glad I had that ubiquity updates on I think all of our listeners anybody who thinks they're like being fancy by turning off auto updates not anymore not in not now not when the world is about to hit jet skis with vulnerabilities and it's

[01:16:13] going to be a contest to see who wins yeah now of unfortunately because this is open source what's being described as a highly critical SQL injection vulnerability because yes Leo we're also not only have we not solved the path traversal problems but SQL injections

[01:16:43] never going to go away apparently after receiving and understanding the implications of Mandiant's discovery on Monday May 18th so eight days ago the Drupal project a PSA urging I love this urging admins of its very popular CMS their you know the Drupal content management system to reserve some time like

[01:17:12] prospectively get ready get like you know get ready for core updates that addressed an issue that threat actors might start exploiting they said within hours or days sadly that announcement turned out to be prescient since attacks soon followed the publication of the updates that they had warned admins to be ready to apply

[01:17:42] which repaired the problem the vulnerability that was resolved allows specially crafted requests to trigger arbitrary SQL injection on sites using the PostgreSQL SQL database engine so not all Drupal instances if you're not using PostgreSQL well but many are as we've seen before one of the mixed blessings of open source is that

[01:18:12] any repairs to its published code are trivially reverse engineered just you do a diff on the here was the source before here's the source now what did the developers change and now you know what the problem was that they fixed so you know it makes it instant for them to create an exploit once the resolved trouble has been identified then you know any online sites that have not yet switched over to the

[01:18:41] newly released updated code which as I said is available to the attackers at the same time as everybody else will be vulnerable targets of opportunity so in this case the flaw is exploitable without authentication and can result in remote code execution privilege escalation and information disclosure in all the works so last Friday the Drupal team updated their advisory to confirm

[01:19:11] that exploitation attempts you know and attempts well right you know they say attempts we know what that means have been detected Drupal rated the vulnerability as highly critical assigning it an internal score of 23 out of 25 so they have their own scale I guess 10 wasn't high enough so they go to 25 so you can get really close at 23 and unfortunately it affects a wide range of

[01:19:40] Drupal versions on basically every still supportive branch there are so many I didn't enumerate them in the show notes so I'll urge anyone using Drupal you know who you are to bring whatever version you may be using up to the latest release of that branch and I'll just also note that although those not using PostgresQL may not be

[01:20:17] dependencies including in symphony and twig so one final point is that Drupal's advisory notes that Drupal 8 and 9 are both well past end of life I think they're in the tens and elevens now with many point release branches of those yeah so as a consequence this is so bad that they even tweaked 8 and 9 although they made the comment that

[01:20:47] we're doing this because oops we're really sorry but the updates are being provided on a best effort basis only because they will still contain other known vulnerabilities that will never be fixed so anyone still using 8 and 9 you're doing it on borrowed time you know if for whatever reason you cannot move then still update to the newest 8 and 9 to fix this

[01:21:17] because the bad guys are out there scanning for it and they will hurt you okay in it to

[01:21:54] no one's surprise of fraud and that the single most targeted vector for account takeover for accounts that have you know SMS as their additional factor of authentication and what's more of course pass keys allow for higher speed login flows since there's no need to wait for an SMS message to arrive it also makes for a

[01:22:24] smoother and much more secure account recovery process since users will no longer be tied to a specific phone number even if you weren't using SMS normally if you need account recovery the only way to do that is by being able to accept an SMS message so interestingly this move makes Microsoft the first major platform to completely abandon SMS for multi-factor authentication other platforms

[01:22:54] like Google Facebook and Twitter are pushing their users to stronger MFA multi-factor authentication alternatives but they do still allow them to use SMS as a last resort Microsoft says nope no more SMS and I'm sure this is not Microsoft's fault actually we actually know what happened GitHub got hacked as I said at the top of the show a Microsoft developer meaning you know Microsoft

[01:23:24] developer because you know they own GitHub using their VS code had the misfortune of installing a rogue extension from which is moderated and hosted by Microsoft the result was that all of GitHub's internal repos more than 3800 internal code repositories

[01:23:53] have been exfiltrated and are now being offered for sale on a hacking forum as shown in the screenshot that I put in the show notes GitHub says it's rotating critical secret tokens to prevent any future access to its assets the malicious VS code extension was identified as NX console so in the show notes I had this screenshot thank you for putting it up hello again breached

[01:24:23] this is obviously a demo a dummy account but hello again breached I hope everything is doing well this is the breached forum on the dark web so it's not a joke it's actually the name right so it's posted under the title internal github source code and the screenshot was made almost immediately when this

[01:24:53] posting was only eight minutes old and so hello again breached says the poster to the audience hope everyone is doing well we are here today to advise github source code and internal orgs for sale i'm sorry to advertise we're here today to advertise github's source code and internal orgs for sale no lowball offers will be

[01:25:23] accepted everything for the main platform is there and i'm very happy to send samples to interested buyers to verify the absolute authenticity there's a total of around 4,000 repos of private code here he says here is a list of all and provides a lime wire dot com address and he said please read these

[01:25:53] carefully to understand what the breach entails meaning your eyes are ransom we do not care about extorting github one buyer and we shred the data on our end it looks like our retirement is soon so if no buyer is found we will leak it free in other words

[01:26:22] they're saying if somebody is for github and nobody else will get it if they choose not to buy it then the world will get it and so whatever value it might have had been having been exclusively purchased by I don't know some big state actor maybe or

[01:26:52] github or github I think that's what the real implication is if you buy it well I'll destroy it no one will have to interesting so I guess you're

[01:27:31] right github big time if you do it before they do it and maybe have access to all kinds of other goodies so the person signs off saying if you're interested send your offers to the communications below we are not interested in under 50k the best offer will get it so $50,000 I presume it's US 50k they wrote it's kind of speculative if

[01:28:03] it but you don't know that's why I think the real buyer here is Microsoft is github right I'll bet you rightly that does it's worth 50k to them to make sure it doesn't get leaked to the public I would say so by the way this is why I don't know if this helps but I'm glad github has pass keys anyway because I don't you know yeah well there are

[01:28:32] undiscovered unpatched flaws in github's function then we're talking about cutting through it like you know like butter through a hot knife I don't put anything on github I don't other people to see ah yes yeah yeah that's crazy so I titled this one to Russia with love uh Russians are continuing to use increasingly outdated software from western publishers most of which

[01:29:03] which can be a mixed blessing especially when the tsunami of change is coming somewhere around one third of all Russian enterprises are continuing to use software acquired before 2022 when Russia invaded Ukraine the greatest concentration of western software is in the corporate email segment with Microsoft still holding around 50% around so around half of the Russian market both through exchange and Microsoft 365

[01:29:32] an interesting thought experiment would be to imagine that codename M dash is turned loose on the internally on the exchange and 365 code bases and uncovers a bunch of exploitable vulnerabilities vulnerabilities at this point it's virtual certainty that that's what would happen but Russian enterprises don't receive the benefits of these discoveries

[01:30:02] and updates because they're cut off I would imagine that there are those within the United States intelligence community who would love to have knowledge of the things Microsoft had already found fixed and patched and really what harm could that do and of course Russia is likely not alone in being a hostile foreign adversary that's continuing to use software we're in the process of fixing just as fast

[01:30:32] as we can so anyway I just thought I wanted to just note that Russia is you know we're at a time now this is exactly on point of me suggesting to everybody that there's never been a those who are responsible will have the

[01:31:02] opportunity to get firmware patches out to those devices as soon as they are available you think we're headed towards an apocalypse a mythos fueled apocalypse yes I there can be no question wait till you hear what happened at Mozilla oh baby we will get there in a second but last week first I shared my over the somewhat surprising

[01:31:31] consequences of having an AI chat bot learning about me in the furtherance of the illusion that there that you know that there's somebody on the other end of the conversation and not only that it's someone on the other end but it's someone who appears to care enough to accurately recall previously shared information one

[01:32:01] of the things that I forgot to say was that these observations felt so strong and so self evident to me that as I said at the top of the show the only way I could imagine that someone might not be totally blown away by the capability of today's AI would be if they had never actually used it like just were just like AI deniers some people have only used it as a chat

[01:32:30] bot and I think sometimes that doesn't give you the best experience so exactly my I feel like to use it would be to understand and be blown away by it we also know that this is a little bit of me coming late to months ago so two days after I shared that last Tuesday

[01:33:00] I shared it with everybody on Thursday I lightbulb lit up for me then Friday morning I posed the following question to Claude and I will say my Claude because my Claude is different than anybody else's Claude so here's what I wrote to Claude I said when I have been singing A.I.'s praises to other people I have sometimes been met with blank stares as if the person I am talking to wonders whether I have drunk the

[01:33:30] Kool-Aid what has struck me the most is that when an A.I. not only answers well but answers like an attentive friend would speaking from a growing understanding of me specifically me not just some generic human that transforms the interaction from a Q&A into a much richer conversation and that led me to the revelation that anyone who is just using

[01:34:00] an A.I. chatbot without any account may not have the benefit of that long term history accumulation so I'm writing to ask is that completely true since browser cookies could create session continuity and what exactly are the differences between the use of today's A.I. chatbots Claude and ChatGPT

[01:34:29] with and without a paid for account so that was my question to that prompt Claude replied the following your observation cuts right to the heart of what makes A.I. genuinely useful versus merely impressive in a demo let me break this down carefully on the cookie question yes cookies create session continuity but that's a much narrower thing

[01:34:59] than it sounds what a cookie buys you is that returning to the same browser on the same device might reconnect you to the same open conversation that's not memory that's just not having closed the window yet the moment a browser session expires the cookie becomes irrelevant and there's zero synthesis happening across conversations so cookies keep a thread alive they don't build a

[01:35:29] relationship here are the actual tiers of continuity no account at all each conversation is hermetically sealed the model has no idea who you are what you care about or what you talked about five minutes ago in a different tab every session is a stranger introducing themselves this is the experience most casual quote I tried it once people have had

[01:35:58] which explains a lot of the underwhelmed reactions or free account this is where the gap opens up meaningfully with a Claude account even free your conversations are saved you can read them back search them reference them but more importantly both Claude and ChatGPT have memory systems that do active synthesis they don't just archive they

[01:36:28] extract salient facts about you and inject them into future conversations for Claude what you're seeing right now in this response is a direct product of that I know your background your work on Spinrite and security now your health interests the DNS benchmark video project project all of it without you having to reestablish any of it and finally paid account

[01:36:58] the memory mechanism itself isn't a paid only feature for either Claude or ChatGPT what paid buys you is primarily higher usage limits access to the most capable models longer context windows and additional features like deep research or image generation the relationship building aspect is available at the free tier and then it

[01:37:27] finishes writing okay and again remember this is a computer this is a thing that is producing this text which again is like holy crap it finishes the asymmetry nobody talks about writing here's what I think is the under appreciated insight in what you've identified the benefit is not linear with use it's

[01:37:57] threshold gated a casual user firing off three questions once a week gets almost nothing from memory because there's not enough signal to synthesize someone like you who uses it heavily and across domains gets a compounding return each conversation adds fidelity to the model's understanding of your context vocabulary priorities and working style the person

[01:38:26] giving you a blank stare has probably only ever experienced the stateless version which genuinely is just a fancy search box the analogy that might resonate for your audience it's the difference between calling a business's general support line versus having a long term relationship with a specific person there who knows your account history your preferences and how you think same

[01:38:56] underlying capability completely different experience so I'm astonished that we have technology that's able to answer my question like that but I wanted to share it because to those listening who have not already figured out what Leo and I am so enraptured about if your experience to date has been limited

[01:39:26] to anonymously asking chat GPT or Claude a question from time to time like any other search engine what I learned we should both be drinking that AI go ahead what I learned is that it is not necessary to pay anything to experience what happens over time which actually is very clever right because

[01:39:56] they're setting the hook you know account is sufficient but it is necessary to create that unpaid free account which will allow the AI to get to know you which it cannot otherwise do I believe you'll see that it becomes transformative and as I noted last week somewhat worrisomely seductive some of us

[01:40:26] have spent many many many many hours developing memory for our AI in fact that's what agentic AI really is all about is a memory of previous interactions kind of accumulating and I'll give you an example right now Steve it's funny that you should mention this because earlier today I asked should I buy SpaceX stock and my agent this is of my Hermes agent said your own words boss stay away that's what you told me to put in memory and nothing

[01:40:55] in the news changes that if anything it reinforces it now that's good because I did in fact at one point say let me know when the IPO happens because I want to make sure I don't have any and then I said to it oh you're so smart and it says funny how that happens when I'm just parroting your own good decisions back at you but thank you I'll take the compliment so the personality also has something to do with it but that's the thing that's

[01:41:25] probably more a seductive issue and perhaps not having anything to do with intelligence memory is very very important one of the other things I'm appreciating is for example as I'm hyper-v based multi-vm server I will make a point of for example telling it the name I used for one of my VMs because then

[01:41:55] it knows what I named it or I defined three virtual nicks on the hyper-v supervisor gave it the names then it just automatically was using those names as we through the configuration it knew what to call them because I took the time to give it that information I didn't have to but I'm growing to understand how to use this

[01:42:26] amazing memory alpha system that we have I actually have three memory systems running now on my agent to do a variety of different memory short-term long-term and then semantic memory so that if I ask it a question it can then query a database of SQLite database and say what have we said about this in the past because really all of it simulated has no memory that's the thing

[01:42:56] that's important to remember it's like a new it has no understanding yeah but also the memory comes because when you first load it the first thing it does is go out and look at the memory files and go oh yeah yeah yeah okay well it has memory like the guy in memento had memory because he had post-it notes everywhere right except that also in Claude I do switch to a previous chat oh yes when I want to

[01:43:26] continue that thread that's right yes it has session memory absolutely yeah yeah but as soon as you start a new session right it's all gone unless you have completely understand skepticism

[01:43:56] I honor it you're welcome to it your skepticism doesn't hurt me at all so skeptic away but if again if you're wondering maybe like what you're missing or literally is there a you know a tank of kool-aid on perch behind me that I've you know actually been drinking instead of coffee during these breaks it's delicious isn't it it is it is it is transformative when you when this knowledge of

[01:44:26] you I mean and again if you I have things to do I'm busy I'm doing work I'm so it's useful to me because I'm not sitting around on the veranda you know reading news and so so you work with it on in order for that to start to happen but again don't have to pay anything you do have to create a free account I would argue I would urge

[01:44:55] anybody who still doesn't think that this is real to just try that I cannot imagine that you could come away not being amazed and Leo we're at an hour and a half in let's take a break we have one left after that before our main topic but then I want to talk about a show that Laurie and I watched since it was its release on Thursday on Netflix just touch on it always interested in stuff and then

[01:45:25] we have a bit of tech if you are managing Microsoft 365 for your company you are a big job you are responsible for both the cost and whether it's set up correctly and I hope you probably do on July 1 Microsoft going to raise prices so now any mistakes in your licensing are

[01:45:55] about to get more expensive. Most companies using Microsoft 365 are either over-licensed, paying for unused seats and features, it's very easy to do, or under-licensed, creating compliance and security risks. And sometimes it's both. One department's got too much, one's got too little, but the bottom line is wasting tens of thousands a year on tools your team doesn't use, or I don't know, this might even be worse, missing critical security features you thought you had.

[01:46:25] You thought you were paying for. Trusted Tech understands this. They can help businesses understand what they have, what they actually need, and really important right now, how to lock in the right setup before those costs go up. Trusted Tech's team ensures your M365 environment is well supported and aligned with how your business actually operates. And that's one, you know, the licensing business, one part of their business, but also they do great certified support services

[01:46:55] so Trusted Tech also offers reactive support for your Microsoft environment through those certified support services. They do both. Microsoft licensing, it can be challenging. It's always changing. You've got E3 versus E5 versus business premium add-ons, the new E7. It's confusing and it's easy to misconfigure and overpay. And licensing mistakes, again, don't just cost money. They can create compliance

[01:47:25] exposure that's going to get more expensive after July 1st. Look, even if you think your license is dialed in, it's worth a second look. It's worth going to some experts. People, this is what they do day in, day out. They understand it, they know it, and they can really help you tune it. It's just like it's getting a second opinion. And if you want an opinion, ask Kevin Turner, former Microsoft COO. I mean, who better to ask about this? This is what he said. He was talking to Trusted Tech. He said,

[01:47:54] you guys have an incredible customer reputation. You have to earn that every single day. The relentless focus you guys have on taking care of customers gives them value and differentiates you in the marketplace. He was talking about Trusted Tech. Look, after July 1st, you're stuck paying more. This is the last chance. I mean, that's like a month and a week away. This is your

[01:48:18] last chance to fix your licensing before the costs go up. The clock's ticking. Trusted Tech right now offering a free Microsoft 365 licensing consultations right now. Visit trustedtech.team slash securitynow365 and get a clear data-backed view of your current licenses, what you're wasting, and how to lock in savings before the price increase. Go to trustedtech.team slash securitynow365

[01:48:46] and submit a form to get in contact with Trusted Tech's Microsoft licensing engineers. The clock's ticking. Do it now. Trustedtech.team slash securitynow365. We thank him so much for supporting Steve and the work he's doing at security now. Steve? Okay. So this is just sort of a heads up to

[01:49:12] people who are looking for something to watch. Time Magazine covered this saying Netflix's The Burroughs is Stranger Things Senior. They said, backed by the creators who brought us the upside down, Netflix's newest sci-fi horror series features an all-star cast of senior citizens. Okay. So

[01:49:38] first of all, let me say I'm not a huge fan of horror, which to me generally feels gratuitous, but that's not at all how I would describe The Burroughs. So if you don't like horror, don't let that put you off because there's nothing horrific at all. IMDb gives it a seven and a half out of 10. The majority of people are giving it an eight. And the second highest number

[01:50:04] is a 10 out of 10. So a lot of people are liking it. It's all, all eight episodes became available last Thursday, uh, presumably time for binge watching over the long Memorial day weekend. Uh, and I had run across a tease of it months before stuck it on my calendar. So I was, you know, looking for it. Uh, so my wife and I, uh, Lori sat down and began watching it. Um, they do a little

[01:50:31] immediate reveal, I think because they realized it has a little bit of a slow start. Uh, I was a little worried about it until I got to the end of the second episode. It was like, come on. Is it what, you know? Okay, fine. We were spending a little too much time, uh, looking at it. The whole thing is set in an old folks community, you know, putting old folks. It is senior. It is senior. Yes. Stranger

[01:50:57] things senior, but, uh, I, I enjoyed it and there, it, there definitely has a theme and a concept and, uh, it holds together nicely. So the boroughs is like a retirement home. Yes. Out in some random desert somewhere. Um, and, and we spend a little more time on, you know, senior infirmity than I think we need to, but, uh, uh, and, uh, uh, uh, great. Do you think this is aimed at seniors? Oh,

[01:51:27] it's Alfred Molina. I love him. Is this aimed at seniors or is it aimed at kids making fun? No, no. It, it, it's aimed at everybody. Uh, it's, it's just, you know, the, the re sort of the, it, it, the, the nature of the mystery Davis is in this. Oh, and Alfre Woodard. Oh, great cast. It's got a really good cast. Yeah. So, and you can see there a picture of a weird

[01:51:53] claw thing. Yeah. So it's, uh, it's, uh, I think it's worthwhile for people who I wouldn't say go subscribe to Netflix, but if you've got Netflix, you probably want to check it out and you have to be a little patient. Give it the first two episodes. I mean, you need to watch them, but, uh, by that, by the end of the second episode, I think you'll be pretty hooked. Okay. I'm now I'm interested. I love Gina Davis. Yes. Yeah. And she's got a good part. Great. And Alfred Molina is great. Oh,

[01:52:22] this will be fun. Yep. Alfre Woodard is great. And it's the Duffer brothers. Yep. It is. Yeah. Okay. Okay. And there's a guy in a coffin. Okay. Sitting up. So be careful not to expose yourself. Don't learn too much. Okay. I'm going to stop right here. It is you, uh, you definitely, uh, could get spoiled, but there are some great moments and, uh, and there is an

[01:52:46] interesting, you know, sort of like broad concept that, uh, so that, that holds. Yeah. Good. Uh, okay. So, uh, oh, and you're not left hanging. So by the end of episode eight, you get closure. They tease a little bit to there, maybe another season, but if so, uh, if you're not like left waiting, so, uh, our, a listener of ours, Dale, who, who his name on his posting or his email to me

[01:53:14] was Dale LTL. Uh, we'll see why in a second, but he said, I want to share an interesting piece of, no, I'm saying I want to share an interesting piece of feedback. Uh, he's a long time listener and a follower. Um, it touches on something we've talked about several times relative to the way some

[01:53:35] future local AI agent might always be looking over the shoulders of computer users. I believe to tremendous advantage. I mean, I am sure this is one of the ways AI is going to manifest. Um, I cannot overstate the value and importance I see for having that eventually, um, chatting with an AI

[01:54:03] that grows to know you is already of inestimable value. So we already have that. And that capability is only going to grow to become more useful over time. But as I have repeatedly observed here, the overwhelming demonstrated strength of the range of click fix attacks, which as we know is the number

[01:54:28] one attack technique now in the world where users blindly, I mean it, the, the, the number of those is greater than all other attacks combined where users blindly follow on screen instructions, which they do not understand that lead them to paste malicious command streams into their PCs. It serves to demonstrate

[01:54:53] that today's PC users have very little understanding of the way their machines work. I mean, and you can't blame them. These things have gotten ridiculously complex. I mean, have you looked at PowerShell on windows? It's like, Holy what? What? So that's not that that shows no sign of changing. It's not as if users are suddenly going to start reading the manual. That's not going to happen. In fact, they're probably

[01:55:18] going to use AI to distance themselves even further. But what could change is adding the ability to the PC operating system and or its web browsers to proactively prevent their users from self-inflicting

[01:55:37] harm. Okay. However, notice that I specifically said future local AI, because these services, when they exist in the future will need to cost nothing. They'll need to be part of the OS or the browser and be able to run on the local machines, AI engine. It's pretty clear to me that future PCs and smartphones will combine

[01:56:05] local with cloud based AI and future computing engines will have what some sort of we can call it a neural processing engine just as, you know, part of its capabilities. Okay. So here's what our listener Dale shared. He wrote, I very much enjoyed your last podcast admitting to offering your thanks to your AI of choice.

[01:56:31] I also thank Google Gemini, my current AI of choice, at least until it becomes another killed by Google project. I would like to offer a way of using AI that I haven't heard anyone speak about, determining whether or not an email is phishing. My wife and I have several websites and corresponding

[01:56:55] social accounts online. Mine is mostly YouTube with almost 12,000 subscriptions and hers is a mostly Facebook and Instagram to boost her real world sales. As such, we get a huge amount of spam and phishing emails collectively. I've attached a screenshot of a recent scary email my wife received through her

[01:57:20] business email. It doesn't have any of the obvious spam phishing email indicators like an email address of, you know, random letters and numbers at scamming you.com. Um, and so Dale attached the image of the email, but since it contained identifying information, I've rep, uh, I just, uh, I've reproduced the relevant text

[01:57:46] to give everyone a sense for it. So here's what this email that his wife received says. It says, we're contacting you regarding content associated with your account that has been identified during a recent intellectual property verification process. Our review indicates that certain materials may contain copyrighted content protected under United States law, including digital millennium

[01:58:16] copyrighted copyright act, DMCA. These materials may have been published or shared without documented authorization from the applicable rights holder to assist with your review. We've attached a document containing the relevant content references and supporting information. Then there's a PDF icon

[01:58:38] and a link with the text evidence of copyright infringement dot PDF. It goes on. We kindly ask that you review the attached file and verify whether the referenced materials are being used with proper authorization. If necessary, please update, remove, or restrict access to the identified content across websites, social media platforms, and other distribution channels. Okay. Well, as we've got to

[01:59:08] We know AI can now be employed to write highly convincing English. And, you know, we've been expecting to see an increase in the apparent veracity of spam. This is likely an example of that. I mean, this reads very well written, very authoritative. Does it mean we know in advance, right? That it's spam. But if you receive this,

[01:59:34] and if you were a person with on with like a website and lots of content, there's nothing obvious that tips this as being bogus. So, you know, I have to say that anyone who didn't have their guard up could be excused for falling for this. And even if someone who was being cautious, you know, it evidences none of the common telltale signs we've all been comfortably able to use until now to quickly identify

[02:00:04] junk email. Junk email. Dale's note continues. He wrote, so I asked Gemini. My prompt was email of copyright content from shady records. Email says from no reply at app sheet.com legit or phishing. Gemini replied.

[02:00:28] Swift quote, quote, this is 100% a phishing scam. Do not click any links, download any attachments or reply to the email. Good. Here is exactly what is happening, writes Gemini and why it looks so convincing.

[02:00:45] First, the legitimate sender address. No reply at app sheet.com. Gemini says app sheet is a legitimate no code application development platform owned by Google. Cyber criminals have figured out a loophole where they can create a throwaway app on the platform and use its automated workflows to send emails.

[02:01:12] Because the email physically originates from Google's infrastructure. It easily passes security checks like SPF, DKIM and DMARC and lands directly in your main inbox instead of your spam folder. While the email address, no reply at app sheet.com is real. The content inside it was written by a scammer.

[02:01:36] Two, the shady records scare tactic. Scammers frequently use urgent legal threats like copyright, trademark or intellectual property violations to trigger panic. They want you to act quickly without thinking. So you'll click their link to quote, view the evidence unquote, or quote, dispute the claim unquote.

[02:01:59] If you click the link provided in that email, it will likely lead to a fake login page designed to steal your credentials, a malicious download like a zip or doc file that can infect your system with malware. And then he finishes writing.

[02:02:18] And then he finishes writing. Dale does says, so after fussing at Gemini for parent company, Google, knowing about this and doing nothing about it, he says, I followed up with a heartfelt thank you, Gemini. I also have no doubts that the PDF link was hotwired to a nasty little payload and I'm glad we didn't get it. Thank you. And then, then he says to us, thank you for all you do, Mr. Steve and Mr. Leo.

[02:02:43] Been a fan since early two thousands call for help. And the tech guy on my 12 foot mesh satellite dish signed off Dale low tech Linux at a low tech Linux everywhere. Open Sousie tumblewood tumbleweed KDE plasma fanboy. Nice.

[02:03:04] So Dale was clearly annoyed that Google allowed this crap to be generated and sent from their own domain while their own Gemini AI knew all about it in detail. It's like, oh yeah, our service is being abused like that. And this is an example of it.

[02:03:23] So the good news is more broadly, I think another huge aspect of our lives, which AI has the promise to improve are all those aspects of fishing and spoofing and generally unwanted conduct, which bad guys have been getting away with for the past several decades.

[02:03:44] I think that the widespread use of AI agency for crime prevention is going to be one of for cyber crime prevention. One of the biggest things that's yet to happen. And given the speed at which all this is moving, we may not have long to wait. That's a really good tip to pass it through to an AI. Have it examine it. Yes. And why don't we have AI right now doing that?

[02:04:11] Yeah, it should be. Well, there are plenty of companies offering this kind of scanning. Yeah. Yeah. This is a very hot area right now. Okay. So we're going to talk about our main topic, vulnerability debt repayment. We're a little early for our final, but let's take our final break. And then I'm going to talk about Firefox 151 and what I learned from their announcement update.

[02:04:38] Somebody is pointing out, and I think this is true, that probably all of the LLMs have been trained on all 1,080 episodes of security now. So they at least know that much. They've learned everything you can possibly learn from this show. So, you know, from day one, long before we even considered AI might ingest our content, we've made our content creative commons and allowed people to, you know, ingest it and encourage that.

[02:05:07] And I'm glad, you know, I think that's really great. I'm glad that there's hundreds of thousands of hours of great, some of it dated technology information on our pages. Let's talk about our sponsor, and then we'll talk about vulnerability debt repayment. I'm dying to know what that means. Steve will explain. But first, a word from Xbow, X-B-O-W, like bow and arrow, right?

[02:05:35] Xbow, AI has changed the pace. We were just talking about this, of everything. From how fast software gets developed to how quickly it gets attacked. And engineering teams are moving faster than ever, creating more and more applications. But security has not been able to keep up. This is exactly what we were just talking about. Pen testing is still one of the most trusted ways to understand real exploitable risk.

[02:06:02] The problem is, in an AI-driven world with everything that happens so fast, pen testing can be a bottleneck. Security teams are forced to choose between slowing down development to stay secure or moving fast and accepting that there are going to be gaps in coverage. They don't have to be because Xbow eliminates that trade-off.

[02:06:21] Xbow, this is exactly what we were just talking about, Steve, is an autonomous, offensive security platform that runs continuous AI-driven pen testing at the speed of AI, mirroring real-world attacks, hammering on your vulnerabilities. Xbow doesn't just scan for vulnerabilities. It discovers, it exploits, and it validates them. So you know you're only dealing with issues that actually matter.

[02:06:51] Real exploits. That means dramatically fewer false positives. Because we humans, you know, we don't want to waste time, right? And a clear view into real attack paths. This is exactly the kind of pen testing everybody needs. With Xbow, tests run in hours, not weeks. You get complete visibility into how an attacker would move through your systems and the ability to uncover issues that traditional tools miss, including zero days and novel attack paths.

[02:07:21] Xbow's results speak for themselves. Just ask the application security lead at sesnam.cz. He says, even right now, after a year, I don't know any other company that is at least close to Xbow in terms of agentic pen testing. They've pioneered this. They're the leaders here. The result? Predictable cost, consistent quality, and stronger security without slowing down your engineers.

[02:07:49] Xbow helps security teams keep pace with innovation and cover more apps more often with the resources they already have. X-B-O-W.com. And, you know, the heritage of this company is pretty impressive. It was founded by the team behind Microsoft Copilot. It's already trusted by companies ranging from fast-growing startups to Fortune 500 enterprises. You're probably already seeing articles in the news about Xbow.

[02:08:17] They're quickly becoming a mission-critical layer in modern security stacks. So, to keep up with the speed of vulnerabilities, you need the speed of AI pen testing from Xbow. Go to Xbow.com to start a pen test today. That's Xbow.com. I didn't plan it, but that's exactly what you're talking about, Stephen. This is exactly the way it's going to have to be solved, right?

[02:08:44] The speed of AI hitting these vulnerabilities as fast as they can be discovered. Well, and we have a perfect case in point. When I fired up my PC and then Firefox 151, I was greeted with a, your Firefox has been updated notice with a bunch of new features being called out.

[02:09:05] The top of the new stuff list was their promotion of Firefox's newish VPN feature as a means of geo-relocating its users. Under the banner of, your VPN has places to be, we're told, our free built-in VPN now lets you set your browsing location, giving you more privacy and control when you're away from home or office.

[02:09:31] Now, I'm just sharing that because I thought that was interesting and I knew that that would be of interest to our listeners. I understand Mozilla's motivation for promoting Firefox's new free VPN as an easy-to-use geo-relocation capability. But at the same time, I was also taken a bit aback since VPNs are already in the crosshairs of politicians

[02:09:58] who have been rattling their sabers over the idea of, and we're not sure how, but somehow preventing their use and even outlawing them for accessing age-restricted websites. Now, again, how exactly that's going to work, no one knows. So this seems like needlessly rubbing our politicians' faces in the issue to make a point of saying, oh, look, you get to choose from a drop-down list, Canada, France, Germany, the UK, or the US.

[02:10:26] But okay, you know, making geo-relocation much easier and more accessible promises to increase its use, right? And make its issue, unfortunately, even more prominent. So anyway, since any attempt to curtail VPN use is going to create another big mess, it would be nice if we could just kind of let this one slide by. But on the same page was another section titled,

[02:10:54] A New Era of Firefox Security, with the note, Firefox used advanced AI to uncover and fix hundreds of hidden security vulnerabilities before they could become threats. Now, that note linked to a Mozilla post made last Thursday with the great title, The Zero Days Are Numbered.

[02:11:25] Love that. What we learned from Mozilla is kind of amazing. They write, Since February, the Firefox team has been working around the clock using frontier AI models to find and fix latent security vulnerabilities in the browser. We wrote previously about our collaboration with Anthropic to scan Firefox with Opus 4.6,

[02:11:54] which led to fixes for 22 security-sensitive bugs in Firefox 148. Okay, now let's just pause for a moment. They used Opus, Anthropics Opus 4.6, to, and gave it Firefox's source, and it found, and it found, identified, 22 security-sensitive bugs in Firefox,

[02:12:23] and it fixed in Firefox 148. Okay, Opus 4.6. They continue. As part of our continued collaboration with Anthropic, we had the opportunity to apply an early version of Claude Mythos Preview to Firefox. Okay, now this is the same Firefox, which a couple of months before had found 22 vulnerabilities.

[02:12:54] Looked clean then, right? Problem solved. They wrote, This week's release of Firefox 150 includes fixes for 271 vulnerabilities identified during this initial evaluation. They write, As these capabilities reach the hands of more defenders,

[02:13:21] many other teams are now experiencing the same vertigo we did when the findings first came into focus. For a hardened target, just one such bug would have been red alert in 2025. And so many at once makes you stop to wonder whether it's even possible to keep up. Our experience is a hopeful one for teams

[02:13:50] who shake off the vertigo and get to work. You may need to reprioritize everything else to bring relentless and single-minded focus to the task. But there is light at the end of the tunnel. We are extremely proud. of how our team rose to meet this challenge, and others will too. Our work is not finished, but we've turned the corner

[02:14:18] and can glimpse a future much better than just keeping up. Defenders finally have a chance to win decisively. Okay, there is so much here, but the phrase that caught my attention was, you may need to reprioritize everything else to bring relentless and single-minded focus to the task.

[02:14:46] This is very interesting because what we've been hearing more broadly and with generalization was that the arrival of this new vulnerability discovery capability was likely to stun development teams who would be thrown from complacency into overdrive and overtime. Mozilla continues writing, until now,

[02:15:14] the industry has largely fought security to a draw. Vendors of critical internet-exposed software like Firefox take security extremely seriously and have teams of people who get out of bed every morning thinking about how to keep users safe. Nevertheless, we've all long quietly acknowledged that bringing exploits to zero was an unrealistic goal. Instead,

[02:15:43] we aim to make them so expensive that only actors with functionally unlimited budgets can afford them and that the cost of burning such an expensive asset disincentivizes those actors against their casual use. This is because security to date has been offensively dominant. The attack surface is not infinite,

[02:16:12] but it's large enough to be difficult to defend comprehensively with the tools we've had available. This gives attackers an asymmetric advantage since they only need to find one chink in the armor. We use defense in depth to apply multiple layers of overlapping defenses, but no layer is bulletproof. Firefox runs each website in a separate process sandbox, but attackers try to combine bugs

[02:16:42] in the rendering code with bugs in the sandbox to escape to a more privileged context. We've led the industry in building and adopting Rust, but we still cannot afford to stop everything to rewrite decades of C++ code, especially since Rust only mitigates certain, very common, classes of vulnerabilities. We pair defense in depth engineering

[02:17:11] with an internal red team tasked with staying on the leading edge of automated analysis techniques. Until recently, these have largely been dynamic analysis techniques like fuzzing. Fuzzing is quite fruitful in practice, but some parts of the code are harder to fuzz than others, leading to uneven coverage. Elite security researchers find bugs that fuzzers cannot,

[02:17:39] largely by reasoning through the source code. This is effective, but time-consuming and bottlenecked on scarce human expertise. Here it is. Listen to this. Computers were completely incapable of doing this a few months ago, and now they excel at it. Wow.

[02:18:08] We have many years of experience picking apart the work of the world's best security researchers, and Mythos Preview is every bit as capable. So far, we have found no category or complexity of vulnerability that humans can find that this model cannot. This can feel terrifying in the immediate term, but it's ultimately

[02:18:37] great news for defenders. A gap between machine-discoverable and human-discoverable bugs favors the attacker, who can concentrate many months of costly human effort to find a single bug. Closing this gap erodes the attacker's long-term advantage by making all discoveries cheap. Encouragingly, we also have not

[02:19:07] encountered any bugs that could not have been found by an elite human researcher. Some commentators predict that future AI models will unearth entirely new forms of vulnerabilities that defy our current comprehension, but we don't think so. Software like Firefox is designed in a modular way for humans to be able to reason about its correctness. It is complex,

[02:19:36] but not arbitrarily complex. Defects are finite, and we are entering a world where we can finally find them all. And all I have to say here is, wow! I hope everyone understands how much it means for Mozilla to be feeling the way they obviously do after their close encounter

[02:20:06] with Mythos. Firefox is already hyper-secure. I mean, security is its byword. It is about security. 271 previously unknown vulnerabilities discovered during their initial evaluation. And this is in Firefox's deeply scrutinized code base, which, so far as they knew,

[02:20:37] had not a single vulnerability. I think this is the most significant statement made from the front lines of the security battle that we have seen to date. No one should make the mistake of assuming that Anthropics Mythos Preview has some magic fairy dust that no one else has. There's no reason to believe that anyone has magic fairy dust or that it's even possible to have it.

[02:21:06] This is why I think the whole idea of regulating AI is a fool's errand. It's the politician's knee-jerk reaction to change, and it could not be more wrong-headed. We've often noted that it's not possible to regulate the use of cryptography since the knowledge of it has previously escaped. There's no longer any mystery about how to do crypto. Exactly the same is true of large language model technology. It's spread

[02:21:36] all over YouTube. It's all over GitHub. It's already everywhere. At this point, all we can do is be as prepared as possible for whatever comes next. Mozilla's statement of optimism contains what I was hoping and expecting to hear. They clearly understand that this new tool has, for the first time ever, given them a true advantage over the bad guys. They alone decide when

[02:22:05] to release new code to their user base. Nothing forces them to do that. This means that now, armed with AI-enabled pre-release vulnerability discovery, no discoverable vulnerabilities ever again need to be released to the public. I want to highlight another aspect of this just to put a fine point on it. Mozilla wrote, computers were completely incapable of doing this a few months

[02:22:34] ago, and now they excel at it. We have many years of experience picking apart the work of the world's best security researchers, and Mythos Preview is every bit as capable. So far, we have found no category or complexity of vulnerability that humans can find that this model cannot. So, again, so far we have found no category or complexity of

[02:23:04] vulnerability that we can find that this model cannot. Now, I understand that this is attempting to prove a negative, right? This does not say that there is no category or complexity of vulnerability that a human could find that the Claude Mythos Preview cannot, only that so far they've never found one. All by itself, that's a hugely significant statement. But what's also significant is that this is not anthropic

[02:23:33] saying this about their own creation. This is not this statement from Mozilla about Firefox is as much from the front lines of mission critical vulnerability discovery as it gets. You know, what's interesting about this, the other capability that's really key with Mythos, we're getting back to memory, is that it has such a large context, apparently. We don't know the details, we haven't seen the system

[02:24:03] card, but it's clear from the output, because it can chain exploits. And the thing that's been holding previous models back is they could come up with individual exploits, but they didn't have sufficient context to say, okay, now I got this, then what, then what? And that means it has enough memory and enough context to chain those exploits, and I think that's one of the key capabilities of Mythos, just reading between the lines a little bit. It's very interesting. So for what it's worth, six weeks ago, during

[02:24:33] our April 14th podcast, number 1074, I noted that my first working title for that podcast was Mythos, Marketing or Mayhem. But once I brought myself up to speed, it was obvious to me that this was not marketing hype, despite what jaded cynics who were claiming without ever taking the time to inform their opinions with facts. It was like, oh, well, they're about to have an IPO, blah, blah, blah. Anyway, once I understood it, the

[02:25:02] podcast got the title What Mythos Means. And now, just a scant six weeks later, we're seeing the consequences of its application in one of the places it matters most, in a modern web browser. So, is it going to be a tsunami? tsunami? There's something I see missing from some of the public disclosure over automated AI vulnerability discovery, like this guy from Cisco.

[02:25:32] For example, at the end of that recent posting by the Cisco guy about the strain AI vulnerability discovery is placing on the aging CVE system, right? We all remember what I said. I'm repeating it here for some reason. He was saying that they chose not to release it publicly, 27 years of remarkable

[02:26:01] achievement in the CVE system, but it's going to be completely overwhelmed and wiped away. We need something completely different. But Mozilla turned Mythos loose on their Firefox code base and yes, uncovered 271 previously completely unknown or unsuspected vulnerabilities. This blew their minds, but they recovered from what they

[02:26:30] described as the vertigo that this introduced, brewed fresh pots of coffee, called their significant others to explain that they would be working late and early and got to work. Once they had caught up with Mythos, they shipped Firefox 150 with those newly discovered problems all resolved. So here's my point. What's going to happen now, the next time they turn Mythos

[02:27:00] loose on Firefox's code base? Perhaps a big nothing. Maybe something, but it won't be much. It's not as if those 271 vulnerabilities will need to be rediscovered each time. There were hundreds of previously unknown problems with Firefox's code base, which it had acquired over its entire lifetime. All of those are gone now. And while mistakes and regressions can

[02:27:29] happen, they're not going to suddenly come back overnight. The way to phrase this is to say that Mozilla's Firefox code base had a previously unrealized large amount of technical debt to repay. The Claude Mythos preview revealed the exact nature of that debt, to which the Mozilla team, having recovered from the shock, got down to

[02:27:58] the work of repaying those years of debt. And now they have. The ledger is balanced, and all they need to do now going forward is deal with whatever occasional mistake they might make. With prudent use of AI to check their work, they might never ship anything again with a discoverable vulnerability. As the guy from Mozilla himself said,

[02:28:28] a zero flaws future is now possible. We know that Microsoft must now be facing an even more daunting challenge, since their code base is far more massive, just as old, and seemingly less well maintained than Mozilla's. The fact that every single month sees a hundred or so bugs resolved in Windows and Microsoft's other software

[02:28:58] suggests to me that they are likely facing a great many thousands, tens of thousands, of newly discovered problems. We know that thanks to their early access to Anthropics Project Glasswing, they had access to Claude's Mythos Preview, and also to their perhaps even dramatically more powerful codename MDASH system. Can you imagine what a catastrophic disaster they

[02:29:28] must be discovering for themselves? They shared the critical vulnerabilities discovered and resolved in the first and most obvious place they looked, which was Windows TCP IP networking stack, a critical component that likely received a lot of prior attention. As far as they knew, just like Firefox, they thought the TCP stack was bulletproof, problem-free. Four critical, remotely exploitable problems found. So,

[02:29:59] those networking stack bugs, which were somewhat obscure, I mean, like I worried, do I have a problem because I'm using Windows Server? No, I'm not using any of the weird stuff that, you know, the edge cases that could have leveraged. But even so, they were all zapped two weeks ago with this month's patch cycle. So, they too are gone and put to rest. There's no doubt that Microsoft would have immediately aimed codename MDASH

[02:30:28] at its next target. Whatever that is, I'm sure that's what they're doing right now and that they got to work. And here's the interesting bit of psychology that's at play. As a developer in charge of security, as long as you do not know that there are any problems, you get to sleep soundly through the night. But once you've been handed an extensive list of vulnerabilities and realize that the software you

[02:30:57] believed was secure is actually and provably Swiss cheese, it will be quite difficult to get any sleep until every one of those problems have been resolved because any one of them could be exploited at any moment. The source of all this angst is the awareness that especially for an open source project like Firefox or Linux or Chrome with Chromium and to some degree Android, the bad guys also have the

[02:31:27] same access to the same code. And if they do not yet have vulnerability discovery tools of equal strength and power, we can be absolutely certain that they're working as hard and fast as they can to develop them. So there's almost a certainty of a very limited window of opportunity to get those problems resolved, to push updates out into the field and into users' hands so that the flaws are pushed out

[02:31:57] of their hands before malicious actors have the chance to attack. So the bottom line is LLM technology has already driven a massive change in the practice of software security. Almost overnight, it has revealed the size of the software security debt which many of us adjacent to the industry have long sensed with a dull ache.

[02:32:27] And we are now in the midst of an industry-wide rush to pay that debt down using LLM technology to locate and repair each and every problem before it can be used against us by others who will doubtless be attempting to leverage the same technology against us. But the crucial point to appreciate is that this will be a transient event. once that

[02:32:57] debt has been repaid just as Mozilla did, the entire industry will again settle down to a new hopefully boring norm with the world never being the way it has always been until now. It will never again be the same because our software will finally be working the way we always intended and hoped it was.

[02:33:26] It was just too complex and thus too expensive to make perfect. That's what has been forever changed. As Mozilla themselves explained, LLM technology dramatically reduces the cost of problem discovery. This means that we can and will now afford to fix and find and then fix all of the long-standing problems.

[02:33:56] And we must afford it since it will soon be just as inexpensive for the bad guys to find and abuse any problems that remain. Everyone listening to this podcast has heard me use the analogy of a sponge to describe our industry's somewhat sad state of software security. I've said that all of the objective evidence shows that security is porous and that the more pressure

[02:34:26] that's put toward penetrating that security, the more penetration will occur. The application of this new LLM technology will finally put this analogy to rest. Other non-software vulnerability problems will certainly remain. Spoofing and phishing and social engineering attacks will not go away or at least they will require a different form of AI aided remediation

[02:34:55] which I spoke about before. But the exploitation of vulnerable software finally has the chance to come to a well-deserved end. We are entering, we are in a new era. And I love this notion that it isn't going to be this way forever. We are eventually going to perfect this stuff. Firefox is fixed, Leo. It's done. It's fixed. Really? Yeah. Wow. And I think that

[02:35:26] admittedly, as they said, Rust doesn't fix everything, but the choice of tools that don't allow buffer overflows and some of the dumber obvious mistakes type miscasting will really help as well. We're going to use better tools. So certainly engineering using prudent known systems is a good thing, but as they said, we've got decades of C++. We can't rewrite it.

[02:35:56] There's just too much there. So they turned mythos loose on it and it theirs. I mean, they thought it was fine. No problems. We shipped out 148. We fixed 22 things that Opus 4.6 found. We shipped out 149, fixed a few more things. Then along comes mythos and wham! 271.

[02:36:27] It is amazing. And if in fact Microsoft has further advanced the state of the art. Sounds to me based on what we talked about last week that codename M-dash and I hope they give it a good name. I don't care what they call it but just not don't make me say codename M-dash every time. Mythos is a good name. It's a great name. That's wonderful. Maybe Microsoft call it Zeus or something. So far

[02:36:57] daybreak is by the end of this year is that all the frontier models will be good enough to do this kind of stuff. Yeah. And so then it won't be anything special. At the rate we are running and the amount of resources that are being poured into this it's going to be astonishing. But this is the thing that has the

[02:37:27] chance to end software vulnerabilities. That doesn't mean you can't leave a management port open on your There's still human error. Yes. There's also still things like Rowhammer right? There's hardware flaws that cannot be fixed. Absolutely. So this is just not like we need to say okay well we did the security now podcast until there was no more problems. No. We'll still be doing the show. We got plenty left to do. But it won't be

[02:37:57] like some random buffer overflow or authentication bypass where you do something the developer never expected and cause a problem somewhere flip some state and then inject a file and now you're in. That's an important distinction because when we first were talking about Mythos that was right about the same time that the Claude source code got accidentally released. Paris said well wait a minute if Mythos is so good how come that happened? They said well you

[02:38:27] can't fix stupid. I mean you can't still have humans in the loop. There's nothing Mythos can do about that unfortunately. really good stuff as always Steve I love this show we look forward to it every Tuesday and all the geeks are going yep Tuesday's here it's time for Steve we do the show security now every Tuesday round about right after MacBreak weekly so that's around about 1.30 Pacific 4.30 p.m. East coast time 2030 UTC we do stream it

[02:38:57] live if you want to really get the latest freshest version if you're in the club and I hope you are because the club supports this effort we have advertising yet but it doesn't cover all the costs only about 70% of the cost maybe less so it's very important to us that people join the club and support us if you're not a member please twit.tv slash club twit members are in the discord right now they can watch in the discord they can chat with us in the discord that's one of the benefits you get out of free versions of the shows as well and you won't get this plug either

[02:39:27] if you are not in the club there are still live streams you can watch because I'm not a big paywall kind of guy as much as possible we want to make sure everything is available to everybody for free we ask if you like it to support it if you can if you can afford it we stream this on youtube twitch x.com facebook linkedin and kick after the fact there are on demand versions of the show because it is after all a podcast steve's got unique versions of the show at his website

[02:39:57] grc.com he's got a 16 kilobit audio version doesn't sound great but is small 64 kilobit that's full audio fidelity he also has transcripts written by an actual human lane ferris those take a few days after the show but they are really

[02:40:54] newsletters One is the show notes. The other is just an announcement newsletter that goes out never when Steve has, oh, very rarely when Steve has new software. His software, though, really is something you want to keep up on. Spinrite, which has been around for how many? 20 some years now, right? Long time. No, way before the podcast, since late 80s. So 89. Let's put it this way.

[02:41:21] It was so good that Norton copied it. Because they couldn't buy it. After I declined to sell it to him, so he said, okay, and he sent a coder home with a copy. Wasn't as good. Wasn't as good. Wasn't as good. But, of course, it's been much updated since then. In fact, version 6.1 is really amazing. That's available at grc.com, as well as the DNS Benchmark Pro,

[02:41:48] which allows you to figure out which DNS server is best for your particular situation. It's different for everybody. It's a very useful tool. It's only $9.99. You'll get them both at grc.com, plus a lot of other stuff that he gives away for free, like, as he mentioned, ShieldsUp, which is, you know, I don't set up a network without testing it with ShieldsUp. So many other great utilities. grc.com. We have copies of the show on our website as well. We have unique versions.

[02:42:15] For some reason, a 128 kilobit version, which is more bits than anyone should ever have, but that's how many you get. We also have video, which is even bigger. But you get to see Steve's mustache in action, and that's worth, I think, the price of admission. Both of those are at twit.tv slash sn. There's also a YouTube channel dedicated to security now. We do that for a couple of reasons. One, because YouTube's where, you know, everybody goes, and we want to make sure we spread the word about, you know, security.

[02:42:46] So, you know, we make sure that show is there. But also, it's great for sharing clips. And I know a lot of IT professionals are listening and thinking, I got to send this information to my boss or my, you know, my family needs to know about this ubiquity issue, whatever. Easy to do that with YouTube. You can start the video right where you want it to be. You can send it as a link. Everybody can see YouTube makes it really easy. And then finally, the best way to get it really is subscribe. You can subscribe to the audio or the video in whatever podcast client you like.

[02:43:15] And that way, you'll get it automatically the minute it's available. Steve, I will see you next Tuesday. And I'm going to watch The Burroughs tonight. Thank you for the recommendation. I think you'll, I think it's, I think you'll like it. It's not, I mean, it's not unbelievably amazing, but it is really fun to watch these actors. I mean, they're, it's a great, great cast. Yeah. And there's, there's a solid storyline behind it. I will watch anything with Gina Davis in it.

[02:43:44] That's, that's, that's a given. Thanks, Steve. Have a wonderful week. We'll see you next time on Security Now. Bye.