The Killswitch Saboteur, AI Prompt Data Leak, and Bluetooth Chip Secrets Exposed

Speaker 1: Back in 2018, a global power company called Eaton Energy demoted a man named Davis Liu. He'd been a senior software developer, but during a corporate reshuffle, his role was allegedly downsized pretty significantly. He He had a bunch of responsibility taken away, and his system access was limited. Though apparently, not that thoroughly. We can't know what happened in his head at this point. What happened at all was debated in court for years, and Lou's defense still argues his innocence in spite of the recent guilty verdict. But here's the story that was told in court. Davis Lou, downsized, demoted, and slighted by this company Eaton Energy, embarks on a project. The development of a kill switch script called IsDL enabled in AD? Which stood for Is Davis Liu enabled in Active Directory? The only reason he wouldn't be is if he had quit or been fired. And the script was like a kill switch set to go off in the event of his termination. As the court case here is finally finished, Lou now faces ten years in prison for what allegedly happened when that kill switch went off. We've never really dug into this kind of story before, of internal sabotage, of trip wires and kill switches left behind in a network, but there's a fascinating history of this kind of thing that I wanted to learn more about. So, we got a few stories this episode, but we're gonna start here, with the tale of Davis Liu and the Killswitch script. Here, on Hacked.

Speaker 2: How's it going, Jordan?

Speaker 1: It's good. How are you doing, man?

Speaker 2: I'm doing pretty good. I'm doing pretty good.

Speaker 1: I like the chicken that we now play of imitating the theme music, and then it's who's gonna say

Speaker 3: who's gonna ask how the other one's doing first?

Speaker 2: That's right. That's right. It is a game we play literally every time we make one of these episodes. And I don't know who's winning, but I probably probably not me.

Speaker 1: I think I I think I had a good year and a half run of doing that every episode, and now that the sort of tennis matches started.

Speaker 2: The, I think we should open by thanking a lot of the positive feedback we've got from the last episode.

Speaker 1: Mhmm.

Speaker 2: Our little observation actually, I would say our audience's observation and action about telling us about the issue that we created with the ads. We've had a ton of positive feedback, so I just wanna say thank you to that. Warms my heart. And then I gotta give a shout out to Joseph Dela Cruz, listener on Spotify, reached out to let me know that the version of Discord before Discord that I was trying to think of is called TeamSpeak, and that is a 100% correct. And I completely forgot about it because it is no longer relevant to me. So thank you, Joseph, for reminding

Speaker 1: me. It's wild that someone caught that because we, like, vaguely alluded to a thing that was kinda like Discord before there was Discord, you know, chatting with a game anyway, And that someone saw them was like, they're referring to team speak. Love that. Love that attention to detail.

Speaker 2: We we also did get another piece of comment that was literally just a, hey, can you call me? It's probably not a good idea, but here's my phone number. To which I offered Jordan $50 to actually call this person and find out and record it and see what it was.

Speaker 1: I Did you do it? I haven't decided not to do that yet. That comment came in, and then the weekend happened, and it was a full weekend. But I'm I'm trying to figure out a way to call that number and record it. Yeah.

Speaker 2: I'm super intrigued.

Speaker 1: I wanna know. I wanna know, especially because the comment flagged it's not the best idea, but call me. I was like, oh, that's that's provocative. It's like, hey. You should call this number, but here it is.

Speaker 2: I feel like that's, like, one of those literature, like, you know, collectives. Like, the prompt that begins like a like, write a story from this prompt.

Speaker 1: A man a man calls a phone number he's told not to call, but invited to.

Speaker 2: Yeah. It's it's this is a terrible idea, but you should call this number.

Speaker 1: You should really Okay.

Speaker 2: You

Speaker 1: should really reach out to me. And I I I think I'm gonna, after I tell the audience that the show is brought to them by push security, you'll hear more about them later in the show. It's been a while since we've done a little a little newsy, chatty, multi story update. Mhmm. And I was pretty stoked to dig into this one because I found it fascinating. Like I said in the intro, we haven't really ever I I kinda went digging through the back catalog, and I don't know that we've ever talked about this kind of internal sabotage y type story. And as we'll get to later in talking about it, it's not the first of its kind. No. There's a really fascinating history of these kind of trip wires being left behind in networks by folks that previously had legitimate access to that network.

Speaker 2: I feel I feel like this is like, it speaks to, like, a a part of our, you know, origin. Like, our reptile brain is like, no. I'm essential. And if anybody does anything bad to me, they must pay. Like, it's a retro like, there's a reason why, like, revenge movies are, like, a massive, like, section of Hollywood now. Like, John Wick, like, fulfills some primal urge inside of people to be like, yes. I need revenge for things done to me. And and and and Good analog.

Speaker 1: These cases these cases are like the the IT version of that. There's, before we get to the story, there's, like, a genre of Internet content meme thing where it's comparing different, like, fictional characters and being like, could this one take on this one? Could this one take on these five? And it's just like a thought puzzle. Mhmm. Mhmm. And the thing that you always see whenever John Wick is evoked in one of those is did someone kill John Wick's dog? Because if not, he's just a guy who's good at shooting. But if you killed his dog, he seems to take on, like, a supernatural kind of quality. And I I like that we all sort of just know because of those films what that, that tripwire, that kill switch seems to be.

Speaker 2: It's your dog.

Speaker 1: It's your dog. Don't don't kill John Wick's dog. Okay. So Texas software developer, the reason we're talking about this was because I think on March 7, he was found guilty of this.

Speaker 2: Yep.

Speaker 1: Of sabotaging his former employer's like computer network essentially. 55 year old Davis Lou was convicted of launching this digital kill switch project when he was fired from the multinational power management company Eaton corporation. It caused a system outage

Speaker 2: Big company.

Speaker 1: Big one, caused system outage that locked out. This all gets into alleged language, but allegedly thousands of users, worldwide. Convicted on March 7, he's now looking at potentially up to a ten year prison sentence, for causing intentional damage to a protected computer network. Big story, big old fallout. And even working at Eaton Corporation starting in 2007, they're a big global power management company. They're based out of Ohio. They have offices all around the world. They do electricity and hydraulics.

Speaker 2: Well, they make Eaton. Eaton does, I think, a lot of, like, they build a lot of componentry for electrical implementation, be it, like, commercial side, industrial side, infrastructure side. Like, they build so much. Like, they're a massive. They might be a Fortune five hundred. It wouldn't surprise me if they were Fortune five hundred, but they're a massive publicly traded company. I don't know if I need to say it, but I own stocks in Eaton. I need to I need to disclose that. I don't know if I need to, but I need to just

Speaker 1: I think that's good. We very rarely need to do disclosures, but I own a portion of this company that we are, covering on the show. Seems like a pretty good one. And I'm expecting you to come down with an iron fist as a result. Yeah. I don't. I think that's maybe the the big headline here is, eaten energy's fine. Mhmm. They're good. Like, you we're gonna get some competing stories about the scale of the follow-up from this, the amount of damage done both in, like, sort of human cost and dollars and cents. That number is quite fiercely debated over the course of this trial. But suffice it to say, Eaton Energy, global power management corporation, will persist. Back in 2018, the company underwent what they called, I'm gonna bore their very corporate jargon here, a corporate realignment that resulted in a downsizing of Lou's role. His responsibilities, his access to the network, it was all kinda shrunk down. Lou had been there since 2007, reportedly unhappy about this. He starts to become disgruntled. This is all as outlined in the court case. These are in effect because they won the prosecution's allegations that we have now at this point. Yeah. But the story that they tell is that Lou begins quietly planting malicious code on Eaton servers after this demotion. He goes on a little bit of a tour of the system. All of this is what ends up being triggered by the is DL enabled in a d script. But the stuff that's underneath that banner of let this all march forth in the event that I'm no longer employed here is as follows. We've got a script that's gonna go ahead and just delete the profiles of a whole bunch of people that work at the company. All the, like, user specific configurations that let you log into your system, your settings, your files, that that's gone. We've got a bunch of, CPU gobbling up infinite loops.

Speaker 2: Surprising how vulnerable server infrastructure is to infinite loops. Like, this was this was something that I triggered in a production server when I was, like, 13. A Oh, interesting. Unintentionally. I just, like, wrote a script that, like like, forked and called itself to, like, kind of recurse through things. But I missed an exit clause on one of the conditions, and it just crashed a production server. And I was like, there's no there's no, like, safeguards against this. There there are safeguards against it and things that you could do to prevent it. But, like, it is surprising how effective just putting an infinite loop in a piece of software is at, like, killing things. Like, it just turns them off. They say running, but they're running doing nothing.

Speaker 1: I was trying to understand this part of it, like, this element of what occurred when that kill switch went off. And I was fascinated by that concept that, like, a loop is an extraordinarily useful thing. But if you don't create exit conditions for the loop, it's a very dangerous thing because it cannot just keep going and create, like, a denial of service type event, but it can also spiral off and create, like, other things that start happening when the loop hits certain conditions.

Speaker 2: Totally.

Speaker 1: Was my sense of how this can go wrong, and especially when someone does it intentionally. Like, you're describing a whoopsie doodle, and this is like, oh, I can use the mechanics of that whoopsie as a, like, attack factor. Well, if you think about, like, if, like, the interconnectedness of

Speaker 2: all the systems these days, if you can essentially take one of them offline through putting it into an infinite loop, then everything that depends on that in the interconnected woven network just is hanging, waiting for this thing to give them back the information they need. So then all of a sudden, all of the knock on effects go out to the external systems that are around it and so on and so on. Just shuts everything down the second it's like it's like the scariness that exists in our society these days and the dependency that we have on, like, network connections. Like, if we just lost the Internet for, like, a day, like it's happened I remember, like, the cell networks went down on one provider in Canada for one day, and it was like mayhem because, like, all of the Moneris Visa machines broke. Like, it's just like knock on effects go to so many things. The same thing would happen here.

Speaker 1: Oh, I was looting and pillaging that thing. I remember that. Threw I threw a garbage can through a Best Buy window. It was a whole thing. I went nuts, man. It's not true. So you got the infinite loops. You've got the deleted profiles. You've got just, like, another I I can't tell if this had to do with the profile deletion or was a dedicated task to, like, just block login attempts. But the effect of this was basically, hey. A whole bunch of people at the incorporation were not gonna be able to access the network. It's an attack on the infrastructure allegedly.

Speaker 2: I don't think it's alleged anymore. It's been

Speaker 1: No. I think now I can just say, yeah. Yeah. That's true. Yeah. I think that the reason I'm I keep wanting to temper it is because at as of time of recording, he hasn't been charged yet. And they're pushing for a ten year prison sentence. And while I don't need to see alleged say alleged because he has been convicted, oh, that's a really big present prison sentence given that this has been going through the courts for six years.

Speaker 2: So I don't yeah. I don't I don't know. It's like, this is a bad thing. Like, he did Oh, don't do it. He did a bad thing. And it's like It's all good. It it had a lot of, like, financial, social, organizational impacts. Like, I don't know. I I like I'm by no means an expert on prison sentences, but it's like, this stuff is like modern warfare. Like, you know, we're talking a lot of what we talk about cybercrime hacking, you know, we depend on these systems now. They're not like nice to haves on the side. These are, like, things that this organization would have needed to, like, run. And if he had actually managed to, like, destroy it, would have been billions of dollars in loss. So it's, like

Speaker 1: Yeah.

Speaker 2: I don't know.

Speaker 1: And is something being ineffective is an attack being ineffective, like any kind of insulation against moral culpability? Is that a no that's a valid answer? And is there any chance Davis Liu is ever going to do this again and removing him from his community for a decade of his life is going to prevent harm in the future be like, probably no. And as such, we're left with a really weird moral conundrum.

Speaker 2: Society faces that moral conundrum all

Speaker 1: the time. So I can see a courthouse from my house. Damn near. It's it's behind a building. But, like, yes, I'm with you. And I'm sure that that question is being turned over in those halls right now. The thing that, flipped all this off, as we mentioned, is is DL enabled in AD? Active Directory in this context is Microsoft's identity management platform. A lot of companies use it to just basic who gets access to this system or not. It's the front gate to the whole operation. Lucript was built to constantly check his status in AD. Is his account still active or not? If it was still active, this whole pod of code does nothing. But the moment his account is disabled, like it would be after he was fired, the kill switch goes off. And when it did, it locked out pretty much all users company wide, which is exactly what happened on 09/09/2019, the day that Lou was officially terminated. Thousands of Eaton employees in multiple offices across the globe were instantly locked out of their systems when the tripwire goes off.

Speaker 2: So here's the real question is, like, how Mhmm. I'm shocked that that script didn't accidentally trigger at some other point.

Speaker 1: That's kinda what I thought. Like, what if someone was doing something managing the active

Speaker 2: directory and, like, took it down, something to maintenance, shuffled the records around, accidentally disabled his account, and all of a sudden the company blows up and he's like, Lou's on lunch.

Speaker 1: Lou had gotten a promotion that day. Yeah. Yeah. It raises questions. And maybe maybe that speaks to how well is DL, enabled in AD was written. Maybe there were conditions. Maybe there was a time sensitivity. We don't know. We do know a little bit about what he was googling during this, which was part of the prosecution's case that this is not a a coincidence and that he did it, but we don't know. Maybe that happened.

Speaker 2: Well, the the he also named a bunch of his, like, I think, methods and procedures, Chinese words for, like that were, like, aggressive, like, malicious intent. And, like like, it was very obvious that the code was written for malicious intent upon, like, evaluation. You're you're

Speaker 1: yeah. I think you're you might be talking about everything, but you're talking about, there was a one of the programs that was in that bundle of stuff activated by is, DL enabled in AD was a piece of software called Hakai, which is a Japanese word meaning destruction. That is honestly, like, the the the fluffiest part of all of this. When Lou turned his company issued laptop back over to them, he deleted and encrypted all the files that were on it, which is not in and itself evidence of having done anything wrong. But investigators later found his web browsing history had, like, how to escalate privileges in network, hiding processes, rapidly deleting files. Again, none of this on its own is like a smoking gun. But looking up, like, hacker forum tutorials for how to escalate your privileges in a network so you can do something like this is not a good look when you are being charged with having done something like this.

Speaker 2: Taken in context, definitely a bad luck. In context. Definitely a bad luck.

Speaker 1: There's a so the case goes to trial in Cleveland where they're based. The evidence that the prosecution chose Ohio, the malicious we say that as Alberta boys. I mean, it showed the malicious code came from a development server that only Lou had access to, which I think was the smoking gun in this case. The code was also run for machine using Lou's user ID. There was a pretty big back and forth about how much, like, dollars and cents damage this actually did. The defense is arguing it's quite small and not that many people were locked out. And, like, $5 of damage, the prosecution obviously was arguing. It was in the hundreds of thousands of dollars. The truth probably falls somewhere in the middle. But the point is that the jury found, Lou guilty of one count of intentionally damaging a protected computer, which is a federal offense under the Computer Fraud and Abuse Act, which is why we're looking at a potential decade long prison sentence for this. FBI special agent Greg Nelson said, quote, Davis Liu used his education experience and skill to purposely harm and hinder not only his employer, but thousands of users worldwide. There's plans to appeal the conviction.

Speaker 2: The, I think this is probably more common than it's reported. Like, I think that this is Interesting. So, like, the I

Speaker 1: think it's happening.

Speaker 2: Yes. I think it happens more than we think. It probably isn't as sophisticated because there's not as many, like, you know, senior programmers and stuff that have advanced privileges that can code real tripwire, kill switches to this stuff. But, like, even even in our company, this has happened before when somebody's been let go, and you don't maybe know about it.

Speaker 1: We're going to go ahead and talk about this

Speaker 2: one, recording it, continue. Like, yeah, we like when, we let somebody go a long time ago, and they had, just like even like social media access and stuff to certain pages and client pages. And they removed our access to them and took them. True story.

Speaker 1: I have so many follow-up questions. Okay. Well, I mean, that transitions us. I I wish we filmed and broadcast this because you you could you could see on my face that I'm having a moment of genuine, like, we've worked together a long time. I know this person. Okay. So this transitions us really, really nicely to other instances of this happening. The question I had when I read about this, because I was like, this is a really fascinating story, is does this happen often? And to your point about thinking it probably happens all the time, boy, let me tell you, it happens all the time. Yeah. The big one I found, and there's a bunch, UBS, Paine Webber that happened in San Francisco, Cisco, like, the company Cisco it's happened to. But the big one was from the nineties, and I found this fascinating. There was a company called Omega Engineering. 1996, a, this company, Omega Engineering, who's like a precision instrument manufacturer based out of New Jersey

Speaker 2: Sure.

Speaker 1: Was blindsided by a much larger internal cyber attack, perpetrated by a guy named Timothy Lloyd, an eleven year employee and trusted network administrator. There had been, like, tensions brewing behind the scenes. This is not our story. I won't dig into it too much. He was under disciplinary review. On 07/10/1996, Lloyd was fired for these ongoing behavioral issues and unbeknownst to the company Omega, he'd been laying a similar tripwire type trap. And three weeks later on July 31, a logic bomb goes off inside of the computer network, and it wiped out 1,000 critical manufacturing programs. Not turned them off, wiped them out. The fallout of this was $10,000,000 in losses. Yeah. 80 people were laid off. Wow. Their operations were brought to a standstill. The US Secret Service was the people who looked into this. They traced it back to Lloyd. They searched his home, and they uncovered, like, stolen backup tapes of stuff. Like, he had been archiving the things that were then going to be destroyed. Allegedly, he was indicted in 1998, convicted in 2000, was briefly overturned, was reinstated in 2001, and he was sentenced to forty one months in federal prison and $2,000,000 in restitution. It's one of the most damaging cases of, like, US corporate, damaging cases of, like, US corporate internal cyber attack, in history. Forty

Speaker 2: one months. And he That's essentially killed the company. I could see I could see how Lew's defense attorneys would have have some grounds for

Speaker 1: A decade is exactly. But even then, like

Speaker 2: like, that level of destruction, forty one, like, forty one months doesn't feel, like, enough punishment.

Speaker 1: The the $2,000,000 in restitution is the actual like, okay, well, you're devastated financially for the rest of your life. Like, get out of prison and go try and pay that off.

Speaker 2: Well, the and and I guess like the the the we got called out on Twitter from my PSAs, but the PSA on that one is, like, have a good backup structure. It's like it's like if somebody can manage to blow away all the files in your network Yeah. And make sure you have a copy of them somewhere.

Speaker 1: Not the tape in the guy's apartment that he's storing because, you know, like, were you planning on holding it hostage? I have so many follow-up questions.

Speaker 2: I I get, like, the like, in my mind, I was already thinking and being, like, should I talk about this or should I not? You know? But it's, like, in my mind, it's, like, the best kill switch to go out with is, like, ransomware. And it's like the and that that guy essentially did the version of like, a 1996 version of ransomware. So the it's like that would be the modern equivalent of that style. Like like, on your way out the door, you, like, encrypt the network. But the beautiful like, not the beautiful thing is, but, like, one of the best things

Speaker 1: about it is,

Speaker 2: like, since 1996 to to 2025, organizations know that their data is under attack, and organizations have so many options now to protect it. They have good backup infrastructures. They have immutable and, like, editable files. They have all those things. Like, even we have those things. And, like, we're not a huge company, so I'll make sure Eaton had, like, oh, yeah. This is gone. Like, hit a few buttons. Everything's down for a few hours, and now we're back to business as usual.

Speaker 1: It's a fascinating question when you specifically look at those types of roles where it's like, no. You're a trusted network administrator. It's like, oh, you that level of trust is so betrayable if someone really was a bad actor and wanted to. It's like, no. We've we've tasked you with securing this whole operation. You have the janitor's keys jangling at your hip. You any door, and it's like, I burned all the doors down. It's like, oh. Oh, no. Yeah. I don't know. I found it. I'm I'm still following it. I wanna see what ends up happening in terms of the, you know, the sort of fallout for him legally of of where this all goes next.

Speaker 2: Yeah. I like the just just, like, the scale. Like, the the scale of this one was large. The scale of the one that you mentioned in the nineties was huge. It's like, I think that the amount that this happens at a smaller scale. Like, what happened to us and, like, so many of the other things, like ClickMotive in Texas, somebody deleted, like, a bunch of files and disabled back upping, tampered with the email group configurations. Like, small headaches to clean up probably happens all the time. I think that's when the I don't know if you remember if you're old enough, but in my lifetime, it used to be like if you were gonna lay somebody off or fire somebody, you gave them two weeks notice, and and they still had to come to work. Nowadays, the best practice is like you pull somebody into a boardroom to, like, let them go. And by the time they leave that boardroom, their access is turned off. Their, like, physical access to the site's turned off and somebody escorts them to the door and sends them on their way. And I think that's probably a a change in practice due to the fact that so many people like

Speaker 1: There's a movie we'll end here because I'm talking about a movie that's referencing a reference of a reference. But Margin Call, if you haven't seen it, it's a great film. The whole first act of that film, if you really follow it, is just following the minutiae of a large corporate layoff. Like, the mechanics of, like, we need to get you in this room while we talk about this thing. But the second that people come in that from the external consultancy that fires people, everyone knows that someone's gonna be fired. So we have to start locking certain systems down.

Speaker 2: We

Speaker 1: have to lock them over here while you get brought in here. And it's just about the practical reality of trying to do something like this. It's like a really interesting intersection of very technical stuff and very, very human emotions, blind rage in the face of a perceived injustice. Like, it's so human and so tactical. It's it makes for good makes for good storytelling.

Speaker 2: Totally.

Speaker 1: Okay.

Speaker 2: Okay. Well, where do we go from here? Where do we go from retribution?

Speaker 1: Little content warning for this next one. It concerns sensitive subject matter. I don't think there's any kids listening to this, but if there are, my god, don't let them listen to this next part. And if you don't feel like listening to something that alludes to harm against children, maybe stop listening. It's more important that you take care of yourself than you hear this next story. So this concerns a AI image generation tool called Genmosis. There's two different elements to this story. One concerns a massive data breach, and one concerns what this sort of smaller, more obscure, popped up and torn down AI image generation tool was being used for that we learned about as a result of the leak. A massive unsecured database belonging to South Korean AI image generation company Genmosis was discovered by a security researcher named Jeremiah Fowler. The story was broken by Wired. The exposed database is one of the first times we're getting to see inside of one of these things contain 95,000 records including explicit AI generated images and prompts. So for one of the first times we're getting to see all of the images produced by one of these tools as well of as all of the prompts that went into it. One of the first leaks of its kind from what I was able to find, the database which was online was neither password protected nor encrypted

Speaker 2: Shocking.

Speaker 1: Accessible to anyone on the Internet. It was discovered in March 2025 by researcher Jeremiah Fowler, who immediately reported the issue, to the AI generation company as well as its parent company. After that report, the entire website gets quickly turned off. They never responded to the comment, but I think it speaks to kind of how this product and tool was spun up for a little brief window of time used by a lot of people 95,000 records and then torn down at the first sign of trouble. Both websites were deleted after wired contacted them in light of Jeremiah Fowler's initial findings. The thing where this gets dark is that we, as a result of the prompt data being leaked, people were able to see what folks were using this for. Genomis would have been subject to South Korean laws regarding content moderation, which are not dissimilar to those in the West. There's just stuff you can't generate with these tools, and there's just stuff that the tools can't generate. But what we learned from the 45 gigabytes of data was that this tool was being used to generate a lot of sexually explicit content some of it not containing adults. There were rules in place about what could be used, but, prompts were discovered that used terms, and I won't dig into it, that were sort of designed to get around some of those prompts, where you couldn't ask it for a, but you could sure ask it for b. We're all familiar with jailbreaking these prompt restrictions, and it seemed that the criteria for breaking these was quite, low using this image generation tool. The company's website had previously promoted the ability to create, quote, uncensored images and featured a marketplace for explicit AI generated images, which makes, the types of materials that people were producing with this particularly egregious. Jeremiah Fowler called the findings, quote, terrifying and expressed the ease with which people were able to create this kinds of, immoral and illegal content. Seems like these tools now, given the ease with which running these models locally,

Speaker 3: can be done can be sort of spun up

Speaker 1: and torn down. It's like a pop up shop. It's the market selling the knockoff stuff somewhere. It's a thing that you can spin up, promote, make some money, and then and then get out of Dodge. It reminds me of other stories we've talked about with certain types of spousal monitoring software where it's like, oh, you can just spin one of these bad boys up. And I think we're starting to see this with AI image generation. So this one was this one's pretty dark.

Speaker 2: But

Speaker 1: it's we we learned a lot about that world from this one.

Speaker 2: It is a very fascinating world. So you're talking oddly enough, I spent the entire weekend looking into how to set up my own local LMs. So, like, I I was I was doing not image generation, but for code generation. Yeah. So I spent a lot of time this weekend looking into it, looking into the hardware requirements, stuff like that. And then it's not egregious. And the other thing is too is that you can take mod like, any of the publicly available models, like DeepSeek's notable, you can take them and you can actually retrain them. So Perplexity took DeepSeek

Speaker 1: Yep.

Speaker 2: Their open source models and retrain them to not be censored by Chinese government. Sure.

Speaker 1: Not subject to the laws that Deep State's parent corporation are subject to.

Speaker 2: Yeah. Yeah. Yeah. So they made a list of about 300, topics that they knew the model would not respond properly to, and they actually reconditioned it. They didn't retrain the entire model. They just reconditioned it to, like, allow for that stuff to come out of it now. So it's like you could if there's a publicly gen like, a publicly available LLM that allows for image generation, like, in this case, but has bumper rails on it about, like, what it allows to do, it is possible to to recondition them.

Speaker 1: The thing that stood out to me was, like, so there were conditions on what you can and can't produce because, again, this was a a Korean corporation in Korea has laws, including not being able to do foul things. And what we were seeing was a lot of de aging. So it was a lot of people prompting, very explicit content regarding very real adult celebrities, which is not good either. But you put that aside, it was people then running those and using the system to then start de aging those people. So it's like you you sort of just, like, you've created a a way around these rules preventing child sexual abuse material. Just that's a very short distance to doing something very, very evil.

Speaker 2: Yeah. I guess it's something like the I spend a lot of my time these days thinking and reading and learning and coding and building stuff with AI. I find it fascinating.

Speaker 1: Yeah. You're cooking with it. Like, it you you're making a lot of stuff, and it's it's cool to see how quickly you're able to do it.

Speaker 2: And just even, like like, looking at better ways to integrate it and utilize the agentic systems and just figuring out what I can do to automate things that I don't wanna do is the is the reality of it. And and so I never even my brain never actually crosses into this. Like, I never even think about the, like, negative parts of it because I'm spending so much time, like, with the positive parts of it. But it but it is, like, it is a scary thought. Like and especially, like, local model execution is so easy that it's like, if you like, there's gonna be a shift in policing around this stuff for CSAM because, like, all of a sudden, it's no longer gonna be distribution of, like, libraries of content and stuff. It's gonna be distribution of models that are, like, good at creating this stuff. And especially once they get into the part of, like, creating models that are effective at creating video content and things like that, like, it's gonna be a whole different game.

Speaker 1: Yeah. I'm struck by how people repurposing models is becoming more common. And I'll I'll clarify what I mean here. I know Huawei, the big Chinese mobile company, in a similar kind of vein to Apple falling back on OpenAI whenever a query is more complex than what they can do locally with Siri, is doing the same thing with DeepSeek. Well, you have Huawei AI empowered by DeepSeek. And when those models are open source, the ability to retrain and recondition them, it's like, well, this is just gonna become a more common practice and be like, oh, I'm running my own version of DeepSeek here locally, and it's this fork of this version that can do x and y to get around this and get around this. How many layers deep do you get before you notice the insidious part? It I remember when the Mac Studio the recent version of the Mac Studio came out, one of the first things was people going like, this is an extraordinary computer in terms of, like, dollar value for running models locally. If you look at the processing power, you look at the cost, and you would imagine a pile of these things. And I'm

Speaker 2: curious to see where that goes next. I'm I'm I'm chasing that dragon, not in not in any Of course. Yeah. Way shape or form related to this story, but, like, I am I am at the point where I think I am gonna set up a dedicated system in my house to run a model. And, like, the the reality is is, like, I was talking about this with my wife last night. I was like, the AI like, we we've been living in this technological revolution pretty much my entire life. You know? We PCs, personal computers, you know, interconnected personal computers, mobile computing, like, mobile communication. Like, we're we're still inside of the revolution, and AI is the next big thing in that revolution. Like, the amount of stuff that you can make these things do now. Like, I've been playing with different ways of engaging with the models. Like, I don't think chat is the best interface for so many different things. So I've been creating my own AI clients specific to the context that I wanna use them. Like, I just it's to me, it's just it's it is another huge milestone in this revolution, and I just wanna make sure that I'm fully in on it. Like, I wanna make sure that I fully understand it. And and to me, the next step of that is by having my own models at home, by having my own LLM, by by playing with reconditioning, by by playing with different model varieties. And it's like a natural step for me, and it's it's not hard.

Speaker 1: Yeah. So It's I don't know. I I'm intrigued by it. There's the open source DIY part of my brain just gobbles it up. I'm so fascinated by this. And then if if for no other reason than to make sure that it isn't walled behind four or five companies that get to control and just sort of decide Mhmm. In concert with one another how much it costs. Like, I don't think that's good for this type of thing, especially when we consider what could potentially be done with it and the impact that it could have on the economy. I like the idea that there's a you you can home brew this stuff. You can you can do it yourself. You are not you're a little less contained by what that small handful of companies wants you to be able to do with it. And as with all things, like, this exact same structure can be applied to every wave of computing and the Internet. There's a dark side to that of what then can be done when you remove the restrictions of a big company that is subject to laws in a country. Yeah. And it's just in a person's basement. It's it it will unlock remarkable things and terrifying things. Something something man made horrors beyond our comprehension. But in the meantime, we should probably tell folks who this show is brought to them by.

Speaker 2: Who is it brought to them by, Jordan? Well,

Speaker 1: it's brought to them by Push Security. We talk about a lot of different tools off of air. Some are very, very clever. Some feel like solutions in search of a problem, but every now and then something comes along that just makes a lot of sense for, like, a big company.

Speaker 2: Posterity is that kind of tool. You know, identity attacks, you know, phishing, credential stuffing, session hijacking, account takeover. These are some of the number one causes for breaches right now, and most security tools are still focused on endpoints, infrastructure, networking. Meanwhile, the browser, the place where we are right now and we spend most of our days, has been largely ignored.

Speaker 1: Push changes that. They built a lightweight browser extension that observes identity activity in real time, gives you visibility into how identities are being used across your organization, like when logins skip multi factor authentication, when passwords are reused, or when someone unknowingly enters their credentials into a spoofed login page. Then, when something risky is detected, Push can enforce protections right there in the browser. No waiting, no tickets.

Speaker 2: It's visibility and control directly at the identity layer. And it's not just about prevention. Push also monitors for real time threats, like adversary in the middle attacks, stolen session tokens, and even new techniques like cross IDP impersonation, where attackers bypass single sign ons and multi factor authentication by registering their own identity provider for your organization.

Speaker 1: Think about it. It's kinda like endpoint detection response, but all right there in the browser. The team behind it all, they're all offensive security pros. They published some of the most interesting identity attack research out there, like the software as a service attack matrix, which breaks down exactly how these kinds of threats bypass traditional controls.

Speaker 2: Identity is the new endpoint and push is treating it that way. Check them out at pushsecurity.com. Pushsecurity.com.

Speaker 1: I think we are we are retiring the ad oasis. An oasis is a leisurely experience. You really take your time in it. And I think we're inventing now the like, add water slide when you get in, you're out before you even realize it. The waterpark,

Speaker 2: a lot of quick rides.

Speaker 1: It's the waterpark. Exactly. It's a lot of fast rides, Thrills and chills. Starting some new isn't just hard. It can be downright terrifying. You put a lot of work into a thing. You're not entirely sure it's gonna work out. You're taking a huge leap of faith. I've started a few things. Now I know I was right for believing in, you know, the idea, the product, despite all of those fears and hesitations. But boy, does it sure help when you have a partner like Shopify on your side. Shopify is the commerce platform behind millions of businesses around the world and 10% of all e commerce in The US. From household names like, well, hacked podcasts merch to brands just getting started, you can get started with your own design studio with hundreds of ready to use templates. Shopify helps you build a beautiful online store that matches your brand style. Did I mention that that iconic purple shop pay button is used by millions of businesses around the world? I don't know why I wouldn't. I should. It's why Shopify has the best converting checkout on the planet. It also helps boost conversions, meaning less carts, sort of getting abandoned in the parking lot, and more sales for you. It's time to turn those what ifs into sign up for your $1 per month trial at shopify.com/hacked. Go to shopify.com/hacked. One more time, that's shopify.com/hacked.

Speaker 3: Study and play. Come together on a Windows 11 PC. And for a limited time, college students get the best

Speaker 2: of both worlds.

Speaker 3: Get the Unreal College deal, everything you need to study and play with select Windows 11 PCs. Eligible students get a year of Microsoft three sixty five premium and a year of Xbox Game Pass Ultimate with a custom color Xbox wireless controller. Learn more at windows.com/studentoffer. While supplies last, ends June 30, terms at aka.ms/collegepc.

Speaker 4: When you need to build up your team to handle the growing chaos at work, use Indeed sponsored jobs. It gives your job post the boost it needs to be seen and helps reach people with the right skills, certifications, and more. Spend less time searching and more time actually interviewing candidates who check all your boxes. Listeners of this show will get a $75 sponsored job credit at indeed.com/podcast. That's indeed.com/podcast. Terms and conditions apply. Need a hiring hero? This is a job for Indeed sponsored jobs.

Speaker 2: Now that we're back from the ad water park, should we

Speaker 1: I think we talk about Bluetooth microcontrollers that are in everything and may or may not have a thing that may or may not be a vulnerability. That may

Speaker 2: or may not be a problem. Mhmm.

Speaker 1: So there's this thing called the ESP 32. It's this tiny little microcontroller chip you've maybe never heard of, maybe have, if you're a big old nerd, which I appreciate.

Speaker 2: Hey. Hey. Hey. Even if

Speaker 1: you haven't heard of it, you've definitely used it. If you have a Bluetooth speaker or a smart thermostat or a security camera, Internet of things gadgets, the ESP 32 is kind of an anchor of that whole product category. There's a billion devices worldwide currently using the chip.

Speaker 2: Mhmm. You know what one of those devices is, Jordan?

Speaker 1: A big deal. What's that?

Speaker 2: The Flipper Zero. I saw this. Anyway, the the ESP 32 is, like, the most used Bluetooth and Wi Fi controller chip, and it's in everything. And the default Wi Fi board for the Flipper Zero hacking tool has this chip in it. So, anyway, just a small touch in before you get into deeper into the story.

Speaker 1: No. It's it's a good thing to bring up. What we're looking at here and the reason this is kinda fascinating is that this isn't when this was initially published and reported on, it was kind of described as a bit of a backdoor. And Espress of the manufacturers clarified a little bit. It's it it is and it isn't. What we're fundamentally talking about is a debug feature that can be used and compromised potentially in some sketchy ways. But because of the scale of this chip and how much stuff it's in, including a literal hacking tool, it's it's worth talking about. Two security researchers from Tarlogic Security in Spain had started digging around in the ESP 30 two's Bluetooth features, curious if there was anything, going on under the surface. They built this USB Bluetooth tool, themselves called Bluetooth USB, that was able to bypass the standard OS level APIs and get them, like, raw direct access to the Bluetooth traffic at the chip's hardware level. What they found was 29 hidden commands in the chip's Bluetooth firmware. These were not documented anywhere by the manufacturer of the chip Espressif. What the commands allowed them to do was allowing, like, the person to theoretically read or write directly to the memory of the chip, RAM and flash meaning that someone could potentially rewrite the device's software or inject persistent malware. What this means practically, there's good news. These commands can't be activated remotely. This is not a the remote hacker somewhere in the world is compromising my device. You would have to compromise the device physically. The bad news is that if someone has physical or root access to a device with this chip, these commands written onto the chip in this way could help them embed malware on the device that could not be gotten rid of by a hardware or factory reset.

Speaker 2: Yeah. To me, it looks like a debug toolkit. Like, when I look at the calls, like, read memory, write memory, erase flash memory, you know, write flash memory, set MAC address. Like a lot of these functions, I can see like the I can see how you could use them maliciously, a 100%. And I can also see Sure. How why they exist for development and debugging purposes, a 100%. Those two things are very similar. Like, often debugging is like Sure.

Speaker 1: It's a good way of putting it. Yeah.

Speaker 2: D d debugging is like, how do I make it easiest on me to understand what's happening in the chip? And hacking is, like, how do I make it so I can make the chip do what I want? And it's like and those are those use the same toolbox. So I could see how this became a big story. And just given the scale of them, like, there's I there's probably like 15 of these chips in my house

Speaker 1: yeah I'm looking around the room I'm in right now going like that three foot like I'm just counting yeah stuff that might have this chip in it like you said, like, debug stuff, debug commands like this aren't new. Other chipmakers like Broadcom has their version. Texas Instruments have versions of these things. This type of thing isn't that rare. This and this is speaks to, like, a really common tension, I think, in Internet of things, security, which is the developers need debugging tools. But if you leave them accessible after the thing ships, it can create a vulnerability. Espressif, the people who manufacture the ESP 32 acknowledge this is kind of an issue, and are they have promised an update soon to remove these hidden debug commands from future firmware releases. They have reiterated that these commands are part of, like, a pretty standard host controller interface thing that is used in a bunch of different products.

Speaker 2: Mhmm.

Speaker 1: Basically, like, the takeaway is, if you have any Internet of Things stuff that you think someone could get physical access to, update it because this theoretically constitutes a vulnerability to it.

Speaker 2: Well, the the I I'd say the yes and no. Because you wouldn't need physical access. You would just need access to the to the host running the chip. So, like, like, when we talk about

Speaker 1: I That's a good distinction.

Speaker 2: Yeah. When we talk about IoT vulnerabilities, like, you know, your washing machine talks to the Wi Fi through an ESP32 chip. So it's like if somebody hacks LG washing machines and figures out a backdoor into them, they can then Sure. They can then use this chip to do other things. Yeah. Like, it's like a attack vector. Now now all of a sudden, you've got a malicious Bluetooth device on your on your network or a malicious Wi Fi device inside of an LG washing machine.

Speaker 1: And a compromise that can't be fixed again with a factory reset. We've we've talked a lot about I know you and I have discussed, like, Apple devices are a reset, just a turn on and off is gonna fix a lot of problems in an iPhone, and a factory reset's gonna fix even more, and a compromise that can't be fixed with a reset of any sort is interesting. Like, that's there's just a different kind of thing.

Speaker 2: But the the other thing too I'd say is, like, maintainability. Like, how many people that have IoT devices in their house actually spend how many companies that make them and and then, again, knocking on how many people that own them? Like, that funnel gets very small. Maintain them. Like, if if if a firmware update comes out for your fridge yeah, are you a d a d not exist? B, are you gonna run it? Like,

Speaker 1: yeah, my fridge is farming crypto right now. I'm sure. Like, it's fine.

Speaker 2: It's helping it's helping compute my new model.

Speaker 1: SETI. Yeah. It's it's it's helping find new star clusters or something. Like, wouldn't that be great if one of those SETI, like, let us use your your extra compute to, like, process the cosmos things was at the heart of some giant, like, malware scheme.

Speaker 2: I know. Like, we met some people at DevCon that that specialized in security for, IoT devices. And it's like it's really good that that's becoming a priority because I think when IoT devices started coming out, they weren't prioritized. So it was like security was not a priority since so many of them were vulnerable. So many, like it's like Wi Fi routers back in the day where they all had default passwords. And now we're at a situation where it's like, our fridges all have default firmware. So so I know this is actively changing as it's been identified. And, like, we've talked about this in DDoS things where, like, people have created armies of IoT devices to become DDoS endpoints. Like, this is it's just, I don't know. So I'm glad this I'm glad this wasn't a real big problem, but I can see how it could have been made into a bigger problem. So I'm glad that they're fixing it.

Speaker 1: Yeah. I remember when we first started making the show in earnest, a handful of stories that had to do with, like, for for me back then getting up to speed with the world of cybersecurity, it was like learn the basics, learn what a DDoS attack is, and then immediately internalize the fact that a toaster can be implicated. Like, it was just this weird thing of, like, there's something very technical going on. But then also that, like, cool light bulb you own that changes color and connects to your phone. It may be being used by Russian cyber criminals. Like it was that kind of it's it's the surreal part of it. It's just some stuff in your house. Mhmm. They got rid of that toaster.

Speaker 2: And it mean meanwhile, I'm just sitting here thinking about, like, if I could take an army of IoT devices, how long would it take them to compute a model for an LLM for me?

Speaker 1: To go back to that thing you were talking about earlier, I could see a point in the future where people can lease out unused compute, or like, I don't know what you'd volunteer, but like to say, like, no, if you want to use some portion of this to train the thing that you're training, like, giver. Yeah.

Speaker 2: Yeah. I'm fascinated by it now. I have to I have to Google this after the show. I have to see if there is a distributed model trainer. Totally. Because I've it Yeah. It would make total sense that there would be. But and it's I don't know. I I love that idea. So if anybody out there knows or if you're a part of a project, add us on on x or send us an email or something. I'd love to hear more about it.

Speaker 1: Are there any stories, big security stories from the last couple weeks that we haven't touched on yet? And specifically, have you added any editors in chiefs to signal chats planning strikes mil of military nature? Because I haven't.

Speaker 2: We didn't talk about that, did we?

Speaker 1: We didn't talk about that. It's been talked about so much. I don't even like, I'm like, am I gonna tell you that that happened?

Speaker 2: Totally.

Speaker 1: I wasn't added to any signal chats planning strikes in Yemen, so I have nothing to contribute to that story, other than maybe don't do that. And I don't think it's signals fault. I'll I'll chip that in on that. There's sort of maybe you've been a little bit of a clamor to be like, seems like signals not very good. Like, I'm I'm a 100% sure it's not signals.

Speaker 2: I quite like signal.

Speaker 1: Yeah. Don't use this as an excuse to outlaw encryption or some dumb shit. Like, that would be the worst thing that could come of all this. It's like, you did a dumb thing.

Speaker 2: We own it.

Speaker 1: Own it. Own it. Just own it.

Speaker 2: Yeah. I I, nothing's really jumping to mind. Like, again, I'm just talking, like, we're wrapping up here, but it's like, I've been just been living in the AI bubble. Like, that's I just Yeah. You're in it. I'm in it. Like, I I see it. I see I see what's happening. And, like, the thing is too is, like, I remember, like, eight months ago, we were on a show, and I was like, somebody needs to figure out AI HR. It's like, it's happening. Like, there's a framework that I'm, like, implementing an application in right now that's essentially that.

Speaker 1: Like when you say HR, you're not talking about replacing human HRs with AI. No. No. No. No. Managing agentic resources to do stuff the same way a project manager or an HR person does with human beings. I see what you're saying.

Speaker 2: So I'm building, like, building an organization of agents, each with their own subject matter specializations. And maybe that's like you're the researcher, and then this was the person that evaluates the quality of the research. And they can tell you to go get more research if they feel like it's not enough. And, like, building essentially an organization agent Yeah.

Speaker 1: That brings you into the room when it let needs to let the other agent know that it's firing them while this other agent locks down their computer system so they don't write a kill switch code. I feel you.

Speaker 2: Yeah. Exactly. Exactly.

Speaker 1: It's called bringing a full circle right there. That's what we pros do.

Speaker 2: That's what we pros do on hack podcast. That's brought

Speaker 1: to you by push security. To you by push security. Pushsecurity.com. Thank you again for listening. Appreciate you taking the time to hang out with us as we tell weird tech tales, and catch you in the next one.

Speaker 2: Take care.