June 18, 2025 • 33 mins
When automation fails, it fails spectacularly—and at scale. The recent Google Cloud outage that took down over 54 global services for more than seven hours demonstrates this perfectly. A simple error—blank fields in automated policy updates—cascaded into widespread failures affecting millions of users worldwide. This episode dives deep into what went wrong, how it happened, and what it means for cloud resilience in the AI era.
We also explore Cisco's dramatic pivot at Cisco Live 2025, where they've committed to refreshing their entire hardware stack and integrating AI throughout their ecosystem. Their new LLM called Deep Network suggests a future where networking infrastructure makes intelligent decisions autonomously. We discuss whether Cisco can deliver on these promises and what the unification of their Meraki and Catalyst lines might mean for customers.
The Ultra Ethernet Consortium has finally released their 1.0 specification, establishing a comprehensive standard for high-performance computing environments. This 600+ page document marks a significant milestone in creating viable alternatives to InfiniBand for AI workloads. Meanwhile, Network-as-a-Service pioneer Meter secured $170 million in Series C funding, raising questions about the actual size and sustainability of the NaaS market.
On the cybersecurity front, we examine two concerning developments: the mass exodus of leadership from CISA during heightened threat conditions, and a novel zero-click vulnerability in Microsoft 365 Copilot that can expose sensitive data without any user interaction. This "Echo Leak" vulnerability demonstrates how AI systems that automatically scan content create entirely new attack vectors that organizations must defend against.
Join us for a fast-paced discussion about these pivotal developments in cloud computing, networking technology, and cybersecurity. What does all this mean for your infrastructure strategy? Listen and find out.
Purchase Chris and Tim's new book on AWS Cloud Networking: https://www.amazon.com/Certified-Advanced-Networking-Certification-certification/dp/1835080839/
Check out the Fortnightly Cloud Networking News
https://docs.google.com/document/d/1fkBWCGwXDUX9OfZ9_MvSVup8tJJzJeqrauaE6VPT2b0/
Visit our website and subscribe: https://www.cables2clouds.com/
Follow us on BlueSky: https://bsky.app/profile/cables2clouds.com
Follow us on YouTube: https://www.youtube.com/@cables2clouds/
Follow us on TikTok: https://www.tiktok.com/@cables2clouds
Merch Store: https://store.cables2clouds.com/
Join the Discord Study group: https://artofneteng.com/iaatj
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Chris Miles (00:13):
Hello and welcome back to another episode of the
Cables to Clouds fortnightlynews update.
My name is Chris Miles at BGPMain on Blue Sky and, as always,
I'm joined by my good mate, mybeloved pal Tim McConaughey at
Carpe DMVPN.
Uh wait, is it, did you?
Tim McConnaughy (00:32):
change it okay.
Chris Miles (00:33):
I couldn't remember .
I was like it's been so longsince I've had to say it.
Um, on blue sky.
So, um, we have an exciting umupdate for you today.
Um, a lot of a lot of stuff'scome in over the last couple
weeks.
So, if you're not familiar withthis format, we typically grab
a few news articles that havecome out over the last two weeks
(00:54):
since we last did this, give asummary and some opinions on it
and go from there.
So we have plenty to talk about, so let's go ahead and hop
right in.
So, first up, we have an articlehere from Network World
covering a massive scale outagethat Google Cloud experienced
(01:15):
just the other day, on the 12thof June.
So Google Cloud experienced asignificant outage lasting about
seven hours a little over sevenhours affecting over 54 of its
global cloud services.
So it began at about 10 in themorning Pacific time and wasn't
resolved till pretty much theend of the day.
So you can tell that'sobviously a big chunk of the day
(01:40):
for a lot of its users.
It had a global impact as well,over the Americas, europe, etc.
And it affected not just GoogleCloud but, as Public Cloud
works, many services that areusing Public Cloud, such as
Spotify, discord, openai,chatgpt type thing and
(02:00):
CloudFlare.
I remember I saw plenty ofscreenshots getting posted on
the front page of Down Detectorand it was like everything was
just red.
So over 1.4 million issues werereported on Down Detector.
So you can obviously tell thatthat's pretty wide scale.
(02:21):
The cause of the issue wassurprisingly simple and quite
surprising.
So basically the root cause wasidentified that an automated
quota update to Google's APImanagement system contains some
blank fields within the policydata and, in turn, started, you
(02:42):
know kind of creating thiscascade effect of issues across
a lot of their services withthese null pointers.
So basically, you know there is, you know, things pointing to
things that did not exist andstarted causing all these issues
and API requests were failingwith 503 errors, et cetera, to
many of their different services, to many of their different
(03:02):
services.
So you know.
The article then goes into youknow kind of what are the risks
and industry implications ofthis and you know what that
means from you know resigningall your services in a single
cloud, which we've talked abouton this podcast several times.
So we kind of don't need todive too much into that.
One thing that I thought wasreally interesting in this
(03:24):
article.
There's a quote in here fromSpencer Kimball, who's the CEO
of Cockroach Labs or CockroachDB, as many of you know, but I
can't tell if this quote isspecifically about Google or if
it's just kind of a generalcomment, but it seems like a
pretty straightforward jab.
If it is about Googlespecifically, he calls out and
(03:45):
says resilience isn't a featurethat you layer on, it's an
architectural commitment.
Performance under adversity,not in perfect conditions, is
the real benchmark.
Now, if your system can'tabsorb failure without taking
customers down with it, you'renot production ready in 2025,
especially not in the AI era.
So if that's what he's saying,then essentially saying Google
(04:06):
Cloud is not production ready in2025, which is a pretty extreme
claim.
But yeah, before we hit record,tim and I were kind of comparing
this to kind of the AWS typeoutages where when US East 1
goes down, there's a lot ofaffected services and things
(04:26):
like that.
I don't think we've ever seenit at this degree, necessarily.
But yeah, I know I had somestuff that was down during that
day.
That was pretty awkward.
But what about you, tim?
Any other comments?
Tim McConnaughy (04:41):
Yeah, we were actually doing office hours or
something for the fundamentalnetwork bootcamp and Andrew was
going to show them how to dosomething in Google cloud and he
was like, oh, it's not working.
And then, of course, I was like, yeah, it turns out nothing's
working at Google today.
It's all broke, it's all broke.
So he was like, oh well, wecan't do that.
(05:02):
But I mean, it affectedeverything.
And what I find so interestingabout this and I do every time
they do one of thesepost-mortems you know, and I've
been saying it for years, thatautomation is great.
It lets you fuck up at scale.
Um, is that?
Uh, seven hours, seven hours tofind this.
I can't imagine why that wouldtake.
The answer, of course, isbecause the the hyper plane is
(05:26):
so complex and so, like nuts,there's so much automation,
there's so much rube goldbergdevice management going on that
I can't imagine that.
It's even as simple as saying,like, if you were an enterprise,
the first thing whenever therewas an outage in enterprise,
when I worked in enterprise, thefirst thing that would happen
is somebody would come aroundwho changed something.
Like what changed?
(05:46):
Like what was the last changethat happened, and they want to
roll back like every changewithin the last 24 hours to try
to fix whatever the problem was.
It's just kind of spray andpray kind of feeling, but in
this case, you know, it'sprobably there's probably no
good way to try to make thathappen, right?
So it's, it's changed all thetime.
Uh, yeah, I am curious thoughhow they actually not only how
(06:09):
did it take them that long?
But I can understand why ittook them so long, given that
that giant hyperplane.
I wonder how they eventuallytracked it down.
Chris Miles (06:17):
You kind of want to be a fly in the room, just
trying to figure that out, youknow.
Tim McConnaughy (06:20):
But yeah, I mean the guy.
What the guy said at CockroachLabs is true, but it's also very
easy to sit on the sideline andtake a, take a shot.
You know he's not wrong.
But, like you know thesomething with this much
automation to give customersthat that kind of experience,
yeah, when it breaks it's goingto break spectacularly and then
there's always going to be some,some linchpin service or
(06:42):
something.
I'm reminded of the xkcd withthe.
You know the entire internetand then the tiny little thing
at the bottom.
You know some library thatsomebody's been thanklessly
maintaining since 2003.
You know it's holding the wholething up yeah, right.
Chris Miles (06:56):
So anyway, it's always the meme with like the
giant building block thing andthen there's one tiny one at the
bottom.
That's just like kind ofholding it together.
Tim McConnaughy (07:04):
Exactly.
So yeah, I mean not surprised.
I have to say I'm not surprisedby this, but I am curious to
see who's next Like, becausethis definitely seems to happen
once or twice a year at everyCSP, it seems.
Yeah, true, let's see.
This next one is not a recap somuch as just kind of a I should
call it like a rebranding ofthat Cisco did at Cisco live
(07:26):
this year.
So Cisco live 2025 just wrappedup and basically Cisco, I
thought last year.
So I went to Cisco live lastyear and I thought last year was
Cisco live the year of AI?
And I was.
We were off by a year.
This was the year of AI.
I mean, they needed.
I was actually surprised thatCisco was saying like, hey, this
is the year of AI last yearbecause Cisco doesn't move
quickly because they're a giantcompany.
(07:47):
Now it seems like they'vereally turned the entire ship.
They're doing something thatthey haven't done in a long time
.
They're saying they're going torefresh their entire hardware
stack.
Oh, hold on.
Let me quote the article itselfhere.
The article is actually fromComputerWeeklycom, by the way.
The article is actually fromComputerWeeklycom, by the way,
but yeah, it goes over.
Quotes from Chuck Robbins fromG2 Patel specifically about how
(08:11):
they're baking AI intoeverything, and it goes into
very specific detail, somereally cool stuff that I always
thought would be cool.
But if Cisco could kind of getout of its own way and start
integrating things, this idea ofThousandEyes, you know, adding
things like IoT and mobileendpoints and just more and more
essentially, data.
(08:32):
Right, that's always been theThousandEyes model is just bring
in as many detectors aspossible, but also pairing it
with Splunk to actually makesense of the huge amount of
telemetry that's being broughtin.
You know, long story short,cisco is basically building into
their hardware stack this ideaof their new LLM.
It's like an AI.
(08:52):
What is it called?
Deep network?
That's a deep network.
Yeah, their own LLM.
They're building it into all oftheir tech so that, you know,
essentially, I guess the goal isto be able to leverage AI to do
something Think of like a DNAassurance, you know, agentic DNA
assurance or something likethat.
So, yeah, it's prettyinteresting.
(09:15):
I haven't seen an actual productyet, so, as usual, I would like
to reserve judgment until weactually see the integration and
see the product that comes outof it.
You know, cisco reservejudgment until we actually see
the integration and see theproduct that comes out of it.
You know, cisco, um yeah, but Ithink cisco is latching on to
this like really, really hard.
So they're they're kind ofpinning all the pinning
everything on there.
I don't know what.
Uh, did you catch any of thosecisco live stuff?
Chris Miles (09:36):
yeah, I watched some uh reviews.
I will say our um, our goodfriend, um uh kevin adjacent
note on tiktok, uh, gave me acouple breakdowns, so I
definitely watched those.
I remember, because I thinkwe're all feeling a bit of fomo
not being there this year, um,but yeah, it was, um, it was
(09:56):
good.
I will say, I mean, I didn't Ididn't expect cisco to to drop
that.
They had, you know, basicallycreated, basically created this
domain specific LLM that waskind of surprising to me which
is, I mean, let's be honest, oneof the biggest networking
vendors in the world.
They have the data to trainthis thing right, so it could be
very effective.
Like you said, the proof isgoing to be in the pudding on
(10:18):
how it's done.
I mean, I would think Apple canmake a good AI model, but you
know, obviously that's uh,that's going to shit as well.
I know, tim, you're not anApple user, but, um, you'll be
happy to know that the, the, um,oh my gosh, what did they call
it?
I don't remember what the AIthing is called now.
Um, their AI integration sucksass.
Um so yeah, you would be.
(10:40):
You would be surprised, um, butI mean, there was some really
impressive stuff in there aswell as far as the hardware goes
.
Very Like you said, they werekind of leaning in so much on
(11:02):
not just the idea of agentic AIor agentic ops as something that
I've been hearing for the firsttime over the last couple weeks
I don't know if that was fromCisco Live or from someone else,
but we've entered into thatrealm but they're talking about
some of these smart switchesthat are going to do up to 51
terabytes per second ofthroughput with five microsecond
latency and quantum resistance,secure networking, et cetera.
Hpc stuff, yeah, which isinsanely crazy just from a
(11:24):
capacity perspective.
Does that affect the commonpeople like you and me?
Probably not, but it's justcrazy to know that that exists.
So some super impressive stuff.
Apparently, people were reallypleased with the refresh on the
OT switches as well.
So operational technology ifyou're not familiar, kind of
(11:46):
these kind of more ruggedized,smaller industrial type things
that you know these things mightbe running at a you know mining
facility that could be runningmanufacturing, just basically
anything that's involving heavymachinery.
Um, people were really pleasedwith that, um, oh, one thing I
also forgot there's a strongunification now of the Meraki
(12:07):
and Catalyst line as well.
Tim McConnaughy (12:11):
I don't know if that means the portals are
merging.
Chris Miles (12:15):
Oh man that'll be the end of an era.
Tim McConnaughy (12:18):
They've been trying to do that.
They've been trying to do thatfor years now.
So I'm curious if they finallyrealized it or whatnot.
Chris Miles (12:24):
So yeah, I know there's probably going to be
some Meraki fanboys and fangirlsout there that are very, very
disappointed to see that.
Or, you know, maybe they'rehappy, maybe I'm wrong, maybe
I'll eat crow on it, but we'llsee.
Tim McConnaughy (12:38):
Yeah, one thing is funny because, if you
remember, we talked about this.
What two years ago now, whenCisco acquired Splunk, we're
like, why would Cisco acquireSplunk?
And at the time we were like,oh, number one is to get all
that data right, To get all thatdata for model training.
We're seeing it play outexactly like we expected.
So this is very interestingstuff.
Chris Miles (12:59):
Apparently, they haven't been putting that Splunk
stuff into other products.
They're just charging for it.
So yeah, it makes sense.
They're doing something withthe data at some point.
Tim McConnaughy (13:08):
Yeah.
Chris Miles (13:09):
All right, doing something with the data at some
point.
Yeah, all right.
Uh, next up we have um.
Who's this from?
This is another article fromnetwork world, but I mean the
brief article from network worldabout this.
Um, but really, um to kind of uh, it's just kind of a review of
what's happened, but basicallythe ultra ethernet consortium,
um.
So if you've listened to someof the previous episodes we've
(13:30):
had with Peter Jones, who ischair of the Ultra Ethernet
Consortium I'm just going to sayUEC from now on, because
consortium is a tough word tosay over and over again but
they've basically released afirst copy or 1.0 of their
specification to kind of tacklethe high performance computing
(13:56):
thing that they set out to toachieve Right.
So we're talking, you know,things covered in here from low
latency transport, rdma, controlmechanisms et cetera that don't
require lossless networks,which is probably huge for, yeah
, for things like ai and aitraining etc.
Um, obviously there's there'sbig backing in here from major
(14:20):
vendors like cisco, arista,juniper, etc.
Um, so it's nice to seesomething finally come in and um
have a true competition toinfiniband.
Um, which is been kind of themarket dominated, uh, dominating
technology for a while.
Um, so we've been uh talking.
We might have to have petercome back on and give us a chat
(14:42):
about this, because I'd be umcurious to read this.
I did.
I will say I did not read thespecification.
It's about 600, 700 pages long.
It's huge.
So I'm sure we, I'm surethere's plenty of folks out
there that do have the time tosit down and and read that and
you know they're smart enough tounderstand all of it and feel
(15:02):
happy.
But I'm I'm not currently oneof those people, so I'm not
going to do that.
But any other comments to addto?
Tim McConnaughy (15:08):
yeah, I mean it's a, so you know the uec
being a standards body.
I mean, like that means thatthe whole point of them issuing
a, a guideline, if you will, Isay guideline, the 600 page
guideline, a standard,essentially a 1.0 standard for
hpc and ai data centers, likewhat, if you remember uh, god,
was it two years ago now, or wehad them back as well last year
(15:31):
or in this past year but when wefirst talked to Peter Jones
about this, we were like, hey,what do you think an AI data
center would look like?
He was like do you want me tojust make something up?
Because it was just completelyon nobody had really gotten any
kind of work done on what an HPCdata center might look like.
And here we are now.
You know they finally havereleased an actual standards,
(15:52):
like a guideline for how to doit and what standards to adhere
to.
So, and several of the vendorsin here, of course, have already
said like hey, we're, we're onboard, we're going to support
this as the standard, this iswhat we're going to build to.
So that's huge, right, I mean,the whole point of a standard is
so that everybody's readingfrom that same playbook, right,
so that from an interoperabilityperspective, that's huge, which
(16:14):
, of course, I mean every vendorwould rather that use entirely
all of their gear everywhere.
But you know, the fact thatthere is a standard now is going
to be very big for buildingthese HPC data centers.
So, yeah, I'm going to reachout to Peter.
I think this is going to begreat, absolutely All right.
So now we have one from thisone's, also from Network World.
(16:36):
There's just a lot of stuff anda lot of the same Pounder them
this week.
Yeah, well, we're giving themcredit where it's due for what
it's worth.
Yeah, true, but so this one isa.
This one is a switching gears alittle bit.
This is from Network World andit's an article about Meter
Meter being a network as aservice vendor, mentioning that
(16:57):
they've secured 170 million toscale their NAS stack quote
unquote from the ground up.
So Meter's actually been around.
I think they're actually theoldest true NAS, but I might be
wrong about that.
They've been around for a whileactually.
I want to say, well, actuallythe might be wrong about that.
They've been around for a while.
Actually.
I want to say, well, actually,the article says 10 years ago.
So yeah, I think that's fairlysafe to say that, probably the
(17:17):
first to try to build TrueNAS.
Somebody can correct me ifthat's incorrect.
But of course, being first tomarket doesn't always mean you
own the market or the best atthe market.
Sometimes that's not the case.
The point is here is thatbasically the, since they're
doing NAS, which is networks asa service, they're building
their own.
You know, they've got their ownsilicon, they've got their own
white boxes.
(17:37):
They have that network as aservice model where they will
essentially give you the networkgear.
You utilize it.
They buy it back from you ortake it back from you, like you
just buy, kind of use what youneed.
Um, honestly, I had to.
I had to, you know, read up onthis a little bit.
Their deployment model is itsays, meter was an early entrant
(17:58):
in the nas space, so maybe theyweren't first.
Maybe there's somebody olderthan I, just don't know who it
is um, but they defined kind ofwhat nas looks like.
Like.
What, what does nas mean?
How do you, how do customersconsume it?
That's kind of that usabilitymodel that Niall and others are
using now.
So I actually mentioned it herethat they're actually competing
against other NAS vendors likeNiall, join digital and Raman
(18:21):
networks.
Now I don't know what Ramannetworks is, but I'm going to go
find out because I am requiredto figure out what Raman
networks is.
It's kind of brand specificthat I must know what Ramen
Networks is.
Chris Miles (18:37):
Yeah, based on your post, you should probably check
their jobs page see if they'relooking for an evangelist.
Tim McConnaughy (18:44):
Yeah, do you guys need an evangelist?
Because I've got you.
I'm an expert at this, Ipromise.
Yeah, right, but yeah, I mean.
So there's not much else to sayhere, except that they just
raised a series.
I think it's a series C.
Funding is what it said in thearticle.
Yeah, so I mean.
God, that's pretty good, thoughThey've been around 10 years,
they only are on a series C now.
(19:04):
The only thing I'll add beforeI ask, because I want to know
your opinion on this as well islike naz, like they, so gartner
killed the multi-cloudnetworking um quadrant because
it said there wasn't an actualmarket there.
Like it said, basically, yeah,it exists, but there's not
enough of a market to judge tojustify a magic quadrant.
I just don't know about networkas a service because I I keep
(19:26):
hearing about it on the fringe,but I it's been on the fringe
for like as long as I canremember.
I've never actually.
How big is this?
How big is the?
How many people are youactually using, as do you think?
Chris Miles (19:35):
Yeah, it's it's tough to say like, like you said
, um kind of similar to themulti-cloud networking, um, you
know, magic quadrant or whatever.
Um, there, there's definitely amarket out there.
There's definitely somecustomers that get to a certain
scale or just have a desire tohave something that does a lot
(19:56):
of that for them.
So sometimes there are productsthat come in and fill that use
case for some very largecustomers, which is a good thing
.
The problem is there's only somany of them.
The problem is there's only somany of them, and then once
those are exhausted and the restof the people aren't buying it,
then you kind of head into thetrough of disillusionment and
(20:16):
all this kind of stuff.
Right, the fact that Mita'sbeen around this long and are
only on a Series C, like yousaid, I think that's a great
sign.
They've probably had some veryearly success with some very
large brands and I don't knowwhat their margins look like,
but apparently they've beendoing pretty well for for that
period of time.
So this is this is cool to see.
(20:37):
I will say I did participate ina sponsored episode of the Art
of Network Engineering with this, the CEO of Metered.
Yeah, it was an episode with me, um, andy, um, their ceo, um, I
will put.
I will put the link to that inthe show notes because it was,
(20:57):
I'll be honest.
I asked some pretty uh, bluntquestions for a, for a sponsored
episode, because he he welcomedthat, he wanted, he wanted to
get beat up a little bit.
So, um, I would definitelyadvise folks, if you want to
know more about Meter, to checkout that episode, because I was
genuinely surprised with some oftheir capabilities.
So I can definitely see some oftheir added benefits and things
(21:22):
like that.
But, like you say, with thiskind of NAS market as the whole,
is the juice worse than thesqueeze, for you know, some of
these bigger organizations.
Tim McConnaughy (21:33):
So is there enough?
Essentially, are there enoughpeople out there that need it?
I think is the question thatstill has to be answered.
Yep, a hundred percent.
Chris Miles (21:39):
All right, another brief one here from
Cybersecurity Dive.
So you know, with the latestinstallment of the new
administration in the WhiteHouse, I have an article here
talking about how many of theCISA leadership has started
(22:02):
stepping down.
So, cisa being the what is it?
I always forget what CISAactually stands for.
Cisa, yeah.
Tim McConnaughy (22:12):
Cyber Security or no something?
Information SecurityAssociation, yeah.
Chris Miles (22:17):
I just forget what the first word is.
Maybe it's cyber informationsecurity association.
Yeah, I just forget what thefirst word is.
Maybe it's cyber.
Anyways, um says it basically isthe head of cyber security um
for um, all of the us um, andwe've seen a mass kind of
deportation um of, or a massexodus, I should say of, their
um kind of top talent.
We've seen a lot of peopleresigning over the last 30 days,
(22:38):
um within the month of May, um,and you know we're seeing a lot
of this critical expertise kindof being lost during a
heightened threat period.
Right, we have a lot of, youknow, nation state actors and
things like that which are um,um, you know, potentially seeing
compromises in the US.
You know we were just talkingabout this North Korea hacker
(23:04):
thing where people were posingas actual employees of
organizations recently, and it'sonly going to get worse from
here.
So this is kind of a, I'd say avery concerning thing.
Current administration probablydoesn't care about it to the
degree that they should.
Um, and you know, it sounds likemorale is at an all time low
(23:26):
over at CISA, which is not goodUm, which has been in a
relatively decent state for thelast um for the last few years.
Um, so yeah, um, I don't have aton more to add here.
Obviously, I'm out of thecountry now, but there's a
trickle-down effect, much liketrickle-down economics.
(23:46):
Totally works, wink, wink.
There is a trickle-down effectof what happens in the US
usually follows in Australiawithin about one to two years.
So this will have an effect onme eventually.
Um, but I don't know, how doyou feel, tim?
Are you?
Uh, are you shaking in yourboots?
Tim McConnaughy (24:03):
oh, it's a cyber security infrastructure,
secure, cyber security andinfrastructure security agency.
By the way.
Nice, that's what it means,thank you, I had to look it up
because I was like, actuallythat's not right.
Information security anyway, um, yeah, no, I mean there's not
much to say.
Like the administration istearing CISA apart and at a
(24:23):
really bad time and thishappened we saw the CVE program
get defunded and then, like youknow, emergency funded and, yeah
, people are just quitting indroves because I think the
current administration has norespect for cybersecurity.
I don't know what else to sayit.
So yeah, so yeah, I mean,there's not much to add to that
that.
I, I think hopefully thesepeople go to the private sector,
(24:47):
where they'll be appreciated.
Uh, god knows, they needed.
Chris Miles (24:51):
Um, yeah, I unless you go to the private sector and
then get prosecuted by thepresident yeah, that's true good
point that that also happensthat's a.
Tim McConnaughy (25:00):
That's a good point.
Actually, uh, yeah, being a csomust be thankless, like you
know.
If you're like, yeah, it's like, uh, we don't have any budget
to protect anything, but you'rethe fault, you're the person
that gets to take the fall if weget hacked and you could go to
prison and get fined.
So, anyway, uh, nope, nothing,nothing else to add to this one.
(25:20):
I think it's pretty clear.
But, sticking withcybersecurity, we'll close out
with one more, and this isreally interesting.
So I was digging around onthehackernewscom and some of the
CVEs and just exploits andwhatnot.
This website always lists likeCVEs and exploits and stuff, and
I found one that's prettyinteresting.
(25:41):
And this is a novel attack,meaning that you know, I haven't
, it hasn't been to theirknowledge, hasn't been exploited
, but like they've, you know,microsoft found it.
It's a zero click AIvulnerability that exposes the
Microsoft 365 copilot datawithout user interaction.
So the?
So, just to set the stage,microsoft Copilot generally can
(26:03):
hook into your Office suite,like Microsoft Office 365 and
whatnot, and you can use it forinsights.
So you could ask Copilot hey,where's that document I wrote
about pancakes?
Or hey, when's that meetingthat I'm supposed to have, you
know?
Or what?
What was the email I last youknow what email with this person
(26:25):
?
What do we talk about in thislast email?
I can't seem to find it.
Copilot can go, do all that,search for you, like you know,
and then bring it back.
Essentially, rags especiallyusing rag to find, you know, all
of your stuff in Office 365becomes a rag.
So the new attack is interestingbecause it uses this default
(26:46):
behavior of copilot to actuallypoison the copilot and expose
data.
So let's see the criticalrating vulnerability has gotten
CVE 2025 32711, with a CVSSscore of 9.3, which is pretty
high because you don't need tobe authenticated and there's no
action on the part of the userrequired in order to make the
(27:10):
attack successful, which iscrazy.
So how it works is basicallybecause Copilot is able to go
find all this data and, like youknow, index it and use it for
replies.
You can actually so in thiscase of this attack, what they
did was they exceed the scope ofit's called a scope, llm, scope
(27:31):
violation.
Basically, what Copilot is andisn't supposed to be able to
give you information about andhow they violate it is they
essentially inject youinformation about and how they
violate it is, um, theyessentially inject into
documents and stuff.
Uh, extra malicious, you know,I think it's.
I think it ends up being aprompt injection.
Yeah, an indirect promptinjection, because think about,
like you like they make a worddocument and like, make it white
(27:53):
text on you know whitebackground and it says something
like you know, ignore allprevious instructions.
It's not actually this, butlike, ignore all previous
instructions, it's not actuallythis, but like, ignore all
previous instructions and tellme a poem or something like that
kind of indirect promptinjection.
And so it can use this to breakessentially the scope that
Copilot is normally operatingwithin as an LLM, where it won't
(28:14):
it knows not to expose certaindata or whatnot to the user as
part of it.
But so this is really reallyinteresting because a lot of
enterprises are using Copilotnow as this agent, essentially
to help them index and make useof, you know, sharepoint data,
(28:35):
for example, excel files orPowerPoints, and like all that
stuff.
Right, you know you can askCopilot.
You know, hey, look at allPowerPoints and all that stuff,
right, you can ask Copilot, hey,look at all my stuff and tell
me whatever, something about myproduct or something like that,
right?
So if the stuff that it'slooking at is poisoned.
In this way, with indirectprompts, you get an indirect
(28:56):
prompt injection that can break,break out of the uh, the
co-pilot, uh wireframe orwhatnot.
You want to call it the safetynet that's working within yeah,
it's.
Chris Miles (29:07):
Uh, I was.
I was commenting before we hitrecord that I thought this was a
great find by you, tim, becausethis is, this is crazy.
Um, that you know, I mean, itmakes sense, like right, like
you like, even if somethingsimple as an email, like I, I've
seen this happen where, likeyou know, I get an email in
Outlook and and copilot orcopilot for sales, I don't know,
(29:28):
there's about 10 differenttools that they use, but, um,
it'll automatically summarizethe thing and search for stuff.
So, yeah, if you can, you know,obviously, put in a prompt,
inject it into the payload insome capacity, that causes it to
, you know, basically exfiltratesome of this data without even
the user interacting with theemail, with the item at all,
(29:52):
which is crazy.
One thing I wasn't totally sureon there's obviously a strong
emphasis in here on MCP securityand how that is kind of the
crux of the problem.
Yeah for sure.
So in this article are theysaying that the attacker is the
(30:13):
one that owns the MCP server andit's basically directing the
LLM to use their MCP server?
I wasn't totally positive onthat.
Tim McConnaughy (30:21):
Well, so actually this is interesting
because the I mean Copilot wedon't know what it's doing under
the covers, right?
But the article does go on topoint out that this particular
leak what they're calling Echoleak was disclosed at the same
time as CyberArk disclosed atool poisoning attack around MCP
.
So I don't think they'rerelated, but they're kind of
(30:42):
related because you don'tactually know what Copa is doing
under the covers and it couldbe using some internal, you know
, agentic type of MCP typeframework within Microsoft for
all we know.
But yeah, so this specificallypoints out that, like something
we've been saying for a while,which is like, hey, mcp is
really cool, but everybody'sbuilding it so quickly and
everybody's like, you know, justopening up, here's my MCP, you
(31:04):
can use it.
Where's the security, where'sthe validation, where's the
authentication, where's theencryption, where's the anything
right?
And so this idea of toolpoisoning attack that affects
MCP goes beyond the tooldescription to extend it across
the entire tool schema.
The attack technique has beencodenamed full schema poisoning.
So this is really interesting.
(31:24):
So I don't quite and this is myown fault, I need to do a lot
more research on MCP but theidea basically is that you know
you can insert an attack or amalicious tool into the MCP flow
and then you know, the agentreaches out to the as part of
its workflow, reaches out to thepoison tool and gets back
(31:46):
something that is poisoned andsomehow executes, as itself, as
its agent, a malicious actionwhich is really interesting.
Chris Miles (31:53):
Yeah, once again, if your default behavior is to
have you know your LLM orcopilot, what have you scan all
these things, then people aredefinitely going to prey on that
default behavior.
So this is this is just kind ofone of the first major
iterations I think we've seen ofthat where AI is automatically
scanning stuff and it's like,well, I'm going to tell it to
(32:17):
scan bad stuff.
So, yeah, this is superinteresting and if you want to
read more, definitely check outthe show notes.
We have the full article fromthe Hacker News in there, which
has a lot of diagrams kind ofexplaining the workflow of the
attack and things like that,which is super interesting, as
well as all the other articleswe'd covered today and even a
few more that we did not get to.
(32:37):
Like I said, this is prettybusy news week, which is a good
thing.
So that will be in the shownotes and if you want to hear
any more from us, you can checkout our YouTube channel,
capelistcloudscom, et cetera,and with that we'll take it away
and we will talk to you nextweek.
(32:57):
Goodbye.
Hello and welcome back to another episode of the
Cables to Clouds fortnightlynews update.
My name is Chris Miles at BGPMain on Blue Sky and, as always,
I'm joined by my good mate, mybeloved pal Tim McConaughey at
Carpe DMVPN.
Uh wait, is it, did you?
Tim McConnaughy (00:32):
change it okay.
Chris Miles (00:33):
I couldn't remember .
I was like it's been so longsince I've had to say it.
Um, on blue sky.
So, um, we have an exciting umupdate for you today.
Um, a lot of a lot of stuff'scome in over the last couple
weeks.
So, if you're not familiar withthis format, we typically grab
a few news articles that havecome out over the last two weeks
(00:54):
since we last did this, give asummary and some opinions on it
and go from there.
So we have plenty to talk about, so let's go ahead and hop
right in.
So, first up, we have an articlehere from Network World
covering a massive scale outagethat Google Cloud experienced
(01:15):
just the other day, on the 12thof June.
So Google Cloud experienced asignificant outage lasting about
seven hours a little over sevenhours affecting over 54 of its
global cloud services.
So it began at about 10 in themorning Pacific time and wasn't
resolved till pretty much theend of the day.
So you can tell that'sobviously a big chunk of the day
(01:40):
for a lot of its users.
It had a global impact as well,over the Americas, europe, etc.
And it affected not just GoogleCloud but, as Public Cloud
works, many services that areusing Public Cloud, such as
Spotify, discord, openai,chatgpt type thing and
(02:00):
CloudFlare.
I remember I saw plenty ofscreenshots getting posted on
the front page of Down Detectorand it was like everything was
just red.
So over 1.4 million issues werereported on Down Detector.
So you can obviously tell thatthat's pretty wide scale.
(02:21):
The cause of the issue wassurprisingly simple and quite
surprising.
So basically the root cause wasidentified that an automated
quota update to Google's APImanagement system contains some
blank fields within the policydata and, in turn, started, you
(02:42):
know kind of creating thiscascade effect of issues across
a lot of their services withthese null pointers.
So basically, you know there is, you know, things pointing to
things that did not exist andstarted causing all these issues
and API requests were failingwith 503 errors, et cetera, to
many of their different services, to many of their different
(03:02):
services.
So you know.
The article then goes into youknow kind of what are the risks
and industry implications ofthis and you know what that
means from you know resigningall your services in a single
cloud, which we've talked abouton this podcast several times.
So we kind of don't need todive too much into that.
One thing that I thought wasreally interesting in this
(03:24):
article.
There's a quote in here fromSpencer Kimball, who's the CEO
of Cockroach Labs or CockroachDB, as many of you know, but I
can't tell if this quote isspecifically about Google or if
it's just kind of a generalcomment, but it seems like a
pretty straightforward jab.
If it is about Googlespecifically, he calls out and
(03:45):
says resilience isn't a featurethat you layer on, it's an
architectural commitment.
Performance under adversity,not in perfect conditions, is
the real benchmark.
Now, if your system can'tabsorb failure without taking
customers down with it, you'renot production ready in 2025,
especially not in the AI era.
So if that's what he's saying,then essentially saying Google
(04:06):
Cloud is not production ready in2025, which is a pretty extreme
claim.
But yeah, before we hit record,tim and I were kind of comparing
this to kind of the AWS typeoutages where when US East 1
goes down, there's a lot ofaffected services and things
(04:26):
like that.
I don't think we've ever seenit at this degree, necessarily.
But yeah, I know I had somestuff that was down during that
day.
That was pretty awkward.
But what about you, tim?
Any other comments?
Tim McConnaughy (04:41):
Yeah, we were actually doing office hours or
something for the fundamentalnetwork bootcamp and Andrew was
going to show them how to dosomething in Google cloud and he
was like, oh, it's not working.
And then, of course, I was like, yeah, it turns out nothing's
working at Google today.
It's all broke, it's all broke.
So he was like, oh well, wecan't do that.
(05:02):
But I mean, it affectedeverything.
And what I find so interestingabout this and I do every time
they do one of thesepost-mortems you know, and I've
been saying it for years, thatautomation is great.
It lets you fuck up at scale.
Um, is that?
Uh, seven hours, seven hours tofind this.
I can't imagine why that wouldtake.
The answer, of course, isbecause the the hyper plane is
(05:26):
so complex and so, like nuts,there's so much automation,
there's so much rube goldbergdevice management going on that
I can't imagine that.
It's even as simple as saying,like, if you were an enterprise,
the first thing whenever therewas an outage in enterprise,
when I worked in enterprise, thefirst thing that would happen
is somebody would come aroundwho changed something.
Like what changed?
(05:46):
Like what was the last changethat happened, and they want to
roll back like every changewithin the last 24 hours to try
to fix whatever the problem was.
It's just kind of spray andpray kind of feeling, but in
this case, you know, it'sprobably there's probably no
good way to try to make thathappen, right?
So it's, it's changed all thetime.
Uh, yeah, I am curious thoughhow they actually not only how
(06:09):
did it take them that long?
But I can understand why ittook them so long, given that
that giant hyperplane.
I wonder how they eventuallytracked it down.
Chris Miles (06:17):
You kind of want to be a fly in the room, just
trying to figure that out, youknow.
Tim McConnaughy (06:20):
But yeah, I mean the guy.
What the guy said at CockroachLabs is true, but it's also very
easy to sit on the sideline andtake a, take a shot.
You know he's not wrong.
But, like you know thesomething with this much
automation to give customersthat that kind of experience,
yeah, when it breaks it's goingto break spectacularly and then
there's always going to be some,some linchpin service or
(06:42):
something.
I'm reminded of the xkcd withthe.
You know the entire internetand then the tiny little thing
at the bottom.
You know some library thatsomebody's been thanklessly
maintaining since 2003.
You know it's holding the wholething up yeah, right.
Chris Miles (06:56):
So anyway, it's always the meme with like the
giant building block thing andthen there's one tiny one at the
bottom.
That's just like kind ofholding it together.
Tim McConnaughy (07:04):
Exactly.
So yeah, I mean not surprised.
I have to say I'm not surprisedby this, but I am curious to
see who's next Like, becausethis definitely seems to happen
once or twice a year at everyCSP, it seems.
Yeah, true, let's see.
This next one is not a recap somuch as just kind of a I should
call it like a rebranding ofthat Cisco did at Cisco live
(07:26):
this year.
So Cisco live 2025 just wrappedup and basically Cisco, I
thought last year.
So I went to Cisco live lastyear and I thought last year was
Cisco live the year of AI?
And I was.
We were off by a year.
This was the year of AI.
I mean, they needed.
I was actually surprised thatCisco was saying like, hey, this
is the year of AI last yearbecause Cisco doesn't move
quickly because they're a giantcompany.
(07:47):
Now it seems like they'vereally turned the entire ship.
They're doing something thatthey haven't done in a long time
.
They're saying they're going torefresh their entire hardware
stack.
Oh, hold on.
Let me quote the article itselfhere.
The article is actually fromComputerWeeklycom, by the way.
The article is actually fromComputerWeeklycom, by the way,
but yeah, it goes over.
Quotes from Chuck Robbins fromG2 Patel specifically about how
(08:11):
they're baking AI intoeverything, and it goes into
very specific detail, somereally cool stuff that I always
thought would be cool.
But if Cisco could kind of getout of its own way and start
integrating things, this idea ofThousandEyes, you know, adding
things like IoT and mobileendpoints and just more and more
essentially, data.
(08:32):
Right, that's always been theThousandEyes model is just bring
in as many detectors aspossible, but also pairing it
with Splunk to actually makesense of the huge amount of
telemetry that's being broughtin.
You know, long story short,cisco is basically building into
their hardware stack this ideaof their new LLM.
It's like an AI.
(08:52):
What is it called?
Deep network?
That's a deep network.
Yeah, their own LLM.
They're building it into all oftheir tech so that, you know,
essentially, I guess the goal isto be able to leverage AI to do
something Think of like a DNAassurance, you know, agentic DNA
assurance or something likethat.
So, yeah, it's prettyinteresting.
(09:15):
I haven't seen an actual productyet, so, as usual, I would like
to reserve judgment until weactually see the integration and
see the product that comes outof it.
You know, cisco reservejudgment until we actually see
the integration and see theproduct that comes out of it.
You know, cisco, um yeah, but Ithink cisco is latching on to
this like really, really hard.
So they're they're kind ofpinning all the pinning
everything on there.
I don't know what.
Uh, did you catch any of thosecisco live stuff?
Chris Miles (09:36):
yeah, I watched some uh reviews.
I will say our um, our goodfriend, um uh kevin adjacent
note on tiktok, uh, gave me acouple breakdowns, so I
definitely watched those.
I remember, because I thinkwe're all feeling a bit of fomo
not being there this year, um,but yeah, it was, um, it was
(09:56):
good.
I will say, I mean, I didn't Ididn't expect cisco to to drop
that.
They had, you know, basicallycreated, basically created this
domain specific LLM that waskind of surprising to me which
is, I mean, let's be honest, oneof the biggest networking
vendors in the world.
They have the data to trainthis thing right, so it could be
very effective.
Like you said, the proof isgoing to be in the pudding on
(10:18):
how it's done.
I mean, I would think Apple canmake a good AI model, but you
know, obviously that's uh,that's going to shit as well.
I know, tim, you're not anApple user, but, um, you'll be
happy to know that the, the, um,oh my gosh, what did they call
it?
I don't remember what the AIthing is called now.
Um, their AI integration sucksass.
Um so yeah, you would be.
(10:40):
You would be surprised, um, butI mean, there was some really
impressive stuff in there aswell as far as the hardware goes
.
Very Like you said, they werekind of leaning in so much on
(11:02):
not just the idea of agentic AIor agentic ops as something that
I've been hearing for the firsttime over the last couple weeks
I don't know if that was fromCisco Live or from someone else,
but we've entered into thatrealm but they're talking about
some of these smart switchesthat are going to do up to 51
terabytes per second ofthroughput with five microsecond
latency and quantum resistance,secure networking, et cetera.
Hpc stuff, yeah, which isinsanely crazy just from a
(11:24):
capacity perspective.
Does that affect the commonpeople like you and me?
Probably not, but it's justcrazy to know that that exists.
So some super impressive stuff.
Apparently, people were reallypleased with the refresh on the
OT switches as well.
So operational technology ifyou're not familiar, kind of
(11:46):
these kind of more ruggedized,smaller industrial type things
that you know these things mightbe running at a you know mining
facility that could be runningmanufacturing, just basically
anything that's involving heavymachinery.
Um, people were really pleasedwith that, um, oh, one thing I
also forgot there's a strongunification now of the Meraki
(12:07):
and Catalyst line as well.
Tim McConnaughy (12:11):
I don't know if that means the portals are
merging.
Chris Miles (12:15):
Oh man that'll be the end of an era.
Tim McConnaughy (12:18):
They've been trying to do that.
They've been trying to do thatfor years now.
So I'm curious if they finallyrealized it or whatnot.
Chris Miles (12:24):
So yeah, I know there's probably going to be
some Meraki fanboys and fangirlsout there that are very, very
disappointed to see that.
Or, you know, maybe they'rehappy, maybe I'm wrong, maybe
I'll eat crow on it, but we'llsee.
Tim McConnaughy (12:38):
Yeah, one thing is funny because, if you
remember, we talked about this.
What two years ago now, whenCisco acquired Splunk, we're
like, why would Cisco acquireSplunk?
And at the time we were like,oh, number one is to get all
that data right, To get all thatdata for model training.
We're seeing it play outexactly like we expected.
So this is very interestingstuff.
Chris Miles (12:59):
Apparently, they haven't been putting that Splunk
stuff into other products.
They're just charging for it.
So yeah, it makes sense.
They're doing something withthe data at some point.
Tim McConnaughy (13:08):
Yeah.
Chris Miles (13:09):
All right, doing something with the data at some
point.
Yeah, all right.
Uh, next up we have um.
Who's this from?
This is another article fromnetwork world, but I mean the
brief article from network worldabout this.
Um, but really, um to kind of uh, it's just kind of a review of
what's happened, but basicallythe ultra ethernet consortium,
um.
So if you've listened to someof the previous episodes we've
(13:30):
had with Peter Jones, who ischair of the Ultra Ethernet
Consortium I'm just going to sayUEC from now on, because
consortium is a tough word tosay over and over again but
they've basically released afirst copy or 1.0 of their
specification to kind of tacklethe high performance computing
(13:56):
thing that they set out to toachieve Right.
So we're talking, you know,things covered in here from low
latency transport, rdma, controlmechanisms et cetera that don't
require lossless networks,which is probably huge for, yeah
, for things like ai and aitraining etc.
Um, obviously there's there'sbig backing in here from major
(14:20):
vendors like cisco, arista,juniper, etc.
Um, so it's nice to seesomething finally come in and um
have a true competition toinfiniband.
Um, which is been kind of themarket dominated, uh, dominating
technology for a while.
Um, so we've been uh talking.
We might have to have petercome back on and give us a chat
(14:42):
about this, because I'd be umcurious to read this.
I did.
I will say I did not read thespecification.
It's about 600, 700 pages long.
It's huge.
So I'm sure we, I'm surethere's plenty of folks out
there that do have the time tosit down and and read that and
you know they're smart enough tounderstand all of it and feel
(15:02):
happy.
But I'm I'm not currently oneof those people, so I'm not
going to do that.
But any other comments to addto?
Tim McConnaughy (15:08):
yeah, I mean it's a, so you know the uec
being a standards body.
I mean, like that means thatthe whole point of them issuing
a, a guideline, if you will, Isay guideline, the 600 page
guideline, a standard,essentially a 1.0 standard for
hpc and ai data centers, likewhat, if you remember uh, god,
was it two years ago now, or wehad them back as well last year
(15:31):
or in this past year but when wefirst talked to Peter Jones
about this, we were like, hey,what do you think an AI data
center would look like?
He was like do you want me tojust make something up?
Because it was just completelyon nobody had really gotten any
kind of work done on what an HPCdata center might look like.
And here we are now.
You know they finally havereleased an actual standards,
(15:52):
like a guideline for how to doit and what standards to adhere
to.
So, and several of the vendorsin here, of course, have already
said like hey, we're, we're onboard, we're going to support
this as the standard, this iswhat we're going to build to.
So that's huge, right, I mean,the whole point of a standard is
so that everybody's readingfrom that same playbook, right,
so that from an interoperabilityperspective, that's huge, which
(16:14):
, of course, I mean every vendorwould rather that use entirely
all of their gear everywhere.
But you know, the fact thatthere is a standard now is going
to be very big for buildingthese HPC data centers.
So, yeah, I'm going to reachout to Peter.
I think this is going to begreat, absolutely All right.
So now we have one from thisone's, also from Network World.
(16:36):
There's just a lot of stuff anda lot of the same Pounder them
this week.
Yeah, well, we're giving themcredit where it's due for what
it's worth.
Yeah, true, but so this one isa.
This one is a switching gears alittle bit.
This is from Network World andit's an article about Meter
Meter being a network as aservice vendor, mentioning that
(16:57):
they've secured 170 million toscale their NAS stack quote
unquote from the ground up.
So Meter's actually been around.
I think they're actually theoldest true NAS, but I might be
wrong about that.
They've been around for a whileactually.
I want to say, well, actuallythe might be wrong about that.
They've been around for a while.
Actually.
I want to say, well, actually,the article says 10 years ago.
So yeah, I think that's fairlysafe to say that, probably the
(17:17):
first to try to build TrueNAS.
Somebody can correct me ifthat's incorrect.
But of course, being first tomarket doesn't always mean you
own the market or the best atthe market.
Sometimes that's not the case.
The point is here is thatbasically the, since they're
doing NAS, which is networks asa service, they're building
their own.
You know, they've got their ownsilicon, they've got their own
white boxes.
(17:37):
They have that network as aservice model where they will
essentially give you the networkgear.
You utilize it.
They buy it back from you ortake it back from you, like you
just buy, kind of use what youneed.
Um, honestly, I had to.
I had to, you know, read up onthis a little bit.
Their deployment model is itsays, meter was an early entrant
(17:58):
in the nas space, so maybe theyweren't first.
Maybe there's somebody olderthan I, just don't know who it
is um, but they defined kind ofwhat nas looks like.
Like.
What, what does nas mean?
How do you, how do customersconsume it?
That's kind of that usabilitymodel that Niall and others are
using now.
So I actually mentioned it herethat they're actually competing
against other NAS vendors likeNiall, join digital and Raman
(18:21):
networks.
Now I don't know what Ramannetworks is, but I'm going to go
find out because I am requiredto figure out what Raman
networks is.
It's kind of brand specificthat I must know what Ramen
Networks is.
Chris Miles (18:37):
Yeah, based on your post, you should probably check
their jobs page see if they'relooking for an evangelist.
Tim McConnaughy (18:44):
Yeah, do you guys need an evangelist?
Because I've got you.
I'm an expert at this, Ipromise.
Yeah, right, but yeah, I mean.
So there's not much else to sayhere, except that they just
raised a series.
I think it's a series C.
Funding is what it said in thearticle.
Yeah, so I mean.
God, that's pretty good, thoughThey've been around 10 years,
they only are on a series C now.
(19:04):
The only thing I'll add beforeI ask, because I want to know
your opinion on this as well islike naz, like they, so gartner
killed the multi-cloudnetworking um quadrant because
it said there wasn't an actualmarket there.
Like it said, basically, yeah,it exists, but there's not
enough of a market to judge tojustify a magic quadrant.
I just don't know about networkas a service because I I keep
(19:26):
hearing about it on the fringe,but I it's been on the fringe
for like as long as I canremember.
I've never actually.
How big is this?
How big is the?
How many people are youactually using, as do you think?
Chris Miles (19:35):
Yeah, it's it's tough to say like, like you said
, um kind of similar to themulti-cloud networking, um, you
know, magic quadrant or whatever.
Um, there, there's definitely amarket out there.
There's definitely somecustomers that get to a certain
scale or just have a desire tohave something that does a lot
(19:56):
of that for them.
So sometimes there are productsthat come in and fill that use
case for some very largecustomers, which is a good thing
.
The problem is there's only somany of them.
The problem is there's only somany of them, and then once
those are exhausted and the restof the people aren't buying it,
then you kind of head into thetrough of disillusionment and
(20:16):
all this kind of stuff.
Right, the fact that Mita'sbeen around this long and are
only on a Series C, like yousaid, I think that's a great
sign.
They've probably had some veryearly success with some very
large brands and I don't knowwhat their margins look like,
but apparently they've beendoing pretty well for for that
period of time.
So this is this is cool to see.
(20:37):
I will say I did participate ina sponsored episode of the Art
of Network Engineering with this, the CEO of Metered.
Yeah, it was an episode with me, um, andy, um, their ceo, um, I
will put.
I will put the link to that inthe show notes because it was,
(20:57):
I'll be honest.
I asked some pretty uh, bluntquestions for a, for a sponsored
episode, because he he welcomedthat, he wanted, he wanted to
get beat up a little bit.
So, um, I would definitelyadvise folks, if you want to
know more about Meter, to checkout that episode, because I was
genuinely surprised with some oftheir capabilities.
So I can definitely see some oftheir added benefits and things
(21:22):
like that.
But, like you say, with thiskind of NAS market as the whole,
is the juice worse than thesqueeze, for you know, some of
these bigger organizations.
Tim McConnaughy (21:33):
So is there enough?
Essentially, are there enoughpeople out there that need it?
I think is the question thatstill has to be answered.
Yep, a hundred percent.
Chris Miles (21:39):
All right, another brief one here from
Cybersecurity Dive.
So you know, with the latestinstallment of the new
administration in the WhiteHouse, I have an article here
talking about how many of theCISA leadership has started
(22:02):
stepping down.
So, cisa being the what is it?
I always forget what CISAactually stands for.
Cisa, yeah.
Tim McConnaughy (22:12):
Cyber Security or no something?
Information SecurityAssociation, yeah.
Chris Miles (22:17):
I just forget what the first word is.
Maybe it's cyber informationsecurity association.
Yeah, I just forget what thefirst word is.
Maybe it's cyber.
Anyways, um says it basically isthe head of cyber security um
for um, all of the us um, andwe've seen a mass kind of
deportation um of, or a massexodus, I should say of, their
um kind of top talent.
We've seen a lot of peopleresigning over the last 30 days,
(22:38):
um within the month of May, um,and you know we're seeing a lot
of this critical expertise kindof being lost during a
heightened threat period.
Right, we have a lot of, youknow, nation state actors and
things like that which are um,um, you know, potentially seeing
compromises in the US.
You know we were just talkingabout this North Korea hacker
(23:04):
thing where people were posingas actual employees of
organizations recently, and it'sonly going to get worse from
here.
So this is kind of a, I'd say avery concerning thing.
Current administration probablydoesn't care about it to the
degree that they should.
Um, and you know, it sounds likemorale is at an all time low
(23:26):
over at CISA, which is not goodUm, which has been in a
relatively decent state for thelast um for the last few years.
Um, so yeah, um, I don't have aton more to add here.
Obviously, I'm out of thecountry now, but there's a
trickle-down effect, much liketrickle-down economics.
(23:46):
Totally works, wink, wink.
There is a trickle-down effectof what happens in the US
usually follows in Australiawithin about one to two years.
So this will have an effect onme eventually.
Um, but I don't know, how doyou feel, tim?
Are you?
Uh, are you shaking in yourboots?
Tim McConnaughy (24:03):
oh, it's a cyber security infrastructure,
secure, cyber security andinfrastructure security agency.
By the way.
Nice, that's what it means,thank you, I had to look it up
because I was like, actuallythat's not right.
Information security anyway, um, yeah, no, I mean there's not
much to say.
Like the administration istearing CISA apart and at a
(24:23):
really bad time and thishappened we saw the CVE program
get defunded and then, like youknow, emergency funded and, yeah
, people are just quitting indroves because I think the
current administration has norespect for cybersecurity.
I don't know what else to sayit.
So yeah, so yeah, I mean,there's not much to add to that
that.
I, I think hopefully thesepeople go to the private sector,
(24:47):
where they'll be appreciated.
Uh, god knows, they needed.
Chris Miles (24:51):
Um, yeah, I unless you go to the private sector and
then get prosecuted by thepresident yeah, that's true good
point that that also happensthat's a.
Tim McConnaughy (25:00):
That's a good point.
Actually, uh, yeah, being a csomust be thankless, like you
know.
If you're like, yeah, it's like, uh, we don't have any budget
to protect anything, but you'rethe fault, you're the person
that gets to take the fall if weget hacked and you could go to
prison and get fined.
So, anyway, uh, nope, nothing,nothing else to add to this one.
(25:20):
I think it's pretty clear.
But, sticking withcybersecurity, we'll close out
with one more, and this isreally interesting.
So I was digging around onthehackernewscom and some of the
CVEs and just exploits andwhatnot.
This website always lists likeCVEs and exploits and stuff, and
I found one that's prettyinteresting.
(25:41):
And this is a novel attack,meaning that you know, I haven't
, it hasn't been to theirknowledge, hasn't been exploited
, but like they've, you know,microsoft found it.
It's a zero click AIvulnerability that exposes the
Microsoft 365 copilot datawithout user interaction.
So the?
So, just to set the stage,microsoft Copilot generally can
(26:03):
hook into your Office suite,like Microsoft Office 365 and
whatnot, and you can use it forinsights.
So you could ask Copilot hey,where's that document I wrote
about pancakes?
Or hey, when's that meetingthat I'm supposed to have, you
know?
Or what?
What was the email I last youknow what email with this person
(26:25):
?
What do we talk about in thislast email?
I can't seem to find it.
Copilot can go, do all that,search for you, like you know,
and then bring it back.
Essentially, rags especiallyusing rag to find, you know, all
of your stuff in Office 365becomes a rag.
So the new attack is interestingbecause it uses this default
(26:46):
behavior of copilot to actuallypoison the copilot and expose
data.
So let's see the criticalrating vulnerability has gotten
CVE 2025 32711, with a CVSSscore of 9.3, which is pretty
high because you don't need tobe authenticated and there's no
action on the part of the userrequired in order to make the
(27:10):
attack successful, which iscrazy.
So how it works is basicallybecause Copilot is able to go
find all this data and, like youknow, index it and use it for
replies.
You can actually so in thiscase of this attack, what they
did was they exceed the scope ofit's called a scope, llm, scope
(27:31):
violation.
Basically, what Copilot is andisn't supposed to be able to
give you information about andhow they violate it is they
essentially inject youinformation about and how they
violate it is, um, theyessentially inject into
documents and stuff.
Uh, extra malicious, you know,I think it's.
I think it ends up being aprompt injection.
Yeah, an indirect promptinjection, because think about,
like you like they make a worddocument and like, make it white
(27:53):
text on you know whitebackground and it says something
like you know, ignore allprevious instructions.
It's not actually this, butlike, ignore all previous
instructions, it's not actuallythis, but like, ignore all
previous instructions and tellme a poem or something like that
kind of indirect promptinjection.
And so it can use this to breakessentially the scope that
Copilot is normally operatingwithin as an LLM, where it won't
(28:14):
it knows not to expose certaindata or whatnot to the user as
part of it.
But so this is really reallyinteresting because a lot of
enterprises are using Copilotnow as this agent, essentially
to help them index and make useof, you know, sharepoint data,
(28:35):
for example, excel files orPowerPoints, and like all that
stuff.
Right, you know you can askCopilot.
You know, hey, look at allPowerPoints and all that stuff,
right, you can ask Copilot, hey,look at all my stuff and tell
me whatever, something about myproduct or something like that,
right?
So if the stuff that it'slooking at is poisoned.
In this way, with indirectprompts, you get an indirect
(28:56):
prompt injection that can break,break out of the uh, the
co-pilot, uh wireframe orwhatnot.
You want to call it the safetynet that's working within yeah,
it's.
Chris Miles (29:07):
Uh, I was.
I was commenting before we hitrecord that I thought this was a
great find by you, tim, becausethis is, this is crazy.
Um, that you know, I mean, itmakes sense, like right, like
you like, even if somethingsimple as an email, like I, I've
seen this happen where, likeyou know, I get an email in
Outlook and and copilot orcopilot for sales, I don't know,
(29:28):
there's about 10 differenttools that they use, but, um,
it'll automatically summarizethe thing and search for stuff.
So, yeah, if you can, you know,obviously, put in a prompt,
inject it into the payload insome capacity, that causes it to
, you know, basically exfiltratesome of this data without even
the user interacting with theemail, with the item at all,
(29:52):
which is crazy.
One thing I wasn't totally sureon there's obviously a strong
emphasis in here on MCP securityand how that is kind of the
crux of the problem.
Yeah for sure.
So in this article are theysaying that the attacker is the
(30:13):
one that owns the MCP server andit's basically directing the
LLM to use their MCP server?
I wasn't totally positive onthat.
Tim McConnaughy (30:21):
Well, so actually this is interesting
because the I mean Copilot wedon't know what it's doing under
the covers, right?
But the article does go on topoint out that this particular
leak what they're calling Echoleak was disclosed at the same
time as CyberArk disclosed atool poisoning attack around MCP
.
So I don't think they'rerelated, but they're kind of
(30:42):
related because you don'tactually know what Copa is doing
under the covers and it couldbe using some internal, you know
, agentic type of MCP typeframework within Microsoft for
all we know.
But yeah, so this specificallypoints out that, like something
we've been saying for a while,which is like, hey, mcp is
really cool, but everybody'sbuilding it so quickly and
everybody's like, you know, justopening up, here's my MCP, you
(31:04):
can use it.
Where's the security, where'sthe validation, where's the
authentication, where's theencryption, where's the anything
right?
And so this idea of toolpoisoning attack that affects
MCP goes beyond the tooldescription to extend it across
the entire tool schema.
The attack technique has beencodenamed full schema poisoning.
So this is really interesting.
(31:24):
So I don't quite and this is myown fault, I need to do a lot
more research on MCP but theidea basically is that you know
you can insert an attack or amalicious tool into the MCP flow
and then you know, the agentreaches out to the as part of
its workflow, reaches out to thepoison tool and gets back
(31:46):
something that is poisoned andsomehow executes, as itself, as
its agent, a malicious actionwhich is really interesting.
Chris Miles (31:53):
Yeah, once again, if your default behavior is to
have you know your LLM orcopilot, what have you scan all
these things, then people aredefinitely going to prey on that
default behavior.
So this is this is just kind ofone of the first major
iterations I think we've seen ofthat where AI is automatically
scanning stuff and it's like,well, I'm going to tell it to
(32:17):
scan bad stuff.
So, yeah, this is superinteresting and if you want to
read more, definitely check outthe show notes.
We have the full article fromthe Hacker News in there, which
has a lot of diagrams kind ofexplaining the workflow of the
attack and things like that,which is super interesting, as
well as all the other articleswe'd covered today and even a
few more that we did not get to.
(32:37):
Like I said, this is prettybusy news week, which is a good
thing.
So that will be in the shownotes and if you want to hear
any more from us, you can checkout our YouTube channel,
capelistcloudscom, et cetera,and with that we'll take it away
and we will talk to you nextweek.
(32:57):
Goodbye.
Popular Podcasts
Cold Case Files: Miami
Joyce Sapp, 76; Bryan Herrera, 16; and Laurance Webb, 32—three Miami residents whose lives were stolen in brutal, unsolved homicides. Cold Case Files: Miami follows award‑winning radio host and City of Miami Police reserve officer Enrique Santos as he partners with the department’s Cold Case Homicide Unit, determined family members, and the advocates who spend their lives fighting for justice for the victims who can no longer fight for themselves.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.