Adriatik's Blog

𝗬𝗼𝘂𝗿 𝘁𝗲𝗮𝗺 𝗶𝘀 𝘀𝗵𝗮𝗿𝗶𝗻𝗴 𝘀𝗲𝗰𝗿𝗲𝘁 𝗱𝗮𝘁𝗮 𝘄𝗶𝘁𝗵 𝗖𝗵𝗮𝘁𝗚𝗣𝗧.

They aren’t doing it on purpose. But they are doing it daily.

It cost Samsung their source code(see link below). And I 𝗴𝘂𝗮𝗿𝗮𝗻𝘁𝗲𝗲 𝗶𝘁 𝗶𝘀 𝗵𝗮𝗽𝗽𝗲𝗻𝗶𝗻𝗴 𝗶𝗻 𝘆𝗼𝘂𝗿 𝗶𝗻𝘁𝗲𝗿𝗻𝗮𝗹 𝗰𝗵𝗮𝗻𝗻𝗲𝗹𝘀 𝗿𝗶𝗴𝗵𝘁 𝗻𝗼𝘄. One copy-paste at a time.

The mechanism is 𝗺𝘂𝘀𝗰𝗹𝗲 𝗺𝗲𝗺𝗼𝗿𝘆: Cmd+C (Proprietary Code) → Cmd+V (ChatGPT) → “𝗢𝗽𝘁𝗶𝗺𝗶𝘇𝗲 𝘁𝗵𝗶𝘀.”

It takes 0.5 seconds to 𝗯𝘆𝗽𝗮𝘀𝘀 𝘆𝗼𝘂𝗿 𝗲𝗻𝘁𝗶𝗿𝗲 𝗰𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 𝘀𝘁𝗿𝗮𝘁𝗲𝗴𝘆.

I realized that “asking developers to be careful” is not a security policy so I engineered a “𝗖𝗹𝗶𝗽𝗯𝗼𝗮𝗿𝗱 𝗙𝗶𝗿𝗲𝘄𝗮𝗹𝗹” for macOS. 𝗜 𝗰𝗮𝗹𝗹 𝗶𝘁 𝗥𝗲𝗱𝗮𝗰𝘁.

It is a native app that runs a 𝗟𝗼𝗰𝗮𝗹 𝗔𝗜 𝗠𝗼𝗱𝗲𝗹 (𝗟𝗹𝗮𝗺𝗮 𝟯.𝟮) in the background. It acts as an air-gap between your developers’ clipboards and the cloud.

How it works:

𝗜𝗻𝘁𝗲𝗿𝗰𝗲𝗽𝘁: 𝗜𝘁 𝘄𝗮𝘁𝗰𝗵𝗲𝘀 𝘁𝗵𝗲 𝘀𝘆𝘀𝘁𝗲𝗺 𝗰𝗹𝗶𝗽𝗯𝗼𝗮𝗿𝗱 𝗶𝗻 𝗿𝗲𝗮𝗹-𝘁𝗶𝗺𝗲.

𝗔𝗻𝗮𝗹𝘆𝘇𝗲 (𝗟𝗼𝗰𝗮𝗹𝗹𝘆): A tiny On-Device LLM scans for PII, API Keys, or sensitive IP. (Latency: < 100ms).

𝗕𝗹𝗼𝗰𝗸: If a developer tries to 𝗽𝗮𝘀𝘁𝗲 𝘀𝗲𝗰𝗿𝗲𝘁𝘀, it blocks the action and warns 𝘁𝗵𝗲𝗺 𝗶𝗺𝗺𝗲𝗱𝗶𝗮𝘁𝗲𝗹𝘆.

This is 𝗻𝗼𝘁 𝗼𝗽𝘁𝗶𝗼𝗻𝗮𝗹 𝗮𝗻𝘆𝗺𝗼𝗿𝗲. 𝗜𝘁’𝘀 𝗮 𝗻𝗲𝗰𝗲𝘀𝘀𝗶𝘁𝘆.

I’m documenting the entire build here. Up next: The Swift + MLX architecture that powers this protection with 0ms latency.

𝗛𝗶𝘁 𝗳𝗼𝗹𝗹𝗼𝘄 𝘁𝗼 𝘀𝗲𝗲 𝗵𝗼𝘄 𝗶𝘁 𝘄𝗼𝗿𝗸𝘀.

Samsung leak to ChatGPT:
https://lnkd.in/d7ssPRwi

Watch Demo Video here: https://youtu.be/vKVztHT-GuE