- Legal Futures - https://www.legalfutures.co.uk -

Lawtech startup unmasks global internet hackers

Brito: investing in people and infrastructure a challenge

Brito: investing in people and infrastructure a challenge

In the second of a series of features profiling lawtech start-ups, Dan Bindman investigates TripleCheck, a business which scans a company’s computers to check compliance with software licences.

The London and Frankfurt-based IP compliance technology start-up has helped the UK government with identifying malicious internet hackers, because a by-product of its software is that it can detect the source of attacks on global infrastructure through their ‘digital fingerprints’ embedded  in computer code.

A key way the TripleCheck due diligence and plagiarism detection platform tells companies they are unwittingly using software in breach of licence agreements is by comparing their systems with what is available on the internet.

For comparison purposes, the business downloads vast amounts of data – an estimated 95% of software on the internet – once a year. Its current archive is about 2.5 petabytes of data in five trillion computer files; as an illustration, one petabyte is equivalent to about 20m four-drawer filing cabinets filled with text.

TripleCheck’s founder, Nuno Brito, who was head of the Portuguese army’s IT department for nine years before spending almost three years as a software expert at the European Space Agency, told Legal Futures that it had taken three years of work to produce the company’s current offering.

“We didn’t have a big investment to build us an infrastructure. So we had to discover a new way of downloading so much data and how to store it without much money… We managed to become very efficient in storing it.”

He said that it took around 30 days for the algorithms TripleCheck then used to give his first customer a report on their compliance, due to the huge comparison task. “As you can imagine, customers are not that patient about results.

“To speed it up we had to optimise the search, to know exactly where we want to look, to create algorithms from scratch… We finally managed to break it down to half an hour in most cases.”

Major clients already piloting TripleCheck include Deutsche Telekom. Mr Brito said he worked closely with his clients’ legal teams. A key part of his role was to educate lawyers that open source software licensing was such a huge task that automation was essential, he said. “This is a bit of a new world for some lawyers… there has been a lot of change in this sector.”

He denied that a business could have too much information about the make-up of its software, potentially leading to “analysis paralysis”. Often a business thought it had purchased software from a third party that did not itself own the original, meaning that “you are using someone else’s work without permission”.

However, he said he did teach customers about how to deal with different situations as part of the product training. For example, if the code discovered belonged to Oracle, “it’s a very big company and the moment they know you have something that belongs them you are in trouble”.

But if, for example, the code came from a university, a direct contact could result in that institution re-licensing it or charging a small fee.

Mr Brito, who has a master’s degree in software engineering from Carnegie Mellon University in the US, described the problem of constantly needing to re-invest his company’s profits in data storage and processing power infrastructure as a “big challenge”. This meant that his team became “overworked” because resources were channelled into upgrading hardware.

He said that a feature of TripleCheck’s software that had emerged was the capacity to uncover the authors of software that was written anonymously by people who did not want to be identified.

For instance, it had been able to pinpoint the author of the notorious Mirai ‘botnet’ global cyberattack using networked ‘internet of things’ devices – from security cameras to digital video recorders – after he released his source code to encourage other hackers to join the attack.

Since then Mr Brito has been working with UK cyber defence experts. He recently gave a talk on ‘deep-inspection software’ in Farnborough, explaining how his software could detect the ‘digital fingerprints’ left in code by cybercriminals. “We are hoping to provide this technology to UK law enforcement,” he said.

Part of the reason for TripleCheck’s presence in London was due to the support and backing provided this year by CyLon, a cyber security accelerator based in the capital, he said.

If as a company you audited copyright compliance using TripleCheck, you would load the software onto your systems. It would then present an analysis, in the words of the company’s website, outlining “which code is original or from a third-party developer and find alternatives to components with incompatible license terms”.