Podcasts by Root Causes: A PKI and Security Podcast
Digital certificate industry veterans Tim Callan and Jason Soroko explore the issues surrounding digital identity, PKI, and cryptographic connections in today's dynamic and evolving computing world. Best practices in digital certificates are continually under pressure from technology trends, new laws and regulations, cryptographic advances, and the evolution of our computing architectures to be more virtual, agile, ubiquitous, and cloud-based. Jason and Tim (and the occasional guest subject matter expert) will help you stay current on developments in this essential technology platform and to understand the whys and wherefores of popular Public Key Infrastructures.
Further podcasts by Tim Callan and Jason Soroko
Podcast on the topic Technologie
All episodes
Root Causes 207: Former Gartner Analyst David Mahdi Jumps on the Playing Field from 2022-02-21T00:00
Gartner analyst David Mahdi recently left the analyst space for Sectigo. In this episode he joins our hosts to explain the reasons for his optimism about digital trust, including NFTs, Web3, blockc...
Listen
Root Causes 206: What Is Web3? from 2022-02-13T00:00
Web3 refers to the concept that online content can be attributed to specific known publishers, regardless of web site or online channel. In this episode we discuss the fundamentals of Web3, includi...
Listen
Root Causes 205: Anatomy of an Encrypted Peer-to-Peer Mesh Network from 2022-02-09T00:00
Secure online collaboration poses logistical and technical challenges under the best of circumstances. Now imagine you have no designated IT staff, no designated hardware, a small budget, and remo...
Listen
Root Causes 204: PKI's Role in Passwordless from 2022-02-02T00:00
In previous episodes we have defined passwordless identity authentication. In this episode our hosts explain PKI's specific role in passwordless authentication, along the way clarifying the differe...
Listen
Root Causes 203: What Is a Credential Vault? from 2022-01-31T00:00
Credential vaults are necessary for secure and functional secrets management for automated systems like DevOps or Robotic Process Automation (RPA). This episode explains how credential vaults work ...
Listen
Root Causes 202 : What Is Certificate Transparency? from 2022-01-27T00:00
Certificate Transparency (CT) is essential to monitoring the public SSL certificates that are issued. In this episode we explain what CT logs are, how they work, and the uses we can put them to.
Listen
Root Causes 201: What Are the Baseline Requirements? from 2022-01-24T00:00
The CA/Browser Forum Baseline Requirements (BR) are hugely influential in the world of public-trust certificates. In this episode we explain what the Baseline Requirements are, how they are created...
Listen
Root Causes 200: Why Not to Copy and Paste Commands from Web Pages from 2022-01-19T00:00
This episode describes newly revealed vulnerabilities where copying and pasting text from a web page can open the site visitor up to attack. Our hosts explain how this attack can occur and its pote...
Listen
Root Causes 199: What Is Privileged Access Management? from 2022-01-13T00:00
In this episode we explain Privileged Access Management (PAM). We go on to explain some of the ways that networks using these techniques are still vulnerable to attack and what to do about it.
Listen
Root Causes 198: Deep Voice Fakes from 2022-01-11T00:00
We are all familiar with phishing in its various forms. Many people feel that they can protect themselves from fraud by verbally confirming apparent commands from senior executes. In this episode o...
Listen
Root Causes 197: Tim's Digital Haircut from 2022-01-07T00:00
In this episode our hosts describe the extreme degree to which all business has become digital business, even the most offline businesses you can think of, including food delivery, in-restaurant di...
Listen
Root Causes 196: What Is Certificate Agnostic? from 2022-01-03T00:00
In 2021 the certificate industry saw the emergency of the concept of "CA agnostic." However, that is only part of the story.
In this episode our hosts build on this concept to define the ...
Root Causes 195: iOS App Privacy Audits from 2021-12-27T00:00
The latest update of iOS includes new capabilities for app privacy auditing and permissions. Our hosts explain the controls available on iOS and Android and how a mobile device privacy audit can be...
Listen
Root Causes 194: Crypto Versus Cryptocurrency from 2021-12-20T00:00
Exploding interest in cryptocurrency has caused the word crypto to take on new meanings that were not part of the public dialog even a few years ago. In this episode our hosts explore both the over...
Listen
Root Causes 193: 4 Positive Security Trends for 2022 from 2021-12-16T00:00
Our hosts look back at four positive security trends in 2021 that industry should continue in 2022.
Listen
Root Causes 192: 14 Security Fallacies We Still Have in 2021 from 2021-12-13T00:00
In this year-end lookback episode, our hosts describe 14 common fallacies that still haunt IT professionals in 2021 - and the negative effects those fallacies bring.
Listen
Root Causes 191: What Is Robotic Process Automation (RPA)? from 2021-12-08T00:00
An important trend sweeping enterprise IT is Robotic Process Automation. Our hosts define RPA and explain the importance of cryptographically secured digital identity in safely implementing RPA.
Listen
Root Causes 190: Phishing Coinbase from 2021-11-29T00:00
In continuation of our ongoing exploration of blockchain and cryptocurrency, our hosts describe a recently discovered exploit where attackers use weaknesses in one-time-password-based MFA to steal ...
Listen
Root Causes 189: What Is CA Agnostic? from 2021-11-17T00:00
Certificate Lifecycle Management (CLM) platforms can deal with certificates from a number of sources. A CLM that can provision certificates of all types from all CAs, private and public, would be d...
Listen
Root Causes 188: Introduction to Web Security from 2021-11-11T00:00
Malware and other web site attacks are a frequent problem for small businesses and can result in reputational damage and site access being blocked or hindered by end user software and services. We ...
Listen
Root Causes 187: Apple Limits Term for SMIME Certificates from 2021-11-08T00:00
Apple recently announced that it would be limiting the allowable term for public S/MIME certificates to 825 days. Our hosts explain the implications of this declaration.
Listen
Root Causes 186: Digital Signature SNAFU Costs Swiss Company 3 Billion Euro Contract from 2021-11-04T00:00
In this episode our hosts explain how an esoteric digital signature error rendered a 3 billion Euro manufacturing contract with the Austrian government invalid.
Listen
Root Causes 185: EU Covid Passport Root Key Stolen from 2021-11-01T00:00
The root certificates of the EU's Covid Passport program have suffered a private key compromise and counterfeit passports are now for sale on the black market. We explain the implications of this s...
Listen
Root Causes 184: Popular College WiFi Vulnerability Revealed from 2021-10-26T00:00
Recent research reveals that certificate misconfiguration in a commonly used college WiFi platform that can lead to exposure and theft of users' login credentials. Our hosts discuss WiFi authentica...
Listen
Root Causes 183: New MSCA Attack Toolkits from 2021-10-21T00:00
At this year's BlackHat, a talk and white paper detailed the threat of MSCA root key attacks, which can be used to create unauthorized certificates. This release includes a pair of offensive toolk...
Listen
Root Causes 182: Let's Encrypt Root Expiration from 2021-10-18T00:00
Let's Encrypt's recent root expiration caused widespread service outages and other hassles for online services and sites. Our hosts discuss this expiration, why so many problems resulted, and the r...
Listen
Root Causes 181: Limitation of DCV Through Web Site Changes from 2021-08-29T00:00
This December will see a meaningful change in how CAs are allowed to conduct Domain Control Validation (DCV) using the method known as https token or file authentication or agreed up on change to w...
Listen
Root Causes 180: PetitPotam MSCA Attack from 2021-08-26T00:00
The PetitPotam attack against Microsoft CA has garnered a lot of attention. Our hosts describe this attack and define related terms like Mimikatz, pass-the-hash, and NTLM Relay. The episode goes on...
Listen
Root Causes 179: Standards for Certificates Apart from SSL from 2021-08-23T00:00
Regular followers of this podcast hear a great deal about SSL, the CA/Browser Forum, and the standards governing public SSL. But SSL is not the only regulated type of public digital certificate. Th...
Listen
Root Causes 178: Stealing Cryptocurrency from 2021-08-20T00:00
In this episode our hosts go through the various ways in which cryptocurrency can be stolen or lost, including private key compromise, security failures at cryptocurrency brokers, and theft of logi...
Listen
Root Causes 177: What Is Passwordless? from 2021-08-09T00:00
A hot, new topic in the identity space is passwordless. Join our hosts as they explain credential form factors and offer a specific definition of passwordless, including the difference between PINs...
Listen
Root Causes 176: Introducing State-Locality Exclusivity from 2021-08-05T00:00
Sectigo is implementing an important change to its public-facing SSL certificate business, which we call State-Locality Exclusivity. This change removes a the localityName field, a very common fiel...
Listen
Root Causes 175: What Is a Linter? from 2021-08-02T00:00
Linters have been a standard programming tool for more than four decades. This venerable coding tool has recently taken on new significant in the world of public certificates. In this episode our h...
Listen
Root Causes 174: Windows 11 and TPMs from 2021-07-27T00:00
Microsoft has announced that its upcoming Windows 11 release will require TPM 2.0 support at a minimum. TPM 2.0 enables more modern hashing and encryption algorithms than previous versions. Our hos...
Listen
Root Causes 173: Whitelisting and Blocklisting from 2021-07-22T00:00
Whitelisting and blocklisting are tried and true elements of the computer industry. In this episode our hosts define whitelisting and blocklisting and the pros and cons of either, with lots of exa...
Listen
Root Causes 172: What Is an NFT? from 2021-07-13T00:00
If you have paid any attention at all to popular media in the past few months, you will have heard about non-fungible tokens, or NFTs. NFTs are a method of uniquely identifying a digital asset usin...
Listen
Root Causes 171: The Off-by-One-Second Problem from 2021-07-08T00:00
Today our hosts explore an esoteric but important error in public certificates that we call the off-by-one-second problem. We explain this problem, how it occurs, and its broader implications.
Listen
Root Causes 170: Why Is Canada So Good at Cryptography? from 2021-07-01T00:00
In celebration of Canada Day, our hosts discuss why Canada in particular offers a disproportionately large contribution to cryptography. We examine historic reasons and the real-world consequences ...
Listen
Root Causes 169: Bitcoin and the Anonymity Fallacy from 2021-06-25T00:00
In the developing story of the Colonial pipeline ransomware attack, the FBI recently recovered the ransom money, which had been paid in Bitcoin. In this episode we talk about how this recovery migh...
Listen
Root Causes 168: The Difference Between e-Signing and Digital Signing from 2021-06-21T00:00
In our technology discussions we frequently run into confusion about the relationship between electronic document signing and digital document signing. Despite the similarity in names, they are ent...
Listen
Root Causes 167: Colonial Pipeline Ransomware Attack from 2021-06-15T00:00
The recent ransomware attack against the Colonial pipeline has captured the news cycles in recent weeks. In this first episode of two our hosts begin to unpack what it known about this attack and h...
Listen
Root Causes 166: The Trouble with OU Fields from 2021-06-07T00:00
Of all aspects of public SSL certificates, few are as controversial as the OU field. Standing for Organizational Unit, this field is beloved by a few enterprises and hated by security watchers. It'...
Listen
Root Causes 165: Blockchain - Proof of Work Versus Proof of Stake from 2021-06-02T00:00
In our ongoing examination of blockchain, we define proof of work and proof of stake as consensus algorithms for updating the public ledger. We explain their differences and get into the problems w...
Listen
Root Causes 164: Examining MFA Through out-of-Band Phone Calling from 2021-05-20T00:00
In our ongoing series of episodes on MFA, we explore the plusses and minuses of out-of-band phone calling. Our hosts explain how this form of MFA works, what attacks it defends against successfully...
Listen
Root Causes 163: What Puts the I in PKI? from 2021-05-12T00:00
PKI stands for Public Key Infrastructure. In this episode we focus on the word infrastructure. Our hosts discuss the key qualities of credential form factors, how they are separate and distinct fro...
Listen
Root Causes 162: What Is Sideloading? from 2021-04-21T00:00
In a recent interview Tim Cook took a strong stance against application sideloading as a danger to mobile devices. In this episode we explain sideloading, its potential dangers, and the underlying ...
Listen
Root Causes 161: Consensus Algorithms and the Byzantine Generals Problem from 2021-04-15T00:00
If you pay attention to blockchain and crypto currency, you are sure to hear the phrase consensus algorithm. This concept is fundamental to distributed trust systems like blockchain. In this episo...
Listen
Root Causes 160: Purpose-built Quantum Computers for Breaking RSA from 2021-04-08T00:00
A new academic paper has described how a purpose-built quantum computer could break RSA encryption in fewer qbits than commonly are thought necessary possible. In this episode our hosts summarize t...
Listen
Root Causes 159: Encrypted Communication Provider Indicted for Drug Trafficking and Money Laundering from 2021-03-31T00:00
The CEO of Sky Global, a provider of encrypted data devices and services, has been indicted on RICO charges related to drug trafficking and money laundering. Our hosts discuss this highly unusual d...
Listen
Root Causes 158 - Exchange Server Vulnerabilities from 2021-03-24T01:00
The ongoing Microsoft Exchange vulnerability is huge news in the IT world. In this episode our hosts discuss the reasons why on-premises services might present greater risk than providing the same ...
Listen
Root Causes 157: New Revocation Research from 2021-03-19T00:00
A recently published study of public revocation information takes a numerical approach to revocation behavior from CAs. Our hosts give their first take on this paper and the idea of "revocation tra...
Listen
Root Causes 156: Kazakhstan Root Attack Revisited from 2021-03-16T00:00
In the summer of 2019 the Kazakh government attempted to force its citizens to trust its private root, enabling MITM attacks for a variety of potentially nefarious purposes. A recent research paper...
Listen
Root Causes 155: What’s Good for Subscribers Is Good for Relying Parties from 2021-03-11T00:00
In this episode we explore the relationship between Relying Parties (aka users of online services) and Certificate Subscribers (aka providers of these services). We discuss the common attitude that...
Listen
Root Causes 154: Did Claus Peter Schnorr Just Break RSA? from 2021-03-08T00:00
A recently published paper by a reputable German mathematician and cryptographer has garnered widespread attention for its claim to have destroyed the RSA algorithm. However, many people are skepti...
Listen
Root Causes 153: Too Many Roots from 2021-03-05T00:00
Trust models in multi-vendor environments can be particularly tricky.
We are joined once again by Tom Tansy, Chairman of the SunSpec Alliance for a deep dive in the challenges and best practi...
Root Causes 152: Digital Certificates and the SunSpec Alliance from 2021-03-02T00:00
The SunSpec Alliance is an important source of standards for clean energy infrastructure including solar and electric vehicles. To protect our electrical infrastructure and ensure proper functionin...
Listen
Root Causes 151: What Is Rustls? from 2021-02-22T00:00
Rustls is an important emerging alternative to OpenSSL. In this episode we discuss the Rust programming language and the implications of the fact that is was designed with security in mind from the...
Listen
Root Causes 150: This Podcast Is Not About Alan Turing from 2021-02-14T00:00
Recent news of the discovery of abandoned Enigma machines on the ocean floor inspires our hosts to discuss history's most famous code system, how it was broken, and how that relates to cryptography...
Listen
Root Causes 149: Municipal Water Poisoning Through Cyber Attack from 2021-02-11T00:00
In past episodes we have discussed the possibility of cyber attack against civil infrastructure like utilities. That possibility recently became real with the attempted poisoning of a Florida city'...
Listen
Root Causes 148: Can Australia Force Sites to Pay for Linking to Content? from 2021-02-08T00:00
A proposed law in Australia would require sites linking to news articles to pay for the right to link to these articles. While this law appears to be aimed at Google and Facebook, it has implicatio...
Listen
Root Causes 147: Google Titan Secure Key Attack from 2021-02-05T00:00
Recent research reveals a possible attack that would allow the cloning of the Google Titan secure key. Join our hosts and guest Alan Grau as they describe this attack and its implications for Titan...
Listen
Root Causes 146 : Congolese ccTLD Takeover from 2021-02-01T00:00
A white hat researcher recently took over .cd, the Democratic Republic of the Congo's ccTLD. The implications of taking over a top-level TLD are of course staggering. Join our hosts as we describe ...
Listen
Root Causes 145: Google Chrome to Distrust CA Camerfirma from 2021-01-28T00:00
A few days ago Google announced that Chrome will distrust Spanish public CA Camerfirma in its upcoming build 90. Our hosts go over the history of browsers distrusting public CAs and explain the rea...
Listen
Root Causes 144: Whatever Happened to the Green Address Bar? from 2021-01-25T00:00
For more than a decade browsers displayed the "green address bar" on sites that had undergone the high authentication required for EV SSL certificates. But in recent years the identity information ...
Listen
Root Causes 143: The Four Pillars of Certificate Automation from 2021-01-21T00:00
In this episode our hosts explain the Four Pillars of Certificate Automation: deploy, discover, revoke/replace, and renew. They detail what these pillars entail and why they're important. They also...
Listen
Root Causes 142: Removing Street Address and Postal Code from Public Certificates from 2021-01-18T00:00
On March 1 Sectigo will remove street address and postal/zip code information from its public certificates of all types. Our hosts explain the reasons for and advantages of this upcoming change, al...
Listen
Root Causes 141: The Case for Shorter Certificate Lifespans from 2021-01-11T00:00
Recent years have seen multiple reductions in the maximum term for public SSL certificates. Our hosts are joined by guest Nick France to discuss the benefits of shorter certificate lifespans for bo...
Listen
Root Causes 140: SSL Attacks Using BGP (Border Gateway Protocol) from 2021-01-06T00:00
BGP, or Border Gateway Protocol, controls traffic routing on the internet. Real and theoretical attacks over the years have been revealed against BGP with varying levels of success, including recen...
Listen
Root Causes 139: Exposed Private Keys in CSR Submissions from 2021-01-03T00:00
Public CAs recently have discovered a repeated error whereby certificate subscribers accidentally include the private key along with CSR submissions. Our hosts break down this phenomenon and its im...
Listen
Root Causes 138: IoT Cybersecurity Improvement Act of 2020 from 2020-12-27T00:00
A new US law called the IoT Cybersecurity Improvement Act of 2020 creates security requirements for IoT devices sold into the US government. Join us as we explain these new requirements and why thi...
Listen
Root Causes 137: SolarWinds Supply Chain Attack and Digital Identity from 2020-12-21T00:00
The SolarWinds Orion supply chain attack is making headlines throughout the tech press. This sophisticated attack includes some unusual manipulations of digital identity and certificates. In this e...
Listen
Root Causes 136: 2020 Lookback - Quantum Safe Certificates from 2020-12-17T00:00
In the third of our year-end lookback episodes, we discuss 2020's progress in the quest for quantum-safe encryption. This includes narrowing the NIST candidate list down to fifteen algorithms, the ...
Listen
Root Causes 135: The Heartbleed Vulnerability from 2020-12-14T00:00
In April 2014 a software vulnerability called Heartbleed was discovered in OpenSSL. Heartbleed made it possible for attackers to send commands to web servers and steal their private keys. Certifica...
Listen
Root Causes 134: 2020 Lookback - SASE and Zero Trust Architecture from 2020-12-09T00:00
2020 was a big year for SASE (Secure Access Service Edge). Our hosts define SASE, ZTNA (Zero Trust Network Architecture), and SDP (Software Defined Perimeter). Our hosts discuss how these technolo...
Listen
Root Causes 133: 2020 Lookback - COVID-19 from 2020-12-07T00:00
In 2020 the COVID-19 pandemic changed the way we work. IT departments had to gear up for near-ubiquitous work-from-home (WFH) requirements while maintaining productivity and security. Our hosts tal...
Listen
Root Causes 132: Examining MFA Through Soft Tokens from 2020-12-04T00:00
In our ongoing examination of MFA, our hosts examine authentication through soft-token OTP (one-time passcode). They go over the potential benefits and pitfalls of soft tokens, and compare them to ...
Listen
Root Causes 131: Apple OCSP Slowdown Explained from 2020-11-29T00:00
The recent release of Apple's Big Sur OS appears to have driven a temporary slowdown in the company's OCSP responders, affecting code updates across all Apple operating systems. Guest Nick France ...
Listen
Root Causes 130: How to Get Rid of Password Breaches from 2020-11-24T00:00
Massive password breeches have been so repeatedly prevalent for so many years that as an industry and a society we've just started to accept them as a fact of life. In this episode we discuss the w...
Listen
Root Causes 129: Examining MFA Through Hard Tokens from 2020-11-19T00:00
Hard tokens are one of the oldest multi-factor authentication (MFA) form factors there is, and still in use today. In the latest in our series of explorations of MFA strategies, we examine the stre...
Listen
Root Causes 128: What Is Total Certificate Agility? from 2020-11-12T00:00
First we had crypto agility, which is how we ensure our cryptography stays current with the needs of security. Expanding on this concept, industry leaders are now looking at certificate agility, wh...
Listen
Root Causes 127: What Does a Chief Compliance Officer at a Public CA Do? from 2020-11-05T00:00
Our co-host Tim Callan has changed his title to Chief Compliance Officer. Join him and co-host Jason Soroko as they discuss what compliance means at a public Certificate Authority (CA) like Sectigo...
Listen
Root Causes 126: IoT Ransomware from 2020-10-28T00:00
New research shows how ransomware attacks could be launched against IoT devices. Our hosts are joined by Alan Grau to understand these attacks and what can be done to defend against them, including...
Listen
Root Causes 125: Digital Identity Versus IAM from 2020-10-08T00:00
Digital certificates and PKI provide digital identity and access. Identity and Access Management (IAM) is a huge technology category featuring major players like Okta, DUO, and Ping Identity. And ...
Listen
Root Causes 124: Biometric MFA from 2020-10-05T00:00
As part of our ongoing series on the pros and cons of various forms of multi-factor authentication (MFA) in this episode we explore biometrics. Our hosts discuss their strengths and weaknesses and ...
Listen
Root Causes 123: Asymmetric Versus Symmetric Encryption from 2020-10-01T00:00
One of the cornerstones of the success of PKI and digital certificates is their dependence on an asymmetric encryption model. In this episode our hosts explain the difference between asymmetric and...
Listen
Root Causes 122: Passwordless Authentication for Apple OS from 2020-09-28T00:00
Our hosts are joined by Joel Rennich of Jamf to talk about passwordless authentication and access for various Apple platforms. Joel explains the variety of user experiences that can qualify as pass...
Listen
Root Causes 121 : What Is a Hardware Security Module? from 2020-09-21T00:00
A Hardware Security Module, or HSM, is a piece of hardware that securely stores secret material such as cryptographic keys. Join our hosts as they explain terms like HSM, Trusted Platform Module (T...
Listen
Root Causes 120: PKI and SASE from 2020-09-18T00:00
SASE (Secure Access Service Edge) is a new term to describe the complexity of authenticating access across today's diverse and heterogeneous computing environments. Join our hosts as they discuss t...
Listen
Root Causes 119: What Is Crypto Agility? from 2020-09-14T00:00
Security industry insiders sometimes use the phrase "crypto agility." In this episode our hosts define crypto agility - or cryptographic agility. They explain why crypto agility is more important t...
Listen
Root Causes 118: Quantum Apocalypse - What Is a Hybrid Certificate? from 2020-09-07T00:00
As part of its quantum safe initiative, Sectigo is now offering its Quantum Safe Kit, which enables the creation of hybrid TLS certificates. In this episode our hosts are joined by guest Alan Grau...
Listen
Root Causes 117: Why Default Deny Matters to the CA/Browser Forum from 2020-09-04T00:00
This year the CA/Browser Forum has put considerable discussion into the concept of "default deny." It's a philosophy for how to interpret potential ambiguities in existing guidelines for public cer...
Listen
Root Causes 116: Ripple20 Exposes TCP/IP Vulnerabilities for IoT from 2020-08-30T00:00
Ripple20 is a recently announced set of documented vulnerabilities in the early Treck TCP/IP stack, a popular choice for early IoT devices. Our hosts are joined by guest Alan Grau, who explains the...
Listen
Root Causes 115: Signed HTTP Exchange (SXG) Certificates from 2020-08-27T00:00
Accelerated Mobile Pages, or AMP, is a Google standard for packaging web content for consistent and usable display on mobile devices. SXG certificates enable the display of the original publisher's...
Listen
Root Causes 114: Is Quantum Computing a Threat to SHA-2? from 2020-08-21T00:00
Quantum computers' threat to standardized encryption algorithms RSA and ECC has been much discussed. But what about our hashing algorithms? Do quantum computers pose a similar threat to SHA-2? Join...
Listen
Root Causes 113: What Is Certificate Pinning? from 2020-08-18T00:00
Certificate pinning is the practice of coding software to demand the presence of a specific certificate brand or root in order to function correctly. Though once considered a legitimate security op...
Listen
Root Causes 112: Introducing Sectigo Quantum Labs from 2020-08-13T00:00
For more than a year Sectigo has been providing the market with information to understand what we all must do to change our cryptography to prepare for quantum computers. Now Sectigo has announced ...
Listen
Root Causes 111: Secure Data Interconnects from 2020-08-10T00:00
Distributed data centers are extremely common in today's computing environments. Unencrypted replication of data across these centers leaves data open to theft. Nonetheless, existing systems and so...
Listen
Root Causes 110: Single-domain, Multi-domain, and Wildcard SSL Certificates from 2020-08-06T00:00
When you obtain an SSL certificate, you can choose between single-domain, multi-domain, and wildcard certificates. Join our hosts as they explain the different domain spaces available with TLS cert...
Listen
Root Causes 109: Examining MFA Through Phone-based SMS from 2020-07-29T00:00
SMS-based one time password (OTP) is a very commonly used form of multi-factor authentication (MFA). That's because it's fast and inexpensive to roll out to users. Unfortunately it is deeply vulner...
Listen
Root Causes 108: Why Do Certificates Expire? from 2020-07-24T00:00
Root expirations occasionally make headlines by breaking systems, but it's a fact that certificates are expiring every day, each a potential outage waiting to happen. So why do certificates expire ...
Listen
Root Causes 107: IoT Security Baseline Requirements from ETSI from 2020-07-20T00:00
ETSI has published its new Baseline Requirements for consumer IoT device security, which includes a number of provisions directly related to encryption, strong identity, and device software integri...
Listen
Root Causes 106: Massive Intermediate Certificate Distrust Is on the Way from 2020-07-14T00:00
A recently identified and widespread configuration error has created a situation where, with the wrong attack on certain public roots, certificates could become essentially unrevokable. As a conse...
Listen
Root Causes 105: TOR, How and Why from 2020-07-08T00:00
Many people know that TOR is a browser used for anonymous online activity, but most of us don't know much more than that. In this episode our hosts explain how the TOR network operates, what its p...
Listen
Root Causes 104: 21 PKI Pitfalls to Avoid from 2020-07-06T00:00
Our hosts often discuss the idea of errors in PKI implementations and the potential negative consequences for organizations. In this episode they categorize twenty-one PKI pitfalls to avoid accord...
Listen
Root Causes 103: Work-from-Home IT Impact Study from 2020-06-29T00:00
The need to suddenly enable nearly 100% of information workers for secure, productive work-from-home was a curve ball for IT departments to deal with around the world. Sectigo recently released the...
Listen
Root Causes 102: Lawful Access to Encrypted Data Act from 2020-06-26T00:00
A newly proposed US Senate bill called the Lawful Access to Encrypted Data Act would require service providers and device manufacturers to provide access to encrypted data based on a valid warrant....
Listen
Root Causes 101: Google RCS Chat with End-to-End Encryption from 2020-06-21T00:00
Google has just announced the coming availability of end-to-end encryption for its chat service. In this episode our hosts describe the spectrum of potential protection within the capabilities we c...
Listen
Root Causes 100: OpenSSH Deprecates SHA-1 from 2020-06-15T00:00
Once widely used, SHA-1 is considered insecure today and has been deprecated from the most common PKI use cases. OpenSSH recently provided a roadmap to its eventual deprecation of SHA-1. Join our h...
Listen
Root Causes 99: AddTrust Root Expiration Explained from 2020-06-12T00:00
The recent expiration of Sectigo's AddTrust legacy root caused some systems to stop working and forced some admins to keep working over the weekend until all was fixed. In this episode we explain r...
Listen
Root Causes 98: DMARC and Verified Mark Certificates for Email from 2020-06-08T00:00
A new kind of identity certificate is coming that will enable businesses to include their logos in official email they send in order to improve customer confidence and protect against phishing. It ...
Listen
Root Causes 97: Firefox to Deprecate Support for FTP from 2020-06-04T00:00
Mozilla has announced its intention to remove support for FTP from the Firefox browser, citing concerns about security and the degree of effort required to keep this functionality current. Join our...
Listen
Root Causes 96: Signal May Leave the USA to Protect Its End-to-End Encryption from 2020-06-01T00:00
Congress's proposed EARN IT act has many industry observers worried about its potential effect on the integrity of encrypted communication. In recent news, secure communication app Signal has float...
Listen
Root Causes 95: Cryptographic Key Vaulting from 2020-05-28T00:00
For PKI to be secure, private keys need to remain private. In this episode we explain "vaulting" for keys or other shared secrets. We touch on the vulnerabilities that secrets vaulting fights again...
Listen
Root Causes 94: Revocation Checking Through OCSP and CRL from 2020-05-26T00:00
One essential portion of the certificate lifecycle is the ability to revoke certificates. Public SSL certificates use a pair of mechanisms to communicate this revocation status to client machines, ...
Listen
Root Causes 93: Videoconferencing Phishing from 2020-05-21T00:00
With the global workforce's massive shift to work-from-home, a clever new set of opportunistic social engineering attacks has sprung up to take advantage of our unfamiliarity with our new communica...
Listen
Root Causes 92: COVID-19 Immunity Passports from 2020-05-18T00:00
As we plan our societal return to normalcy, a number of people and groups are discussing the concept of an electronic "immunity passport" that individuals can possess if they are known to be immune...
Listen
Root Causes 91: Rabobank Banking App Outage from 2020-05-13T00:00
Australia's Rabobank recently experienced an outage preventing its Android banking app from connecting to its servers. The root cause? An expired certificate. In this episode our hosts explain what...
Listen
Root Causes 90: An Analysis of Distributed PKI from 2020-05-10T00:00
Distributed PKI is a new approach, with advocates saying it will eliminate many weaknesses they perceive with traditional, hierarchical PKI architecture. Guest Alan Grau joins our hosts at they exp...
Listen
Root Causes 89: PKI's Role in Zero Trust from 2020-05-07T00:00
"Zero Trust" is an IT security philosophy that maximizes protection from threats by tightly controlling access and permissions for every individual, device, and process in the organization's enviro...
Listen
Root Causes 88: PKI and Blockchain from 2020-05-04T00:00
Many observers notice similarities between PKI and blockchain, including their applicability to secure digital systems and their ability to enable authentic information and non-repudiation in an el...
Listen
Root Causes 87: Zoom's (Not) End-to-End Encryption from 2020-04-30T00:00
With lockdowns and working from home the norm, a great deal of attention has been paid to video conferencing technology. In particular, Zoom has claimed to offer end-to-end encryption while in fact...
Listen
Root Causes 86: SSH Keys from 2020-04-27T00:00
SSH keys are essential for controlling access to production infrastructure. Our hosts are joined by repeat guest David Colon to discuss how SSH keys are used in contemporary computing environments,...
Listen
Root Causes 85: Automotive Key Fobs and Cryptography from 2020-04-23T00:00
Recent headlines have unveiled high profile attacks against automobile key fobs. Such an attack is potentially huge since successfully mimicking these fobs can yield complete access to an automobil...
Listen
Root Causes 84: What Is DNS over HTTPS? from 2020-04-20T00:00
DNS over HTTPS is a capability whereby DNS lookups can be encrypted to defend against certain man-in-the-middle attacks as well as protecting information about web usage from being revealed to thir...
Listen
Root Causes 83: Quantum Apocalypse - Does COVID-19 Change the Z Date from 2020-04-16T00:00
Lock downs and work-from-home requirements have disrupted the efficiency of operations in all walks of industry, including academics and advanced computing research. In this episode our hosts debat...
Listen
Root Causes 82: The Death of the Hard Token from 2020-04-13T00:00
People are working from home in unprecedented numbers, which means that companies need to find ways for them to connect securely. Some will consider hard tokens as an option. In this episode our ho...
Listen
Root Causes 81: What Is Embedded Firewall? from 2020-04-06T00:00
Security for IoT devices depends not only on establishing strong identity mechanisms for devices and the services they connect to but also in ensuring the ongoing integrity of device operations. In...
Listen
Root Causes 80: The Pros and Cons of VPNs from 2020-04-02T00:00
With the sudden, meteoric increase in remote workers, many IT professionals are looking at VPN as a method of keeping them secure. Join our hosts as they discuss the advantages and disadvantages o...
Listen
Root Causes 79: Firefox Reinstates Support for Deprecated TLS Versions from 2020-03-30T00:00
To enable broadest possible access to valuable information about the COVID-19 epidemic, Firefox has chosen to reinstate support for web sites using TLS 1.0 and 1.1. Join us to learn about this move...
Listen
Root Causes 78: Extended Validation Certificates and the Dark Web from 2020-03-26T00:00
New research presented at RSA Security Expo indicates that at least one party is using online criminal marketplaces to sell a package of a newly-created business and at least one Extended Validatio...
Listen
Root Causes 77: Certificates for Public Cloud from 2020-03-23T00:00
As a convenience to customers and a competitive differentiator, public cloud services such as AWS offer TLS certificates for use in their environments. Join our hosts as they explain this practice,...
Listen
Root Causes 76: Implications of COVID-19 for PKI from 2020-03-20T00:00
COVID-19 is rocking all aspects of our daily and business lives. So what are the implications of lock-downs, office closures, and high employee absenteeism on the PKI world? Our hosts explore the i...
Listen
Root Causes 75: Sectigo's COVID-19 Readiness from 2020-03-18T00:00
As measures move into place throughout society to flatten the curve of COVID-19's spread, it is important to understand the potential effects of lock downs, school closures, and work-from-home mand...
Listen
Root Causes 74: Device and Network Access from 2020-03-17T00:00
Certificates can play a critical role in enabling and controlling access for users and devices to our sensitive business processes and data. Our hosts are joined once again by David Colon as we ex...
Listen
Root Causes 73: Apple to Drop Support for Two-year SSL Certificates from 2020-03-13T00:00
At the most recent Face-to-Face meeting of the CA/Browser Forum, Apple announced that as of September 1 it will distrust public TLS certificates issued with terms longer than thirteen months for al...
Listen
Root Causes 72: Future-proofing Your PKI from 2020-03-09T00:00
Former CableLabs CIO and Kyrio President and General Manager Mitch Ashley joins our hosts to discuss how to set up a PKI system that will meet your needs for many years to come. Mitch is now CEO of...
Listen
Root Causes 71: Short Lived DevOps Certificates from 2020-03-06T00:00
Repeat guest and DevOps expert David Colon joins us again to discuss identity for microservices, including the use of very short-lived TLS certificates. David and our hosts explore the unique prope...
Listen
Root Causes 70: Identity Is the New Perimeter from 2020-03-04T00:00
Modern architectures and development processes have shattered the old concept of an IT perimeter for the enterprise. In this world, attaching strong identity to every device, user, and process is e...
Listen
Root Causes 69: Fundamentals of DevOps and PKI from 2020-02-28T00:00
In our ongoing series on DevOps and PKI, DevOps practitioner David Colon joins us to help describe the intersection of DevOps security and PKI. We explore how PKI fits in with orchestration engines...
Listen
Root Causes 68: Why SHA - 1 Is No Longer Secure from 2020-02-24T00:00
SHA-1 was a cornerstone of the early secure web. Now, 25 years later, this hashing function is no longer secure. Join our hosts to hear the history of SHA-1, its common use cases, and the propert...
Listen
Root Causes 67: Definition of DevOps and DevSecOps from 2020-02-21T00:00
Our hosts are joined by senior DevOps engineer David Colon to explore what DevOps means in today's enterprise. They cover diverse aspects of the DevOps phenomenon, including cultural implications, ...
Listen
Root Causes 66: Functional Versus Homomorphic Encryption from 2020-02-18T00:00
Traditionally, file encryption is an all-or-nothing affair where data cannot be gleaned from the encrypted file without fully decrypting its contents. A new brand of cryptography called homomorphic...
Listen
Root Causes 65: Quantum Key Distribution from 2020-02-10T00:00
Quantum key distribution is a new technology that uses the principles of quantum physics to generate and distribute truly random keys for encrypted communication. Join us as we explain how quantum ...
Listen
Root Causes 64: What Is Digital Identity? from 2020-02-04T00:00
The phrase "identity is the new perimeter" has gained in use of late, reflecting the reality that today's modern enterprise architecture is a mix of traditional and cloud, owned and rented and BYOD...
Listen
Root Causes 63 - What Is CAA? from 2020-01-28T00:00
CAA, which stands for CA Authentication, is the capability for the domain name owner to specify in DNS which CAs are allowed to issue SSL certificates for a specific domain. Join us to learn more a...
Listen
Root Causes 62: Windows CryptoAPI Spoofing Vulnerability Explained from 2020-01-22T00:00
On January 14 Microsoft announced a sweeping vulnerability that makes it possible to defeat the authentication of Elliptic Curve Cryptography (ECC) on Windows 10 and Windows Server systems, making ...
Listen
Root Causes 61: Anatomy of a Cryptocurrency from 2020-01-10T00:00
In our ongoing series about blockchain, we explore the technology, process, and ecosystem needs for a successful cryptocurrency. Join our hosts along with expert guest Alan Grau as we discuss the t...
Listen
Root Causes 60: Fundamentals of Blockchain from 2020-01-06T00:00
Widely understood to be the technology behind popular crypto currencies, blockchain has become a household word. But what it blockchain really, and how does it work? Join our hosts and returning gu...
Listen
Root Causes 1-59: What Is Certificate Transparency? from 2019-12-29T00:00
Certificate Transparency (CT) is a recent and important development in the world of SSL certificates. Popular browsers require trusted CAs to log all SSL certificates to publicly available CT Logs...
Listen
Root Causes 1-58: 2019 Lookback - One Year of Podcasting from 2019-12-15T00:00
Nearly a year ago our hosts launched Root Causes to provide a forum for discussion of the issues surrounding the critically important PKI technology. Now at the end of 2019 we discuss how this podc...
Listen
Root Causes 1-57: Quantum Random Number Generation from 2019-12-11T00:00
Random number generation is an essential part of successful cryptography. Quantum computers offer to improve this niche technology industry. Join our hosts to learn what quantum random number gener...
Listen
Root Causes 1-56: 2019 Lookback - Evolving Cryptography from 2019-12-09T00:00
2019 saw important changes in the world's cryptographic standards, including changes in browser treatment of SSL certificates, the removal of a public CA from trusted root stores, widespread serial...
Listen
Root Causes 1-55: California's New IoT Security Law from 2019-12-05T00:00
California Senate Bill 327 (SB-327) goes into effect January 1, 2020. This groundbreaking ordinance requires basic security measures for devices deployed in California. Join us to learn what SB-327...
Listen
Root Causes 1-54: 2019 Lookback - Infrastructure and IoT Security from 2019-12-02T00:00
2019 was a highly eventful year for infrastructure and IoT security. The year saw the emergence of wholesale attacks on the world's energy infrastructure, an epidemic of ransomware incidents agains...
Listen
Root Causes 1-53: 2019 Lookback - Governments Try to Control PKI from 2019-11-24T00:00
2019 has been an eventful year for PKI. In this episode, first in a series of four lookbacks at the year, our hosts discuss how governments sought to control encryption, certificates, and public tr...
Listen
Root Causes 1-52: New TLS Certificate Incident Research from 2019-11-22T00:00
New research out of Indiana University Bloomington reviews nearly 400 "incidents" with public SSL certificates over the course of more than a decade. Join us as we go through the main findings from...
Listen
Root Causes 1-51: Blockchain vs PKI from 2019-11-19T00:00
In our industry interactions we frequently run into questions about how PKI and blockchain compare with each other. How do they work similarly or differently? Are they surrogates for each other? Ar...
Listen
Root Causes 1-50: Energy Infrastructure Cyber Attacks from 2019-11-08T00:00
Global energy infrastructure continues to find itself under cyber attack from Advanced Persistent Threats (APTs). Join our hosts as we discuss recent attacks on power plants, why these attacks pers...
Listen
Root Causes 1-49: California Consumer Privacy Act from 2019-11-06T00:00
The California Consumer Privacy Act (CCPA) has been described by some as California's GDPR. This act provides broad protections to consumers in California, and businesses must comply starting Janua...
Listen
Root Causes 1-48: Weaknesses in MFA Authentication from 2019-10-31T00:00
A recent FBI warning cautions of attacks that circumvent Multi-Factor Authentication (MFA). Join us as we describe contemporary attacks against MFA and how to defend against them.
Listen
Root Causes 1-47: Quantum Apocalypse - Quantum Resistant Cryptography for IoT from 2019-10-25T00:00
Expert consensus states that we will need to update cryptography before quantum computers break our existing algorithms in the next ten or fifteen years. But what do we do about IoT devices, which...
Listen
Root Causes 1-46: Criminals Are Patching Browsers for TLS Fingerprinting Attacks from 2019-10-22T00:00
In a new variant on a known attack, a Russian Advanced Persistent Threat has begun applying patches to Chrome and Firefox to enable TLS fingerprinting even after the malware is removed from a syste...
Listen
Root Causes 1-45: What Is the CA/Browser Forum? from 2019-10-17T00:00
SSL certificate practices are governed by the rules of the CA/Browser Forum. But what is the CA/Browser Forum, who is in it, and where do they get their authority? If you've ever wondered about que...
Listen
Root Causes 1-44: Automotive Device Security from 2019-10-15T00:00
The automobile is undoubtedly among today's most complex, commonplace, and security-sensitive IoT devices. Our hosts describe the cyber threats facing connected cars, including real attacks that al...
Listen
Root Causes 1-43: Quantum Apocalypse - More on Mosca's Inequality from 2019-10-11T00:00
In episode 35 our hosts explained Mosca's Inequality, a formula for calculating when we need to have post-quantum encryption in place to prevent the Quantum Apocalypse. In this episode our hosts em...
Listen
Root Causes 1-42: Anatomy of a Botnet from 2019-10-08T00:00
We talk about botnets a lot, but not everyone understands how they are built and used by the criminals who control them or how headless IoT devices have greatly added to their power. Expert guest A...
Listen
Root Causes 1-41: What Is Blockchain's Killer App? from 2019-10-03T00:00
Our hosts frequently run into the assumption that blockchain and PKI are extremely similar technologies and are possibly even competitive to each other. While the two approaches accomplish some rel...
Listen
Root Causes 1-40: The Reports of RSA's Death Are Greatly Exaggerated from 2019-09-29T00:00
Recently at Black Hat and on public YouTube videos security newcomer Crown Sterling has claimed to factor the RSA algorithm. It turns out the breathlessly discussed feats were already accomplished ...
Listen
Root Causes 1-39: New University Research on Phishing and Certificates from 2019-09-26T00:00
The majority of all phishing sites now use SSL certificates to more closely imitate the behavior of legitimate sites. New research from RWTH Aachen, a large, German technical university, investigat...
Listen
Root Causes 1-38: Interesting Breaches in August from 2019-09-23T00:00
The month of August saw some unusual criminal activity when it comes to PKI and malware. Our hosts explain four August news stories including a SHA-1 enabled breach, stolen certificates and keys, a...
Listen
Root Causes 1-37: Quantum Apocalypse - Will Quantum Annealing Break Cryptography? from 2019-09-10T00:00
Quantum annealing is a special case of quantum computing for which the engineering challenges are lessened - and therefore we expect computers of this sort to achieve stability sooner. In this epis...
Listen
Root Causes 1-36: Quantum Apocalypse - The Search for Quantum Resistant Crypto from 2019-09-03T00:00
Finding the new quantum-resistant cryptography we will need to replace RSA and ECC is a difficult task requiring the coordinated effort of academics, industry, and government. NIST has stepped in t...
Listen
Root Causes 1-35: Quantum Apocalypse - Mosca's Inequality, Mad Max, and Mohawks from 2019-08-28T00:00
Quantum computers have the potential to defeat the RSA and ECC encryption underlying our digital world. We must swap out these algorithms before quantum computers reach that stage of maturity. But ...
Listen
Root Causes 1-34: Shadow IT and PKI from 2019-08-25T00:00
Shadow IT has become a fact of the modern enterprise. SaaS, BYOD, outsourced development, embedded IT, DevOps, and public cloud have all chipped away at the CIO's ability to oversee and control the...
Listen
Root Causes 1-33: Prepare for One-Year Limits on SSL Certificates from 2019-08-18T00:00
The CA/Browser Forum faces a proposed ballot to limit the maximum duration of an SSL certificate to 13 months. Even if this ballot fails, browsers such as Google Chrome have the ability to simply d...
Listen
Root Causes 1-32: Why Do Browsers and Academic Research Say Different Things About EV SSL? from 2019-08-15T00:00
Breaking research from two esteemed universities shows that sites with Extended Validation SSL certificates are much less likely to be engaged in criminal behavior like malware and phishing. And ye...
Listen
Root Causes 1-31: Using PKI to Authenticate Phone Callers from 2019-08-12T00:00
Few people know that caller ID numbers have no identity value as they are completely self-reported. This fact enables the plague of robocalling scams sweeping our society right now. Join our hosts ...
Listen
Root Causes 1-30: When a Whole Country Has Its PII Stolen - Giant Breach Fines - Phishing with SSL from 2019-08-05T00:00
Recently we have seen major news items in some of the common Root Causes themes. Join our hosts as they discuss new whopping breach fines from GDPR and the FTC, what happens when an entire country ...
Listen
Root Causes Special Bulletin: Kazakhstan Weaponizes the Public CA from 2019-07-29T00:00
The Kazakhstan government is taking measures to force citizens to trust its own root, enabling the widespread persecution of dissidents, journalists, and human rights advocates. Join our hosts to l...
Listen
Root Causes 1-29: Vulnerabilities in Cisco Routers and Other Device Integrity Controls from 2019-07-24T00:00
Security flaws in the device integrity modules of Cisco routers and other devices have lately filled the headlines. Join our hosts and guest Alan Grau as they discuss what is happening with these f...
Listen
Root Causes 1-28: SSL Certificate Automation Through ACME from 2019-07-22T00:00
ACME is a new SSL certificate automation standard that is taking the world by storm. With support by 150 million web sites and more than 130 open source tools, ACME is a key tool in your digital ce...
Listen
Root Causes 1-27: Pending Safe Browser Guidelines from Germany from 2019-07-18T00:00
The German government has published a draft of its latest guidelines for safe browsers, which include requirements for how SSL certificates are supported and treated. Join our hosts as they discuss...
Listen
Root Causes 1-26: The White House Wants to Prohibit End-to-End Encryption from 2019-07-13T00:00
The White House is the latest government entity seeking to defeat widespread encryption technology through legislated "back door" access. Join our hosts as they explain why such an idea is essentia...
Listen
Root Causes 1-25: Entropy and Random Numbers from 2019-07-02T00:00
One cornerstone of successful cryptography is entropy, or the ability to create genuinely unpredictable values. But it turns out that generating truly random numbers is harder than you might think....
Listen
Root Causes 1-24: Certificate Revocation from 2019-06-27T00:00
Occasional certificate revocation is an essential part of the digital certificate lifecycle and any secure PKI scheme. Not only do certificate owners need the revoke their own certificates, but als...
Listen
Root Causes 1-23: Global Energy Grids Under Cyber Attack from 2019-06-18T00:00
The world's energy grids and other utilities have increasingly become targets for cyber attack, both state-sponsored and otherwise. Join our hosts as they discuss the latest developments, possible ...
Listen
Root Causes 1-22: Attacks on US Cities with EternalBlue Cyber Weapon from 2019-06-07T22:10:24
A recent spate of ransomware attacks against US municipalities is noteworthy for being enabled by the stolen US cyber weapon EternalBlue. Join our hosts as we explain this attack, its similarities ...
Listen
Root Causes 1-21: New Texas Energy Grid Security Regulation from 2019-06-05T18:49
The state of Texas is leading the way with new legislation requiring cyber protections for its energy grid. Join our hosts as we explain this legislation, why it comes now, and its potential impact...
Listen
Root Causes 1-20: 885 Million First American Financial Customer Docs Exposed from 2019-05-31T22:37:44
It was recently revealed that First American Title Corporation had 885 million confidential customer financial documents discoverable in the clear on its online site. These documents contain all th...
Listen
Root Causes 1-19: Death of a Public CA from 2019-05-29T00:00
Mozilla has decided to remove a public CA from its trusted root store. By doing so Mozilla renders public certificates from this CA essentially valueless for almost all use cases. Join our hosts as...
Listen
Root Causes 1-18: SHA-1 Collisions - TLS Fingerprinting - Cisco Trust Anchor Flaw from 2019-05-23T00:00
Recent news has revealed several important developments in PKI and cyber trust. Our hosts cover the latest SHA-1 collision attack and why it signals the inevitable death of this hashing algorithm. ...
Listen
Root Causes 1-17: Sectigo Acquires Icon Labs from 2019-05-16T22:13:39
Sectigo's recent acquisition of Icon Labs expands the company's capabilities in embedded OEM and device identity. Jason and Tim are joined by Icon Labs co-founder Alan Grau as our podcasters explo...
Listen
Root Causes 1-16: PKI for DevOps Environments from 2019-05-12T00:00
DevOps as a software development and deployment methodology has radically transformed enterprise computing. This approach brings with it new architectures and tools such as containerization, Kubern...
Listen
Root Causes 1-15: Architecture for Enterprise Certificate Automation from 2019-05-07T16:18:09
Automation of certificate deployment and management is a must for today's enterprise. Complexity, changing environments, fast time to market, and simply scale all dictate that the old manual manage...
Listen
Root Causes 1-14: P2P Vulnerability in IoT Devices from 2019-05-02T23:22:29
Recent research reveals millions of consumer IoT devices that lack any level of authentication or encryption at all. Join our hosts as we discuss the nature of IoT-based botnets and their negative ...
Listen
Root Causes 1-13: PKI for IoT from 2019-04-25T21:34:11
The proliferation of Internet of Things (IoT) devices in many cases has outpaced security for those devices, leaving enterprises, end users, and the general public exposed. Learn how identity is an...
Listen
Root Causes 1-12: PKI in the News from 2019-04-14T00:00
It was a busy news week for PKI and authenticated identity, and our hosts run through four current stories to clarify them. Tune in to learn the latest about the Dragonblood WPA3 vulnerability, Rus...
Listen
Root Causes 1-11: Authentication Is Not for the Authenticated from 2019-04-09T17:33:53
With so much debate about the role and importance of authentication in digital systems, it is important to remember the purpose of authenticated identity in our cyber interactions. Join us for a di...
Listen
Root Causes 1-10: S/MIME Automated Deployment from 2019-04-03T19:58:30
S/MIME certificates indicate the authentic identity of the sender and enable encryption for message content and attachments - providing strong defenses against a variety of email-based attacks. No...
Listen
Root Causes 1-09: 63-bit Serial Numbers from 2019-03-25T18:45:56
A recently discovered flaw in common practices reveals that potentially millions of active SSL certificates fall short of cryptographic requirements. Learn how it is that 64-bit certificate serial...
Listen
Root Causes 1-08: Free PKI Is Not Free from 2019-03-19T02:35:16
The promise of a "free" Microsoft CA was alluring to enterprises in the 2000s, but today's increasingly open computing architectures and agile development methodology have outgrown your old fashion...
Listen
Root Causes 1-07: Russian Disconnection from the Internet from 2019-02-26T00:00
Russia has stated that it will disconnect from the internet as a trial exercise for full-blown cyber warfare. This idea presents many problems for Russian services, systems, and businesses, especia...
Listen
Root Causes 1-06: Quantum-Resistant Cryptography from 2019-02-19T00:00
The pending cryptographic Quantum Apocalypse requires that we replace the hashing and encryption algorithms used through the internet, enterprise networks, mobile service, and popular devices. Join...
Listen
Root Causes 1-05: Cryptographic Quantum Apocalypse from 2019-02-07T00:00
As quantum computing continues to progress, the world's widespread cryptographic schemes are in danger. To prepare for the cryptographic "Quantum Apocalypse" we will need to replace our RSA- and EC...
Listen
Root Causes 1-04: Australia's New IT Security Back Door from 2019-01-25T00:00
Australia now requires a back door to IT systems. Our hosts are skeptical that this idea will work. Join our PKI experts to learn about the dangers and pitfalls of such a system - and why they have...
Listen
Root Causes 1-03: US Government Shutdown and Security Vulnerabilities from 2019-01-16T00:00
The US government shutdown has taken its toll on IT systems. Services are going offline, and we are ill equipped to deal with a major security or service crisis. Tune in to learn more about the ris...
Listen
Root Causes 1-02: O2 Outage and Equifax Breach from 2019-01-08T00:00
In December users of O2, Softbank, and other mobile services experienced a day-long data outage affecting as many as 40 million people. In the summer of 2017 148 million Americans lost their person...
Listen
Root Causes 1-01: Introduction from 2019-01-04T00:00
Intro to the leading PKI and security podcast. Learn your hosts' qualifications and reasons for creating this podcast.
Listen