Menu
Sign In Search Podcasts Charts People & Topics Add Podcast API Blog Pricing
Podcast Image

Root Causes: A PKI and Security Podcast

Technology Business Science

Activity Overview

Episode publication activity over the past year

Episodes

Showing 301-400 of 643
«« ← Prev Page 4 of 7 Next → »»

Root Causes 310: Another AI Episode

13 Jun 2023

Contributed by Lukas

In this episode we continue to explore the capabilities of AI to replicate known people in deep fakes with AI-generated content.

Root Causes 309: What Is Key Attestation for Code Signing?

07 Jun 2023

Contributed by Lukas

On June 1, 2023 new rules for delivery of code signing certificates went into effect, requiring the certificate be delivered by secure HSM. In additio...

Root Causes 308: E-Tugra Root Deprecation

05 Jun 2023

Contributed by Lukas

For the second time in under twelve months, a major browser is deprecating a CA's public trust. This time it's E-Tugra. Learn about the concerns rai...

Root Causes 307: OT Red Teaming Leads to Malware Attack

31 May 2023

Contributed by Lukas

In this episode we describe how tools from operational technology red team exercises are being repurposed for malware attacks.

Root Causes 306: Certificate Transparency Logs and Privacy

26 May 2023

Contributed by Lukas

Certificate Transparency (CT) logs do a lot of good for the WebPKI. They also, however, carry with them some privacy concerns. In this episode we exp...

Root Causes 305: The Fifth Pillar of Certificate Lifecycle Management

22 May 2023

Contributed by Lukas

In our episode 143 we introduced the Four Pillars of Certificate Lifecycle Management. Now, two years later, we introduce a fifth pillar of CLM.

Root Causes 304: Your 90-day SSL Certificates Checklist

18 May 2023

Contributed by Lukas

90-day maximum term for SSL certificates is coming. In this episode expert guest Henry Lam details his four-point checklist for preparing enterprises ...

Root Causes 303: A Return to Chrome and the Address Bar

16 May 2023

Contributed by Lukas

In our recent episode 300 we discussed Chrome's upcoming removal of the lock icon from its interface. In this follow up, we catch the listener up on C...

Root Causes 302: Intel Secure Boot Private Key Leak

12 May 2023

Contributed by Lukas

Resulting from a recent ransomware attack, a private key from Intel has been exposed, affecting more than a hundred OEM components and an unknown numb...

Root Causes 301: The Difference Between Certificate Automation and CLM

09 May 2023

Contributed by Lukas

This podcast frequently discusses the concepts of certificate automation and Certificate Lifecycle Management (CLM). In this episode we discuss how C...

Root Causes 300: Chrome Eliminates the Lock Icon

04 May 2023

Contributed by Lukas

Google Chrome has announced that it will eliminate the lock icon in September. We explain what Google will be doing, its stated rationale, and the pro...

Root Causes 299: 2023 RSA Recap

02 May 2023

Contributed by Lukas

The 2023 RSA Conference just concluded. This week Tim recaps what he saw at the show and how it reflects on security industry trends. Our hosts discu...

Root Causes 298: Moving Forward, Together - Promoting Automation

28 Apr 2023

Contributed by Lukas

The Google Chrome root store has communicated its plans for promoting automation. In this episode we explain Chrome's public plans for this initiativ...

Root Causes 297: Certificate Expiration Creates Starlink Outage

26 Apr 2023

Contributed by Lukas

A recent outage in the Starlink internet service was caused by an unexpected certificate expiration. We discuss this ongoing problem and how 90-day ma...

Root Causes 296: SHOULD We or MUST We?

21 Apr 2023

Contributed by Lukas

The CA/Browser Forum guidelines contain many prescribed requirements, with language containing the word SHOULD or MUST. In this episode we explain the...

Root Causes 295: Genesis Criminal Marketplace Taken Down

17 Apr 2023

Contributed by Lukas

A large, public criminal marketplace for stolen logins and other information was rolled up by law enforcement across seventeen countries. Genesis Mark...

Root Causes 294: Root Causes Honored by Webby Awards

13 Apr 2023

Contributed by Lukas

The Root Causes podcast has received a Webby Honoree award. Jason and Tim briefly celebrate and discuss the challenge of operating a niche, homemade ...

Root Causes 293: What Is Certbot?

10 Apr 2023

Contributed by Lukas

Certbot is an important part of the ACME standard. This open source tool makes it easier for many IT administrators to use ACME to automate provision...

Root Causes 292: Validation Data Reuse for 90-day Certificates

06 Apr 2023

Contributed by Lukas

As the industry explores the expected consequences of 90-day maximum term for SSL / TLS certificates, some are wondering if the allowed validation dat...

Root Causes 291: CLM and SIEM

03 Apr 2023

Contributed by Lukas

We discuss how Certificate Lifecycle Management (CLM) interacts with Security Incident and Event Management (SIEM). The certificate world is chock ful...

Root Causes 290: What Are QGIS and QIIS?

29 Mar 2023

Contributed by Lukas

In this episode we define Qualified Government Information Source (QGIS) and Qualified Independent Information Source (QIIS), which are critical to CA...

Root Causes 289: What Is a Cryptographic Center of Excellence?

27 Mar 2023

Contributed by Lukas

In this episode we dig into an emerging idea, which is the cryptographic center of excellence. We discuss how such a center of excellence would work ...

Root Causes 288: ISARA Releases Patents on Hybrid Certificates

22 Mar 2023

Contributed by Lukas

In this episode we are joined by Atsushi Yamada, CEO of ISARA. He explains how ISARA has put its patents on hybrid certificates into the public domai...

Root Causes 287: GoDaddy Private Key Breach

20 Mar 2023

Contributed by Lukas

In this episode we describe an incident in which a GoDaddy breach exposed customer private keys. We explain the expectations surrounding private key ...

Root Causes 286: PKI and PQC in New White House Cybersecurity Initiative

16 Mar 2023

Contributed by Lukas

A new White House cybersecurity initiative specifically calls out digital identity and post quantum cryptography (PQC) among its focal areas. We discu...

Root Causes 285: Can ChatGPT Write Malware?

14 Mar 2023

Contributed by Lukas

In our ongoing exploration of the security implications of AI, in this episode we examine the suitability of ChatGPT as a malware-writing tool and pos...

Root Causes 284: 90-day SSL Certificates Are on the Way

10 Mar 2023

Contributed by Lukas

The Google Chrome root program recently announced its intention to reduce the maximum term for public SSL certificates to 90 days. In this episode we...

Root Causes 283: Google Optional OCSP Proposal Clarified

06 Mar 2023

Contributed by Lukas

In our episode 281 we reported on Google's proposal for optional OCSP. In this episode we correct some of our earlier reporting in that episode, inclu...

Root Causes 282: HSMs and Post Quantum Cryptography

02 Mar 2023

Contributed by Lukas

Repeat guest Bruno Couillard of Crypto4A joins us to explain where Hardware Secure Modules (HSMs) fit into the world of PQC. We discuss the issues sur...

Root Causes 281: Google Proposes Optional OCSP

26 Feb 2023

Contributed by Lukas

In response to concerns about OCSP and privacy, Google has proposed removing the requirement for OCSP revocation checking for public SSL certificates ...

Root Causes 280: Did an AI Break CRYSTALS-Kyber?

24 Feb 2023

Contributed by Lukas

Recent news reports might suggest that an AI-enhanced side attack has defeated the CRYSTALS-Kyber PQC algorithm. In this episode we clarify that Kybe...

Root Causes 279: ChatGPT Watermarking

19 Feb 2023

Contributed by Lukas

ChatGPT presents the potential problem of ChatGPT content being used and attributed to another source, such as a professional writer or a student. In ...

Root Causes 278: Microsoft on Certificates and FIDO

17 Feb 2023

Contributed by Lukas

Recent public discussion of FIDO and digital certificates reveal details of Microsoft's approach to consumer digital authentication. We discuss secur...

Root Causes 277: Privacy Sandbox

13 Feb 2023

Contributed by Lukas

In the latest continuation of the effort to create better protections for consumer privacy while still enabling targeted advertising, Google has annou...

Root Causes 276: ChatGPT and Identity Reputation

09 Feb 2023

Contributed by Lukas

ChatGPT and similar AI tools are dominating the public's mind these days. In this episode we discuss the potential for people to attempt to use ChatG...

Root Causes 275: No Fly List Stolen

06 Feb 2023

Contributed by Lukas

In a recently revealed security breach, an attacker gained a copy of the full 2019 TSA No Fly list, including subject PII. This breach was enabled by ...

Root Causes 274: New Quantum Readiness Law

03 Feb 2023

Contributed by Lukas

The U.S. government has a new law requiring that government agencies create plans for migrating to post-quantum cryptography in response to impending ...

Root Causes 273: A Deep Dive on CA Agnostic

30 Jan 2023

Contributed by Lukas

The industry is seeing more and more attention spent on the idea of CA agnosticism. As with any buzzy technology term, it can be used to mean a variet...

Root Causes 272: OCSP's Privacy Problem

27 Jan 2023

Contributed by Lukas

Concerns recently have been raised about OCSP real-time certificate checking and its potential to violate privacy. In this episode we unpack these co...

Root Causes 271: A Whole Fleet of Identity-based Automotive Hacks

23 Jan 2023

Contributed by Lukas

A white hat security researcher recently revealed a large number of identity-based vulnerabilities across many automotive manufacturers. In this episo...

Root Causes 270: What Is the Difference Between KEM and PKE?

20 Jan 2023

Contributed by Lukas

One of the little known changes that has come to the world of TLS is that the secret handshake and key exchange updated from Public Key Exchange (PKE)...

Root Causes 269: Did a Patent Dispute Nearly Derail Post Quantum Cryptography?

16 Jan 2023

Contributed by Lukas

On July 5, 2022 NIST announced its Round 3 PQC winners. What most people don't realize is that same day, the interested parties cleared a patent dispu...

Root Causes 268: WAFs Subverted by JSON Bypass

12 Jan 2023

Contributed by Lukas

In this episode we discuss rising attacks that overcome the protections of Web Application Firewalls (WAF). We explain these attacks, why this bypass...

Root Causes 267: Can Quantum Computers Break RSA Today?

09 Jan 2023

Contributed by Lukas

Much has been made of Schor's algorithm and the inevitable defeat of RSA using quantum computers. But a new research paper suggests a quantum computer...

Root Causes 266: End-to-end Encryption in the Apple Technology Stack

04 Jan 2023

Contributed by Lukas

Recent announcements from Apple lay out a set of expansions in the scope and capability of encryption throughout the Apple ecosystem. In this episode ...

Root Causes 265: A Banner Year for Post-quantum Cryptography

28 Dec 2022

Contributed by Lukas

2022 was post-quantum cryptography's biggest year so far. Our hosts are joined by guest Bruno Couillard, CEO and CTO of Crypto4A. We go over many de...

Root Causes 264: Crypto Agility for 2023

23 Dec 2022

Contributed by Lukas

We define the important needs and initiatives that are changing the crypto agility landscape. We discuss topics including CA independence, cryptograp...

Root Causes 263: Secure Connection Methods Roundup

20 Dec 2022

Contributed by Lukas

In this episode we discuss the three methods a user might choose for secure remote communications: VPN, SSH, and TOR. For each we discuss the reasons...

Root Causes 262: The Continuing Erosion of Online Identity

14 Dec 2022

Contributed by Lukas

In one of our 2022 wrap up episodes, we look back at the continued erosion of the idea of reliable online identity throughout the year. We discuss the...

Root Causes 261: Why I Don't Say Spoof

12 Dec 2022

Contributed by Lukas

The word spoof is a security industry term used in the context of social engineering attacks. In this episode we explore the word's connotations in d...

Root Causes 260: CA TrustCor Deprecated

08 Dec 2022

Contributed by Lukas

Public CA TrustCor has had its roots deprecated by Microsoft and Mozilla, following a public dialog about TrustCor's suitability as a public CA. This ...

Root Causes 259: What Went Wrong with the Twitter Blue Check Marks

30 Nov 2022

Contributed by Lukas

The Twitter authenticated identity blue check marks made a big splash and then quickly went away. In this episode we explore the intent of these chec...

Root Causes 258: New S/MIME Baseline Requirements Ratified

21 Nov 2022

Contributed by Lukas

The CA/Browser Forum has passed new Baseline Requirements for S/MIME certificates, in effect late 2023. In this episode we explain the broad stipulat...

Root Causes 257: FTX Crypto Exchange Collapses

17 Nov 2022

Contributed by Lukas

"If you don't hold the keys, you don't hold the cheese." Crypto exchange giant FTX recently collapsed, causing ripples through the cryptocurrency worl...

Root Causes 256: What Is Harvest and Decrypt?

16 Nov 2022

Contributed by Lukas

As we prepare for the reality of quantum computers breaking RSA and ECC, a keenly important concept to understand is "Harvest and Decrypt." The pract...

Root Causes 255: What Is a Privacy Browser?

11 Nov 2022

Contributed by Lukas

In this episode we describe privacy browsers, which quite simply are browsers designed to pay special attention to the user's privacy, including some ...

Root Causes 254: Toyota Symmetric Key Exposed on GitHub

08 Nov 2022

Contributed by Lukas

In a recently exposed error, key material for a popular automobile manufacturer's PKI has been discovered on GitHub, resulting in exposure of sensitiv...

Root Causes 253: OpenSSL Vulnerability Explained

04 Nov 2022

Contributed by Lukas

Last week the OpenSSL project announced an upcoming critical patch, leading to a great deal of speculation about this flaw and its implications for SS...

Root Causes 252: Sidestepping Microsoft Email Encryption

30 Oct 2022

Contributed by Lukas

A recently revealed vulnerability in Microsoft Exchange encryption can be used potentially to break the encryption on stored emails. In this episode w...

Root Causes 251: What's Next for the NIST PQC Primitives?

27 Oct 2022

Contributed by Lukas

NIST has announced its new post-quantum cryptography primitives. So now what? In this episode we discuss the next steps required by the technology ind...

Root Causes 250: 250 Episodes of Root Causes!

26 Oct 2022

Contributed by Lukas

It's Root Causes episode 250! In this episode Tim and Jason indulge themselves in podcasting about podcasting. Hear about setting up a podcast, choos...

Root Causes 249: What Is MFA Exhaustion?

21 Oct 2022

Contributed by Lukas

Recent months have seen several high profile attacks that were enabled by defeating the MFA accompanying user name and password login. In this episod...

Root Causes 248: Azure Code Signing Announced

18 Oct 2022

Contributed by Lukas

Microsoft has announced the upcoming availability of a Microsoft-run code signing solution inside the Azure platform. We explain this approach's advan...

Root Causes 247: Uber Breach Unpacked

13 Oct 2022

Contributed by Lukas

A recent high-profile breach of Uber's systems led to widespread data loss. Join our experts as we unpack the specifics of how this attack came about...

Root Causes 246: Google Chrome Root Program Announced

03 Oct 2022

Contributed by Lukas

Google Chrome recently announced the formation of its trusted root program. It may be surprising to learn that the world's most popular browser has ex...

Root Causes 245: One Time Passcode as a Liability

29 Sep 2022

Contributed by Lukas

A recent article from Brian Krebs advances the idea that using OTP MFA may actually be a liability to security. In this episode we explain the reason...

Root Causes 244: PwC Survey Reports Cyber Security as Biggest Risk to Companies

26 Sep 2022

Contributed by Lukas

A recent survey from PwC reports that cyber threats are no longer solely the domain on the CISO but instead have become every senior executive's conce...

Root Causes 243: Which Came First, the BRs or the EVGs?

20 Sep 2022

Contributed by Lukas

Many people don't realize that the CA/Browser Forum's Baseline Requirements actually came LATER THAN the Extended Validation Guidelines. In this episo...

Root Causes 242: Let's Encrypt Founder Peter Eckersley Passes

16 Sep 2022

Contributed by Lukas

Electronic Frontier Foundation member and Let's Encrypt co-founder Peter Eckersley passed away recently at a young age. In this episode we pay respect...

Root Causes 241: Is China Outspending the West in Quantum Computing?

12 Sep 2022

Contributed by Lukas

A December 2021 report appears to indicate that China as vastly outspending Western countries in quantum computing. In this episode we examine this cl...

Root Causes 240: Hyundai Production Private Key Found in How-to Manual

06 Sep 2022

Contributed by Lukas

A white hat researcher recently defeated a production automobile's PKI by searching for the private key on Google. Join us as we describe the implemen...

Root Causes 239: Post-quantum Cryptography Candidate SIKE Defeated

28 Aug 2022

Contributed by Lukas

NIST's round four post-quantum crypto candidate SIKE (Supersingular Isogeny Key Encapsulation) has been defeated and is now out of consideration. In ...

Root Causes 238: Tim's Big Phishing Adventure

15 Aug 2022

Contributed by Lukas

In a personally unprecedented occurrence, Tim's identity as a Sectigo executive is being used in a "waterholing" phishing scam intended to raid job se...

Root Causes 237: Why Mozilla Is So Important to CAs

10 Aug 2022

Contributed by Lukas

Mozilla is a highly important to the world of public certificates, with influence beyond what the Firefox browser market share would suggest. In this...

Root Causes 236: Active Directory Patch Knocks Out Non-MS Identity Consumers

04 Aug 2022

Contributed by Lukas

A recently revealed vulnerability in Active Directory made it possible for an attacker to escalate privileges inappropriately. Microsoft's responded ...

Root Causes 235: What Is Lattice-based Cryptography?

26 Jul 2022

Contributed by Lukas

The recent winners of the NIST post-quantum cryptography contest are strongly focused on lattice-based encryption. In this episode we explain at a hi...

Root Causes 234: Report from the 2022 RSA Conference

22 Jul 2022

Contributed by Lukas

The RSA Security Conference is back. In this episode we talk about what happened in 2020 and how the first post-COVID RSAC compared to earlier years, ...

Root Causes 233: CISA Recommendations for Post-Quantum Crypto

12 Jul 2022

Contributed by Lukas

In coordination with NIST's announcement of its new post-quantum cryptographic algorithm contest winners, the Cybersecurity and Infrastructure Securit...

Root Causes 232: NIST Announces Post Quantum Crypto Selections

08 Jul 2022

Contributed by Lukas

NIST has announced its winning algorithms for round 3 of its post-quantum cryptography "contest." Join us as we name the winning algorithms and why th...

Root Causes 231: What Is FIDO?

06 Jul 2022

Contributed by Lukas

Recent announcements about consumer passwordless authentication build on standards like FIDO and WebAuthn. In this episode we explain device-centric ...

Root Causes 230: What Is Apple Passkey?

30 Jun 2022

Contributed by Lukas

Apple recently announced its Passkey functionality, which will allow passwordless authentication between Apple devices and supporting web services thr...

Root Causes 229: Browsing Collectives and the 80/20 Rule of Browser Privacy

08 Jun 2022

Contributed by Lukas

In this follow-on to our two previous podcasts, we elucidate additional potential schemes for preserving consumer privacy. We discuss data aggregation...

Root Causes 228: Getting the FLoC out of Here

31 May 2022

Contributed by Lukas

In a follow-up to our recent episode on cookies and browser tracking, we discuss Google's Federated Learning of Cohorts (FLoC) initiative, why it fail...

Root Causes 227: Let's Talk About Cookies

27 May 2022

Contributed by Lukas

In this episode we explain the fundamentals of cookies and why, despite their obvious benefits, they present troublesome privacy concerns. We discuss ...

Root Causes 226: The Six Benefits of SSH Certificates

24 May 2022

Contributed by Lukas

In this third episode in our series on SSH keys, we identify the six main benefits of SSH certificates and how they mitigate the problems with SSH ide...

Root Causes 225: The Difference Between Relying Parties and Certificate Consumers

19 May 2022

Contributed by Lukas

Despite the similarity in their names, in the world of digital certificates a Relying Party and a Certificate Consumer are very different things. In ...

Root Causes 224: The Five Problems with SSH Keys

17 May 2022

Contributed by Lukas

In this follow-on to our earlier episode explaining SSH keys, we discuss the five problems SSH keys present to organizations using them. And we give a...

Root Causes 223: CT Log-Enabled Attacks on WordPress Sites

11 May 2022

Contributed by Lukas

Attackers are using CT logs to identify brand new WordPress sites and install malware before upcoming security measures are in place. This attack is ...

Root Causes 222: Consolidation and PKI Solutions

11 May 2022

Contributed by Lukas

Vendor consolidation is an important topic in IT security. As the scope and variety of threats continues to increase, we have seen a proliferation of ...

Root Causes 221: What Are SSH Keys?

04 May 2022

Contributed by Lukas

SSH (Secure Shell) keys are ubiquitous for authenticated access to Linux systems. In this first of three episodes we explain what these keys are and h...

Root Causes 220: The Difference Between OTP and Passwordless

02 May 2022

Contributed by Lukas

"Passwordless" is a hot term in the industry, and as a result many technology vendors are attaching their solutions to this term. In this episode we c...

Root Causes 219: New Quantum Cryptography Legislation Introduced

26 Apr 2022

Contributed by Lukas

New proposed legislation in the US House of Representatives mandates that federal agencies must begin preparation for using the new quantum resistant ...

Root Causes 218: PKI Nomenclature Oddities

20 Apr 2022

Contributed by Lukas

Every technology space has its jargon. In this episode we go over some of the interesting, ambiguous, or amusing terms that are specific to the PKI an...

Root Causes 217: What's the Deal with the Recent Okta Security Breach?

14 Apr 2022

Contributed by Lukas

In March the LAPSIS$ hacking group convincingly announced a breach of Okta systems, potentially exposing Okta customers to additional compromise. Desp...

Root Causes 216: What Is crt.sh?

10 Apr 2022

Contributed by Lukas

One of the foundational tools for monitoring and understanding public SSL certificates is crt.sh, created and maintained by Sectigo's own Rob Stradlin...

Root Causes 215: Passwordless Authentication and Legacy Systems

08 Apr 2022

Contributed by Lukas

Organizations seeking to use passwordless authentication frequently must deal with legacy systems that cannot support this scheme. In this episode we ...

Root Causes 214: New DUO MFA Flaw Explained

05 Apr 2022

Contributed by Lukas

A recent FBI warning cautions organizations about exploits based on misconfigured DUO MFA, which exploits weaknesses in Active Directory to provision ...

Root Causes 213: 600-domain Phishing Attack

28 Mar 2022

Contributed by Lukas

In this episode we describe a recent phishing campaign noteworthy for its scale, encompassing a total of 600 unique domains. We discuss the implicati...

Root Causes 212: S/MIME Limited to Three Years

28 Mar 2022

Contributed by Lukas

On April 1 new root program requirements from Apple for S/MIME certificates go into effect, including a limitation of the allowable term to three year...

Root Causes 211: Does CLM Make Wildcard and MDC Irrelevant?

12 Mar 2022

Contributed by Lukas

Wildcard and multi-domain certificates have traditionally made administration easier for IT departments. In this episode we weigh the degree to which ...
«« ← Prev Page 4 of 7 Next → »»