-
Learn More
It's Time to Improve Website Identity Indicators, Not Remove Them
News Article from Sectigo
News Article Oct 24, 2019Why Google and Mozilla are wrong about the benefits of Extended Validation certificates that aim to prevent fraud and protect user privacy.
-
Listen Now
EPISODE 46
Broadcast Date:
October 22, 201914 minutes
Podcast Oct 22, 2019Root Causes 46: Patching Browsers for TLS Fingerprinting Attacks
A Russian Advanced Persistent Threat (APT) is patching Chrome and Firefox to enable TLS fingerprinting even after its malware is removed.
-
Listen Now
EPISODE 39
Broadcast Date:
September 26, 201920 minutes
Podcast Sep 26, 2019Root Causes 39: New University Research on Phishing and Certificates
The majority of phishing sites now use SSL certificates to closely imitate the behavior of legitimate sites. Join our hosts as we dig into these findings.
-
Blog Post Sep 17, 2019
Status of Browsers and EV Indicators
Browsers are in a time of change for Extended Validation (EV) SSL indicators. Where once all popular browsers reliably displayed the company name in green to the left of the web address, now Chrome and Firefox have decided to remove the company name and require a click on the lock icon to see the certificate’s identity information.
-
Blog Post Aug 26, 2019
Mozilla Should Reconsider Removing the EV Green Address Bar
The week before last, very quickly and without advance warning, Mozilla announced that it would remove the Extended Validation SSL certificate indicator from its upcoming build 70. This announcement spawned a very lively debate that is still going on. Below is my response to the thread, explaining why I believe it to be ill- considered and detrimental to overall internet security. Jason Soroko and I also covered Mozilla's decision to remove the EV SSL indicator in our Root Causes PKI and security podcast series.
-
News Article Aug 21, 2019
Google and Mozilla Block Kazakhstan Internet Surveillance
In July, reports emerged that internet service providers in Kazakhstan were instructing people to install government-issued certificates across their devices and the browsers, or risk losing internet access. Sectigo's Tim Callan comments.
-
Listen Now
EPISODE 32
Broadcast Date:
August 15, 201925 minutes
Podcast Aug 15, 2019Root Causes 32: Why Do Browsers & Academics Say Differently About EV?
Research shows that sites with Extended Validation SSL certificates are less likely for malware and phishing. So why do browsers say it isn't effective?
-
Learn More
Study: 99.99% Probability That Green Address Bars Show Trusted Domains
Press Release from Sectigo
Press Release Jul 30, 2019New research conducted by the Georgia Institute of Technology Cyber Forensics Innovation (CyFI) Laboratory confirms that a website with a company-branded address bar greatly decreases the chance of internet users falling victim to a malware attack or phishing (fraud) scam.
-
Listen Now
EPISODE 27
Broadcast Date:
July 18, 201917 minutes
Podcast Jul 18, 2019Root Causes 27: Pending Safe Browser Guidelines from Germany
Germany has published a draft of its latest guidelines for safe browsers. Join our hosts as they discuss the requirements and their potential impact.
-
Blog Post Jul 17, 2019
Firefox to Add “Not Secure” Warning to Non-SSL Pages
In its upcoming build 70, Firefox will incorporate a “Not Secure” warning for non-SSL pages. This warning will appear to the left of the address, where the company-branded green address bar appears on sites with EV SSL certificates.
-
Listen Now
EPISODE 19
Broadcast Date:
May 29, 201914 minutes
Podcast May 29, 2019Root Causes 19: Death of a Public CA
Mozilla has decided to remove a public CA from its trusted root store, rendering public certificates from this CA valueless for almost all use cases.
-
Blog Post Apr 26, 2019
What the Latest Firefox Update Means for SSL Certificates
Learn what impacts the latest Firefox 66 update will have on your SSL certificates & what it means for your website security & user confidence.
