-
Podcast Mar 14, 2023
Root Causes 285: Can ChatGPT Write Malware?
We examine the suitability of ChatGPT as a malware-writing tool and possible future directions for AI in software creation.
-
Podcast Mar 10, 2023
Root Causes 284: 90-day SSL Certificates Are on the Way
The Google Chrome root program recently announced its intention to reduce the maximum term for public SSL certificates to 90 days.
-
Podcast Mar 06, 2023
Root Causes 283: Google Optional OCSP Proposal Clarified
In our episode 281 we reported on Google's proposal for optional OCSP. In this episode we correct some of our earlier reporting in that episode.
-
Podcast Mar 02, 2023
Root Causes 282: HSMs and Post Quantum Cryptography
We explain where Hardware Secure Modules (HSMs) fit into the world of PQC, including hybrid certificates and defining how HSMs will incorporate PQC.
-
Podcast Feb 27, 2023
Root Causes 281: Google Proposes Optional OCSP
Google has proposed removing the requirement for OCSP revocation checking for public SSL certificates meeting certain specific conditions.
-
Podcast Feb 24, 2023
Root Causes 280: Did an AI Break CRYSTALS-Kyber?
Recent news reports might suggest that an AI-enhanced side attack has defeated the CRYSTALS-Kyber PQC algorithm.
-
Podcast Feb 20, 2023
Root Causes 279: ChatGPT Watermarking
In this episode we discuss the idea of "watermarking" ChatGPT content, including stenography, randomness, entropy, and how to destroy the watermarks.
-
Podcast Feb 17, 2023
Root Causes 278: Microsoft on Certificates and FIDO
Recent public discussion of FIDO and digital certificates reveal details of Microsoft's approach to consumer digital authentication.
-
Podcast Feb 13, 2023
Root Causes 277: Privacy Sandbox
Google has announced the Privacy Sandbox. In this episode we describe concepts like k-anonymity and differential privacy.
-
Podcast Feb 09, 2023
Root Causes 276: ChatGPT and Identity Reputation
People may use ChatGPT for reputation analysis, KYC, and other info about individuals and companies. This is subject to error and deliberate misdirection.
-
Blog Post Feb 06, 2023
Digital trust is the foundation for secure business operations. This requires establishing and maintaining a strong cryptographic identity for every single user and machine (i.e. software, hardware, device, container, bot, etc.) attempting to access a network so the enterprise can verify who, or what, is interacting with its system.
-
Podcast Feb 06, 2023
Root Causes 275: No Fly List Stolen
An attacker gained a copy of the full 2019 TSA No Fly list, including subject PII, all enabled by failures in digital identity and encryption.