-
Podcast Feb 13, 2023
Root Causes 277: Privacy Sandbox
Google has announced the Privacy Sandbox. In this episode we describe concepts like k-anonymity and differential privacy.
-
Podcast Feb 09, 2023
Root Causes 276: ChatGPT and Identity Reputation
People may use ChatGPT for reputation analysis, KYC, and other info about individuals and companies. This is subject to error and deliberate misdirection.
-
Blog Post Feb 06, 2023
Digital trust is the foundation for secure business operations. This requires establishing and maintaining a strong cryptographic identity for every single user and machine (i.e. software, hardware, device, container, bot, etc.) attempting to access a network so the enterprise can verify who, or what, is interacting with its system.
-
Podcast Feb 06, 2023
Root Causes 275: No Fly List Stolen
An attacker gained a copy of the full 2019 TSA No Fly list, including subject PII, all enabled by failures in digital identity and encryption.
-
Podcast Feb 03, 2023
Root Causes 274: New Quantum Readiness Law
The U.S. government has a new law requiring that government agencies create plans for migrating to PQC in response to threats from quantum computers.
-
Podcast Jan 30, 2023
Root Causes 273: A Deep Dive on CA Agnostic
We catalog the various ways a Certificate Lifecycle Management (CLM) system can be "CA agnostic."
-
Podcast Jan 27, 2023
Root Causes 272: OCSP's Privacy Problem
Concerns recently have been raised about OCSP real-time certificate checking and its potential to violate privacy.
-
Podcast Jan 23, 2023
Root Causes 271: A Whole Fleet of Identity-based Automotive Hacks
Manufacturers' dependence on non-secret "secrets" such as VIN and email address expose many vulnerabilities.
-
Podcast Jan 20, 2023
Root Causes 270: What Is the Difference Between KEM and PKE?
We explain the difference between Public Key Exchange (PKE) and Key Encapsulation Methods (KEM) and why we're moving from one to another.
-
Podcast Jan 16, 2023
Root Causes 269: Did a Patent Dispute Nearly Derail PQC?
On July 5, 2022 NIST announced its Round 3 PQC winners. That same day, a patent cleared that made this possible.
-
Podcast Jan 12, 2023
Root Causes 268: WAFs Subverted by JSON Bypass
Rising attacks can overcome the protections of Web Application Firewalls (WAF). We explain these attacks and what you should do to ensure you're safe.
-
Podcast Jan 09, 2023
Root Causes 267: Can Quantum Computers Break RSA Today?
New research suggests a quantum computer may be applied to breaking RSA in a different way from Schor's algorithm. We discuss the potential implications.