-
Podcast Jan 04, 2023
Root Causes 266: End-to-end Encryption in the Apple Technology Stack
Recent announcements from Apple lay out a set of expansions in the scope and capability of encryption throughout the Apple ecosystem.
-
Podcast Dec 28, 2022
Root Causes 265: A Banner Year for Post-quantum Cryptography
2022 was post-quantum cryptography's biggest year so far. We go over many developments in PQC, including the NIST round 3 winners.
-
Podcast Dec 23, 2022
Root Causes 264: Crypto Agility for 2023
We define the important needs that are changing the crypto agility landscape, including CA independence, public cloud, PQC, and FIDO 2/WebAuthn.
-
Podcast Dec 20, 2022
Root Causes 263: Secure Connection Methods Roundup
We discuss the three methods a user might choose for secure remote communications: VPN, SSH, and TOR, with use cases and the pros and cons of each.
-
Podcast Dec 14, 2022
Root Causes 262: The Continuing Erosion of Online Identity
We look back at the continued erosion of reliable online identity, including deep fakes, celebrity phishing, AI-generated art and Twitter blue check marks.
-
Podcast Dec 13, 2022
Root Causes 261: Why I Don't Say Spoof
The word spoof is a security industry term used regarding social engineering attacks. We discuss why this word is problematic in a security context.
-
Webinar Dec 08, 2022
2023 – the Year to Be Quantum Ready
With today’s encryption algorithms marching toward the so-called Quantum Apocalypse, it's never been more crucial to prepare for Post Quantum Cryptography.
-
Podcast Dec 08, 2022
Root Causes 260: CA TrustCor Deprecated
Public CA TrustCor has had its roots deprecated by Microsoft and Mozilla. We explain what happened and why these roots ultimately were distrusted.
-
Podcast Nov 30, 2022
Root Causes 259: What Went Wrong with the Twitter Blue Check Marks
We explore why the Twitter blue check marks failed and the challenges in authenticating and vouching for the identity of an individual or organization.
-
Podcast Nov 22, 2022
Root Causes 258: New S/MIME Baseline Requirements Ratified
The CA/Browser Forum has passed new Baseline Requirements for S/MIME certificates. We explain their broad stipulations.
-
Blog Post Nov 21, 2022
Not all forms of multi-factor authentication (MFA) are created equal and the forms that are based on one-time passcodes have turned into corporate liabilities. One-time passcodes that are entered into malicious login pages or entered into a compromised endpoint can be harvested by an attacker and utilized to log in along with a harvested username and password.
-
Podcast Nov 18, 2022
Root Causes 257: FTX Crypto Exchange Collapses
"If you don't hold the keys, you don't hold the cheese." Crypto exchange giant FTX recently collapsed, causing ripples through the cryptocurrency world.