-
Podcast Aug 28, 2019
Root Causes 35: Quantum Apocalypse - Mosca's Inequality and Mad Max
Our hosts discuss how long we have until quantum computers defeat today's encryption algorithms and what happens if our cryptography isn't updated in time.
-
Blog Post Aug 26, 2019
Mozilla Should Reconsider Removing the EV Green Address Bar
The week before last, very quickly and without advance warning, Mozilla announced that it would remove the Extended Validation SSL certificate indicator from its upcoming build 70. This announcement spawned a very lively debate that is still going on. Below is my response to the thread, explaining why I believe it to be ill- considered and detrimental to overall internet security. Jason Soroko and I also covered Mozilla's decision to remove the EV SSL indicator in our Root Causes PKI and security podcast series.
-
Podcast Aug 25, 2019
Root Causes 34: Shadow IT and PKI
Shadow IT has become a fact of the modern enterprise. This fragmentation leads to identity and access challenges, which we discuss in this episode.
-
Podcast Aug 18, 2019
Root Causes 33: Prepare for One-Year Limits on SSL Certificates
A proposed CA/Browser Forum ballot stands to limit SSL certificates to 13 months. Learn what such a change might mean to IT professionals everywhere.
-
Podcast Aug 15, 2019
Root Causes 32: Why Do Browsers & Academics Say Differently About EV?
Research shows that sites with Extended Validation SSL certificates are less likely for malware and phishing. So why do browsers say it isn't effective?
-
Blog Post Aug 14, 2019
Be Prepared for One-Year SSL Certificate Duration
A recent CA/Browser Forum ballot sponsored by Google stands to limit SSL certificate lifespans to 397 days starting in March 2020. Should this pass, organizations using two-year SSL certificates will need to change their practices to only one-year certificates moving forward. Fortunately, automation options are available.
-
Podcast Aug 12, 2019
Root Causes 31: Using PKI to Authenticate Phone Callers
Caller ID numbers have no identity value as they are completely self-reported, enabling robocalling scams. Our hosts explain a new effort to end them.
-
Webinar Aug 08, 2019
Root Causes Webinar: Securing a World of Interconnected Devices
Learn how PKI and device hardening technologies are the answer to secure your IoT devices for enterprise and critical infrastructure.
-
Podcast Aug 06, 2019
Root Causes 30: When a Whole Country Has Its PII Stolen
Recently we have seen major news items in some of the common Root Causes themes. Join our hosts as they discuss.
-
Webinar Aug 06, 2019
The Future of PKI in the Modern Enterprise Webinar
Discover how Sectigo Private PKI allows you to secure and automate the management of your internal devices, regardless of which internal protocols you use.
-
Podcast Jul 30, 2019
Root Causes Special Bulletin: Kazakhstan Weaponizes the Public CA
The Kazakhstan government is trying to force citizens to trust its own root. Join our hosts to understand Kazakhstan's attempts to weaponize public certs.
-
Blog Post Jul 29, 2019
Online criminal actors reveals that domains with EV SSL certificates are 99.99% likely to be unassociated with bad cyber actors. CyFI studied 2.6 million domains associated with EV SSL to arrive at these results.