-
Listen Now
EPISODE 473
Broadcast Date:
March 28, 202510 minutes
Podcast UpcomingRoot Causes 473: Does Security Software Lack Creativity?
Jason reports on a 2024 Black Hat keynote about how modern software development practices inhibit innovation and invention.
-
Listen Now
EPISODE 478
Broadcast Date:
March 17, 202516 minutes
Podcast Mar 17, 2025Root Causes 478: Should We All Switch from RSA to ECC?
RSA is under attack. Even without the quantum threat, we face the possibility of smart new exploits reducing the viable RSA key space and rendering it unsafe. In this episode we discuss the merits of choosing ECC over RSA as soon as today.
-
Listen Now
EPISODE 477
Broadcast Date:
March 13, 202518 minutes
Podcast Mar 13, 2025Root Causes 477: Comparative Security Philosophies
We discuss how various popular computing platforms approach security and highlight the differences between them.
-
Listen Now
EPISODE 476
Broadcast Date:
March 10, 202517 minutes
Podcast Mar 10, 2025Root Causes 476: The Need for Security KPIs
Jason recounts a 2024 Black Hat talk about the need for objective measurements of our IT defenses and whether the good guys or bad guys are winning. Jason breaks down how to define and measure the impact of security measures.
-
Listen Now
EPISODE 475
Broadcast Date:
March 6, 202518 minutes
Podcast Mar 06, 2025Root Causes 475: Can Your AI Scheme Against You?
It's the stuff of science fiction! Interesting research shows how today's AI technology is capable of lying to and scheming against its human owners in service of its goals.
-
Listen Now
EPISODE 474
Broadcast Date:
March 3, 202520 minutes
Podcast Mar 03, 2025Root Causes 474: Explaining Shor's Algorithm
We talk a lot about Shor's Algorithm in our discussion of post quantum cryptography (PQC). In this episode Jason explains Shor's algorithm for non-quantum physicists.
-
Listen Now
EPISODE 472
Broadcast Date:
February 26, 202511 minutes
Podcast Feb 26, 2025Root Causes 472: AI Offensive Modeling
AI tools are now available to perform red-teaming activity for DevSecOps. Such tools are soon to be table stakes in the constantly escalating IT security arms race. Join us to learn more.
-
Listen Now
EPISODE 471
Broadcast Date:
February 24, 202521 minutes
Podcast Feb 24, 2025Root Causes 471: ACME for PQC
In this episode, guest Alexandre Giron explains what is needed to support pos quantum cryptography (PQC) with ACME.
-
Listen Now
EPISODE 470
Broadcast Date:
February 19, 202512 minutes
Podcast Feb 19, 2025Root Causes 470: The MFA False Equivalency Fallacy
Not all forms of MFA are equally secure. In this episode, we describe the differences between the more secure and less secure forms of MFA.
-
Listen Now
EPISODE 469
Broadcast Date:
February 17, 20257 minutes
Podcast Feb 17, 2025Root Causes 469: The All or Nothing Fallacy in Cybersecurity
In this episode we explain the all-or-nothing fallacy in cybersecurity and how it's affecting debate in the WebPKI right now.
-
Listen Now
EPISODE 468
Broadcast Date:
February 14, 202510 minutes
Podcast Feb 14, 2025Root Causes 468: UK Demands New Backdoor from Apple
A new demand from the UK seeks complete access to all Apple cloud data housed in the UK, regardless of the data owners' citizenship and residency. We unpack this latest development in Government versus Encryption.
-
Listen Now
EPISODE 467
Broadcast Date:
February 12, 202510 minutes
Podcast Feb 12, 2025Root Causes 467: Decoupling Public from Private Use Cases
The past year has seen a great deal of focus on the use of public TLS certificates where private root certificates are actually the appropriate solution. In this episode we discuss the differences between these two use cases and what IT organizations can do about it.