-
Listen Now
EPISODE 225
Broadcast Date:
May 20, 202215 minutes
Podcast May 20, 2022Root Causes 225: Relying Parties Versus Certificate Consumers
We define the four main roles in the public trust ecosystem: CA, Subscriber, Certificate Consumer, and Relying Party, with real-world examples.
-
Listen Now
EPISODE 224
Broadcast Date:
May 17, 202219 minutes
Podcast May 17, 2022Root Causes 224: The Five Problems with SSH Keys
We discuss the five problems SSH keys present to organizations using them. And we give a peek at how to solve these problems.
-
Listen Now
EPISODE 223
Broadcast Date:
May 13, 202215 minutes
Podcast May 13, 2022Root Causes 223: CT Log-Enabled Attacks on WordPress Sites
Attackers are using CT logs to identify brand new WordPress sites and install malware before upcoming security measures are in place.
-
Listen Now
EPISODE 222
Broadcast Date:
May 11, 202210 minutes
Podcast May 11, 2022Root Causes 222: Consolidation and PKI Solutions
Vendor consolidation is an important topic in IT security. In this episode we discuss this trend and how it affects PKI and digital certificates.
-
Listen Now
EPISODE 221
Broadcast Date:
May 5, 202215 minutes
Podcast May 05, 2022Root Causes 221: What Are SSH Keys?
SSH (Secure Shell) keys are ubiquitous for authenticated access to Linux systems. We explain what these keys are and how they're used.
-
Listen Now
EPISODE 220
Broadcast Date:
May 2, 202214 minutes
Podcast May 02, 2022Root Causes 220: The Difference Between OTP and Passwordless
In this episode we clarify the difference between OTP services and passwordless authentication.
-
Listen Now
EPISODE 219
Broadcast Date:
April 27, 202212 minutes
Podcast Apr 27, 2022Root Causes 219: New Quantum Cryptography Legislation Introduced
Proposed legislation in the House of Representatives mandates that federal agencies begin preparation for new quantum resistant cryptographic algorithms.
-
Listen Now
EPISODE 218
Broadcast Date:
April 20, 202230 minutes
Podcast Apr 20, 2022Root Causes 218: PKI Nomenclature Oddities
Every technology space has its jargon. We go over interesting, ambiguous, or amusing terms that are specific to the PKI and digital certificates industry.
-
Listen Now
EPISODE 217
Broadcast Date:
April 14, 202224 minutes
Podcast Apr 14, 2022Root Causes 217: What's the Deal with the Recent Okta Security Breach?
A hacking group recently announced a breach of Okta systems, potentially compromising Okta customers. We walk through the attack and its significance.
-
Listen Now
EPISODE 216
Broadcast Date:
April 11, 202211 minutes
Podcast Apr 11, 2022Root Causes 216: What is crt.sh?
A foundational tool for monitoring public SSL certificates is crt.sh. We explain what crt.sh does and why it is so popular with SSL industry watchers.
-
Listen Now
EPISODE 215
Broadcast Date:
April 8, 202224 minutes
Podcast Apr 08, 2022Root Causes 215: Passwordless Authentication and Legacy Systems
Those using passwordless authentication frequently employ legacy systems that cannot support this scheme. We detail steps to mitigate this problem.
-
Listen Now
EPISODE 214
Broadcast Date:
April 5, 202211 minutes
Podcast Apr 05, 2022Root Causes 214: New DUO MFA Flaw Explained
A recent FBI warning cautions organizations about exploits based on misconfigured DUO MFA. We explain this exploit and why it is noteworthy.