-
Listen Now
EPISODE 184
Broadcast Date:
October 27, 202112 minutes
Podcast Oct 27, 2021Root Causes 184: Popular College WiFi Vulnerability Revealed
Certificate misconfiguration in commonly used college WiFi can expose logins. We discuss WiFi authentication, EAP, and how this vulnerability occurs.
-
Listen Now
EPISODE 183
Broadcast Date:
October 21, 202114 minutes
Podcast Oct 21, 2021Root Causes 183: New MSCA Attack Toolkits
A new white paper and set of toolkits illuminate MSCA root key attacks. We provide a clear action list for IT professionals in charge of Microsoft CA.
-
Listen Now
EPISODE 182
Broadcast Date:
October 18, 202125 minutes
Podcast Oct 18, 2021Root Causes 182: Let's Encrypt Root Expiration
Let's Encrypt's recent root expiration caused widespread service outages. We discuss this expiration and the recipe for avoiding problems in the future.
-
Listen Now
EPISODE 181
Broadcast Date:
August 30, 202113 minutes
Podcast Aug 30, 2021Root Causes 181: Limitation of DCV Through Web Site Changes
Domain Control Validation (DCV) for SSL certificates using the "change to web site" method will be changing late this year. We explain these changes.
-
Listen Now
EPISODE 180
Broadcast Date:
August 26, 202112 minutes
Podcast Aug 26, 2021Root Causes 180: PetitPotam MSCA Attack
WE describe the PetitPotam MSCA attack and related terms like Mimikatz, pass-the-hash, and NTLM Relay, including a mitigation roadmap and free resources.
-
Listen Now
EPISODE 179
Broadcast Date:
August 24, 202114 minutes
Podcast Aug 24, 2021Root Causes 179: Standards for Certificates Apart from SSL
SSL is not the only regulated type of digital certificate. We discuss the rules for S/MIME, eIDAS, code signing, document signing, and SSH certificates.
-
Listen Now
EPISODE 178
Broadcast Date:
August 20, 202114 minutes
Podcast Aug 20, 2021Root Causes 178: Stealing Cryptocurrency
We describe the various ways in which cryptocurrency can be stolen, including private key compromise, broker security failure, and login credential theft.
-
Listen Now
EPISODE 176
Broadcast Date:
August 5, 202127 minutes
Podcast Aug 05, 2021Root Causes 176: Introducing State-Locality Exclusivity
Sectigo is implementing an important change to its public-facing SSL certificate business called State-Locality Exclusivity. We explain in this episode.
-
Listen Now
EPISODE 175
Broadcast Date:
August 2, 202121 minutes
Podcast Aug 02, 2021Root Causes 175: What Is a Linter?
Linters are a venerable coding tool has recently taken on new significant in the world of public certificates. Our hosts explain.
-
Listen Now
EPISODE 174
Broadcast Date:
July 27, 202116 minutes
Podcast Jul 27, 2021Root Causes 174: Windows 11 and TPMs
Microsoft has announced that its upcoming Windows 11 release will require TPM 2.0 support at a minimum. We discuss the implications of this announcement.
-
Listen Now
EPISODE 173
Broadcast Date:
July 22, 202118 minutes
Podcast Jul 22, 2021Root Causes 173: Whitelisting and Blocklisting
Whitelisting and blocklisting are tried and true elements of the computer industry. We define them and discuss their pros and cons.
-
Listen Now
EPISODE 172
Broadcast Date:
July 13, 202116 minutes
Podcast Jul 13, 2021Root Causes 172: What Is an NFT?
Non-fungible tokens uniquely identify digital assets using blockchain. We explain how NFTs work, and public assertion of ownership for digital files.