-
Podcast Sep 29, 2023
Root Causes 335: When MFA Is Not MFA
A social engineering attack to steal a one-time password (OTP) to enable unauthorized access is further exploited by a cloud backup feature.
-
Podcast Sep 27, 2023
Root Causes 334: What Is Attestation on the Web?
Most people hate dealing with CAPTCHA, but it offers benefits for web sites. We discuss alternatives to CAPTCHA, how they work, and their pros and cons.
-
Podcast Sep 21, 2023
Root Causes 333: Intel Side Channel Attack Steals Private Keys
A newly revealed side channel attack can capture AES encryption keys from Intel chips. We explain this significant and powerful attack.
-
Podcast Sep 14, 2023
Root Causes 332: Acoustic AI-based Key Logging Attack
An AI model that can interpret keystrokes based on the sound of keyboard use over a phone or video call and steal passwords.
-
Podcast Sep 13, 2023
Root Causes 331: Microsoft Restores Trust to Code Signing Root
Recent erroneous behavior on Windows indicates that Microsoft removed - and then re-added - a legacy VeriSign root in its trusted roots list.
-
Podcast Sep 05, 2023
Root Causes 330: End-to-end PQC in Use Today
Our hosts are joined by IronCap CEO Andrew Cheung as he discusses commercially available PQC solutions today, including VPN, email, and crypto currency.
-
Podcast Aug 29, 2023
Root Causes 329: What Is Messaging Layer Security?
The recently published Messaging Layer Security (MLS) protocol establishes key exchange protocols for simultaneous communication with 3+ participants.
-
Podcast Aug 23, 2023
Root Causes 328: What Is the Debian Weak Key Flaw?
In 2008 the world of SSL was shocked by a flaw in a popular operating system that limited the set of possible private keys on this OS to about 32,000.
-
Podcast Aug 18, 2023
Root Causes 327: What Is Multi-perspective Domain Validation?
In this episode we explain Border Gateway Protocol (BGP) attacks and how multi-perspective domain validation (MPDV) can defeat them.
-
Podcast Aug 15, 2023
Root Causes 326: The Difference Between .ml and .mil
Mistyped email addresses aimed at the US military frequently are sent to email addresses in Mali instead, to the tune of hundreds of thousands per year.
-
Podcast Aug 11, 2023
Root Causes 325: Certificate Error Causes Sharepoint Outage
A recent outage in Microsoft Sharepoint was caused by an error in certificate installation. We explain what happened and the lessons to be learned.
-
Podcast Aug 07, 2023
Root Causes 324: Apple Vs New UK Surveillance Bill
The UK is attempting to build secret back doors into end-to-end encrypted services. Apple shot back by threatening to remove services from the UK.