-
Listen Now
EPISODE 268
Broadcast Date:
January 12, 20239 minutes
Podcast Jan 12, 2023Root Causes 268: WAFs Subverted by JSON Bypass
Rising attacks can overcome the protections of Web Application Firewalls (WAF). We explain these attacks and what you should do to ensure you're safe.
-
Listen Now
EPISODE 267
Broadcast Date:
January 9, 202323 minutes
Podcast Jan 09, 2023Root Causes 267: Can Quantum Computers Break RSA Today?
New research suggests a quantum computer may be applied to breaking RSA in a different way from Schor's algorithm. We discuss the potential implications.
-
Listen Now
EPISODE 266
Broadcast Date:
January 4, 202318 minutes
Podcast Jan 04, 2023Root Causes 266: End-to-end Encryption in the Apple Technology Stack
Recent announcements from Apple lay out a set of expansions in the scope and capability of encryption throughout the Apple ecosystem.
-
Listen Now
EPISODE 265
Broadcast Date:
December 28, 202233 minutes
Podcast Dec 28, 2022Root Causes 265: A Banner Year for Post-quantum Cryptography
2022 was post-quantum cryptography's biggest year so far. We go over many developments in PQC, including the NIST round 3 winners.
-
Listen Now
EPISODE 264
Broadcast Date:
December 23, 202219 minutes
Podcast Dec 23, 2022Root Causes 264: Crypto Agility for 2023
We define the important needs that are changing the crypto agility landscape, including CA independence, public cloud, PQC, and FIDO 2/WebAuthn.
-
Listen Now
EPISODE 263
Broadcast Date:
December 20, 202226 minutes
Podcast Dec 20, 2022Root Causes 263: Secure Connection Methods Roundup
We discuss the three methods a user might choose for secure remote communications: VPN, SSH, and TOR, with use cases and the pros and cons of each.
-
Listen Now
EPISODE 262
Broadcast Date:
December 14, 202223 minutes
Podcast Dec 14, 2022Root Causes 262: The Continuing Erosion of Online Identity
We look back at the continued erosion of reliable online identity, including deep fakes, celebrity phishing, AI-generated art and Twitter blue check marks.
-
Listen Now
EPISODE 261
Broadcast Date:
December 13, 202210 minutes
Podcast Dec 13, 2022Root Causes 261: Why I Don't Say Spoof
The word spoof is a security industry term used regarding social engineering attacks. We discuss why this word is problematic in a security context.
-
Listen Now
EPISODE 260
Broadcast Date:
December 8, 202230 minutes
Podcast Dec 08, 2022Root Causes 260: CA TrustCor Deprecated
Public CA TrustCor has had its roots deprecated by Microsoft and Mozilla. We explain what happened and why these roots ultimately were distrusted.
-
Listen Now
EPISODE 259
Broadcast Date:
November 30, 202214 minutes
Podcast Nov 30, 2022Root Causes 259: What Went Wrong with the Twitter Blue Check Marks
We explore why the Twitter blue check marks failed and the challenges in authenticating and vouching for the identity of an individual or organization.
-
Listen Now
EPISODE 258
Broadcast Date:
November 22, 202217 minutes
Podcast Nov 22, 2022Root Causes 258: New S/MIME Baseline Requirements Ratified
The CA/Browser Forum has passed new Baseline Requirements for S/MIME certificates. We explain their broad stipulations.
-
Listen Now
EPISODE 257
Broadcast Date:
November 18, 202211 minutes
Podcast Nov 18, 2022Root Causes 257: FTX Crypto Exchange Collapses
"If you don't hold the keys, you don't hold the cheese." Crypto exchange giant FTX recently collapsed, causing ripples through the cryptocurrency world.