-
Podcast Jul 07, 2023
Root Causes 315: Will the SEC Sue SolarWinds Executives?
The SEC has sent "Wells notices" to two senior executives from SolarWinds, with regard to the 2019 to 2020 supply chain attack.
-
Podcast Jul 05, 2023
Root Causes 314: AI-based Deepfakes in Real Crimes
We discuss a variety of real-world crimes in which deepfakes have played a role.
-
Podcast Jun 23, 2023
Root Causes 313: SSL Revocation Reason Codes
We explain the allowed public SSL revocation reason codes, along with some explicitly forbidden reason codes and the backstory behind them.
-
Podcast Jun 20, 2023
Root Causes 312: Why You Shouldn't Roll Your Own Crypto
Don't roll your own crypto. We describe the findings from 2021 research that investigating the root causes of problems in cryptographic systems.
-
Podcast Jun 16, 2023
Root Causes 311: What Is CCADB?
We describe CCADB, the Common CA Database. We explain the role of CCADB in the WebPKI and how this role is evolving.
-
Podcast Jun 13, 2023
Root Causes 310: Another AI Episode
In this episode we continue to explore the capabilities of AI to replicate known people in deep fakes with AI-generated content.
-
Podcast Jun 08, 2023
Root Causes 309: What Is Key Attestation for Code Signing?
New rules require delivery of code signing certificates by secure HSM. We describe the key attestation method of delivery.
-
Podcast Jun 05, 2023
Root Causes 308: E-Tugra Root Deprecation
For the second time in under twelve months, a major browser is deprecating a CA's public trust. This time it's E-Tugra.
-
Podcast May 31, 2023
Root Causes 307: OT Red Teaming Leads to Malware Attack
In this episode we describe how tools from operational technology red team exercises are being repurposed for malware attacks.
-
Podcast May 26, 2023
Root Causes 306: Certificate Transparency Logs and Privacy
Certificate Transparency (CT) logs do a lot of good for the WebPKI. They also, however, carry with them some privacy concerns.
-
Podcast May 24, 2023
Root Causes 305: The Fifth Pillar of Certificate Lifecycle Management
In our episode 143 we introduced the Four Pillars of Certificate Lifecycle Management. Now, two years later, we introduce a fifth pillar of CLM.
-
Podcast May 19, 2023
Root Causes 304: Your 90-day SSL Certificates Checklist
90-day maximum term for SSL certificates is coming. An expert details his 4-point checklist for preparing enterprises for these shorter-lived certificates.