-
Listen Now
EPISODE 245
Broadcast Date:
September 29, 202210 minutes
Podcast Sep 29, 2022Root Causes 245: One Time Passcode as a Liability
A recent article from Brian Krebs advances the idea that using OTP MFA may actually be a liability to security. We explain that reasoning.
-
Listen Now
EPISODE 244
Broadcast Date:
September 26, 202216 minutes
Podcast Sep 26, 2022Root Causes 244: PwC Survey Reports Cyber Security as Biggest Risk
A recent survey from PwC reports that cyber threats are no longer solely the domain on the CISO but instead have become every senior executive's concern.
-
Listen Now
EPISODE 243
Broadcast Date:
September 20, 202211 minutes
Podcast Sep 20, 2022Root Causes 243: Which Came First, the BRs or the EVGs?
Many don't realize that the CA/Browser Forum's Baseline Requirements actually came LATER THAN the Extended Validation Guidelines.
-
Listen Now
EPISODE 242
Broadcast Date:
September 16, 20227 minutes
Podcast Sep 16, 2022Root Causes 242: Let's Encrypt Founder Peter Eckersley Passes
EFF member and Let's Encrypt co-founder Peter Eckersley passed away recently. We honor Peter's memory and his contributions, including ACME and Certbot.
-
Listen Now
EPISODE 241
Broadcast Date:
September 12, 202220 minutes
Podcast Sep 12, 2022Root Causes 241: Is China Outspending the West in Quantum Computing?
A December 2021 report suggests China as vastly outspending the West in quantum computing. We examine this claim and its implications.
-
Listen Now
EPISODE 240
Broadcast Date:
September 7, 202216 minutes
Podcast Sep 07, 2022Root Causes 240: Hyundai Production Private Key Found in How-to Manual
A researcher recently defeated a production automobile's PKI by searching for the private key on Google. We describe how this might have come about.
-
Listen Now
EPISODE 239
Broadcast Date:
August 29, 202217 minutes
Podcast Aug 29, 2022Root Causes 239: Post-quantum Cryptography Candidate SIKE Defeated
NIST's round four post-quantum crypto candidate SIKE (Supersingular Isogeny Key Encapsulation) has been defeated and is now out of consideration.
-
Listen Now
EPISODE 238
Broadcast Date:
August 15, 202217 minutes
Podcast Aug 15, 2022Root Causes 238: Tim's Big Phishing Adventure
Tim's identity as a Sectigo executive is being used in a "waterholing" phishing scam to raid job seekers' bank accounts. We describe what is going on.
-
Listen Now
EPISODE 237
Broadcast Date:
August 10, 202212 minutes
Podcast Aug 10, 2022Root Causes 237: Why Mozilla Is So Important to CAs
Mozilla is a highly important to the world of public certificates, with influence beyond what its browser market share would suggest. We examine why.
-
Listen Now
EPISODE 236
Broadcast Date:
August 4, 202213 minutes
Podcast Aug 04, 2022Root Causes 236: AD Patch Knocks Out Non-MS Identity Consumers
A recent Active Directory patch has forced a workaround for many software components to work with AD identities. We explain lessons for PKI owners.
-
Listen Now
EPISODE 235
Broadcast Date:
July 27, 202226 minutes
Podcast Jul 27, 2022Root Causes 235: What Is Lattice-based Cryptography?
The new NIST PQC algorithms focus on lattice-based encryption. We explain this cryptographic approach and why it fared so well in the NIST search.
-
Listen Now
EPISODE 234
Broadcast Date:
July 22, 202210 minutes
Podcast Jul 22, 2022Root Causes 234: Report from the 2022 RSA Conference
The RSA Security Conference is back. We talk about 2020 and how the first post-COVID RSAC compared to earlier years, plus major themes this year.