-
Listen Now
EPISODE 221
Broadcast Date:
May 5, 202215 minutes
Podcast May 05, 2022Root Causes 221: What Are SSH Keys?
SSH (Secure Shell) keys are ubiquitous for authenticated access to Linux systems. We explain what these keys are and how they're used.
-
Listen Now
EPISODE 220
Broadcast Date:
May 2, 202214 minutes
Podcast May 02, 2022Root Causes 220: The Difference Between OTP and Passwordless
In this episode we clarify the difference between OTP services and passwordless authentication.
-
Listen Now
EPISODE 219
Broadcast Date:
April 27, 202212 minutes
Podcast Apr 27, 2022Root Causes 219: New Quantum Cryptography Legislation Introduced
Proposed legislation in the House of Representatives mandates that federal agencies begin preparation for new quantum resistant cryptographic algorithms.
-
Listen Now
EPISODE 218
Broadcast Date:
April 20, 202230 minutes
Podcast Apr 20, 2022Root Causes 218: PKI Nomenclature Oddities
Every technology space has its jargon. We go over interesting, ambiguous, or amusing terms that are specific to the PKI and digital certificates industry.
-
Listen Now
EPISODE 217
Broadcast Date:
April 14, 202224 minutes
Podcast Apr 14, 2022Root Causes 217: What's the Deal with the Recent Okta Security Breach?
A hacking group recently announced a breach of Okta systems, potentially compromising Okta customers. We walk through the attack and its significance.
-
Listen Now
EPISODE 216
Broadcast Date:
April 11, 202211 minutes
Podcast Apr 11, 2022Root Causes 216: What Is crt.sh?
A foundational tool for monitoring public SSL certificates is crt.sh. We explain what crt.sh does and why it is so popular with SSL industry watchers.
-
Listen Now
EPISODE 215
Broadcast Date:
April 8, 202224 minutes
Podcast Apr 08, 2022Root Causes 215: Passwordless Authentication and Legacy Systems
Those using passwordless authentication frequently employ legacy systems that cannot support this scheme. We detail steps to mitigate this problem.
-
Listen Now
EPISODE 214
Broadcast Date:
April 5, 202211 minutes
Podcast Apr 05, 2022Root Causes 214: New DUO MFA Flaw Explained
A recent FBI warning cautions organizations about exploits based on misconfigured DUO MFA. We explain this exploit and why it is noteworthy.
-
Listen Now
EPISODE 213
Broadcast Date:
March 31, 20228 minutes
Podcast Mar 31, 2022Root Causes 213: 600-domain Phishing Attack
A recent phishing campaign encompassed 600 unique domains. We discuss the implications of a campaign of this scale and high level of organization.
-
Listen Now
EPISODE 212
Broadcast Date:
March 28, 202211 minutes
Podcast Mar 28, 2022Root Causes 212: S/MIME Limited to Three Years
On April 1 new root program requirements from Apple for S/MIME certificates go into effect, including a limitation of the allowable term to three years.
-
Listen Now
EPISODE 211
Broadcast Date:
March 14, 202214 minutes
Podcast Mar 14, 2022Root Causes 211: Does CLM Make Wildcard and MDC Irrelevant?
We weigh the degree to which Certificate Lifecycle Management (CLM) renders the benefits of wildcard and multi-domain certificates obsolete.
-
Listen Now
EPISODE 210
Broadcast Date:
March 8, 20227 minutes
Podcast Mar 08, 2022Root Causes 210: Living off the Land
Microsoft has deprecated support for the popular sysadmin tool WMIC. Join our hosts as they explain why and the broader lessons we can learn.