-
Podcast Jan 07, 2021
Root Causes 140: SSL Attacks Using BGP (Border Gateway Protocol)
BGP controls traffic routing on the internet. BGP attacks could help improperly obtain DV certificates. We explain these attacks and what to do about them.
-
Podcast Jan 04, 2021
Root Causes 139: Exposed Private Keys in CSR Submissions
Sometimes subscribers accidentally include the private key along with CSR submissions. Our hosts break down this phenomenon and its implications.
-
Podcast Dec 29, 2020
Root Causes 138: IoT Cybersecurity Improvement Act of 2020
We explain the IoT Cybersecurity Improvement Act of 2020, which creates security requirements for IoT devices sold into the US government.
-
Podcast Dec 21, 2020
Root Causes 137: SolarWinds Supply Chain Attack and Digital Identity
The SolarWinds supply chain attack i includes unusual manipulations of digital identity and certificates. We explore these aspects of the attack.
-
Podcast Dec 17, 2020
Root Causes 136: 2020 Lookback - Quantum Safe Certificates
We discuss 2020's progress in the quest for quantum-safe encryption, including the algorithm candidate list, hybrid certificates, and IoT devices.
-
Podcast Dec 14, 2020
Root Causes 135: The Heartbleed Vulnerability
2014's Heartbleed vulnerability made it possible to steal private keys directly from web servers, requiring certificate replacement by the millions.
-
Podcast Dec 10, 2020
Root Causes 134: 2020 Lookback - SASE and Zero Trust Architecture
2020 was a big year for SASE (Secure Access Service Edge). We define SASE, ZTNA (Zero Trust Network Architecture), and SDP (Software Defined Perimeter).
-
Podcast Dec 07, 2020
Root Causes 133: 2020 Lookback - COVID-19
In 2020 COVID-19 changed the way we work. Our hosts dicsuss the affect on employee access, Zero Trust, retail IT, immunity passports, and more.
-
Podcast Dec 04, 2020
Root Causes 132: Examining MFA Through Soft Tokens
In our ongoing examination of MFA, we examine authentication through soft-token OTP (one-time passcode) and compare it to SMS tokens and hard tokens.
-
Podcast Nov 30, 2020
Root Causes 131: Apple OCSP Slowdown Explained
Apple's Big Sur OS rollout drove a slowdown in the company's OCSP responders, affecting all Apple operating systems. We explain what happened and why.
-
Podcast Nov 24, 2020
Root Causes 130: How to Get Rid of Password Breaches
We discuss the weaknesses of passwords and why they nonetheless are still common. We describe the roadmap for weeding out passwords from most systems.
-
Podcast Nov 19, 2020
Root Causes 129: Examining MFA Through Hard Tokens
Hard tokens are an old multi-factor authentication (MFA) form factor, still in use today. We examine the strengths and weaknesses of hard tokens.