Podcast Feb 17, 2023
Root Causes 278: Microsoft on Certificates and FIDO
Recent public discussion of FIDO and digital certificates reveal details of Microsoft's approach to consumer digital authentication.
Podcast Dec 14, 2022
Root Causes 262: The Continuing Erosion of Online Identity
We look back at the continued erosion of reliable online identity, including deep fakes, celebrity phishing, AI-generated art and Twitter blue check marks.
Podcast Nov 30, 2022
Root Causes 259: What Went Wrong with the Twitter Blue Check Marks
We explore why the Twitter blue check marks failed and the challenges in authenticating and vouching for the identity of an individual or organization.
Podcast May 20, 2021
Root Causes 164: Examining MFA Through out-of-Band Phone Calling
We explore out-of-band phone calling as a MFA method, including, what attacks it defends against successfully, and what attacks can circumvent it.
Podcast Dec 04, 2020
Root Causes 132: Examining MFA Through Soft Tokens
In our ongoing examination of MFA, we examine authentication through soft-token OTP (one-time passcode) and compare it to SMS tokens and hard tokens.
Podcast Nov 24, 2020
Root Causes 130: How to Get Rid of Password Breaches
We discuss the weaknesses of passwords and why they nonetheless are still common. We describe the roadmap for weeding out passwords from most systems.
Podcast Nov 19, 2020
Root Causes 129: Examining MFA Through Hard Tokens
Hard tokens are an old multi-factor authentication (MFA) form factor, still in use today. We examine the strengths and weaknesses of hard tokens.
Podcast Sep 28, 2020
Root Causes 122: Passwordless Authentication for Apple OS
A discussion of passwordless authentication and access for Apple platforms (with Joel Rennich of Jamf).
Whitepaper Aug 03, 2020
This white paper by Enterprise Security Group examines how PKI fits into and enables your zero-trust strategy.