-
Listen Now
EPISODE 382
Broadcast Date:
April 29, 202412 minutes
Podcast Apr 29, 2024Root Causes 382: Mobile Phone Malware Steals Faces for Access
New malware photographs users' faces to defeat authentication mechanisms. Biometrics are not "secrets."
-
Listen Now
EPISODE 381
Broadcast Date:
April 26, 20247 minutes
Podcast Apr 26, 2024Root Causes 381: Apple Chip Sideloading Attack Leaks Encryption Keys
A newly revealed side channel attack enables theft of private keys from M-series Apple chips. We explain.
-
Listen Now
EPISODE 380
Broadcast Date:
April 23, 202429 minutes
Podcast Apr 23, 2024Root Causes 380: If Quantum Supremacy Comes Earlier Than Expected
We talk about the challenges to PQC migration and what happens if quantum computers break RSA before we're expecting them to.
-
Listen Now
EPISODE 379
Broadcast Date:
April 18, 202413 minutes
Podcast Apr 18, 2024Root Causes 379: AI-generated Fake IDS for KYC
Inexpensive and easily obtained deepfake photographs of IDs, generated by AI, are available online. These pose a problem for KYC initiatives.
-
Listen Now
EPISODE 378
Broadcast Date:
April 15, 202421 minutes
Podcast Apr 15, 2024Root Causes 378: Why Are Forced Revocations So Difficult?
We delve deep into the problem of failure to revoke on time and the multiple causes that lead to this ongoing failure.
-
Listen Now
EPISODE 377
Broadcast Date:
April 11, 202417 minutes
Podcast Apr 11, 2024Root Causes 377: Is CPS/Issuance Misalignment a Revocation Event?
If you issue public certificates that are fully compliant except they don't reflect what your CPS says, are they misissued? Do they require revocation?
-
Listen Now
EPISODE 376
Broadcast Date:
April 8, 202419 minutes
Podcast Apr 08, 2024Root Causes 376: Gartner's New CLM Framework
Gartner has released a new framework for Certificate Lifecycle Management, called the Seven Core Functions of Certificate Automation.
-
Listen Now
EPISODE 375
Broadcast Date:
April 5, 202428 minutes
Podcast Apr 05, 2024Root Causes 375: What Is Name Space Lifecycle Management?
CNAMEs, SPF, DMARC, name server entries, and other DNS identifiers, left unattended, can expose companies to identity-based attacks.
-
Listen Now
EPISODE 374
Broadcast Date:
April 1, 202415 minutes
Podcast Apr 01, 2024Root Causes 374: NIST Cyber Security Framework 2 Released
NIST Cyber Security Framework version 2.0 is released. It includes guidance on identity management and authentication.
-
Listen Now
EPISODE 373
Broadcast Date:
March 29, 202415 minutes
Podcast Mar 29, 2024Root Causes 373: Massive Brand Hijack Subverts Over 21,000 Domains
A massive name space attack has hijacked more than 21,000 domains and subdomains, including a who's who list of major global brands.
-
Listen Now
EPISODE 372
Broadcast Date:
March 26, 202422 minutes
Podcast Mar 26, 2024Root Causes 372: Bugzilla Bloodbath
It's a bloodbath on Bugzilla. Since March 9, more than 25 new Bugzilla bugs been written up, which is 10x the typical pace. And it's not over.
-
Listen Now
EPISODE 371
Broadcast Date:
March 22, 202420 minutes
Podcast Mar 22, 2024Root Causes 371: MPIC Rules Go to CABF Ballot
A ballot for Multi-perspective Issuance Corroboration (MPIC), formerly known as MPDV, has entered a discussion period in the CA/Browser Forum (CABF).