Hedge 255: Open Multi-perspective Issuance

One of the various attack surfaces in encryption is insuring the certificates used to share the initial set of private keys are not somehow replaced by an attacker. In systems where a single server or source is used to get the initial certificates, however, it is fairly easy for an attacker to hijack the certificate distribution process.

Henry Birge-Lee joins us on this episode of the Hedge to talk about extensions to existing certificate systems where a certificate is pulled from more than one source. You can find his article here.

download

Weekend Reads 011025


Wi-Fi 8 is coming, but it looks set to focus on greater reliability rather than on pushing the bandwidth ever higher, as the most recent updates to the venerable wireless local network technology have done.


Policymakers need to carefully guide the future consumption of electricity by AI datacenters, according to a report that considers four potential scenarios and suggests a number of guiding principles to prevent it from spiraling out of control.


In one of the quiet announcements that might eventually be a huge deal, the FCC voted to open the entire 6 GHz WiFi frequency band to very low-power devices (VLP – just in case you needed another new acronym to remember).


Gaining a clear view of the DDoS landscape is vital for developing effective countermeasures against this prolific form of attack. A new study, carried out through collaboration between researchers from several institutions, helps bring DDoS into perspective.


Salt Typhoon’s latest victims include Charter, Consolidated, and Windstream, underscoring the widening scope of China’s cyberespionage campaign against critical US infrastructure.