Posts by dbeattie

What Are Subordinate CAs and Why Would You Want Your Own?

Posted by on June 26, 2019 in Blog | 0 comments

Digital certificate and PKI adoption has changed quite a bit in recent years. Gone are the days where certificates were only synonymous with SSL/TLS; compliance drivers like stronger authentication requirements and digital signature regulations (e.g. eIDAS) have greatly expanded the role of PKI within the enterprise. As PKI usage has expanded, conversation has moved beyond just the number and type of certificates needed and onto deeper dialogue about custom PKI deployments. A large part of the conversation is around subordinate CAs, sometimes referred to as Issuing or Intermediate CAs, and...

Read More

Lenovo Enables Man-in-the-Middle Attacks Via Superfish Adware

Posted by on February 20, 2015 in Blog, General | 0 comments

Lenovo is selling computers that contain the Superfish application which “supplements” the user’s SSL sessions to enable their adware application to deliver content transparently; however, due to poor security design this leaves users vulnerable to man-in-the-middle attacks. How it was supposed to work Superfish uses the program “Visual Discovery” to process images in browser content and then displays ads for similar goods and services. This sounds like any other adware application, but in order to maintain SSL sessions and not alert users with security...

Read More