About Show #229
Richard flies solo to talk to Barry Dorrans, now at Microsoft, about the recent spate of security breaches at Certificate Authorities like Comodo and DigiNotar. What can you as an IT Pro do about this recent set of hacks? Other than replacing your potentially exploited certificate, not a lot. Barry talks about how these exploits have happened, what Microsoft, Google and others are doing about it and some possible long term solutions to the problems. Check out Barry's blog at idunno.org. Barry also mentions an alternative solution to Certificate Authorities called Convergence and why Chrome won't be implementing it.
Barry Dorrans is the author of Beginning ASP.NET Security from Wrox Press, a former Microsoft MVP in developer security and made the hop to Redmond last year to work on internal information security tools to stop people running riot on Microsoft's internal network, as well as owning AntiXSS. He blogs on an occasion basis at http://idunno.org and rants, raves and is rude on a 10 minute basis on twitter as @blowdart.