Cyber Security Experts Boycott, Refuse to Speak at RSA Conference After NSA Deal
January 9, 2014 4:17 PM
comment(s) - last by
NSA entered into a $10 million contract with RSA to place a flawed formula within encryption software
Security industry leader
RSA was caught working with the U.S. National Security Agency
(NSA), and now it's seeing some backlash from former allies.
According to a new report from
, some leaders in the computer security world who were scheduled to speak at the RSA Conference next month have backed out due to recent discoveries about the RSA's connections with the NSA.
The report said Mikko Hypponen, chief technology officer of F-Secure; Josh Thomas, the Chief Breaking Officer at security firm Atredis, and Jeffrey Carr, another security industry veteran who analyzes espionage and cyber warfare methods, have all canceled their presentations at the RSA Conference.
Carr and Hypponen have taken it a step further by boycotting the conference. Hypponen said "nationality" was the reason for his cancellation while Carr said the RSA had violated its customers' trust.
"I don't want to send mixed messages, so I have canceled all my appearances at RSA 2014," said Hypponen.
Once Carr announced his boycott, others followed, including Marcia Hoffman, privacy attorney and former Electronic Frontier Foundation lawyer; Alex Fowler, Mozilla privacy and public policy expert; Christopher Soghoian, American Civil Liberties Union advocate and privacy expert; Adam Langley, Google security expert, and Chris Palmer, Google Chrome security engineer.
The RSA Conference is scheduled for next month in San Francisco.
Jeffrey Carr [SOURCE: jeffreycarr.blogspot.com]
According to documents leaked by former NSA contractor Edward Snowden, the NSA entered into
a $10 million contract with RSA
to place a flawed formula within encryption software (which is widely used in personal computers and other products) to obtain "back door" access to data. The RSA software that contained the flawed formula was called Bsafe, which was meant to increase security in computers. The formula was an algorithm called Dual Elliptic Curve, and it was created within the NSA. RSA started using it in 2004 even before the National Institutes of Standards and Technology (NIST) approved it.
RSA said it had no idea that the algorithm was flawed, or that it gave the NSA back door access to countless computers and devices. The NSA reportedly sold the algorithm as an enhancement to security without letting the RSA in on its real intentions.
"Recent press coverage has asserted that RSA entered into a 'secret contract' with the NSA to incorporate a known flawed random number generator into its BSAFE encryption libraries. We categorically deny this allegation," said RSA in a
Many in the security community were surprised at RSA's entanglement with the NSA, but the latest news of a $10 million contract as well has really shocked the industry.
RSA is known as a pioneer in the realm of computer security, and has notoriously fought off the NSA in previous attempts at breaking encryption in the 1990s.
"I can't imagine a worse action, short of a company's CEO getting involved in child porn," said Carr. "I don't know what worse action a security company could take than to sell a product to a customer with a backdoor in it.”
This article is over a month old, voting and posting comments is disabled
NSA is Schizophrenic
1/10/2014 8:40:15 AM
The NSA is tasked with both intercepting foreign communications and protecting US government communications from being intercepted and cracked. So half of them want to put back doors in the security standards, and the other half don't. Sorta funny if you think about it.
It does, however, make sense that a company/standards committee would be thrilled to get and algorithm from them since they employ a VERY large number of very smart cryptologists. I just would've thought if they were not in bed with the NSA they would've double checked and triple checked it for backdoors before using it.
"There is a single light of science, and to brighten it anywhere is to brighten it everywhere." -- Isaac Asimov
RSA Responds to Claim that it Gave NSA Back Door Access in Exchange for $10M
December 23, 2013, 11:43 AM
Apple Releases iOS 8.1; Adds Apple Pay Support, SMS Relay, Instant Hotspot
October 20, 2014, 1:00 PM
Quick Note: Android Gmail App to Gain Yahoo, Outlook Account Support
October 20, 2014, 9:15 AM
Sony Gets With the Program, Pledges to Update Entire Xperia Z Lineup to “Lollipop”
October 17, 2014, 9:28 AM
HP webOS Support, Cloud Services to Go Offline on January 15, 2015
October 16, 2014, 12:29 PM
Windows 10 Technical Preview: Over One Million Testers and Counting
October 13, 2014, 4:41 PM
Update: Apple Confirms October 16 Event for New Hardware, Software
October 8, 2014, 2:29 PM
Most Popular Articles
Cool Science Video of the Day: Carnivorous Leech Eats Giant Jungle Worm
October 16, 2014, 6:44 PM
Chinese Government Declares Digital War Against America's Top Tech Firms
October 20, 2014, 12:07 PM
PS4 "Masamune" Update 2.0 Will Bring New Music and Customization Features
October 17, 2014, 1:05 PM
HBO, CBS Lead Charge to Ditch Cable
October 16, 2014, 4:40 PM
Update: Motorola Droid Turbo Coming Oct 28, 48-hour Battery Life Confirmed
October 19, 2014, 9:19 PM
Latest Blog Posts
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
Space Terrorism is a Looming Threat For the United States
Apr 23, 2014, 7:47 PM
Facebook Aims to Provide Internet to "Every Person in the World" with Drones, Satellites
Apr 1, 2014, 10:20 AM
Retail Mobile Sites Experience Outages in Light of Simplexity's Bankruptcy
Mar 14, 2014, 8:48 AM
More Blog Posts
Copyright 2014 DailyTech LLC. -
Terms, Conditions & Privacy Information