The National Security Agency
continues to wield its commercial kiss of death, causing business
to flee from American firms that have, inadvertently or
deliberately, been involved in the snooping. Last month,
Boeing lost a multi-billion dollar contract with Brazil over
the NSA’s shenanigans.
More billions in European business are at risk for U.S.
companies feared as direct conduits to the spies. And now attendees
are dropping out of the cybersecurity-oriented RSA Conference after sponsoring
company, RSA Security
LLC, was revealed to have accepted millions of dollars in
building a backdoor into its encryption software.
Just before Christmas,
Former U.S. National Security Agency (NSA) contractor Edward
Snowden has brought many NSA secrets to light this year, the most
recent being a “secret” contract between the agency and security
industry leader RSA.
According to more documents leaked by Snowden, the NSA entered
into a $10 million contract with RSA to place a flawed formula
within encryption software (which is widely used in personal
computers and other products) to obtain “back door” access to
The RSA software that contained the flawed formula was called
Bsafe, which was meant to increase security in computers. The
formula was an algorithm called Dual Elliptic Curve, and it
was created within the NSA. RSA started using it in 2004 even
before the National Institutes of Standards and Technology (NIST)
RSA insists it was duped and that using a flawed algorithm
supplied by the NSA was not deliberate. But the damage was done.
Mikko Hypponen, chief technology officer of F-Secure with
decades under his belt as a security researcher, canceled his
annual presentation at the American-hosted RSA Conference, to be
held in San Francisco in February. …
The day before Hypponen canceled his talk in December, Josh
Thomas, the “Chief Breaking Officer” at security firm Atredis,
canceled his scheduled talk via Twitter.
Jeffrey Carr, another security industry veteran who works in
analyzing espionage and cyber warfare tactics, took his
cancellation a step further. Yesterday, he publicly called for a
boycott of the conference, saying that RSA had violated the trust
of its customers.
Other prominent cybersecurity figures have followed suit,
seeking to punish the company and, no doubt, wishing to distance
themselves from the black hole of ethical choices and commercial
opportunities that surrounds the intersection of the NSA with
anything. Expressing the sentiments of the cybersecurity
community regarding RSA’s actions, Carr said, “I can’t imagine a
worse action, short of a company’s CEO getting involved in child
Truly, government has a magic ability to ruin everything it
If you’re going to be a back door man, this is how you do
from Hit & Run http://reason.com/blog/2014/01/09/nsa-connection-has-attendees-fleeing-enc