MacNN Forums (http://forums.macnn.com/)
-   Tech News (http://forums.macnn.com/tech-news/)
-   -   RSA hits out at 'secret NSA contract' reports, claims innocence (http://forums.macnn.com/113/tech-news/506934/rsa-hits-out-secret-nsa-contract/)

 
NewsPoster Dec 23, 2013 12:26 PM
RSA hits out at 'secret NSA contract' reports, claims innocence
RSA Security has struck out <a href="http://macnn.com/rd/301110==http://www.electronista.com/articles/13/12/20/agency.pushes.vulnerable.encryption.standard/" rel='nofollow'>against claims</a> that the company was paid by the National Security Agency (NSA) to sell flawed encryption software that was vulnerable to surveillance. A blog post <a href="http://macnn.com/rd/301111==https://blogs.rsa.com/news-media-2/rsa-response/" rel='nofollow'>states</a> that it has never entered into a "secret contract" with the NSA, and that any collaboration between it and the agency has been openly publicized. <br />
<br />
A report <a href="http://macnn.com/rd/301107==http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ1C220131220" rel='nofollow'>by</a> <em>Reuters</em> late last week claimed that RSA was paid $10 million to promote the pseudorandom-number generator, with the payment made in exchange for the crackable generator to be used as the default setting in its Bsafe security tools. Critics pointed at the alleged payment as evidence of potential complacence with government surveillance. <br />
<br />
The EMC-owned company asserts that it made the decision to use the algorithm as the default setting in 2004, "in the context of an industry-wide effort to develop newer, stronger methods of encryption." It points out that though it was the default, there were multiple options in the Bsafe toolkit, with users able to select any that best suits their needs. It remained an option as it had been accepted as a <a href="http://macnn.com/rd/301108==http://csrc.nist.gov/" rel='nofollow'>NIST</a> standard and of its value in FIPS compliance, with NIST being relied upon when concerns about the algorithm surfaced in 2007. When NIST advised not to use the algorithm in September of this year, it "communicated that recommendation to customers and discussed the change openly in the media." <br />
<br />
At the end of the post, RSA states that it never divulges information about its dealing with customers, and has "never entered into any contract or engaged in any project with the intention of weakening RSA's products, or introducing potential 'backdoors' into our products for anyone's use." <br />
<br />
The post as a whole certainly attempts to distance RSA from the NSA and the <a href="http://macnn.com/rd/301109==http://www.electronista.com/articles/13/12/18/meeting.originally.to.have.discussed.both.nsa.and. healthcare.reform/" rel='nofollow'>surveillance scandal</a>, though considering the implications of the allegations, this will certainly have dented RSA's standings in the security industry.
 
GopherAlex Dec 23, 2013 02:30 PM
LOL. RSA's statement could have been written by Bill Clinton himself. Nothing it says contradicts anything Snowden revealed. What a bunch of dirty *******.
 
ricardogf Dec 23, 2013 03:36 PM
"that it never divulges information about its dealing with customers"

NSA included, of course - if they REALLY had ***** they would reveal everything, leave the US and tell the NSA to **** off.

It's amazing how Americans are able to say absolutely nothing with so many words - also known as the masters of hypocrisy.
 
Charles Martin Dec 23, 2013 10:14 PM
GopherAlex -- you misspelled "Dick Cheney" in your post. :)
 
All times are GMT -4. The time now is 04:06 AM.

Copyright © 2005-2007 MacNN. All rights reserved.
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2014, vBulletin Solutions, Inc.


Content Relevant URLs by vBSEO 3.3.2