[Cryptography] What do we know? (Was 'We cannot trust' ...)
Phillip Hallam-Baker
hallam at gmail.com
Sat Dec 28 12:39:11 EST 2013
On Tue, Dec 24, 2013 at 3:28 AM, James A. Donald <jamesd at echeque.com> wrote:
> On Dec 23, 2013, at 5:00 AM, "James A. Donald" <jamesd at echeque.com> wrote:
>
>> But what RSA did was provide backdoored BSAFE to everyone, not just one
>>> government agency.
>>>
>>
> On 2013-12-24 02:13, Jerry Leichter wrote:
>
>> Well ... yes, that's the way commercial software works. Everyone buys
>> the same thing.
>>
>
> Not when you are selling to government agencies. If they want a
> customized product, you produce a fork or a skew for that government agency
> and charge them extra.
Except that the main customer base for BSafe these days is government
suppliers and what most of us assumed the point of the contract to be was
making a FIPS certified Suite B implementation available to government
suppliers.
It was a social engineering attack and they got pwned. I don't think it is
appropriate to allege collusion or malice to RSA or EMC.
What is rather telling is that the NSA is apparently subverting US
government crypto and nobody seems to be asking if the motivation was not
to spy on other parts of USG and if so to what end.
>From 1953 through the Nixon era, the business of the NSA and CIA was
toppling inconvenient governments. The military command is full of Fox News
watching Tea Party types. There are a lot of US politicians who openly
mouth treason and their are military officers who refer to those comments
'in jest'.
I don't think their coup attempt will amount to anything more than the
recent Spanish farce but they are certainly talking themselves up to
something of the sort and they will probably get a lot of people killed in
the process.
--
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131228/5f156431/attachment.html>
More information about the cryptography
mailing list