[Cryptography] Boing Boing pushing an RSA Conference boycott

Phillip Hallam-Baker hallam at gmail.com
Tue Jan 14 14:01:36 EST 2014


On Tue, Jan 14, 2014 at 1:36 PM, Bear <bear at sonic.net> wrote:

> On Mon, 2014-01-13 at 14:16 -0500, Kent Borg wrote:
> > On 01/13/2014 10:23 AM, Phillip Hallam-Baker wrote:
> > > Unless someone shows evidence that RSA actually knew they were being
> > > punked, the boycott makes no sense.
>
> > If we can't make selling security pay, we can maybe make selling
> > insecurity cost.  There are a lot of other suits watching this, seeing
> > how RSA fairs.  I want them to see something gruesome, something that
> > worries them.  (The same way I want a banker or two who nearly dumped us
> > into DEPRESSION to go to jail, so others will think twice.)
>
> I tend to agree.  If RSA doesn't go down in flames over its utter
> failure, then people will learn from that fact that security is a
> joke industry.  That's a problem we already have badly enough with
> the failure after failure after failure revealed by the Snowdon
> files.
>
> I don't think that there is any real hope of building a secure
> infrastructure for the world if the world learns by this example
> that an industry leading security company can completely fail in
> its primary mission without consequence.
>
> That would be a vote of no confidence in the entire security
> industry, like an acknowledgement that there can never be security
> and there's no point in even trying.
>

I am really reluctant to set that type of precedent. I think that we are
not finished with the disclosures yet. If we take everyone out to the
woodshed and hack their heads off each time we find out about the next NSA
hack, well we might find that none of us are left to do the work that needs
to be done.



> That said, I don't think a conference boycott is specific enough.
> A conference boycott hurts everyone at the conference.  And most
> of them have not been complicit (or merely incompetent, which is
> nearly as bad) in betrayal of the public.
>

That is my problem. Hurt RSA if you like, fine. But boycotting the show is
like boycotting the village fete because the Lord of the Manor let a cow
get loose and trample everyone's begonias.


-- 
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140114/836b0436/attachment.html>


More information about the cryptography mailing list