[Cryptography] Boing Boing pushing an RSA Conference boycott

[ianG]

On 15/01/14 06:00 AM, dan at geer.org wrote:
> 
> 
> Ranking Fortune 100 firms by the numbers of vulnerabilities they
> have distributed times the numbers of people they have distributed
> them to, RSA is an also ran.  Ranking Fortune 100 firms by the
> numbers of known monetary losses attributable to their vulnerabilities,
> whether direct (theft) or indirect (overtime for sysadmins), RSA
> is an also ran.  Ranking Fortune 100 firms by the numbers of enemies
> they have slept with, RSA is in the middle of the pack but way, way
> out of contention for the laurel wreath.  Ranking Fortune 100 firms
> by the attractiveness of penetrating them, RSA is top tier but
> ancillary, like a sexy supporting actress -- the main objects of
> desire are governments and their respective defense industrial
> bases.  Ranking Fortune 100 firms by the number of times they have
> made bad bets, RSA doesn't have enough money to make the kind of
> bets that could wreck anybody's civil economy.  Ranking worldwide
> firms by the fraction of their business that involves crimes against
> nature done while sucking on their respective government's tit, RSA
> doesn't come remotely close to making the A-list.
> 
> I'm not their friend, but this is a side show.


But, it is our side show.  All of the above examples are in other
businesses, where they promise little to do with security.  As the telco
CEO said, "our business is to connect phones together."

In our world, and in RSA's world, we promise to deliver security.  Not
phone calls, not oil-for-food, not airbases in Iraq, not 3rd world debt,
not higher returns, etc.

Security is the promise, and that was the promise RSA fell on.  When a
Samurai fails to protect his lord, he falls on his sword.  When he
delivers a lousy bowl of noodles, he cares not.  The lord should employ
a noodle cook.


> --dan



iang, who's wondering when his own promises are going to bring the sword
too close for comfort...