[Cryptography] Boing Boing pushing an RSA Conference boycott
Phillip Hallam-Baker
hallam at gmail.com
Wed Jan 15 17:41:51 EST 2014
On Wed, Jan 15, 2014 at 5:04 PM, Jonathan Hunt <j at me.net.nz> wrote:
> > Rather than compiling lists of people who should be drummed out of the
> > industry for bad decisions their companies made in the past, how about
> > compiling a list of proposals for things that you think people should get
> > drummed out for in the future?
>
> I really don't understand how much worse RSA's situation could get
> before you'd agree with "drumming them out."
Tweet from Art Coviello saying "Time for some NSA backdoors in Fort Lee"
> They secretly took money
> from the NSA.
No they didn't. I knew about the deal at the time and I was a competitor.
RSA made no secret about getting the NSA gig. The only thing they didn't
publish was the amount and my sales guys knew that. It is probably in the
federal register.
> They, inexplicably, left a known-likely-backdoored RNG
> as the default in their crytography library for 5 years (while
> marketing it as being vetted by experts). Their recent response was
> laughable (essentially saying they used NIST standards and abdicating
> their own judgement). Is there anything a security company can do that
> would make you loose your good faith in them?
>
No, I don't have much faith in them anyway so nothing to lose there.
> (it also important to say that I'm not saying anything about
> individual employees/owners etc of RSA most of whom were probably
> uninvolved).
>
The people who made the decisions are likely long gone.
Corporations are not people.
--
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140115/abf77c3a/attachment.html>
More information about the cryptography
mailing list