Big tech needs to get whacked upside the head as a warning not to continue playing kissy with NSA. A RSA boycott leading to bankruptcy would certainly get their attention. RSA got $10 million from NSA for deliberately dumbing down their security. Thus, RSA has continually lied to and miselead their customers.
In a sign of the times, Mikko Hypponen, chief research officer at F-Secure, has announced he will not deliver the keynote at the upcoming RSA conference and is boycotting it. Others in the computer security field are calling for a RSA product boycott.
RSA’s response to this has been the usual tense legalese which, if carefully read, does not say they didn’t do it.
Recent press coverage has asserted that RSA entered into a “secret contract” with the NSA to incorporate a known flawed random number generator into its BSAFE encryption libraries. We categorically deny this allegation.
The flawed random number generator was already in the libraries so they didn’t have to incorporate it. Nor does RSA explain why they allowed this flawed algorithm which NSA could crack be the default method in a product with other vastly more secure methods.