Saturday, December 21, 2013

Who can you trust?

One of the biggest name in computer security is RSA. And wouldn't you know it...they made a deal with the devil -- or at least, with the NSA.
Documents leaked by former NSA contractor Edward Snowden show that the NSA created and promulgated a flawed formula for generating random numbers to create a "back door" in encryption products, the New York Times reported in September. Reuters later reported that RSA became the most important distributor of that formula by rolling it into a software tool called Bsafe that is used to enhance security in personal computers and many other products.

Undisclosed until now was that RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software, according to two sources familiar with the contract. Although that sum might seem paltry, it represented more than a third of the revenue that the relevant division at RSA had taken in during the entire previous year, securities filings show.
The folks at RSA are now complaining that they didn't really know and they were misled.

What's amazing is that the sums involved were rather piddling. What does it profit a company to sell its soul for $10 million? Who would trust RSA now? Security is the very reason why people go to RSA. Customers don't pay that company to have secret back doors installed on their systems.

But that's a problem with modern capitalism: These days, too many executives just want to sock away large bonuses. Retirement money. They don't care about the long-term health of the firm.

By the way: As you peruse the blogs which deal with this story, be on the lookout for the anti-Snowden, anti-Greenwald trolls. It's all pretty obviously pre-packaged. Who pays for all of that astroturf? Probably the same people who paid ten mill to RSA.
Note the initials on BSafe. BS. These guys think they're so funny.
Post a Comment

<< Home

This page is 

powered by Blogger. 

Isn't yours?