« FFFT Home | Email msg. | Reply to msg. | Post new | Board info. Previous | Home | Next

Snoopy Update - More Un-American Activities

By: killthecat in FFFT | Recommend this post (0)
Sat, 21 Dec 13 7:28 PM | 37 view(s)
Boardmark this board | Food For Further Thought
Msg. 59249 of 65535
Jump:
Jump to board:
Jump to msg. #

Major computer security firm RSA took $10 million from NSA to weaken encryption.

As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned.

Documents leaked by former NSA contractor Edward Snowden show that the NSA created and promulgated a flawed formula for generating random numbers to create a "back door" in encryption products, the New York Times reported in September. Reuters later reported that RSA became the most important distributor of that formula by rolling it into a software tool called Bsafe that is used to enhance security in personal computers and many other products.

Undisclosed until now was that RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software, according to two sources familiar with the contract. Although that sum might seem paltry, it represented more than a third of the revenue that the relevant division at RSA had taken in during the entire previous year, securities filings show.

The earlier disclosures of RSA's entanglement with the NSA already had shocked some in the close-knit world of computer security experts. The company had a long history of championing privacy and security, and it played a leading role in blocking a 1990s effort by the NSA to require a special chip to enable spying on a wide range of computer and communications products.

RSA, now a subsidiary of computer storage giant EMC Corp, urged customers to stop using the NSA formula after the Snowden disclosures revealed its weakness.

RSA and EMC declined to answer questions for this story, but RSA said in a statement: "RSA always acts in the best interest of its customers and under no circumstances does RSA design or enable any back doors in our products. Decisions about the features and functionality of RSA products are our own."


- - - - -
View Replies (1) »



» You can also:
« FFFT Home | Email msg. | Reply to msg. | Post new | Board info. Previous | Home | Next