doctorow at January 21st, 2014 00:03 — #1
danegeld at January 21st, 2014 00:50 — #2
You'd think that RSA would want to get the NSA collaboration episode behind them as quickly as possible. Possibly a bit of blood-letting. The keynote should be an audit and full disclosure of that they did with the NSA, and what they've done to remove that influence.
versuchsanstalt at January 21st, 2014 02:44 — #3
I'd love to see Stephen perform a la Correspondent's Dinner at RSA Con and host a panel at TrustyCon out of character.
corollax at January 21st, 2014 02:56 — #4
[A] Reuters report ... suggested the NSA had paid RSA $10 million to include flawed code in one of their random number generators.
This is misleading. The code that RSA included was not flawed -- it was in fact performing exactly as the algorithm designer intended. It was the algorithm itself which was corrupted, and this was suspected as early as 2007. The difference is that now we have confirmation of that suspicion by means of the Snowden leaks.
There's nothing wrong with implementing this algorithm, especially since doing so is required for satisfying FIPS 140-2. Even SSL and OpenSSL did so. The issue is that RSA received $10 million to select this PRNG as the default in their applications, even when they had reason to suspect that the algorithm could be compromised.
The application has a backdoor, but it's not because of a flaw in the code. It's because flawed algorithm created by a corrupted standardization process.
jons at January 21st, 2014 03:53 — #5
An algorithm is code that takes an input and produces an output.
Furthermore, that algorithm was expressed as code, embedded in the products that RSA sold.
There is nothing wrong with the way Reuters expressed themselves.
Edit: It's kind of interesting that Bruce Schneier is still(?) presenting one talk and part of the panel for another at the RSA conference.
nofare at January 21st, 2014 04:35 — #6
"(...) with sponsorship from (...) Microsoft."
... let that bit of divine irony sink in.
kimmo at January 21st, 2014 04:57 — #7
Have Microsoft hired someone who knows how to generate good PR?
corollax at January 21st, 2014 05:54 — #8
"Flawed code" implies that there was an error in the implementation of the algorithm, and that a correct implementation would not suffer the same error. There was no flaw. The code performed exactly as intended.
hallam at January 21st, 2014 07:09 — #9
That is because it is more important to tell people about what the NSA is up to than to punish the (somewhat) guilty. He is the only person who has seen the documents who is in the US right now, or at least the only one who is known publicly.
Unlike Cory, I have actually exchanged email with the people involved. I am not aware of any public statement calling for people not to attend RSA Conference.
The damage limitation has been abominable. What they will probably do is the same thing they did last time they got pwned. Art will give his presentation then hand over to a VP to give the detailed explanation of the damage.
hallam at January 21st, 2014 08:16 — #10
Microsoft is peeved because the NSA cracked their CA in the Flame incident.
I brought this up in the 'public private partnership' session at the last RSA. We had the usual guff about government and industry working together. So I asked how that is possible when the US government has been attacking US companies as was demonstrated in Flame.
The a**-w*** moderator jumped in to stop the guy answering the question. This despite the fact that the Flame incident was well documented and the attack on the Microsoft CA is well known. I suspect the reason he did that was that he knew damn well that Chertoff and Daniel might risk saying something on the record about a classified incident.
One of the reasons I think we should boycott the NIST conference in April is that the message we need to get out is that the NSA has wrecked the chances of the public/government partnerships the government keeps talking about. And this is something that a lot of government people are fuming about.
This type of thing is the reason that I keep warning people not to start pointing fingers at each other. If we start fighting each other the NSA gets off scot free.
We need to end the military management of the NSA. I have met some of the generals who ran the NSA and I think at least one of them is the type who would stage a coup to stop an imaginary communist takeover. And I wasn't the only person at the meeting who formed that opinion. These are people with very limited intellectual horizons and no ability to cope with unstructured environments.
funruly at January 21st, 2014 10:16 — #11
hey @hallam, since this seems to be a wheelhouse of yours, I'm curious on your take on the RSA/Lockheed breach. That is, given the types of capabilities the NSA is reported to have, including being cozy with RSA, why wasn't that incursion foiled?
hallam at January 21st, 2014 11:32 — #12
Yes, if people want to punish RSA take it out on their tokens business, not the conference. Targeting the conference will harm our ability to fight back against the NSA.
What I don't want to see is people suggesting that people attending the RSA conference are somehow on the side of the NSA. There are maybe a couple of hundred top level crypto protocol designers. And we need all of them right now. The possibility that someone might have been suborned by the NSA changes nothing, we have always been aware of that as a possibility.
It not just RSA people are proposing to boycott. Some people have proposed smashing up the IETF as well. Which is not going to help me with my attempt to make email secure. I need that infrastructure. Whether it might be compromised or not is irrelevant because any replacement is certain to be penetrated from the start.
But the reason to be concerned about the tokens is not (just) because of the NSA breach, its because the token design is intrinsically insecure. The tokens are not based on public key cryptography, they use a symmetric scheme. That means there is no room for transparency or audit. There is no way to know if an access occurred due to malfeasance by the token provider rather than the token user.
To be honest I am a little nervous about saying 'boycott the tokens' as this can be seen as self-interested, I have already proposed an alternative back in 2011 which was in part a response to the RSA/Lockheed breach:
The draft is expired but the technology is still under active development as one of the components in the Prism-Proof email scheme I am working on. I have to provide a way to easily move keys from one device to another and that requires a confirmation type scheme. Which has to be auditable.
The protocol is open (as far as I know) but obsolete at this point since the field has now moved on to JSON and so it needs to be rejiggered.
jons at January 21st, 2014 12:35 — #13
Wait ... so now it IS ok to boycott conferences, but only the ones you specify?
Could you please provide a list of conferences that we are allowed to boycott? You might want to encryp... opps, never mind.
hallam at January 21st, 2014 13:08 — #14
Its not the conference thats the problem, its the trade show. Thats where 10,000 people come to buy security products to defend against the NSA and other governments attacking the Internet. Setting up the talks as a parallel conference next door seems like a good compromise to me.
NIST is part of the federal government and played a far closer role than RSA in the DRNG affair. They were the ones who blessed it.
People are going to be talking about Snowden and the NSA spying during RSA week regardless. An event in April creates an additional media opportunity.
doctorow at January 26th, 2014 00:03 — #15
This topic was automatically closed after 5 days. New replies are no longer allowed.