General Discussion

ReverendDeuce

(1,643 posts) Fri Dec 20, 2013, 06:03 PM Dec 2013

BREAKING: NSA paid US-company RSA to bug encryption software

The broader implication is that this more or less proves that the ECRNG certified by NIST was, in fact, tampered with by the NSA. It's been long suspected that this was the case, but there was never a smoking gun. This pretty much seals it.

http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ1C220131220

(Reuters) - As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned.

Documents leaked by former NSA contractor Edward Snowden show that the NSA created and promulgated a flawed formula for generating random numbers to create a "back door" in encryption products, the New York Times reported in September. Reuters later reported that RSA became the most important distributor of that formula by rolling it into a software tool called Bsafe that is used to enhance security in personal computers and many other products.

Undisclosed until now was that RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software, according to two sources familiar with the contract. Although that sum might seem paltry, it represented more than a third of the revenue that the relevant division at RSA had taken in during the entire previous year, securities filings show.

This is UNREAL... Every revelation that leaks out just boggles my mind! This is the same RSA that fought Clipper in the 90s. And now they are COMPLICIT!

Unreal... just unreal...

21 replies

= new reply since forum marked as read

Highlight:

BREAKING: NSA paid US-company RSA to bug encryption software (Original Post) ReverendDeuce Dec 2013 OP

Do we have any room left in any of our For Profit Prisons? RC Dec 2013 #1

The NSA acts like a virus or a worm. Ed Suspicious Dec 2013 #2

Rec and thanks for posting. Other NSA news is posted in the Progressive Group rhett o rick Dec 2013 #3

Good...I hope to see more proof of corporate collusion in the future... Blue_Tires Dec 2013 #4

RSA was acquired by Security Dynamics, makers of SecurID, in 1993. FarCenter Dec 2013 #5

K & R !!! WillyT Dec 2013 #6

Let the light shine grasswire Dec 2013 #7

Total surveillance, 24/7. Yay, "freedumb." blkmusclmachine Dec 2013 #8

Corporate users of compromised algorithm include Symantec, MacAfee, Cicso, IBM and on and on.... Poll_Blind Dec 2013 #9

recycled news from the Bush era quadrature Dec 2013 #10

^^^THIS^^^^^ eom 2banon Dec 2013 #17

redbaitersssssss..... come out to play-yayyyyy frylock Dec 2013 #11

Big Brother - Thy Name Is NSA cantbeserious Dec 2013 #12

Totally Out of F**king Control. marmar Dec 2013 #13

And why does everyone need encryption, the NSA is the biggest reason, it seems. Coyotl Dec 2013 #14

"Bsafe!" a HAHAhHaHAHAhahahaaaaaa ahhhh.... johnnyreb Dec 2013 #15

^ Wilms Dec 2013 #16

No, no, no, they're just collecting meta data. progressoid Dec 2013 #18

I believe the NSA has always worked out agreements to enable decryption. randome Dec 2013 #19

I'll just leave this here... ReverendDeuce Dec 2013 #21

I'm glad some of this is finally getting out. I hope it isn't to late. n/t Egalitarian Thug Dec 2013 #20

RC

(25,592 posts)

1. Do we have any room left in any of our For Profit Prisons?