
For the truth I reached deep into the bowels of elliptic cryptography to an old friend who was one of the technology’s inventors.
"RSA is lying," said my friend. "No room for ambiguity on this one. The back-doored RNG was a blatantly obvious scam and they made it the default anyway".
My friend has no reason to lie and every reason to know what’s what in this tiny corner of technology, so I believe him. Besides, the Snowden revelations have all proven true so far.
What’s with EMC, then?
Forget for a moment about right and wrong, good or evil and think of this in terms of a company and one of its largest customers -- the US Government. It’s more than just that $10 million NSA payday EMC has to see as being at risk. With the Obama Administration’s back against the wall on this one, EMC has to see its entire federal account as endangered.
That’s the only reason I can imagine why an NSA contractor would say that they didn’t know the backdoor existed (we are incompetent, hire us) or that once they did know it existed they waited years to do anything about it.
These are not the kind of admissions corporate PR wants to make unless; a) they are being forced to do it, or; b) the real truth is even worse.
I’m guessing that EMC sees itself as taking one for the team. The problem, of course, is what team are they on? It certainly doesn’t seem to be that of the American people.
Full disclosure is the best course here and if full disclosure is prohibited by security regulations and spook laws then the thing to do is to get out of the business. I’m serious. EMC could and probably should simply resign the NSA account, which would say more about this case than any detailed explanation.
No comments:
Post a Comment