Re: Exclusive: Secret contract tied NSA and security industry pioneer

[Jeffrey Walton <noloader () gmail com>]

I wonder what the NSA got in return for the $25 million deal with Certicom.

On Fri, Dec 20, 2013 at 5:35 PM, Paul Ferguson <fergdawgster () mykolab com> wrote:
> Whoa, Nelly.
>
> "As a key part of a campaign to embed encryption software that it could
> crack into widely used computer products, the U.S. National Security
> Agency arranged a secret $10 million contract with RSA, one of the most
> influential firms in the computer security industry, Reuters has learned.
>
> "Documents leaked by former NSA contractor Edward Snowden show that the
> NSA created and promulgated a flawed formula for generating random
> numbers to create a "back door" in encryption products, the New York
> Times reported in September. Reuters later reported that RSA became the
> most important distributor of that formula by rolling it into a software
> tool called Bsafe that is used to enhance security in personal computers
> and many other products.
>
> "Undisclosed until now was that RSA received $10 million in a deal that
> set the NSA formula as the preferred, or default, method for number
> generation in the BSafe software, according to two sources familiar with
> the contract. Although that sum might seem paltry, it represented more
> than a third of the revenue that the relevant division at RSA had taken
> in during the entire previous year, securities filings show."
>
> More:
> http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ1C220131220
>
> - ferg
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.