RSA Boycot Group Sets Up Rival Conference 84
judgecorp writes "The group of security experts who urged people to boycot the RSA conference (over allegations that the security firm RSA has taken a $10 million bribe from the NSA to weaken the security of its products) have put together a rival conference called TrustyCon just down the road from San Francisco's Moscone Center, where the EMC-owned firm will have its conference at the end of February."
Better Hope ... (Score:0, Insightful)
The all better hope that they don't have any skeletons in their closet or some of them will fork to another conference.
I completely support this move, but he who is without sin, etc, etc.
Re:It's a trap! (Score:5, Insightful)
Convinced people things were secure when in fact it's significantly weakened to allow the NSA to spy on people.
If we're to believe news reports, we all suffer from much worse internet security because the NSA et al wanted to be able to monitor stuff.
So, internet banking, internet shopping, and pretty much everything is suspected to now have flaws in the cryptography.
They've done this to all of us, regardless of if we've been to the conference.
Get rid of Samzenpus (Score:5, Insightful)
What the fuck? A boycot in Sand Francisco? Does Samzenpus even read this stuff?
Re:It's a trap! (Score:5, Insightful)
If I'm going to choose between who is more credible, the people providing examples and evidence of what they're doing ... or the lawmakers who keep braying that it's all legal ... then I'm afraid I'm more inclined to trust the news reports based on the leaks from Snowden.
By rather a considerable margin.
We already know the people defending this have lied about what they really do, which means they're not really deserving of any of our trust.
Re:It's a trap! (Score:5, Insightful)
The alternate response is that if RSA did knowingly weaken commercial security, then you more or less have to stop trusting them.
Acting like they've had a change of heart, and promise to never do it again is meaningless.
In other words, the rest of the security community is turning their back on RSA for not being trustworthy -- and when you're a security company, that's a big deal.
Re:It's a trap! (Score:5, Insightful)
You didn't ask me, but I can still provide an answer. "What has the NSA done to people?"
No frigging clue, because everything done is "secret". You can assume that they have done nothing, and I can assume they have done everything. Both of those are assumptions and neither could be proven.
So has the NSA turned over documents to Police agencies, employers, the IRS, etc.. that have led to investigations or damages? I believe we have enough circumstantial evidence to believe the first and third of those examples have happened. I'm not trying to patronize, but you can look at Parallel investigations and the IRS investigating non-profits for more information. It was impossible to tell if you were defending them or not, so you may already have knowledge of the subjects.
This is why we should all be demanding transparency from the agency and accountability from the whole Government. We don't know what they are doing because they label everything "secret". I find it logical to assume that if they are immoral in one area, we can assume that they are immoral in more areas. Wrong follows wrong, always has and always will.
The same concerns we have over the NSA should exist with a company like RSA who only apologized and told customers to change practices _after_ they were caught taking money from a government agency at the expense of customers. They never refunded a penny to customers either, so they are more than deserving of a boycott.
Re:It's a trap! (Score:5, Insightful)
This is wrong on just about ever level. Fact: The NSA is not a Law Enforcement agency, and has no authority to arrest or detain people. We know through leaks that they do provide data to various law enforcement agencies, then those agencies have been instructed to (illegally) reconstruct the data to keep the NSA out of the picture. We know the NSA provided data to the IRS who then audited political groups.
I can see questioning the use of "honeypot conference", or lacking knowledge of what crossing them would lead to. I don't agree with you painting them as innocent because we have enough facts to know they are not innocent. How guilty they are is a valid question.
Re:It's a trap! (Score:2, Insightful)
The media companies have been lying for their own profit for far longer and far more frequently than the NSA.
I'm not particularly inclined to trust anybody affirming or denying anything outright. None of it can be independently verified.
Re:It's a trap! (Score:5, Insightful)
I'm not particularly inclined to trust anybody affirming or denying anything outright. None of it can be independently verified.
That's not true. We can witness the behaviors of the organization. Note how they started with denial, then moved towards excuses, and now have clammed up entirely. This tells us something about their behavior, and if we assume that behavior makes sense in context with the truth, then we get a glimpse of that truth as well.
Sort of like the Keppler telescope.
Re:It's a trap! (Score:5, Insightful)
The alternate response is that if RSA did knowingly weaken commercial security, then you more or less have to stop trusting them.
And if they didn't Knowingly weaken security, but rather did so unwittingly, then you also have to stop trusting them.
If they are that incompetent they had no clue, they probably don't belong in the business.
They only came out and told people to stop using their broken software AFTER Snowden made it known that it was compromised.
NIST is pretty much in the same predicament.