In late December it was revealed that RSA allegedly implemented flawed encryption technology to enable an NSA back door into its tokens. As a result of this, a few key speakers at this year’s RSA 2014 conference arebacking out of their speaking commitments in protest of RSA’s actions.
While understanding the rationale behind F-Secure’s decision to not participate and the spirit in which they’re doing it, I’m not convinced it’s the right move. If anything, it could be a missed opportunity to rail against exactly what was alleged to have transpired since the topic of Mikko Hypponen’s discussion was “Governments as Malware Authors.”
In my view, it would seem like the perfect opportunity to have that particular discussion and call out RSA on its own turf to demonstrate how no vendor is immune to what has allegedly happened in terms of the nefarious dealings with the NSA.
There are plenty of questions about what has happened with the NSA, security vendors and other large IT vendors and RSA is the perfect forum for those discussions to take place; at an event where everyone is talking about security.
Given all the discussions raging on about how much people and organizations can trust IT vendors, one thing I will point out, as I pointed out previously, WinMagic (a private, Canadian-based company), has not enabled any backdoors for anyone in our software.