I wonder what the NSA got in return for the $25 million deal with Certicom.
On Fri, Dec 20, 2013 at 5:35 PM, Paul Ferguson <[email protected]> wrote: > > Whoa, Nelly. > > "As a key part of a campaign to embed encryption software that it could > crack into widely used computer products, the U.S. National Security > Agency arranged a secret $10 million contract with RSA, one of the most > influential firms in the computer security industry, Reuters has learned. > > "Documents leaked by former NSA contractor Edward Snowden show that the > NSA created and promulgated a flawed formula for generating random > numbers to create a "back door" in encryption products, the New York > Times reported in September. Reuters later reported that RSA became the > most important distributor of that formula by rolling it into a software > tool called Bsafe that is used to enhance security in personal computers > and many other products. > > "Undisclosed until now was that RSA received $10 million in a deal that > set the NSA formula as the preferred, or default, method for number > generation in the BSafe software, according to two sources familiar with > the contract. Although that sum might seem paltry, it represented more > than a third of the revenue that the relevant division at RSA had taken > in during the entire previous year, securities filings show." > > More: > http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ1C220131220 > > - ferg _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
