RSA has issued a statement denying allegations made in Friday’s bombshell report that the encryption software provider received $10 million from the National Security Agency (NSA) in exchange for making a weak algorithm the preferred one in its BSAFE toolkit.
The press release hit the wire on Sunday, two days after Reuters said the secret contract was part of an NSA campaign to embed encryption software that the agency could break into widely used computer products. RSA’s statement was worded in a way that didn’t clearly contradict many of the article’s most damaging accusations.
RSA, which sells encryption software, supposedly took $10 million in order to make an NSA-weakened encoding system the default for their software. This system was so weak that almost anything using it could be cracked. But RSA did not appear to tell anyone that, and continued to promote the encoder even after it was shown to be weak.
So, why would anyone trust this company at all? Especially when their non-denial denial is so full of lawyer speak and loopholes?
The NSA destroys another company. More and more, I think Snowden should be given a pardon for revealing just how stupid the mostly unsupervised NSA was with regard to the economic health of American companies. It is very much of the “We had to destroy the village in order to save it” approach.
This is what happens to any human endeavor when no one is there to say “No!” epistemic closure in a government organization is usually especially deadly. Only Snowden’s revelations have opened this up, permitting us to finally say “No!”