Experts protesting NSA deal boycott largest U.S. security gathering

SAN FRANCISCO Fri Jan 17, 2014 11:30pm IST

A National Security Agency (NSA) data gathering facility is seen in Bluffdale, about 25 miles (40 kms) south of Salt Lake City, Utah, December 17, 2013. REUTERS/Jim Urquhart

A National Security Agency (NSA) data gathering facility is seen in Bluffdale, about 25 miles (40 kms) south of Salt Lake City, Utah, December 17, 2013.

Credit: Reuters/Jim Urquhart

Related Topics

Stocks

   
Priyanka Gandhi Vadra, daughter of Congress party chief Sonia Gandhi, adjusts her flower garlands as she campaigns for her mother during an election meeting at Rae Bareli in Uttar Pradesh April 22, 2014. REUTERS/Pawan Kumar

Election 2014

More than 814 million people — a number larger than the population of Europe — are eligible to vote in the world’s biggest democratic exercise.  Full Coverage 

SAN FRANCISCO (Reuters) - Several prominent computer security experts have canceled appearances at the largest annual U.S conference on security technology and are instead switching to a rival gathering, as discord grows over U.S. intelligence practices.

Nine security experts have ditched coveted speaking slots at the annual RSA Conference, to be held next month in San Francisco, in protest over the conference owner's dealings with the National Security Agency.

Instead, they will speak at the new and smaller 'TrustyCon' gathering to be held in the same city during the RSA event, billed as the first 'Trustworthy Technology Conference.' Backers include Def Con, which holds a major hacking conference each year in Las Vegas and the nonprofit Electronic Frontier Foundation.

Reuters reported last month that RSA Security, now a division of data storage maker EMC Corp (EMC.N), incorporated a flawed cryptography formula in a widely-used software tool under a $10-mil federal contract. The NSA-developed formula is now believed to have been breakable by the agency, though people familiar with the RSA arrangement told Reuters that executives had not realized that at the time.

"I don't think it's wrong for companies to work with the government. What's important is being trustworthy and honest with customers," said Alex Stamos. Stamos is involved in the setting up of TrustyCon. "The most charitable reading is that RSA failed to see the danger and didn't warn the customers."

RSA continued to use the NSA formula for years despite cryptography experts calling it suspicious, recommending its removal only when reports based on NSA documents leaked by former U.S. spy agency contractor, Edward Snowden prompted a federal standards body to drop its endorsement of the technology.

RSA said in December that it never knowingly compromised products and that a decade ago the NSA had been seen as a helpful partner in developing security tools.

But Def Con founder, Jeff Moss said RSA "seemed to lack a genuine interest in engaging with its customers" about what it had done and why, as well as what it had learned.

The RSA's executive chairman, Art Coviello, is scheduled to give one of the keynote speeches at the RSA event.

"It is not unusual for small events to happen alongside that aim to leverage the momentum and publicity of the RSA Conference, which is a good sign of a thriving industry event," the conference's organizers said in a statement on Friday, referring to the rival gathering.

"We've always embraced these activities and the open, healthy dialogue that springs from them."

DISAPPOINTMENT

Owned by RSA parent EMC, the RSA Conference depends on outside advisors to select topics. The program committee chair this year is Hugh Thompson, chief security strategist at Blue Coat Systems Inc PRJCBB.UL.

In an interview, Thompson said that while he was disappointed that some speakers had canceled, there would still be a great deal of discussion about Snowden's revelations and the roles played by RSA and its peers.

"There are a lot of questions that have been raised about the security infrastructure and how it works, and I do think it's going to lead to a very healthy debate," Thompson said. "This is a topic that is definitely going to be discussed."

More than 500 speakers will speak at the RSA Conference, which organizers expect to attract more than last year's record 24,000 attendees.

Among those withdrawing from the RSA Conference include Mikko Hypponen, chief research officer at Finland-based security company F-Secure (FSC1V.HE), two researchers from Google Inc (GOOG.O), and Jeffrey Carr, a consultant who runs his own conferences on cyber intelligence-gathering and defense.

Some said the RSA deal struck such a nerve because it is the first security company to be identified as having a contractual relationship with the NSA that ultimately weakened security. Others have slammed the conference withdrawals, citing many companies and different countries are guilty of similar, unreported behavior.

Hypponen, Moss, and RSA critics from the Electronic Frontier Foundation and American Civil Liberties Union will be among the TrustyCon presenters, Stamos said. Hypponen's speech will cover malicious software created by governments.

(Reporting by Joseph Menn; Editing by Jonathan Weber, Lisa Shumaker and Sofina Mirza-Reid)

FILED UNDER:
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.

  • Most Popular
  • Most Shared

Apple

REUTERS SHOWCASE

Hacking Threat

Hacking Threat

All at sea: global shipping fleet exposed to hacking threat.  Full Article 

Mt. Gox Update

Mt. Gox Update

Tokyo Court orders bankruptcy trustee to begin Mt. Gox liquidation .  Full Article 

Net Neutrality

Net Neutrality

U.S. regulators to propose new net neutrality rules in May.  Full Article 

Facebook Results

Facebook Results

Facebook Q1 revenue grows 72 percent on rising mobile ads.  Full Article | Related Story 

Huawei Shrugs

Huawei Shrugs

China's Huawei says reports of NSA spying won't impact growth  Full Article 

Betting on Content

Betting on Content

AOL, Microsoft lure advertisers with TV-style shows.  Full Article 

Restructuring Plans

Restructuring Plans

Zynga's Pincus withdraws from operations amid turnaround.  Full Article 

Security Threat

Security Threat

FBI warns healthcare sector vulnerable to cyber attacks.  Full Article 

Online Streaming

Online Streaming

Amazon grabs rights to stream older HBO shows.  Full Article 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage