The RSA security conference (where the world’s security companies come to do business with each other), opened its doors this week in San Francisco to a wide range of protests by security professionals who would otherwise be attending and speaking at the conference.
The protests might be called "obnoxious," "pointless" and "first world outrage" -- but the protesters affiliated with hacker conference DEF CON, organization Code Pink, and sold-out opposition conference "TrustyCon" are getting everyone's attention this week.
Today's protest by two noted DEF CON -affiliated organizations (Vegas 2.0 and DC408) have bought out the entire nearby Chevy's restaurant and are turning away RSA attendees and speakers -- notably in the past hour, a visibly irritated Kevin Mitnick.
At the heart of the conflict are the weighty allegations that RSA deliberately weakened encryption standards in a contract with the U.S. National Security Agency to provide the government agency "back door" access.
In December 2013 Reuters reported,
As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned.
One of the security professionals staffing today's protest at Chevy's wrote in a blog post, "Our privacy was sold out for less than the cost of most luxury homes."
RSA issued a statement denying the allegations.
Robert Imhoff, Co-Founder Vegas 2.0 and Chevy's protest lead told ZDNet today,
RSA could begin to fix this by going on the record with a detailed response about the accusations.
Instead, they've pulled an Edward Bernays and haven't answered the questions directly, leading many in the community to wonder what other shenanigans they have going on.
It's time for RSA to come clean.
Yesterday Code Pink unfurled a hot pink "RSA <3 NSA" banner down the side of Moscone Center North, where the gigantic expo floor is housed.
The act was short-lived: protesters were escorted off the grounds and their banner removed quickly.
Protest at#RSAC. pic.twitter.com/bQUZkjiIEU— Howard Haile (@Howard_Haile) February 25, 2014
Most RSA attendees and speakers are headed to Chevy's today for an inexpensive, quiet, sit-down meal.
When they walk up they're greeted by lab-coat wearing "Vegas 2.0" members (a decade-old independent hacker group that runs DEF CON's largest fundraiser for the EFF), and a discussion about RSA's relationship with the NSA begins.
This Chevy's is one of the few "reasonably priced" food options next to the RSA Conference.
This will make it so only "Explorer Pass", BsidesSF and TrustyCon attendees get exclusive use of this venue during peak of the Vendor Expo portion of RSA Conference.
RSA attendees with red badges -- paying attendees and speakers -- are refused entry, and the protesters are handing out flyers explaining the protest's intent to raise awareness about allegations against the RSA, and RSA's inaction, all seen as a breach of trust that is clearly splintering the wider security community.
The protest runs from 11-5pm, all day today.
The looks on the faces of those holding red-edged badges when they're told the restaurant is essentially closed, and why, is somewhat priceless.
Tomorrow is opposition conference "Trustycon" (Trusted Computing Conference), held at the Metreon, around the corner from RSA, has sold out and is currently holding a wait list of 300.
Juniper says pulling out of a conference out of protest is “first world outrage.” #RSAC— Danny Yadron (@dannyyadron) February 25, 2014
Trustycon is featuring thirteen speakers who withdrew their scheduled RSA talks in anger over the RSA allegations. Noted speakers include Mikko Hypponen, Marcia Hoffmann, Adam Langley, Mozilla's Alex Fowler, Christopher Soghoian, Jim Manico (OWASP Global Board Member), and other notable figures from the security industry.