'Obnoxious' RSA protests by DEF CON organizations, Code Pink draw ire

'Obnoxious' RSA protests by DEF CON organizations, Code Pink draw ire

Summary: Code Pink unfurled banners yesterday, today DEF CON -affiliated organizations protest on the ground, and tomorrow a sold-out protest event show that "obnoxious" RSA protests are certainly drawing attention.

SHARE:
14
RSA 2014

 

The RSA security conference (where the world’s security companies come to do business with each other), opened its doors this week in San Francisco to a wide range of protests by security professionals who would otherwise be attending and speaking at the conference.

The protests might be called "obnoxious," "pointless" and "first world outrage" -- but the protesters affiliated with hacker conference DEF CON, organization Code Pink, and sold-out opposition conference "TrustyCon" are getting everyone's attention this week.

Today's protest by two noted DEF CON -affiliated organizations (Vegas 2.0 and DC408) have bought out the entire nearby Chevy's restaurant and are turning away RSA attendees and speakers -- notably in the past hour, a visibly irritated Kevin Mitnick.

At the heart of the conflict are the weighty allegations that RSA deliberately weakened encryption standards in a contract with the U.S. National Security Agency to provide the government agency "back door" access.

In December 2013 Reuters reported,

As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned.

One of the security professionals staffing today's protest at Chevy's wrote in a blog post, "Our privacy was sold out for less than the cost of most luxury homes."

RSA issued a statement denying the allegations.

Robert Imhoff, Co-Founder Vegas 2.0 and Chevy's protest lead told ZDNet today,

RSA could begin to fix this by going on the record with a detailed response about the accusations.

Instead, they've pulled an Edward Bernays and haven't answered the questions directly, leading many in the community to wonder what other shenanigans they have going on.

It's time for RSA to come clean.

Yesterday Code Pink unfurled a hot pink "RSA <3 NSA" banner down the side of Moscone Center North, where the gigantic expo floor is housed.

The act was short-lived: protesters were escorted off the grounds and their banner removed quickly.

Most RSA attendees and speakers are headed to Chevy's today for an inexpensive, quiet, sit-down meal.

When they walk up they're greeted by lab-coat wearing "Vegas 2.0" members (a decade-old independent hacker group that runs DEF CON's largest fundraiser for the EFF), and a discussion about RSA's relationship with the NSA begins.

This Chevy's is one of the few "reasonably priced" food options next to the RSA Conference.  

This will make it so only "Explorer Pass", BsidesSF and TrustyCon attendees get exclusive use of this venue during peak of the Vendor Expo portion of RSA Conference.

RSA attendees with red badges -- paying attendees and speakers -- are refused entry, and the protesters are handing out flyers explaining the protest's intent to raise awareness about allegations against the RSA, and RSA's inaction, all seen as a breach of trust that is clearly splintering the wider security community.

The protest runs from 11-5pm, all day today.

DSC06396

 

The looks on the faces of those holding red-edged badges when they're told the restaurant is essentially closed, and why, is somewhat priceless.

RSA protest material

 

Tomorrow is opposition conference "Trustycon" (Trusted Computing Conference), held at the Metreon, around the corner from RSA, has sold out and is currently holding a wait list of 300.

Trustycon is featuring thirteen speakers who withdrew their scheduled RSA talks in anger over the RSA allegations. Noted speakers include Mikko Hypponen, Marcia Hoffmann, Adam Langley, Mozilla's Alex Fowler, Christopher Soghoian, Jim Manico (OWASP Global Board Member), and other notable figures from the security industry.

Topics: Security, Government US

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

14 comments
Log in or register to join the discussion
  • I wouldn't trust the RSA

    with a stick of chewing gum.. string up the lot of 'em and let 'em be buzzard bait.
    thx-1138_
  • Where's The Hard Proof?

    Such an extremely serious allegation.
    Where is the 'Smoking Gun' that RSA did actually take $10M from NSA to dumb down the code?
    As I've said before on similar issues; 'Put up or Shut Up'.
    PreachJohn
    • It's never about the evidence

      With these folks, it's always about the seriousness of the charge
      baggins_z
    • The hard proof and smoking gun

      The "hard proof" and the "smoking gun" have been out there for months for anyone watching the news.

      A few years back RSA tools had some questionable decisions. At the time it was some hard-to-believe mistakes. First, why would RSA include such a new, untrusted cipher when so many stronger ones were known, and not indicate the experimental nature? Second, why would they make an untrusted cipher the default? There were unsubstantiated allegations at the time, but when RSA claimed it was an accident, and considering their track record at the time, the community accepted the claim.

      December's batch of Snowden's leaked documents showed both weaknesses were intentional, actually negotiated with the NSA for a $10M cash infusion. Documents that had the names and emails redacted were released to the public. Some of the names have been guessed based on writing styles and accusations made by former co-workers, but RSA refuses to comment except for a blanket denial of wrongdoing.
      Another_Username
      • Any Links?

        Most interesting info. If the facts are out there, as you say, the only one I'm most interested in is proof of the; 'actually negotiated with the NSA for a $10M cash infusion.'
        In that case, done deal!
        But till then death by a thousand innuendos is wrong, wrong, wrong.
        PreachJohn
    • Bury your head, botherwise your niavety will end up getting it chopped off.

      Bury your head, otherwise your naivety will end up getting it chopped off. To those that doubt Snowdens intent I say the same. Would you rather not know that you have been betrayed. I've always physically disabled cams when not in use as most people do not want to be seen when they look like crud. As I am not a supermodel or trust the feds to do anything right, I prefer open source.
      support@...
  • It's in the article

    It's clearly stated in the article that RSA isn't answering direct questions. So, by their silence, they actually look more guilty than if they answered the questions directly.
    j4w4
    • Um...

      And if I refuse the police an illegal search I look guilty of a crime? Or if I don't want the NSA looking at my data without a warrant I look guilty?

      THAT'S the point! You don't need to be guilty to not feel like everyone has a right to every piece of data they want. Privacy matters of the not-guilty too.
      spookiewon
    • They aren't silent...

      Did you read either of the cited sources in this post... I just read the Reuters piece and RSA's statement, and it seems to me from those two sources that it is likely that RSA was mislead by NSA in the matter and made a good faith deal.

      Which is more likely? That a company that has fought repeatedly against government ability to have a backdoor into encryption sold out for $10 million, or that the NSA developed a strategy for getting NIST to approve a backdoor into encryption by duping RSA into thinking it was safe and secure?

      Knowing what we know now about NSA tactics, I'm going with option 2.
      toe cutter
      • Documents Exist?

        Another_Username says that Documents are available, that the code dumb down and $10M are there in black and white. And were actually 'negotiated'.
        I have now asked for Links to that end.
        Till then the Jury is out.
        PreachJohn
  • RSA

    indeed!
    troutsoup
  • RSA NSA

    Seems like World Control vs Freedom, in todays day and age I'm not surprised. Our freedoms are stripped right before our very eyes and we don't seem to do much about it except whine and complain and eventually get used to it.
    Radomir Wojcik
    • You forgot about the denial of tacos!

      C'mon, we're talking taco denial. How much more real do you get?
      ejhonda
  • A Lot Of Tacos

    $10 would buy a lot of Tacos. Besides, T. B. is thanking for the Lawsuit in Ads, and has posted their Info/Response on their Website, plus a Video by the President. It's all being duked out in the Public Arena.
    This is cloak and dagger murkier. And there's a lot more at stake than oat filler in a burger. Issues that pale $10M. I'm sure you agree.
    PreachJohn