{"id":13759,"date":"2013-12-27T12:28:44","date_gmt":"2013-12-27T17:28:44","guid":{"rendered":"http:\/\/angry.net\/blog2\/?p=13759"},"modified":"2022-10-30T15:26:15","modified_gmt":"2022-10-30T19:26:15","slug":"nsa-bribes-security-companies-for-back-doors","status":"publish","type":"post","link":"https:\/\/angry.net\/blog2\/?p=13759","title":{"rendered":"NSA bribes security companies for back doors?"},"content":{"rendered":"

This story came out a little while ago and hasn\u2019t received that much coverage. This isn\u2019t surprising considering what it\u2019s about. Apparently, a major encryption company was paid by the NSA to weaken their encryption system.<\/p>\n

<\/p>\n

Now what company would do something this asinine? Apparently it was RSA, a division of EMC Corporation. For those of you who may not know, RSA provides the security systems used by many major corporations for their VPN, (Virtual Private Networking), systems. If you have one of those little key shaped plastic tokens that says RSA SecurID on it with a small panel that has numbers that change every minute, this is what we\u2019re talking about. Here are some of the details of this from Reuters<\/a>:<\/p>\n

As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned.<\/p>\n

Documents leaked by former NSA contractor Edward Snowden show that the NSA created and promulgated a flawed formula for generating random numbers to create a “back door” in encryption products, the New York Times reported in September. Reuters later reported that RSA became the most important distributor of that formula by rolling it into a software tool called Bsafe that is used to enhance security in personal computers and many other products.<\/p><\/blockquote>\n

RSA\u2019s SecurID system is used by companies around the world. I have one and use it to log into my Real World Job. My late father had one so he could log into his job. To knowingly sell a system that is crippled is the height of stupidity. To continue:<\/p>\n

Undisclosed until now was that RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software, according to two sources familiar with the contract. Although that sum might seem paltry, it represented more than a third of the revenue that the relevant division at RSA had taken in during the entire previous year, securities filings show.<\/p><\/blockquote>\n

So, all it took was $10 million to give the NSA the means to rampage through corporate networks. Now I do not know how the application works, and there is this mention of it being the default choice. I\u2019m assuming this is used during the set up and configuration of the servers and tokens. I do NOT know if this weakness was also written into the non-default choices, if there are any. I suspect that most admins, unless specifically told not to, chose the defaults when possible in order to save time. They would have assumed that the encryption was top of the line, since that was what their companies had paid for.<\/p>\n

The earlier disclosures of RSA’s entanglement with the NSA already had shocked some in the close-knit world of computer security experts. The company had a long history of championing privacy and security, and it played a leading role in blocking a 1990s effort by the NSA to require a special chip to enable spying on a wide range of computer and communications products.<\/p><\/blockquote>\n

Hey, RSA? Say bye bye to any credibility you had. I suspect that when it comes time for companies to renew\/replace their current systems, you will be far down on the list of their choices.<\/p>\n

RSA, now a subsidiary of computer storage giant EMC Corp, urged customers to stop using the NSA formula after the Snowden disclosures revealed its weakness.<\/p><\/blockquote>\n

This is called locking the barn door after the horse has left, run two states over, frolicked merrily, been rounded up and shot in the head then turned into dog food and glue. It isn\u2019t going to do anything to help you regain the trust of the computer security industry.<\/p>\n

RSA and EMC declined to answer questions for this story,<\/p><\/blockquote>\n

Now there\u2019s a surprise!<\/p>\n

but RSA said in a statement: “RSA always acts in the best interest of its customers and under no circumstances does RSA design or enable any back doors in our products. Decisions about the features and functionality of RSA products are our own.”<\/p>\n

Most of the dozen current and former RSA employees interviewed said that the company erred in agreeing to such a contract, and many cited RSA’s corporate evolution away from pure cryptography products as one of the reasons it occurred. But several said that RSA also was misled by government officials, who portrayed the formula as a secure technological advance.<\/p>\n

“They did not show their true hand,” one person briefed on the deal said of the NSA, asserting that government officials did not let on that they knew how to break the encryption.<\/p><\/blockquote>\n

I think the phrase goes: Lie down with cows, get covered in manure.\u201d RSA let its greed get ahead of its common sense. The system used to generate the random numbers is called Dual Elliptic Curve ((Dual Elliptic Curve<\/a>)) and apparently some people who understand this stuff saw some problems early on. I am NOT any sort of an expert in cryptography, but I do know it is very easy to make a mistake in your algorithms. This is one reason the code needs to be reviewed by many people who understand this stuff and know what to look for.<\/p>\n

Another interesting note was a major scandal that came out a couple of years ago. The Key Database for this stuff was stolen by hackers. RSA had to send out new tokens and software recoded to stop anyone from being able to use the database to hack into secure networks. I was one of those who was issued a new token. Now I wonder if this wasn\u2019t actually part of the NSA\u2019s plan to get this Duel Elliptic Curve algorithm into wider use? Might they have been the ones to steal the database? Could it be that the whole thing was a cock and bull story from the very beginning? Do you know where my tin foil hat is?<\/p>\n

The NSA, much like the EPA, is out of control. While we do need the NSA, (Unlike the EPA. Them we can do without), it needs a major shakeup and certain managers need to be fired or prosecuted. No one really has an issue with the NSA doing things like this to other nations and people who are NOT American Citizens, Resident Legal Aliens and American Corporations. However, the NSA has been caught repeatedly trolling for information on Americans and thanks to several court rulings<\/a>, in violation of the 4th<\/sup> Amendment of the United States Constitution. They need to be reigned in and soon.<\/p>\n

\"constitution-burning.jpeg\"<\/a><\/p>\n

Thatisall<\/p>\n

~The Angry Webmaster~<\/b><\/i><\/p>\n\"1\"2\"3\"4\"5 (1<\/strong> votes, average: 1.00<\/strong> out of 5)
<\/span><\/span>Loading...<\/span>\n

 <\/p>\n

\n
\n
\n

NESARA- REPUBLIC NOW – GALACTIC NEWS: NSA spying …<\/a><\/h3>\n<\/div>\n
A top financial advisor, worried that Obamacare, the NSA spying scandal and spiraling national debt is increasing the chances for a fiscal and social disaster, is recommending that Americans prepare a \u201cbug-out bag\u201d that includes food, a gun and ammo to help them stay alive. David John Marotta, a Wall Street ….. Mandela and his ilk destroyed South Africa and the… 7 Tips for Better Sleep …. WAS CONGRESS BRIBED TO BETRAY AMERICAN PEOPLE? FRO… Huge Mothership …<\/div>\n
http:\/\/nesaranews.blogspot.com\/<\/a> \u2014 Thu, 26 Dec 2013 14:07:00 -0800<\/span><\/div>\n<\/div>\n
\n
\n

The NSA Paid to Steal Your Private Data | Joel Magnuson<\/h3>\n<\/div>\n
The revelations indicate that the NSA paid $10 million to RSA, one of the most prominent encrytion software companies in the world, to include the NSA’s own encryption formula in a very popular and heavily used encryption product called \u201cBsafe\u201d. While Bsafe offers several encryption … to Bsafe or even to RSA programs. Other companies that build widely-used encryption include Symantec, McAfee, and Microsoft and experts now suspect the NSA may have bribed them as well.<\/div>\n
http:\/\/joelcmagnuson.com\/ \u2014 Thu, 26 Dec 2013 02:02:27 -0800<\/span><\/div>\n<\/div>\n
\n
\n

RSA denied accusations of inserting secret backdoor for the NSA …<\/h3>\n<\/div>\n
Last Friday, The Reuters News Agency accused the Security firm RSA for taking a $10 million ‘bribe’ from the National Security Agency (NSA) in order promote a flawed encryption by including it in its BSAFE product to facilitate NSA spying.<\/div>\n
http:\/\/www.hackreports.com\/ \u2014 Wed, 25 Dec 2013 18:44:00 -0800<\/span><\/div>\n<\/div>\n
\n
\n

Weird News \u2013 RSA is Denying that it Took a Bribe and Weakened …<\/h3>\n<\/div>\n
The Register reports that RSA isn’t taking quietly the accusation reported by Reuters, based on documents released by Edward Snowden, that the company intentionally used weaker crypto at the request of the NSA, and accepted $10 million …<\/div>\n
http:\/\/www.tarborotimes.com\/ \u2014 Wed, 25 Dec 2013 12:08:29 -0800<\/span><\/div>\n<\/div>\n
\n
\n

Hack For Cause \u00bb NSA paid $10 Million bribe to RSA Security for …<\/h3>\n<\/div>\n
If you own a world-renowned Security Product or a Service, National Security Agency (NSA) is ready to pay you 10 Million or more bribe for keeping intentional backdoor for them. According to an exclusive report published by Reuters, there is …<\/div>\n
http:\/\/hackforcause.com\/ \u2014 Wed, 25 Dec 2013 05:29:26 -0800<\/span><\/div>\n<\/div>\n
\n
\n

Report: Security service provider RSA received millions from the …<\/a><\/h3>\n<\/div>\n
The release of Reuters Schneier sees as particularly interesting in terms of the tactics of the NSA. \u201cDo you think that the bribing only one company in the history of their operation? We still do not know who else plays in this drama. That’s why …<\/div>\n
http:\/\/computersandtechnologynewss.blogspot.com\/<\/a> \u2014 Tue, 24 Dec 2013 17:00:00 -0800<\/span><\/div>\n<\/div>\n
\n
\n

SocraticGadfly: It’s the #NSA Santa Tracker, far better than the …<\/a><\/h3>\n<\/div>\n
Keith Alexander, Jeremiah Wright, Barack Obama, NSA, National Security Agency, NORAD Santa Tracker, Santa tracker, George W. Bush, Rick Perry, Louie Gohmert, Gohmert Pyle, Dear Leader, Ted Cruz, black Jesus, Craig Watkins, Jim …<\/div>\n
http:\/\/socraticgadfly.blogspot.com\/<\/a> \u2014 Tue, 24 Dec 2013 16:30:00 -0800<\/span><\/div>\n<\/div>\n
\n
\n

The One Big Question About RSA and Its Relationship With the NSA …<\/h3>\n<\/div>\n
The first questions about a problematic encryption method arose in 2007, and for six years it appeared that RSA did nothing to address them. via AllThingsD …<\/div>\n
http:\/\/jeremiahtillman.wordpress.com\/ \u2014 Tue, 24 Dec 2013 11:03:59 -0800<\/span><\/div>\n<\/div>\n<\/div>\n
\n
\n
\n

RSA denied to put secret backdoor for the NSA ~ SecMads Security<\/h3>\n<\/div>\n
Last Saturday, The Reuters Information Organization charged the Protection company RSA for taking a $10 thousand ‘bribe’ from the Nationwide Protection Organization (NSA) to be able enhance a defective security by such as it in its BSAFE …<\/div>\n
http:\/\/www.secmads.com\/ \u2014 Tue, 24 Dec 2013 07:50:00 -0800<\/span><\/div>\n<\/div>\n
\n
\n

Who Can Be Trusted on NSA and Encryption? – Wired State<\/a><\/h3>\n<\/div>\n
Bruce Schneier, now separated from BT, asks “who can we trust”? regarding the NSA stuff. And the answer is: not him. Because … The NSA’s $10 million ‘bribe’ to get RSA to use backdoored encryption algorithm \u00b7 NSA paid security firm $10 …<\/div>\n
http:\/\/3dblogger.typepad.com\/wired_state\/<\/a> \u2014 Tue, 24 Dec 2013 05:16:29 -0800<\/span><\/div>\n<\/div>\n
\n
\n

NSA Paid RSA $10 Million to Use Flawed Security Standard \u2013 Tom’s …<\/h3>\n<\/div>\n
\u201cNow we know that RSA was bribed,\u201d security expert Bruce Schneier told CNET following the publication of the Reuters story. \u201cI sure as hell wouldn’t trust them.\u201d Some current and former RSA Security employees told Menn the company was …<\/div>\n
http:\/\/apnews247.com\/ \u2014 Tue, 24 Dec 2013 03:48:33 -0800<\/span><\/div>\n<\/div>\n
\n
\n

Weird News \u2013 RSA Accepted $10 Million Dollar Bribe to Weaken …<\/h3>\n<\/div>\n
\u201cAs a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the …<\/div>\n
http:\/\/www.tarborotimes.com\/ \u2014 Tue, 24 Dec 2013 03:46:41 -0800<\/span><\/div>\n<\/div>\n
\n
\n

the paddy fields view: Edward Snowden, after months of NSA …<\/a><\/h3>\n<\/div>\n
Edward Snowden, after months of NSA revelations, says his mission’s accomplished – The Washington Post ….. NSA paid $10 Million bribe to RSA Security for Kee… Government Using NSA to Change Amount in Bank Acco… Service to …<\/div>\n
http:\/\/thepaddyfieldsview.blogspot.com\/<\/a> \u2014 Mon, 23 Dec 2013 23:07:00 -0800<\/span><\/div>\n<\/div>\n
\n
\n

Talk of an RSA Boycott Grows After Reports It Colluded With the NSA<\/h3>\n<\/div>\n
A well-known security researcher says he won’t speak at next year’s RSA conference after reports allege that the company worked with the NSA to allow back doors into encryption products. via AllThingsD http:\/\/allthingsd.com\/20131223\/talk-of-an-rsa-boycott-grows-after-reports-it-colluded-with-the-nsa\/ … NSA Reportedly Paid A Security Firm Millions To Ship Deliberately Flawed Encryption Technology. In “Feedly”. NSA Paid Security Firm $10 Million Bribe to Keep Encryption Weak.<\/div>\n
http:\/\/jeremiahtillman.wordpress.com\/ \u2014 Mon, 23 Dec 2013 17:19:27 -0800<\/span><\/div>\n<\/div>\n
\n
\n

Don Mashak’s Sherburne County Minnesota Free Press …<\/h3>\n<\/div>\n
In a lame and uninspired manner, Major Media would have you believe that this is a simple story of a single Federal Judge (Richard Leon) ruling that certain activities of the NSA are unconstitutional. But, in so doing, they have left out so many ….. [(1805 \u2013 1859) Paris]] DEMOCRACY IN AMERICA – The American Republic will endure until the day Congress discovers that it can bribe the public with the public’s money ….. Cape Town MM South Africa Free Press \u00b7 * ?? ???, ?? ?? …<\/div>\n
http:\/\/donmashakssherburnecountymnfreepress.blogspot.com\/ \u2014 Mon, 23 Dec 2013 16:21:00 -0800<\/span><\/div>\n<\/div>\n
\n
\n

Don Mashak’s Anoka County Minnesota Free Press: ANOKAMN …<\/h3>\n<\/div>\n
In a lame and uninspired manner, Major Media would have you believe that this is a simple story of a single Federal Judge (Richard Leon) ruling that certain activities of the NSA are unconstitutional. But, in so doing, they have left out so many …. [(1805 \u2013 1859) Paris]] DEMOCRACY IN AMERICA – The American Republic will endure until the day Congress discovers that it can bribe the public with the public’s money …. Cape Town MM South Africa Free Press \u00b7 * ?? ???, ?? ?? …<\/div>\n
http:\/\/donmashaksanokacountymnfreepress.blogspot.com\/ \u2014 Mon, 23 Dec 2013 16:21:00 -0800<\/span><\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

This story came out a little while ago and hasn\u2019t received that much coverage. This isn\u2019t surprising considering what it\u2019s about. Apparently, a major encryption company was paid by the NSA to weaken their encryption system. Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":9980,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[37,71,8,115,57,35],"tags":[52,12,15,90,8,34,57,35],"class_list":["post-13759","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-liberty-politics","category-news-of-the-day","category-politics","category-stupidity-crime","category-technology","category-tyranny","tag-constitution","tag-freedom","tag-incompetence","tag-moonbattery","tag-politics","tag-stupidity","tag-technology","tag-tyranny"],"views":1279,"jetpack_featured_media_url":"https:\/\/i0.wp.com\/angry.net\/blog2\/wp-content\/uploads\/2012\/11\/constitution-burning.jpeg.jpg?fit=650%2C432&ssl=1","jetpack-related-posts":[{"id":19163,"url":"https:\/\/angry.net\/blog2\/?p=19163","url_meta":{"origin":13759,"position":0},"title":"Obama wanted to bypass smartphone encryption","author":"Angry Webmaster","date":"October 5, 2015","format":false,"excerpt":"Good day all. If it's a day ending in a \u201cY\u201d then there will be another story of the Government working to ignore the Constitution. This time, Il Douche wanted his secret police to look into subverting the encryption on smartphones.","rel":"","context":"In "News of the Day"","block_context":{"text":"News of the Day","link":"https:\/\/angry.net\/blog2\/?cat=71"},"img":{"alt_text":"generalissom Obama","src":"https:\/\/i0.wp.com\/angry.net\/blog2\/wp-content\/uploads\/2013\/02\/generalissom-Obama-300x212.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":20478,"url":"https:\/\/angry.net\/blog2\/?p=20478","url_meta":{"origin":13759,"position":1},"title":"FBI to Apple: Decrypt this phone or else!","author":"Angry Webmaster","date":"February 22, 2016","format":false,"excerpt":"Good day all. I\u2019ve been watching this story for the last week and I think I have enough information to make a few points. Long story short, The Federal Bureau of Investigation wants Apple to break their encryption protocols on the Iphone that one of the Islamic terrorists had from\u2026","rel":"","context":"In "Crime"","block_context":{"text":"Crime","link":"https:\/\/angry.net\/blog2\/?cat=3"},"img":{"alt_text":"Department-of-Injustice","src":"https:\/\/i0.wp.com\/angry.net\/blog2\/wp-content\/uploads\/2015\/02\/Department-of-Injustice-150x150.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":13134,"url":"https:\/\/angry.net\/blog2\/?p=13134","url_meta":{"origin":13759,"position":2},"title":"Lavabit vs the United States","author":"Angry Systems Administrator","date":"October 6, 2013","format":false,"excerpt":"Good day all, this is the Angry Systems administrator. Normally I don\u2019t get involved with politics to much, but this story is rather technical in nature. As you are aware, Edward Snowden stole the keys to the NSA kingdom and has been happily embarrassing the United States Government.","rel":"","context":"In "liberty"","block_context":{"text":"liberty","link":"https:\/\/angry.net\/blog2\/?cat=37"},"img":{"alt_text":"Gadsden_flag","src":"https:\/\/i0.wp.com\/angry.net\/blog2\/wp-content\/uploads\/2012\/06\/Gadsden_flag-300x199.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":34939,"url":"https:\/\/angry.net\/blog2\/?p=34939","url_meta":{"origin":13759,"position":3},"title":"Is the Democrat Controlled NSA spying on Tucker Carlson?","author":"Angry Webmaster","date":"July 8, 2021","format":false,"excerpt":"Good day all. This story broke last month when Fox News commentator, Tucker Carlson stated that he had information that the National Security Agency had been spying on him. Normally, you would be saying that this is right out of the paranoid delusions of the tin foil hat set and\u2026","rel":"","context":"In "Crime"","block_context":{"text":"Crime","link":"https:\/\/angry.net\/blog2\/?cat=3"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/i.pinimg.com\/originals\/79\/cf\/97\/79cf97a8a1dda3462047cc50a33ffbe8.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":16043,"url":"https:\/\/angry.net\/blog2\/?p=16043","url_meta":{"origin":13759,"position":4},"title":"Apple and Google to encrypt smartphones by default","author":"Angry Webmaster","date":"September 30, 2014","format":false,"excerpt":"Good day all. In response to repeated violations of the 4th Amendment by both law enforcement and United States intelligence agencies, not to mention other criminals, Google and Apple have both announced that they are going to start encrypting their products by default.","rel":"","context":"In "Crime"","block_context":{"text":"Crime","link":"https:\/\/angry.net\/blog2\/?cat=3"},"img":{"alt_text":"wambulance","src":"https:\/\/i0.wp.com\/angry.net\/blog2\/wp-content\/uploads\/2012\/12\/wambulance.gif?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":22329,"url":"https:\/\/angry.net\/blog2\/?p=22329","url_meta":{"origin":13759,"position":5},"title":"Why you should not trust Yahoo","author":"Angry Webmaster","date":"October 5, 2016","format":false,"excerpt":"Good day all. With all the political news, this story about Yahoo reading people\u2019s email and reporting back to the Federal government sort of slipped under the radar.","rel":"","context":"In "Crime"","block_context":{"text":"Crime","link":"https:\/\/angry.net\/blog2\/?cat=3"},"img":{"alt_text":"ronald_reagan_govt","src":"https:\/\/i0.wp.com\/angry.net\/blog2\/wp-content\/uploads\/2015\/10\/ronald_reagan_govt-300x182.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/angry.net\/blog2\/index.php?rest_route=\/wp\/v2\/posts\/13759","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/angry.net\/blog2\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/angry.net\/blog2\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/angry.net\/blog2\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/angry.net\/blog2\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=13759"}],"version-history":[{"count":16,"href":"https:\/\/angry.net\/blog2\/index.php?rest_route=\/wp\/v2\/posts\/13759\/revisions"}],"predecessor-version":[{"id":38922,"href":"https:\/\/angry.net\/blog2\/index.php?rest_route=\/wp\/v2\/posts\/13759\/revisions\/38922"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/angry.net\/blog2\/index.php?rest_route=\/wp\/v2\/media\/9980"}],"wp:attachment":[{"href":"https:\/\/angry.net\/blog2\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=13759"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/angry.net\/blog2\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=13759"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/angry.net\/blog2\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=13759"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}