NSA Infiltrated RSA Deeper Than Imagined

Rambo Tribble (1273454) writes "Reuters is reporting that the U.S. National Security Agency managed to have security firm RSA adopt not just one, but two security tools, further facilitating NSA eavesdropping on Internet communications. The newly discovered software is dubbed 'Extended Random', and is intended to facilitate the use of the already known 'Dual Elliptic Curve' encryption software's back door. Researchers from several U.S. universities discovered Extended Random and assert it could help crack Dual Elliptic Curve encrypted communications 'tens of thousands of times faster'."

Re:Sales plummeted

[Anonymous Coward]

I can't imagine why anybody anywhere would ever invest in proprietary crypto software.
The risk is too great to just take your vendor's word.

Re:Surprise surprise, they lied and it's still the

[interkin3tic]

I'm guessing it's because they honestly believe what they are doing is necessary to keep America safe. To the point that they think lying to the people who are supposed to be overseeing them is necessary for the greater good.

Which is terrifying. Give me all the cynical, greedy, lying, corrupt asshole politicians you want. Just please, don't put zealots in power.

Times have changed

[PvtVoid]

Remember when the NSA was secretly changing widely-used crypto algortithms to make them stronger? I'm thinking of the DES sbox and differential cryptanalysis [wikipedia.org].

One thing's for sure, RSA is toast. They can issue all the denials they want. Nobody's ever going to trust them again.

Re:Desensitizing the masses

[neiras]

Government organizations like the NSA are playing a long game. If one generation is desensitized, the next will be uncaring as long as basic needs and a sense of freedom are preserved.

They are winning, and even if we form long-lived organizations to fight them on their terms they will undermine until those organizations are publicly ridiculed and useless. Individuals who speak up will be tarred as "activists", "protestors", and later "traitors". They have the upper hand and there's no way to get it back without an actual war, which no one wants.

They are winning.

This began a long time ago. In two generations they will have won.

Re:Desensitizing the masses

[Anonymous Coward]

You could write a series of books on why this occurs but in a nutshell it comes down to this:

What are you (we) going to do about it?

Sure "we" could all get together an elect people to "fix" things. That will never happen. Your special interest isn't the most important thing to everyone and most people vote based on a few select issues. Making sure this issue is everyone's core issue is impossible. Gay rights, women rights, abortion, religion, gun rights, taxes, welfare, etc are generally more important to those affected. Candidates can't run on only one issue so they must decide their stance or non-stance on each issue. Each of these decisions will alienate voters. The system creates two parties that bicker and can only focus on a few problems at a time. These problems are highly influenced by what the media focuses on. Read into that what you want.

Re:Surprise surprise, they lied and it's still the

[fuzzyfuzzyfungus]

Anyone who falls into that belief might as well be written off and put up against the wall, second in line to the people who believe that their own possession of arbitrary power is the only way to ensure the nation's safety. They can go first.

Re:we must end this jewish problem once and for al

[Ziest]

America today is NOT the country my ancestors fled Eastern Europe for nor is it the country my wife and I grew up in. America is now a country run for the benefit of the wealthy, the privileged and the corporations. The CIA, NSA, FBI, DEA, etc. now exist to keep the powerful in charge and to detect and eliminate any movement that will challenge the status quo. Google "Green is the new Red"

Re:we must end this jewish problem once and for al

[Anonymous Coward]

Go google the revolutionary war and see who was running the country back then. Wealth, privileged corporate owners.

Re:Sales plummeted

[NatasRevol]

So your solution is what? Build your own crypto software?

Should every company and person wanting to have encrypted communications do this too?

Do you trust your compiler? Or your hardware?

Re:we must end this jewish problem once and for al

[Dishevel]

It was. Then they lost that war.

Re:Desensitizing the masses

[Jiro]

Reeasing things in dribs and drabs has benefits, though. It probably keeps the public's interest more than releasing the whole thing as a lump; even if public interest is down because of exhaustion, it's probably not as far down as it would be if nothing had been released in a year.

The other reason is that it makes it harder for the government to lie. If you release a document, the government can't lie and deny it because they don't know that maybe tomorrow you'll release a document that could expose the lie. If you release the whole thing in a lump, they could just carefully tailor the lie to match the existing releases.

Re:Surprise surprise, they lied and it's still the

[erikkemperman]

The only question is WHY DO THEY GO ON RECORD with the bullshit denials?

It is a calculated risk, and maybe out of habit.

Somewhere along the chain of command, though, the denials do become true. A good underling knows when to grant his masters the ultimate in plausible deniability by simply not filling them in on certain matters.

Re:Surprise surprise, they lied and it's still the

[Wootery]

A good underling

Good for whom, exactly?

Re:Surprise surprise, they lied and it's still the

[ObsessiveMathsFreak]

I'm guessing it's because they honestly believe what they are doing is necessary to keep America safe.

This is like the banks and sub-prime lenders "honestly believing" that house prices would go up forever and money would always be cheap.

Read my lips: Everyone involved knew exactly what was going on.

Everyone inside the NSA with so much as a high school Diploma, when encountering even a low level program, knew that it was fundamentally wrong, probably illegal, and corrosive to the civic society. You don't even need to know what civic society is to know that tapping and permanently recording all calls in the US is both dangerous and wrong.

The on the record denials are effectively the NSA aping of the likes of John Corzine's claims of "We have no idea where the money is", despite being the man who took it right out of customers accounts. I dwell on the financial crisis because the breakdown in the rule of law, propriety, common sense, and all morality there is a mirror image and ultimately a fore-runner of the excesses and lies we now see in the NSA.

All that Keeping America Safe is BS. This is all about budgets, contracts, staffing levels, prestige and power seeking on the part of an entire city block of executives, officers, and IT workers throughout the NSA. The purpose of the NSA is to procure BMWs and range rovers for its management, and for favored private contractors and sub-contractors. That is why the price of a incorporated city is being spent on all these ludicrously overblown surveillance programs.

Forget the lies. Follow the money. Men will do anything, say anything, to anyone to keep such a gravy train flowing.