Following allegations that security provider RSA was paid $10 million to weaken algorithms employed by random numbers in encryption products, several speakers who have cancelled their sessions at the upcoming RSA conference will be speaking near by at the fledgling TrustyCon.
Documents leaked by former NSA contractor Edward Snowden indicated that the National Security Agency may have arranged for a leading encryption provider for both the government and the private sector to create a “back door” the intelligence agency could exploit for surveillance operations.
RSA officials resoundingly denied the assertions, stating,”recent press coverage has asserted that RSA entered into a “secret contract” with the NSA to incorporate a known flawed random number generator into its BSAFE encryption libraries. We categorically deny this allegation,” but have provided little in the way of details.
In reaction to the allegations, several speakers and trainers have chosen to boycott the conference altogether, including Mikko Hyponnen, Josh Thomas, Jeffrey Carr, Chris Palmer, Adam Langley, Chris Soghoian, Alex Fowler, Marcia Hofmann, Eoin Keary, Jim Manico, Jon Callas, and David Kearns.
The events inspired the formation of an independent conference called TrustyCon which is being hosted at the Metreon, just across the street from the RSA Conference, and will include some of the speakers who cancelled their RSA sessions:
- Alex Stamos, Chief Technology Officer, Artemis
- Jeff Moss, Founder, DEF CON and Black Hat
- Marcia Hofmann, Privacy Attorney
- Mikko Hypponen, Chief Research Officer, F-Secure
- Chris Palmer, Software Security Engineer, Google
- Christopher Soghoian, Principal Technologist, American Civil Liberties Union
The organizers say the event is designed to “prioritize and refocus trust in technology and technology companies, during a time of cynicism and contempt towards consumer security and privacy.”
“The disclosure of this deal has affected the trust individuals and companies place in the government and technology companies and has struck a chord among businesses and consumers. It raises concern regarding the ways the industry may profit from relationships with the government and whether international clients can trust their security providers,” the conference organizers stated.
“TrustyCon serves as a call-to-action to companies to design their technology and businesses to be secure and trustworthy.”
Tickets are $50, attendance is limited to 400 people, and all proceeds will go to the non-profit Electronic Frontier Foundation.