F-Secure's Mikko Hypponen Cancels RSA Talk In Protest

An anonymous reader writes "In a letter to RSA executives, F-Secure's Mikko Hypponen says he is canceling his talk at the 2014 RSA Conference, due to the company's deal with the NSA, and how the agency has treated foreigners." From the letter: " I don’t really expect your multibillion dollar company or your multimillion dollar conference to suffer as a result of your deals with the NSA. In fact, I'm not expecting other conference speakers to cancel. Most of your speakers are american anyway — why would they care about surveillance that’s not targeted at them but at non-americans. Surveillance operations from the U.S. intelligence agencies are targeted at foreigners. However I’m a foreigner. And I’m withdrawing my support from your event."

I support Mr. Mikko Hyppone

[Taco+Cowboy]

As an American, I am giving my moral support to Mr. Hyppone for his courage to speak up against the unspeakable and despicable things that NSA has done !

Re:I support Mr. Mikko Hyppone

As an Finn, l am informing that his last name is neither Hypponen nor Hyppone, but Hyppönen. Thanks. :)

Re:I support Mr. Mikko Hyppone

Americans don't have that key on our keyboards.

Re:I support Mr. Mikko Hyppone

[fustakrakich]

Sö whät?

Re:I support Mr. Mikko Hyppone

[godel_56]

Americans don't have that key on our keyboards.

http://copypastecharacter.com/

Re:I support Mr. Mikko Hyppone

[beelsebob]

Just type alt-u, then o ö.

Re:I support Mr. Mikko Hyppone

[LordLimecat]

Hes protesting against surveillance of non-americans: exactly the opposite of what we should be protesting. Everyone spies, and its sort of the NSA's job. Whats not their job is to spy on Americans while bypassing the 4th amendment.

Re:I support Mr. Mikko Hyppone

[onkelonkel]

Yes we do. How else could we type Mötörhead.

Re:I support Mr. Mikko Hyppone

[MichaelSmith]

Did slashcode just start supporting uncode?

Re:I support Mr. Mikko Hyppone

Fuck, why does my browser have a menu item "utilities | open goatse"???

Re:I support Mr. Mikko Hyppone

[Opportunist]

Not necessary. They're part of the extended ASCII code (the symbols past 0x80).

Re:I support Mr. Mikko Hyppone

[murdocj]

Or do what everyone does, which is use the closest equivalent on the keyboard.

Re:I support Mr. Mikko Hyppone

[LurkerXXX]

There's some dirt on top of one of your o's. You should shake the crumbs out of your keyboard.

Re:I support Mr. Mikko Hyppone

[RichardDeVries]

Motörhead.

Re:I support Mr. Mikko Hyppone

[scubamage]

If you're using a mac, you can press and hold the "o" key and it will pop up as an option. I'm sure there's some FOSS out there that does the same thing too. Windows folks, well, go learn some alt codes.

Re:I support Mr. Mikko Hyppone

[Smauler]

No... it's not normal. Governments spy on governments generally, not on citizens.

If you consider it normal for the NSA to spy on EU citizens, then you must consider it normal for GCHQ, MI6, and all the other European agencies to spy on US citizens. Most of the western agencies share a lot of their intelligence, so most of the stuff MI6 knows about you goes straight back to the NSA and other agencies anyway, without them having to spy on you.

Do you consider it normal and acceptable for European agencies to be spying on American citizens? Really?

Re:I support Mr. Mikko Hyppone

Hes protesting against surveillance of non-americans: exactly the opposite of what we should be protesting. Everyone spies, and its sort of the NSA's job. Whats not their job is to spy on Americans while bypassing the 4th amendment.

You have missed one other detail which is quite significant.

RSA sold out to the NSA and secretly weakened its encryption in return
for a paltry sum of money, considering they ruined their reputations forever,
in both the business ethics and the personal ethics categories. Fuck Rivest,
Shamir, and Adleman, I hope they all get terminal cancer.

Most likely this is why the gentleman from Finland is choosing not to
attend this event.

Re:I support Mr. Mikko Hyppone

[JohnVanVliet]

Also AS AN AMERICAN i give a big "here-here " for Mr. Hyppone

more people INCLUDING us citizens should do this !!!!!

Re:I support Mr. Mikko Hyppone

[cheekyjohnson]

Spying on citizens of other countries is normal.

What's normal or not normal is irrelevant to me.

ALL countries do it, throughout history.

Even if true, that's utterly irrelevant.

Having the NSA spy on Americans is what citizens of the USA should be protesting.

I'm protesting both.

Re:I support Mr. Mikko Hyppone

I only have capital letters printed on my keyboard, yet i manage to write non-caps. you dont need a specific key for everything, but you need to learn how to use the keyboard to get those less common ones.

Re:I support Mr. Mikko Hyppone

[hairyfeet]

Why EXACTLY is this marked flamebait? Does nobody remember their history? Might want to look up the soviet Atoll missile, such a perfect copy of the sidewinder that you could mix and match parts, Or the Israeli Mirage 5 copy made from stolen plans.

Countries spy on each other folks, they have since the dawn of time. When country A spies on country B what do you thinking they are spying ON, that they are spying on buildings? They spy on the citizens of the other country that will most likely have the info they are trying to gather, that is kinda the point.

The reason American citizens should be having a shitfit can be summed up in a single word, COINTELPRO where dissent against things the government (or members of) supported, like suppressing blacks or the Vietnam war was actively attacked and those they thought were a threat like Fred Hampton were straight up executed. The first step is always intelligence gathering, followed by suppression and intimidation. For a comparison of how the modern moves the USA is making compares to societies that went from being free to being oppressed I'd strongly suggest watching this lecture. It is for THIS reason we should attack the NSA policies, not because they tried to find out if somebody in another country was/is a threat, that is what their original purpose WAS after all.

Re:I support Mr. Mikko Hyppone

[xyzzymage]

I'm sure there's some FOSS out there that does the same thing too.

Linux has the compose key; I set mine to CapsLock. Best use for the blasted key I can think of — though I'm obviously still too lazy to compose-key my apostrophe into a proper curly one 99% of the time...

Re:I support Mr. Mikko Hyppone

[xyzzymage]

True, but there are keyboard shortcuts in Windows, Linux, and OSX. (Not my site/guides; I just ran across it while looking up the "compose key" setting in KDE as a novice years ago.)

Re:I support Mr. Mikko Hyppone

[XcepticZP]

Do you vote? Did you vote in the last election? If so, then you have already given your moral support to the government, and can not give it to any other cause/entity until the next election. Sorry, citizen, now move along...

Re:I support Mr. Mikko Hyppone

[savuporo]

Except that in US two party system you cannot go out and vote for a cause like this, unless it's made an election center topic. In a political system that accomodates smaller parties and relies on political coalitions, its possible.

US however cannot escape the two party system as its basically mathematical emergent property of the voting system winner-take-all setup. If things were changed to range voting for example, you COULD vote for a cause like this.

Re:I support Mr. Mikko Hyppone

[donscarletti]

Why is it that whenever I see one of you countryman's names (excluding Swedish ones), my immediate thought is "why would a F1 racing driver be speaking at a security conference anyway?"

Re:I support Mr. Mikko Hyppone

[LordLimecat]

then you must consider it normal for GCHQ, MI6, and all the other European agencies to spy on US citizens.

I mean, I feel like youd be naieve to assume they dont try, and its absurd to get mad at them for doing what spies do. You can not like it, but its the reality.

The difference is that GCHQ / MI6 / whoever isnt beholden to me. The US government and its branches are.

Re:I support Mr. Mikko Hyppone

[LordLimecat]

The NSA doesnt report to non-US citizens. Thats the difference.

Re:I support Mr. Mikko Hyppone

[LordLimecat]

Pretty sure those guys dont work at RSA anymore. Im also pretty sure Ron Rivest was just assisting Newegg's defense against patent trolls within the past month, so perhaps lighten up on the "hope he dies" rhetoric.

Re:I support Mr. Mikko Hyppone

[flyingfsck]

Said like a real American. If you were British, then you would have known that the word is 'hear-hear'.

Re:I support Mr. Mikko Hyppone

[ImOuttaHere]

This is an outstanding question and one I'd love to hear Americans answer.

No... it's not normal...

Do you consider it normal and acceptable for European agencies to be spying on American citizens? Really?

Re:I support Mr. Mikko Hyppone

Wow... by that logic, I shouldn't get mad at murderers for trying to murder me, or at rapists for trying to rape people. I mean it's right there in the job description.

Re:I support Mr. Mikko Hyppone

And had you paid attention in school you'd know It's two words separated by a comma, not a hyphenated "word".

Re:I support Mr. Mikko Hyppone

[Alioth]

But beware, if you do that you might end up typing something stupid or embarrassing.

Consider: "Feliz año nuevo" - it means "Happy new year". The ñ isn't merely an accented character, it's a letter in its own right, and choosing the letter "n" instead seems innocent enough, but "Feliz ano nuevo" means "happy new anus".

Re:I support Mr. Mikko Hyppone

[skovnymfe]

A Møøse once bit my sister... No realli! She was Karving her initials on the møøse with the sharpened end of an interspace tøøthbrush given her by Svenge - her brother-in-law - an Oslo dentist and star of many Norwegian møvies: "The Høt Hands of an Oslo Dentist", "Fillings of Passion", "The Huge Mølars of Horst Nordfink"

Re:I support Mr. Mikko Hyppone

[shutdown+-p+now]

You don't need NumLock to be on to use Alt+numpad combos.

Re:I support Mr. Mikko Hyppone

[aliquis]

I see you got a lot of replies which didn't really fix your problem.

http://www.corsair.com/en/gaming-peripherals/gaming-keyboards/vengeance-k95-fully-mechanical-gaming-keyboard-nd-layout.html

http://www.prisjakt.nu/produkt.php?p=2131273

You're welcome! :)

Re:I support Mr. Mikko Hyppone

You can vote for a cause like this, but it's going to take much more effort. You need to get involved in intra-party politics, vote in the primaries etc.

Re:I support Mr. Mikko Hyppone

[bwcbwc]

Actually, I do consider it normal, though acceptable is much more debatable. Lost in all the noise about NSA and GCHQ is how many other governments have been caught with their hands in the cookie jar. https://en.wikipedia.org/wiki/2013_Global_surveillance_disclosure shows that several countries including Germany, Israel, Italy and the Netherlands either have their own data-gathering operations, or have participated in data-sharing arrangements with the USA to circumvent domestic limits on spying on their own citizens, and vice versa.

I've considered the whole outrage that NSA is spying on allied heads of state and government officials to be nothing more than diplomatic game-playing, because given the opportunity, every government does the exact same thing. Spying on citizens is a bit more problematical, but it's not like there isn't a legitimate need for some level of this type of spying. The whole point of the NSA and similar organizations is to intercept the communications of foreign agents, terrorists, etc. "We've already determined what you are, now we're just negotiating a price."

Re:I support Mr. Mikko Hyppone

[bwcbwc]

However, I would add that I endorse Mr. Hyppone's action and I hope that it starts a trend. Just because the government has a need and obligation to spy on people doesn't mean the citizens and corporations are under any obligation to help them to the extent that they mislead and lie to their customers.

Re:I support Mr. Mikko Hyppone

[freezin+fat+guy]

And of course, spying on your OWN citizens is completely normal and historically popular as well. Often with Orwelian results.

I guess I am among those who are surprised anyone is surprised that the NSA has been playing big brother. What does surprise me is that there are efforts to curtail NSA options in-country since it is surely expected that they keep an especially close eye on any terrorist cells within the border.

It wouldn't surprise me if they use their foreign leeway to spy internally from without.

Re:I support Mr. Mikko Hyppone

[cheekyjohnson]

I don't care about that difference; I simply don't want my government to spy on people without cause.

Re:I support Mr. Mikko Hyppone

[ailnlv]

ooooooooooooooooooooooo
nö, ït döësn't wörk

Re:I support Mr. Mikko Hyppone

[NoImNotNineVolt]

Spoken like a true Brit. If you were American, then you would have known that the expression is "spoken like a true ___".

Re:I support Mr. Mikko Hyppone

[IndustrialComplex]

It's also normal for countries to invade other countries, kill their populations and seize their resources. At least, it was normal until we decided that wasn't the way we wanted things to be.

I don't want our nations to live in a perpetual state of quasi-war.

Re:I support Mr. Mikko Hyppone

[fscking_coward_2001]

ÿèß, ït d!

Re:I support Mr. Mikko Hyppone

[innerweb]

Just who works for the government to make up the *government*? That would be citizens. No way around it, they spy on citizens of other countries. The private life side is where they shake loose the ones who have skeletons in their closets that can be used against them to more effectively spy on the *government*.

Re:I support Mr. Mikko Hyppone

[AK+Marc]

That's why "ñ" is usually replaced with "ny". Feliz anyo nuevo is incorrect, but unambiguous to any bilingual person.

That and "Feliz ano nuevo" would be more likely read as "happy new year", without some over-riding context. Much like "papas fritas" is considered a food, and not a death threat against the pope(s).

Re:I support Mr. Mikko Hyppone

[lgw]

I don't think the willingness of nations to invade their neighbors and take their stuff has changed in any way. That's just naivety. For a while we've had the "Pax Americana", where if you weren't a puppet of America or Russia, you'd get bitchslapped for rolling tanks across your borders because we're the only ones who get to do that! (And cynicism aside, the peace is welcome.) But our power is fading fast, and all those demilitarized nations may have ugly surprises coming this century.

The other important change is that the sort of resources that are really valuable in the modern world can't be carried across the border any more. So you might gain by invading your neighbor for natural resources, but only if you stay. But even that's fading in usefulness as intellectual capital begins to dominate.

So, how do you invade your neighbor to steal his intellectual capital? Every nation has a spying organization, funded as well as militaries used to be, to go do just that. No one in power decided war was wrong, merely unprofitable, and so the focus has changed to where looting and pillaging actually work.

Re:I support Mr. Mikko Hyppone

[lgw]

Do people still think that the problem with American politics is the way we count the votes? That corporations would own a smaller percentage of politicians if we had 3 parties? None of that matters.

This is a democracy, not a system where a few people who care a whole lot about some specific issue get to rule. When the average man cares about something, all the campaign funding in the world won't save it, and real change happens. That's quite rare of course, because the politicians try to stop just short of the average voter caring, and so you only see real response to the threat of voter revolt when they miscalculate.

And even then, don't expect new politicians, expect bills to be hastily re-written to be less attention-getting, or laws quickly "re-interpreted" to stop pissing people off just enough for the average voter to be complacent again.

You may say that's inadequate, that politicians can get away with too much, but it's still better than any other system that's ever been tried.

Re:I support Mr. Mikko Hyppone

[Mr.+Slippery]

They're part of the extended ASCII code (the symbols past 0x80).

0x80-0xFF aren't ASCII at all, but the domain of encodings like ISO-8859-1, ISO/IEC 8859-15, and Windows-1252.

Don't mean to be overly pedantic, but a recent project had me trying to auto-correct misencoded text, so I had to get down and dirty with encodings for a few weeks. It may never wash off.

Re:I support Mr. Mikko Hyppone

[LordLimecat]

No, its silly to act astonished and outraged when the media runs a story that says "There are murderers out there in the world", because everyone kind of knows that.

And your logical leap fails to account for the fact that while all murder and rape is unnecessary and bad, spying need not be so.

Re:I support Mr. Mikko Hyppone

[LordLimecat]

I expect that they try, and its silly to get outraged that a spy agency is actually spying.

Theres several big differences, too:
  * If I want to stay clear of their radar, I can reasonably expect to do so by keeping all of my communications in the US, and dealing only with US companies. When the NSA spies internally, all that goes out the window.
  * Theyre not paid for with my money. The NSA is funded directly with my tax dollars.
  * I have no expectations that actors affiliated with outside governments do not view me adversarially. I do have an expectation that the NSA is working on my behalf.
  * I am not generally protected by provisions for UK citizens (which I assume GCHQ is held to); I AM protected by US laws, such as the 4th amendment, which the NSA is held to.

Re:I support Mr. Mikko Hyppone

[savuporo]

Read about voting theory a bit. You are currently in a gridlock created by pretty hars rules math, not by politicians or evil corporations or whatever your boogieman du jour is.

Re:I support Mr. Mikko Hyppone

[lgw]

Just no. It's not about the math. It's not about how many parties there are. That's not how politics works. All that does is move where the inevitable compromise and coalition building happens to a different place in the system.

I get it, you want to vote for a guy who says exactly the right things, and none of the wrong things, but you don't seem to get that that won't change anything.

Re: I support Mr. Mikko Hyppone

[leslie.satenstein]

The Canadian French keyboard layout or the US multilingual Can provide the various accents.

Re:I support Mr. Mikko Hyppone

[savuporo]

Its very much to do with math. Look up things like Condorcet's paradox , Arrow’s impossibility theorem , Gibbard–Satterthwaite theorem, apportionment paradox etc or just general "Voting theory". Here is a good start http://en.wikipedia.org/wiki/Voting_system_criterion#Evaluating_voting_systems_using_criteria

If voting actually worked as intended ( it doesnt now ) things would be quite different.

Re:I support Mr. Mikko Hyppone

[lgw]

It is possible for intelligent people to understand everything you do in this area and still disagree. Things would look different on the surface, because the parliamentary politics would happen after, rather than before, the primary, but that's the extent of the difference. We'd still have the same coalitions vying for power, and the politicians would still be just as corrupt.

Re:I support Mr. Mikko Hyppone

[savuporo]

Actually no. Just by the fact of giving your voters a real choice, not an imaginary one, you have put enough incentives in the system for the corruption to go down and voting for a cause to actually work.
Corruption is always there, the question is if there is a system to keep balances and checks on it or no.

Re:I support Mr. Mikko Hyppone

[lgw]

Just by the fact of giving your voters a real choice, not an imaginary one, you have put enough incentives in the system for the corruption to go down and voting for a cause to actually work.

You keep asserting this without arguing for it. I see two alternatives in practice. Either you vote for the candidate who is the lesser of two evils, after coalitions have formed and platforms have been set. Or you vote for your ideal candidate, who then joins a coalition which forms a platform (exactly the same lesser-of-two evils coalition, in practice), and who then votes straight-party-line as backbenchers have so little actual power.

You don't change the coalitions, you don't change the power structures, you just move the vote to before the coalitions form, rather than after. And that can end badly when e.g., the neo-Nazis end up leading the winning coalition, and there's nothing much you can do about it until the next election (as happened recently in Austria).

The purpose of democracy is not to give power to your clever ideas. The purpose of democracy is to limit government corruption to a level just below where normal, politically disinterested voters start having to care. And our system does that as well as any other.

Re:I support Mr. Mikko Hyppone

[TangoMargarine]

Isn't the American typographical equivalent suffixing an 'e' after the vowel? e.g. Hyppoenen

Re:I support Mr. Mikko Hyppone

[RockDoctor]

It may never wash off.

Try using a wire brush and Dettol.

Re:I support Mr. Mikko Hyppone

[murdocj]

Do you think that governments hand out lists of their agents? "Here, Russia, here's a list of the Americans you should spy on. Leave the rest of them alone."

Americans not targeted?

[rubycodez]

Hypponnen needs better news sources.

Re:Americans not targeted?

[matthewv789]

I think he's being a bit sarcastic.

Re:Americans not targeted?

His news source is pretty accurate. Most Americans are apathetic to the NSA revelation, Slashdot is just a minority that is not in general. The practical effect to those apathetic Americans is that it is no different from being a non-target since the line of logic is if they're not doing anything wrong it shouldn't matter either way. Very short sighted view in my opinion.

As an american...

[g4c]

Most of your speakers are american anyway â" why would they care about surveillance thatâ(TM)s not targeted at them but at non-americans.

As an american, I don't believe for one second that it's not targeted at us, too. Mr. Hypponen has my support, as well.

As an American

[djbckr]

Let me just say that, by far, most of us Americans *do* care about the surveillance going on in our country. And we're horrified by it.

Re:As an American

Exactly. I keep hearing Europeans going on and on about how we (Americans) are "totally fine with it." It's utter bullshit. There's a difference between liking something and being unable to stop it. The reasoning behind this is that since Americans aren't rioting, apparently we're in full support of it (or something like that; it is never made clear). Strangely enough, I don't see anything like that happening in any other country, either, yet your governments are all doing the same thing as ours.

It is important to remember that we're all in this together. It is a world problem, not a US problem. It just so happens that the story broke in the US and a major player has been held to light.

I promise you, we Americans support you withdrawing from dealing with the criminals and their friends.

Re:As an American

[jones_supa]

The reasoning behind this is that since Americans aren't rioting

Why are you not rioting then? The image that you are just sitting on your asses and doing nothing is not completely unfounded.

It is important to remember that we're all in this together. It is a world problem, not a US problem.

Maybe, but the scale and depth of the NSA surveillance projects are way beyond anything else on this planet. You clearly are the biggest offender.

Re:As an American

[dAzED1]

"Why are you not rioting then?" - several riots were attempted to be formed, but the NSA learned about them through their surveillance programs, and blew up the areas in question with drones, declaring them terrorist attacks. They then used their control over the internet to squash all news about it.

Re:As an American

Why are you not rioting then? The image that you are just sitting on your asses and doing nothing is not completely unfounded.

For the same reason you aren't. Did you even read what I wrote? Every country is up to the exact same thing. We've got Canada, UK, and others that are making absolutely no push to stop their country's wrong-doings. We've got France that is openly jealous of the NSA and says they want to increase their own amount of surveillance. Then we have the US, where we are slowly making legal process and trying to get this shit shut down in a non-violent matter. And yet, it is non-Americans complaining that we aren't doing anything?

Seriously. Explain that.

Re:As an American

[sumdumass]

Why are you not rioting then? The image that you are just sitting on your asses and doing nothing is not completely unfounded.

lol.. You seriously expect people to rise up in public against the Schutzstaffel or Komitet gosudarstvennoy bezopasnosti and protest them? I mean seriously, you just found out that the government is spying on the citizens and say it is bad because the government can construe it any way they like to damage someone's reputation, jail them, ruin their good name, or any number of other things it might find politically expedient and you are wondering why no one is jumping to become the first sheep going into the slaughter house?

Re:As an American

[Opportunist]

Protests and even riots do happen. But you don't think your news media would cover them, do you?

Our media learned that they don't even have to lie to skew our view on the world. They just have to select the things they report about carefully. Tell me: How much, and what, have you heard about the protests that border on riots in the Ukraine?

Re:As an American

[murdocj]

Rioting? Really? That's going to help?

See, in the USA, unlike most of the world, we have this concept of "rule of law". It's a little slower than rioting, but it generally produces better results.

Re:As an American

[bargainsale]

Man's right.

The UK is a major offender with GCHQ, but our government has been shamingly successful in closing down debate on the issue compared with what's happening in the US. The main response from our wonderful government has been to threaten the Guardian. This in a country where (happily) you still don't risk life and limb by opposing the government. The sad fact is that people here don't care about their freedom as much as Americans do.

As I often point out to the pretty numerous people I meet who object to some new lunacy in American politics - you may complain about this, but whatever you think about [whatever], be sure there are Americans who care just as much about [whatever] and are actually trying to do something about it.

Re:As an American

[fisted]

Except your current little problem of your own government not giving a fuck about the law

Re:As an American

[pepty]

In the US, the right kind of riot can be extremely influential and alter the course of national politics overnight. See: Brooks Brothers Riot. The kind of riot where thousands of passionate people make a public stand on issues that don't affect their own salaries? Without being flown in on a corporate jet or being paid to attend? Not so much. That election pretty much predicted how rule of law would stack up against rule of man in the coming years.

Re:As an American

[AmiMoJo]

What do you do when the law no longer applies to the government or its agencies? Unfortunately you have allowed things to get to the point where storming NSA headquarters is looking more and more like a necessary step to getting your rights back.

I hope that we can fix the internet and stop the spying, but with new tech arriving all the timeI think the only long term solution is to get rid of the criminals doing it.

Re:As an American

[TheGratefulNet]

You seriously expect people to rise up in public against the Schutzstaffel or Komitet gosudarstvennoy bezopasnosti and protest them?

before I order all that, I need to know how much those cost and whether they go better with white or red wine.

Re:As an American

[TheGratefulNet]

Tell me: How much, and what, have you heard about the protests that border on riots in the Ukraine?

I tried getting close, but those ukraine girls really knocked me out.

Re:As an American

[greenbird]

Why are you not rioting then?

What're you stupid? That would be playing right into their hands. "We need more surveillance to stop the subversive terrorist inciting these riots." It would give them more ammunition to further usurp the constitution.

Re:As an American

[greenbird]

See, in the USA, unlike most of the world, we have this concept of "rule of law".

Dude, you need to wake the fuck up. That country no longer exists.

Re:As an American

[BringsApples]

Yeah, but Americans have rights that make it more difficult for the American government to 'just do it'. This is not the case for foreigners. They have a right to be more upset than Americans do, IMO.

Re:As an American

[SlovakWakko]

Strangely enough, I don't see anything like that happening in any other country, either, yet your governments are all doing the same thing as ours.

No they aren't - we make sure that our elected officials are neither so smart, nor so well funded, as yours are.

Re:As an American

[SlovakWakko]

"Why are you not rioting then?" - several riots were attempted to be formed, but the NSA learned about them through their surveillance programs, and blew up the areas in question with drones, declaring them terrorist attacks. They then used their control over the internet to squash all news about it.

Who would mod this "funny"?? It should be "insightful".

Re:As an American

[sydneyfong]

I'll believe it when "most of you" Americans get your act together and vote surveillance out of your Free and Democratic country.

Re:As an American

[ImOuttaHere]

Um, not the way I see it.

Other than the US, there is no evidence of massive data collection activities have been conducted on the common citizens of their own citizens and foreign countries.

If you want to make an example of Europe, EU spying is more commonly directed and targeted by using human assets in narrowly focused spying operations (if you live in the US, you can find an online copy of the NSA's unclassified report on security threats that supports this statement). They do not use huge electronic vacuum cleaners to capture everything, everywhere, all the time. The US and China are the only countries with the resources to electronically gather and store data on this scale. The US for possibly dubious security reasons and China in it's state-sponsored intellectual property theft programs.

No, I think the US is pretty much alone on this one. Try living overseas for awhile and you may come to understand what I mean.

The world problem is that there may be no way to adequately defend against certain English speaking countries "Five Eyes" spying activities. If you follow overseas news you'll know that in direct response to US spy activities EU countries are carving themselves off the US-sponsored data networks. In two examples, take a look at what German and French telecos have done over the past few months.

... It is a world problem, not a US problem. It just so happens that the story broke in the US and a major player has been held to light...

Re:As an American

[ImOuttaHere]

Exactly! The USA is no longer the country I grew up in, that's for certain. I can honestly say I don't like what it's become.

See, in the USA, unlike most of the world, we have this concept of "rule of law".

Dude, you need to wake the fuck up. That country no longer exists.

Re:As an American

[aeranvar]

I think it's important to remember that, in order for this movement to be successful, the entire surveillance apparatus needs to be dismantled - not just the US component of it. The US is a terrible offender when it comes to mass surveillance, but the UK is just as bad. If we also don't restrict the actions of the GCHQ and other entities, it would be pretty easy for the US to farm the intelligence work out to foreign countries by making sure that all communications are being routed overseas. It's easy to imagine a deal where the US and UK only collect metadata about foreign communications (which include UK communications rerouted through the US to make them foreign and US communications rerouted through the UK) with the intent of sharing that data in an intelligence partnership.

So... why am I not rioting? Well, I live in the middle of no where and there aren't enough of us TO riot. If I could have attended the anti-NSA protests in Washington, I would have... and I think this is a general problem with US protests. Our country is too large for large protests to be easy from a logistical prospective and the current protest movement hasn't addressed the logistics in the same way that former protest movements have.

Beyond that, I also think that the system fundamentally works. Call me crazy - and there are plenty that do - but I believe that voters still have the power to cause change. I can vote for leaders that will restrict the NSA's actions. Unfortunately, believing in the system means that there isn't much I can do when it comes to restricting the actions of the GCHQ. The best I can do is not give the UK my tourism, despite a life long dream of visiting London.

Re:As an American

[buddyglass]

I'm an American and, honestly, the NSA stuff ranks pretty low in the pantheon of "things to be concerned and/or outraged about".

Unfortunately the NSA Gathers Data on EVERYONE

[BBF_BBF]

Good for Mikko for taking a stand. Unfortunately, the NSA was monitoring Americans as well as foreigners, they just had to obfuscate their spying on American Citizens because it's illegal for them to target Americans without secret court permission.

Re:Unfortunately the NSA Gathers Data on EVERYONE

[liquidsin]

lol @ "under this program". because there are no other progams. none.

Re:Unfortunately the NSA Gathers Data on EVERYONE

A secret court in a "free" country is fucking scary.

Re:Unfortunately the NSA Gathers Data on EVERYONE

[greenbird]

lol @ "under this program"

Hey, those are all based on direct quotes from our illustrious leaders.

And I forgot to add that even in cases where they do "monitor" the data by actually intentionally looking at it they only look at data for 3 degrees of separation from the target. Never mind that it almost certainly includes literally tens of thousands of people when you consider that the target called to order pizza or the cable company or something.

Re:Unfortunately the NSA Gathers Data on EVERYONE

[greenbird]

That would be fine, right?

If you're asking me that you might want to consider a sarcasm meter adjustment.

Re:Unfortunately the NSA Gathers Data on EVERYONE

[Maritz]

Well if your sarcasm is effectively a Poe, what's the point? Nothing you said looks different from any NSA apologist's comments. This is from someone whose sarcasm meter is in perfect working order thank-you-so-very-much. ;)

Guilty and impossible to prove innocent

[Ralph+Wiggam]

RSA has categorically denied that they cut a deal with the NSA. But Mr. Hypponen and the rest of the internet has declared them guilty based on unseen evidence. How is that fair?

Re:Guilty and impossible to prove innocent

[Rick+Zeman]

RSA has categorically denied that they cut a deal with the NSA. But Mr. Hypponen and the rest of the internet has declared them guilty based on unseen evidence. How is that fair?

First, no one said that life was fair. Secondly, RSA didn't categorically deny anything. Go parse their statement carefully. They've denied a specific scenario with several criteria, that's it.

Re:Guilty and impossible to prove innocent

[Therefore+I+am]

If you lie down with dogs - you get fleas!

Re:Guilty and impossible to prove innocent

[pla]

RSA has categorically denied that they cut a deal with the NSA. But Mr. Hypponen and the rest of the internet has declared them guilty based on unseen evidence. How is that fair?

You can expect that to become a trend. The NSA has well and truly fucked over the entire American IT security industry. Even ultra-low-end "security" products like home broadband routers have become suspect, thanks to their interference.

Fair? No. Obvious consequence of the NSA's actions? Absolutely. People haven't trusted them for decades - Anyone remember Tempest? Or the improved S-Boxes that made DES more resistant to an attack that wouldn't exist for another 25 years? But in the back of our minds, we always told ourselves they might count as completely scary bastards, but at least they counted as our completely scary bastards. Now we know better - They have zero regard for US law and work for no one but themselves.

On a positive note, I'd still rather see the TSA disbanded first. But at this point, they both need to go.

Then again, this just follows a loooong history of ineffective, illegal, self-serving "intelligence" agencies in the US, from Hoover's FBI to Bush-the-elder's CIA to our current situation, you'd think we'd eventually learn and say "no more". Sadly, most people don't even have a clue we have a problem, or worse, outright support giving up our freedoms if it will protect us from the evil brown people across the sea.

Pathetic, the whole lot of us.

Re:Guilty and impossible to prove innocent

[MrEricSir]

As Ars explained, "RSA's defense seems to be that officials didn't know the NSA-influenced deterministic random bit generator had weaknesses that could be exploited to crack adversaries' cryptographic keys."

Whether bribery was involved or not, RSA used an algorithm without validating the math.

Re:Guilty and impossible to prove innocent

[Just+Brew+It!]

Please read the complete RSA press release and parse it carefully: https://blogs.rsa.com/news-media-2/rsa-response/

They don't deny that they entered into a deal. They deny that they entered into a deal "with the intention of weakening RSA’s products, or introducing potential ‘backdoors’ into our products". In other words, there was a deal, but they are insisting that they didn't realize at the time that the algorithm had a backdoor.

If there was no deal at all, they wouldn't have felt a need to qualify the denial with the above quoted text.

Re:Guilty and impossible to prove innocent

You haven't done your research.

It has been known for years that the RSA pushed an unsecure algorithm by default, and suspected it was intended as a backdoor. What wasn't known was their motivation behind it. We recently have been given information that the NSA gave them money in exchange for their service. Sure, you can claim it was all made up, but everything else given to us by Snowdown to date has been accurate. Meanwhile, those that would be negatively impacted by these revelations (such as the NSA, the president, various large tech companies, etc.) have been caught lying non-stop about it. I wouldn't exactly say it is hard to imagine that the RSA is going to claim they weren't involved in an attempt to save themselves.

RSA has categorically denied that they cut a deal with the NSA.

Not quite. They have done no such thing. The RSA has not denied working with the NSA, accepting money, nor weakening encryption. They simply said they did not create a contract with the NSA. It was nothing but deflection using weasel words.

No matter how you want to spin in, the RSA are not the victims here. Citizens across the globe are. That is what is not fair.

Re:Guilty and impossible to prove innocent

[deconfliction]

You can expect that to become a trend. The NSA has well and truly fucked over the entire American IT security industry. Even ultra-low-end "security" products like home broadband routers have become suspect, thanks to their interference.

Much as I truely *loathe* the NSA crimes of late, I must stand in their defense on this one- at least with how you stated it. The security of *all* (low and high end) security products like home broadband routers was *extremely* suspect even before the Snowden revelations. The mere fact that the industry is allowed to operate like this (mobile phones that never get security updates are as bad or worse), is what clued people like me into the scope of what could be revealed by someone like Snowden. It's been 6 months and it still almost feels unreal, just because of how unreal the prior decade felt. And it felt that way *because the NSA were actively hiding from the public, domestic and foreign, the swiss-cheese fabric of our internet and computing security*. But you can't be a typical slashdot reading techie, certainly now in retrospect, and say "oh, _now_ the security of these devices has become suspect". It was suspect all along. I would have expected to see monthly patches rolling out to my home router, if I imagined the device was being actively security-supported in any way. And the companies were probably just quid-pro-quo happy to not have to invest in real security for the devices. I'm sure the NSA probably leaked to the companies or the public, those security holes it wanted fixed, but kept to itself the ones it didn't want. Open source, many eyes folks. It's the first step toward the only real hope I see.

Re:Guilty and impossible to prove innocent

[dAzED1]

wouldn't it be cool if there were any chance that a FOIA request could somehow get a line-item budget of all payments to outside companies, by the NSA, so that such a list could be parsed to find payouts such as the one to RSA?

Re:Guilty and impossible to prove innocent

[Opportunist]

The problem is that so many lies have been flying around in that whole shit that there is imply NOTHING anymore that anyone would believe the NSA or its cronies.

It's a bit like with the Soviet propaganda of the old times. After a while you simply knew that they are lying. You have caught them so many times that you wouldn't even believe them if they told you the sky was blue, if you can't verify their claim, it was safe to assume that it's a lie.

The NSA is about as bad.

Re:Guilty and impossible to prove innocent

[Opportunist]

Well, the TSA is a nuisance. The NSA is a criminal organization.

Re:Guilty and impossible to prove innocent

[Trax3001BBS]

RSA has categorically denied that they cut a deal with the NSA. But Mr. Hypponen and the rest of the internet has declared them guilty based on unseen evidence. How is that fair?

Oh no you didn't...

RSA was aware that the Elliptic Curve Deterministic Random Bit Generator (Dual EC DRBG) had been back doored since 2007,
http://yro.slashdot.org/story/13/12/23/0357228/rsa-flatly-denies-that-it-weakened-crypto-for-nsa-money?utm_source=rss1.0mainlinkanon&utm_medium=feed

They waited an ample 5 years before they warned that it shouldn't be used.
http://it.slashdot.org/story/13/09/21/2143250/rsa-warns-developers-not-to-use-rsa-products
I'm sure they just wanted to double check their findings first.

Re:Guilty and impossible to prove innocent

[VortexCortex]

Not only that, but if we're to believe security researchers were daft enough to screw up their security systems without being force to... See, morons or compromised they can't be trusted either way now.

Re:Guilty and impossible to prove innocent

[icebike]

Secondly, RSA didn't categorically deny anything. Go parse their statement carefully. They've denied a specific scenario with several criteria, that's it.

The quote is right there on the RSA's site..
and the first sentence says:

Recent press coverage has asserted that RSA entered into a “secret contract” with the NSA to incorporate a known flawed random number generator into its BSAFE encryption libraries. We categorically deny this allegation.

They rattle on about with a bunch of marginally relevant stuff, then follow up with:

RSA, as a security company, never divulges details of customer engagements, but we also categorically state that we have never entered into any contract or engaged in any project with the intention of weakening RSA’s products, or introducing potential ‘backdoors’ into our products for anyone’s use.

Two "categoricallys" within the half a page of text, and you missed both of them.
So right away, you are wrong. Clearly you didn't bother to read their statement at all.

The word categorically can never apply to a specific scenario.

Can they be innocent in all this. Its not inconceivable, they could have been duped by the NSA. But in that case they are incompetent, so the stigma still attaches.

Re:Guilty and impossible to prove innocent

[MobSwatter]

Now we know better - They have zero regard for US law and work for no one but themselves.

On the contrary, being they sold the bush / bamster and congress on the starship enterprise control console (I pwn u spy sickness), they are the corporate bitches just as their leadership that allows/defends this. nsa needs to be "sandboxed" to prevent private sector business interference, cia has played this very quietly up until now but we all know about funding for black wars and dealing drugs to fund them, fbi needs to be put back in the box in being a purely domestic agency, dhs needs to come up with actual reasoning as to why it needs over 2 billion rounds of .223 ammo + military/armored personnel carriers, being a purely domestic agency and all. There truly needs to be reform, not the bamster snake oil type.

Re:Guilty and impossible to prove innocent

[vux984]

Do they categorically deny taking a 10 million dollar payment from the NSA?

No. On that all they said was they "don't divulge details".

Do they categorically deny they incorporated Dual EC DRBG random number generator into its BSAFE encryption libraries?

No. They can't deny that. Because its clearly something they did in fact do.

Do they categorically deny they took 10 million dollars from the NSA to incorporate Dual EC DRBG into BSAFE?

Well... again.. no, not really. They categorically deny they ever intended to weaken products or incorporate known flaws.

Basically all they are categorically deny is that they KNEW what they were doing. Here's a decent article on it...

http://www.techdirt.com/articles/20131222/23532125671/rsas-denial-concerning-10-million-nsa-to-promote-broken-crypto-not-really-denial-all.shtml

Me, I havent' seen the documents alleging the connection bewtween 10M and setting Dual EC DRBG as default in BSAFE... and I would dearly like to see how much of a smoking gun it really is.

Re:Guilty and impossible to prove innocent

[Smauler]

GP was speaking metaphorically. That have categorically denied some things that were not relevant, but they were not the things they were accused of. Did they get paid $10m by the NSA to use a poor cryptographic solution? Yes, they did, and neither of their categorical statements address this.

Re:Guilty and impossible to prove innocent

[vux984]

Not quite.

They denied a "secret contract" to incorporate a known flawed RNG into BSAFE.

They did NOT deny a secret contract to incorporate DRBG.

If they did not know, at the time they made the deal that the RNG was flawed, then they could truthfully claim they did not knowingly take money to incorporate a known flawed RNG.

The pedant in me would like them to categorically deny any link between the $10million and incorporating Dual EC DBRG.

They didn't actually do that.

Given just how much scrutiny they KNEW their statement would be put under; and the fact that their lawyers would have reviewed the thing before it going up, it is striking that so many news sources are identifying it as a dodge rather than a head o denial.

Here's another article...

http://www.theverge.com/2013/12/23/5237788/rsa-nsa-backdoor-non-denial

Its hard to believe, again, given just how much scrutiny they KNEW their statement would be under, that the lack of certainty was anything but calculated.

Re:Guilty and impossible to prove innocent

[innocent_white_lamb]

Tempest and S-Boxes? I'm wondering about se-linux, myself..

Re:Guilty and impossible to prove innocent

... known flawed random number generator ...

And if they can claim at the time that they did not know it had flaws then they could still take 10M for putting it in via a secret contract and still truthfully claim what they have written. It does not mean that they did not accept money from the NSA for putting Dual EC DRBG into BSAFE via a secret contract - the total of all assertions together in the statement is being denied they have not separately refuted point by point that all of the following is not true:

1. A contract existed with the NSA (be it secret or commercial in confidence or something else).

2. That contract or agreement (written or verbal) either entirely or in part covered incorporating Dual EC DRBG into BSAFE.

3. That they were paid for this task.

4. They that were unaware of any issues surrounding flaws in the rng.

Without denying each point individually the statement as it stands is just fluff.

Re:Guilty and impossible to prove innocent

[cheekyjohnson]

From what I see, both are criminal organizations.

Re:Guilty and impossible to prove innocent

[gl4ss]

incorporate a known flawed random number generator into its BSAFE encryption libraries

that's the only thing they deny.

they deny that it was known to be flawed. if they admitted that they knew it was flawed, it wouldn't matter at all who paid for it's inclosure now would it??

Re:Guilty and impossible to prove innocent

[icebike]

If they got it with the help of or input from the NSA , and they take it at face value, they are either incompetent, or naive. So guilty, naive, or incompetent. Does it really matter? Goose cooked. Either way.

Re:Guilty and impossible to prove innocent

[gman003]

The TSA is incompetently criminal - incompetent at their job, and their job isn't per se bad, but it's unnecessary and so poorly-done as to be criminal.

The NSA is effective. They had secret courts set up just to rubber-stamp their authority and even then they couldn't stick to the loosely-written rules. They have near-complete monitoring of communications, and if they don't have their own wet-work outfit, they can get you thrown in Gitmo simply by claiming to have some evidence (I'm not even sure they need to fabricate it anymore).

Comparing the two is like comparing a bunch of teens who loiter and buy cigarettes underage and sometimes shoplift, to the Mafia. You don't want either, but you want the actively dangerous one gone first.

Re:Guilty and impossible to prove innocent

[Tijaska]

they can get you thrown in Gitmo

Give me your tired, your poor,
Your huddled masses yearning to breathe free;
The wretched refuse of your teeming shore,
Send these, the homeless,
Tempest-tossed to me
Our Gitmo camp has space for plenty more.

Pity Aleksandr Solzhenitsyn isn't still around, he could write a book about The Gitmo Archipelago.
Has no one else noticed that Mikko Hyppönen talks about americans rather than Americans in his email?

Re:Guilty and impossible to prove innocent

[gl4ss]

the only accusation they categorically deny.. is that they knew that it was weaker. that's not much of a category but there you have it. the entire fucking thing is written so that you would walk away from it thinking they deny other things as well.

and well, apparently it worked, since you were so sure about it that you didn't even read the linked article.

again, the only category of things they deny is specifically _knowing_ that the rng was teh suck and that they knew it. it doesn't deny even that NSA knew it was teh suck. it doesn't deny the 10 million payment. it doesn't provide any other explanation for why they went with it as default.

Re:Guilty and impossible to prove innocent

[Alioth]

They put DRBG in BSAFE because it was a NIST standard. However, what they did do that seems suspicious is make it the default, and keep it as the default even though way back in 2007, security researchers said it was slow, flawed and possibly had a backdoor. No one else used it as the default. Why did RSA keep it as the default?

If it wasn't the NSA giving them a bung for keeping it as the default, then the only other answer is incompetence. Incompetence is certainly believable, after all there was that thing with their keyfobs a year or two back. So either way we ought to avoid doing business with RSA - because either they are in cahoots with the NSA and took an under-the-table payment to keep a known bad RNG with a possible backdoor *as the default* for their product, or they are incompetent - and you don't want either of those in something incorporated in your company's security.

Re:Guilty and impossible to prove innocent

[Alioth]

Worse than that, they continued using it AS THE DEFAULT for years after security researchers revealed that it was flawed. The flaws and possible backdoor in the RNG was noted back in 2007 but RSA kept it as the default until September this year. So it's either a case that they kept it as the default because of a secret deal with the NSA or because of incompetence. Either way, that makes RSA a company I don't want to deal with.

Re:Guilty and impossible to prove innocent

[cheekyjohnson]

The TSA is incompetently criminal - incompetent at their job, and their job isn't per se bad

I'd say violating people's fourth amendment rights is bad. Why would you say otherwise?

Re:Guilty and impossible to prove innocent

[colordev]

Hyppönen is a Finn and Finns write natively all nationalities and languages in lower-case letters. Have some tolerance for us Foreigners occasionally making some typo or two... you uninformed and insensitive clod!

Re:Guilty and impossible to prove innocent

[fatphil]

Finns do not capitalise anything apart from the name of the country. All derived terms, such as languages (e.g. "finnish"), citizens (e.g. "finns"), or adjectival modifiers (e.g. "finnish") do not get the capital letter. OK, he probably ought to restrict such behaviour to when he's communicating in finnish, but to be honest, after living there for a decade, I've started to approve of the logic behind it. Only the proper noun that names a thing gets capitalised, as it's the only thing that's actually a thing's name. Every other instance is some other thing's name that's been modified so that you can use it in a different context to apply to a different thing. So he's not picking on America there.

RSA and American software

The bottom line is that the world is no longer confident about software written in the US, and will seek alternatives sourced from Europe, Russia, China and elsewhere to regain the security and privacy which they believe they have lost.

The NSA will be directly responsible for a shift away from US standards, US software and US protocols ... because without confidence, those standards, software and protocols don't mean a damn thing. RSA, by simply going along with the NSA has damaged its brand name, possibly irreparably.

Re:RSA and American software

[Opportunist]

That's pretty much the main danger behind it: The US are going to be seen as worse than China when it comes to security.

China has a pretty bad rep in that department. Allegedly they pushed malware on some of the electronic gadgets they produce. Or ... did the US just tell us they do so we'd buy their stuff?

Now, it's pretty hard to get around China when you're buying electronics. Pretty much everything is built over there. OTOH, it's much easier to avoid US goods. Pretty much everything produced in the US is also produced in the EU at similar quality and price.

Re:RSA and American software

[icebike]

The bottom line is that the world is no longer confident about software written in the US, and will seek alternatives sourced from Europe, Russia, China and elsewhere to regain the security and privacy which they believe they have lost.

And that is sad, because there is no reason to trust Russia or China any more than any one else. Less, in fact.
If you have an email account in Russia or China you just naturally assume its fully monitored. By both sides.

What I do trust is open source, regardless of its country of origin. Much of this still comes from the US, Germany, India, etc, and even Russia.

And now we are forewarned. Fool us once, shame on you. Fool us twice, shame on us. What ever comes out of this will be better and stronger, and the entire world has learned a lesson. We will never rely on the laws on the books any more. Our tools are going to be written with the assumption that we are at war. And in a way, we are. And as a result the NSA's excesses will probably be shown to enable more terrorists, drug, and weapon smuggling than they ever prevented.

They are hoist by their own petard.

Re:RSA and American software

EOL on XP coiniciding with all these revelations and doubts will hopefully inspire the businesses and governments fo the world to turn their eyes to OSS. Of course there are those that can't or at least think they can't but can at least test, examine or add a few lines of code. How many of those that can have customers or partners tied to the same programs as them? How much can be run from XP images in virtual machines?

Some have already moved to OSS, some are in the process and some are just thinking about it. Those that despise the US government for its behaviour should help each other out and move completely away from closed source software and do something about everything being forced through a limited number of US centric telcom bottlenecks.

I sincerely hope there is a movement in the works better planned and worded then my weak attempts at it. Time for some changes.

Re:RSA and American software

[dbIII]

I've got malware on US stuff too over the years but put it down to what I suspect has happened with pretty well all of the Chinese stuff - somebody fucked up.

Re:RSA and American software

If USA lose the software market, they really dont have much left. it is still an economic powerhouse, but its more and more just in money flowing through banks, something we in the rest of the world could start routing around if we wanted to. I think Americans need to realise that they need friends, not to throw their weight around, because the 800lbs gorilla is really just a suit with rocks in it by now. so unless you decide to make make it a an actual war (and that would ruin you as much as us) then you need to stop thinking you are the top power, cause thats just not the truth. if it comes down to it you are a 1 trick pony and if the trick fails you have nothing left. that is not a very stable foundation to be holier-than-thou from. you simply need to play along for once because you have lost anything that will keep us from cutting the ties.

It is a very volatile situation, and the dice can fall in many ways. but if americans keep protecting americans for the sake of being americans. and think all non-americans are enemies and our outside-in observations are wrong by default, then that is the world you will get. one where we say "america" with contempt instead of hope. and you are a lot closer to that than to the "land of milk and honey" these days.

I know it will be hard to ask America to be more socialist (in the "get along with others"-sense) because you are so used to having the upper hand. but you know the saying; those you step on on your way up... (and there are many out there now who is just waiting for their chance to step on you, so you might find it hard to get allies, especially without that upper hand)

Or i could be completely wrong.

Re:RSA and American software

[stoatwblr]

"That's pretty much the main danger behind it: The US are going to be seen as worse than China when it comes to security."

Funnily enough that's one of the reasons I'm advocating for NOT buying Cisco equipment in our next prchasing round.

Their recent congressional FUD campaign has had results outside of the USA, just not the ones they desire.

Company Value?

How did the stock market react? RSA's mother company is EMC, isn't it? There doesn't seem to be much of an effect, on the contrary, gaining half a percent today? Or am I looking at the wrong data?

Re:Company Value?

[Opportunist]

Apparently the brokers assume (correctly, if you ask me) that managers don't have the foggiest clue what this entails and hence it won't affect sales.

Just you wait 'til one of those oh so important manager pulp magazines writes about it!

Re:Company Value?

[VortexCortex]

You mean the stock market that the NSA controls? If they receive beams of light, they can send them, scramble them, cause packet delays, etc. In a world of super low latency high frequency trades, PRISM rules.

Re:Company Value?

[andydread]

And IIRC EMC along with Microsoft and IBM lobbied to shoot down software-patent reform bill in congress recently. Won't be purchasing anymore products from this group.

Re:Company Value?

[oodaloop]

Bul tin foil hats block it, right?

Good (non) job

[BringsApples]

I support anyone that's willing to hit the breaks these days. Without people, nothing can succeed, nothing at all. If the only card we have to play - in this world of bullshit, lies and damn lies - is non-participation, then we have to play it. To keep going on like "everything is just what it is and there's nothing that we can do to change it" is to play into the continuation of the problem. To see others acting upon this truth is heart-warming and gives hope to others that are doing it.

Re:Good (non) job

[VortexCortex]

CC: PJ@GrockLaw.net

Re:Good (non) job

[VortexCortex]

s/rock/rok/

Re:Good (non) job

[BringsApples]

Interesting website.

Re:Good (non) job

[ImOuttaHere]

Noam Chomsky noted in a lecture I heard him give a few years ago that it's only in America that people ask things like "... well, what can we do?" Everywhere else he lectures, he says people come up to him and tell him what they personally are doing to combat inequity and injustice.

If Americans can personalize the injustices and inequities they face, maybe they can begin to figure out what they can do to fight back. There certainly is no incentive for US government agencies and US corporate interests to do anything but they currently are.

Re:Good (non) job

[BringsApples]

I know man, I live in America. I had to quit my job because of the ridiculousness. No one thinks, they just want to follow some old set of rules that are supposed to land you in a comfy position. The same nonsense that made me decide to quit my job, is the same nonsense that is making it hard for other countries (that are able to think in terms of a global scheme) to naturally thrive.

The real thing here is that human evolution is still going on, and some are simply more in tune with Nature than others. Pulling yourself out of this rat-race that is America these days, is the best idea. No one counts art as a part of Nature, but it's a huge part. I think America needs a huge art-movement - and I don't mean that we all need to take to the streets and draw, paint or make music. I mean do whatever you do, but make sure that you're able to have your own way of art involved in it. Otherwise you're just another brick in the wall.

Re:I am dropping RSA

[MichaelSmith]

Make sure you tell them why.

Two Different Companies

[databeast]

As symbolic as this is, It's worth pointing out that the RSA Conference and RSA Security are two separate corporate entities (and I worked with both, producing RSA Security's own booth content at RSA Conference 2011). They do however, all funnel back up to EMC (y'know.. the world's largest storage systems corporation).

Say WHAT?

[russotto]

Mr. HyppÃnen hasn't been paying attention if he believes "surveillance thatâ(TM)s not targeted at them but at non-americans". That's the NSAs line, but the Snowden revelations have shown that to be pretty much a lie. They're willing to spy on Americans who are up to three hops from a target, and they're Hoovering up American's call records wholesale.

Re: LOL

[Opportunist]

Why the "or"? Considering the way they act and their goals, an "and" seems more appropriate.

Mikko says "time to act"

[Pav]

In Mikkos own words it's time to act. I guess this means he is taking his own advice. I have in my own very small way been pushing up the price of surveilance : https everywhere, disconnect, duckduckgo etc... haven't been motivated enough for Tor yet because I share a slow connection. Still, we can and must act in small ways in our browsing behavior, purchasing decisions, and any other ways we can come up with. We're lucky that others of us are already acting in not so small ways, and we must support them.

TED

[jones_supa]

BTW here's Mikko's recent TED talk on the topic if you haven't seen it yet.

Re:I am dropping RSA

[WaffleMonster]

I am dropping RSA as my SSO secuity system and prepping for another now.

I would have hoped ya'll would have got that hint in 2011 after a breach at RSA compromised their customers FOBs... better late than never.

lol

Dude... seriously? You think the rule of law is going to have any impact on this situation? Admit it... we are all cowards

Re:character map

[C18H27NO3+]

Or alternatively [Start], charmap in the run box, Enter key.

Reasonable cause applies here

[frankenpc510]

In response to some of the comments along the lines of "Hey! Maybe we are reacting too harshly!" If there is reasonable cause that any given security system is compromised even a little, the entire thing must be shutdown and repaired. In other words, unlike water plumbing...a little leak is cause for total dismissal of a security system. At this point, it's safe to say the entire internet is suspect. Failure to take this stance is just burying your head in the sand.

....of course he didn't just type them on his kb..

[gl4ss]

you know what's really funny then? if I just type the letters on my nordic keyboard... WANNA GUESS DO THEY WORK? FUCK NO! FUCKNO! this is what comes out after pressing submit: ÃÃÃÃÃÃÃÃÃÃÃ

That's Funny...

[Greyfox]

Then why is it still going on?

Other countries would do the same

[Britz]

I hate to be *that guy*, but everyone needs to understand two significant points:

1. After a couple month of watching the PRISM scandal unforld I now believe this is a "Hiroshima moment". Never before in human history was it possible to spy on everyone. To have a file on everyone. The secret services (the bad as well as the good) always had to focus on a select few. No more. We are living in 1984.

2. I firmly believe the main reason why other spy agencies are not doing what the NSA is doing is because of their limited capabilities. Both in less money and resources, but also in reach. Google, Facebook, Apple and Microsoft are US based. Many important internet exchanges as well. This point is especially important, because of the US tradition of transparency and whistleblowing. As American as the NSA may be, Snowden is even more so. I can't imagine a Chinese Snowden. And even if he existed, would they have a broad discussion on that subject in China? How about Russia? Or even the UK? GHCQ has been as bad as the NSA, yet do we see a broad and honest discussion about it in London?

I hate the constant and ubiquitous surveillance, but the technology advances were the ones that brought them here. The NSA were only the first and foremost ones that took advantage of the new tools. They become cheap fast. Soon every spy agency will have them. This is a very useful and helpful discussion we are having right now. Because we either need to encrypt everything and move everyone onto Tor, or get used to having a file on everyone. There is no "gentlemen's agreement" (no-spy-agreement, UN accord, whatever), because there is no way to enforce it.

Re:lol

[ImOuttaHere]

I hate to admit it, but you're right. We are cowards. Maybe it's because we feel we have too much to loose? For whatever reason, we seem to tolerate the inequities and injustices quite nicely.

Dude... seriously? You think the rule of law is going to have any impact on this situation? Admit it... we are all cowards

Re:I am dropping RSA

[wbr1]

Apparently you didn't get the hint either as you are just now prepping to change.

And you should be modded Insane

[SmallFurryCreature]

If the NSA did have this control over the internet that you seem to think they have, how come you are discussing it?

Better approach

[evil_aaronm]

Wouldn't it have been better for him to show up, presumably on whatever topic he originally planned, and then give a presentation on why RSA was wrong to capitulate to the NSA? Sure, a number of us have seen this on /., but I think way more people would've come across this if the other major news outlets picked it up when he was escorted out of the building. Of course, there's the possibility that he would've been held up trying to get home.

Re:I support Mr. Mikko Hyppönen

[colordev]

I would go as far as calling US a one party system; the party being "a rich peoples party". In order to make it look less like so, they have simply divided the party into two halves! Both party-half having half of the representatives in senate and half of the representatives in congress. And each party-half ruling the White House after the other party-half has had its turn.

Re:I support Mr. Mikko Hyppönen

[XcepticZP]

The political system was always the tool used by the rich and powerful. It's just that now they've found the perfect combination of freedom and profit to placate people with. They're told that democracy is an ethical imperative, and that it is an ideal that we should strive for and hold in the highest regard. Whoever calls bullshit on this get's labelled evil and "anti-freedom". The state is the exact antithesis of freedom, and we all need to wake up and realize that.

The question of who is in charge is irrelevant. The truth of the matter is that we have to dismantle this immoral system before it ruins all the good we've done despite it. I guarantee you, with this intellectual/connected society we have now, the end result will be beautiful.

others tried

The reason you don't hear about a chineses Snowden is because they shot his family and threatened to kill the rest of his family tree if he continued

MIKKO, UDABES!

[messymerry]

THANK YOU MIKKO! After 9-11, the U.S. interdiction efforts quickly morphed from international terrorism to internations and domestic terrorism with equal emphasis placed on both. IMHO, the U.S. Govt is currently more concerned about domestic terrorism than about foreign operatives. Sorry Mikko, you are wrong on that count.