BY JOSEPH MENN
Jan 17, 2014
Photo courtesy blogs.wsj.com
(Reuters) – Several prominent computer security experts have canceled appearances at the largest annual conference on security technology and are now lending their names to a rival gathering as discord in the industry over U.S. intelligence practices continues to grow.
The experts are among nine who have publicly forsaken coveted speaking slots at the annual RSA Conference, to be held next month in San Francisco, in protest over the conference owner’s dealings with the National Security Agency.
They will instead speak at the new and much smaller “TrustyCon,” to be held in the same city during the RSA event. Billed as the first “Trustworthy Technology Conference,” the upstart event’s backers include Def Con, which holds a major hacking conference each year in Las Vegas, and the nonprofit Electronic Frontier Foundation, which will get the proceeds from $50 ticket sales that begin Friday.
Reuters reported last month that RSA Security, now a division of data storage maker EMC Corp, incorporated a flawed cryptography formula in a widely used software tool under a $10 million federal contract. The NSA-developed formula is now believed to have been breakable by the agency, though people familiar with the RSA arrangement told Reuters that executives had not realized that at the time.
“I don’t think it’s wrong for companies to work with the government. What’s important is being trustworthy and honest with customers,” said Alex Stamos, who helped create the one-day TrustyCon event. “The most charitable reading is that RSA failed to see the danger and didn’t warn the customers.”