A NUMBER of high profile computer security experts have distanced themselves from RSA Security and will no longer speak at its annual conference.
ACLU advocate and privacy campaigner Christopher Soghoian is one of the latest to line up and remove himself from the event, and he made his announcement on Twitter on Tuesday.
I've given up waiting for RSA to fess up to the truth re: the NSA and Dual_EC. I've just withdrawn from my panel at the RSA conference.— Christopher Soghoian (@csoghoian) January 7, 2014
Others have also vacated slots at the RSA Security conference, including Josh Thomas of Atredis, Alex Fowler, Mozilla's Global Privacy and Public Policy leader, and Marcia Hoffman a privacy lawyer with ties to the Electronic Frontier Foundation.
I've decided to back out of my panel at RSA, too. No longer speaking on "The Boundary Between Privacy and Security: The NSA Prism Program."— Marcia Hofmann (@marciahofmann) January 7, 2014
First to shun the RSA event was the Finnish security researcher Mikko Hypponen, who announced that he would decline to speak at the conference and said that RSA had only itself to blame. Since his initial announcement he has doubled down on refusals, and now neither he, nor the company he works for, will be sharing in the show.
Hypponen had been a regular at the RSA conference, but recent revelations led him to decline his presentation slot.
"On December 20th, Reuters broke a story alleging that your company accepted a random number generator from the National Security Agency, and set it as the default option in one of your products, in exchange of $10m," he wrote in an open letter on the F-Secure company blog addressed to the firm in late December.
"Your company has issued a statement on the topic, but you have not denied this particular claim. Eventually, NSA's random number generator was found to be flawed on purpose, in effect creating a back door. You had kept on using the generator for years despite widespread speculation that NSA had backdoored it."
Then Hypponen was just pulling out of a talk that he had agreed to do. However, he is now adding his part in a panel discussion to his "don't want to do" list for 2014.
"Initially I only canceled my talk, as I didn't want to punish the FTC which had nothing to do with the events I was protesting about. However, partial participation sends mixed messages. I don't want to send mixed messages, so I have canceled all my appearances at RSA 2014. I'm sure the FTC will understand," he said
"I can also confirm that F-Secure is not speaking, sponsoring or exhibiting at RSA Conference USA 2014. While I am glad to see that many other speakers have decided to cancel their appearances at RSA 2014 in protest, I don't want to portray myself as a leader of a boycott. I did what I felt I had to do. Others are making their own decisions.
Security writer Jeffrey Carr quickly followed Hypponen's early lead, saying that he would not take part until RSA became more open. µ
Unlike, say, users
Promise comes just a day before Ofcom releases long-awaited report
Prepare to be briefed by the shouty kitten wot finks it's a soldier