I have no problem with NSA working to crack every commercial cypher out there. That’s what they’re supposed to do. However, I cringe when I read of yet another backdoor put in at the behest of the NSA to weaken data security.
Once upon a time the NSA held a near-monopoly on the ability to exploit data security. Those days are gone. Every backdoor the NSA finagles into the technology that keeps us secure in the hopes of exploiting it against our foes, our foes (and potential foes) exploit it, too. The result turns us all into sitting ducks (witness the Target data breach of 40 million credit card numbers).
As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned.
Documents leaked by former NSA contractor Edward Snowden show that the NSA created and promulgated a flawed formula for generating random numbers to create a “back door” in encryption products, the New York Times reported in September. Reuters later reported that RSA became the most important distributor of that formula by rolling it into a software tool called Bsafe that is used to enhance security in personal computers and many other products.
via Exclusive: Secret contract tied NSA and security industry pioneer | Reuters.