Secret contract tied NSA and security industry pioneer RSA

am

Undisclosed until now was that RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software, according to two sources familiar with the contract. Although that sum might seem paltry, it represented more than a third of the revenue that the relevant division at RSA had taken in during the entire previous year, securities filings show.

The earlier disclosures of RSA’s entanglement with the NSA already had shocked some in the close-knit world of computer security experts. The company had a long history of championing privacy and security, and it played a leading role in blocking a 1990s effort by the NSA to require a special chip to enable spying on a wide range of computer and communications products.

(…)

The RSA deal shows one way the NSA carried out what Snowden’s documents describe as a key strategy for enhancing surveillance: the systematic erosion of security tools. NSA documents released in recent months called for using „commercial relationships“ to advance that goal, but did not name any security companies as collaborators.

Die Schockwellen der NSA-Affäre breiten sich weiter aus. Jetzt trifft es mit EMC ein großes IT-Unternehmen, das – gewollt oder ungewollt – Gefahr läuft, seinen Ruf bei den Kunden zu verlieren und Probleme mit seinem Geschäft bekommen könnte.

EMC hatte Mitte 2006 RSA für 2,1 Milliarden Dollar geschluckt und damit seinerzeit das zehnfach dessen hingeblättert was RSA Jahresumsatz machte. Das war EMC damals die Krypta-Lösungen von RSA wert. Heute würde keiner mehr nur einen Cent für RSA bieten.