As first reported by Reuters on December 20, the network security company allegedly compromised the security of its users by allowing NSA to build a "backdoor" on the BSafe software. However, RSA has already denied the allegations.
Nonetheless, RSA’s denial was not affirming and left a bountiful of experts asking why RSA went into such a deal with the federal security agency. The unanswered question prompted security experts to boycott the conference in San Francisco.
Chief research officer at F-Secure Mikko Hypponen, published an open letter to RSA and EMC stating that he would be calling off his RSA Conference, titled “Governments as Malware Authors.” Soon after, he added that no one from F-Secure would be attending and presenting at the conference.
Hypponen said that the reason for his absence was personal as any surveillance operations carried out with in cooperation of RSA could affect him as a Finn. He was the first to cancel his speech on the upcoming conference.
He said, “I don't really expect your multibillion dollar company or your multimillion dollar conference to suffer as a result of your deals with the NSA. In fact, I'm not expecting other conference speakers to cancel. Most of your speakers are American anyway -- why would they care about surveillance that's not targeted at them but at non-Americans.”
A spokesperson for EMC declined to comment about the boycott.
Blue Coat CTO Hugh Thompson, the conference program committee of the conference, also refused to comment.
The news of boycott quickly spread outside Europe and as it happened, eight more speakers and panel participants expressed their support and thinking of canceling too.
Jeffrey Carr, CEO of Taia Global, told the Information Week that he is not attending because RSA has failed to explain why it received $10 million from the NSA just to use its B-Safe's encryption algorithm in 2004.
Errata Security CEO Robert David Graham also wrote on his blog post that he is not speaking for the RSA conference.
“RSA was mostly tricked by the NSA instead of consciously making the choice to backdoor their products. Instead, what I care about is sending the message to other corporations, that they should fear this sort of things happening to them," Graham wrote.
Other security experts who plan to boycott the RSA Conference are Google senior staff software engineer Adam Langley, senior policy analyst for the ACLU's Speech, Privacy and Technology Project Christopher Soghoian, and KuppingerCole’s senior analyst Dave Kearns.