Security researcher Mikko Hypponen wrote an open letter to RSA informing the company that he is canceling his talk at the upcoming conference. His decision was influenced by the company’s recent $10 million secret contact with NSA.
Mikko Hypponen is the chief security officer of F-Secure based in Finland. Its main product includes an anti-virus, cloud content, and computer security. It caters to millions of customers in more than 100 countries.
On Monday, he wrote an open letter to EMC Chairman and CEO Joseph M. Tucci and RSA Executive Chairman Art Coviello. He has been attending talks for the RSA conferences for eight times already discussing about “Governments as Malware Authors.” His next scheduled talk will be on February 2014.
His letter stated how disappointed he was that RSA has issued a statement but did not deny its involvement on the said secret contract which compromised the security of their Bsafe customers. He wrote:
“Your company accepted a random number generator from the National Security Agency, and set it as the default option in one of the your products, in exchange of $10 million. Your company has issued a statement on the topic, but you have not denied this particular claim. Eventually, NSA’s random number generator was found to be flawed on purpose, in effect creating a back door. You had kept on using the generator for years despite widespread speculation that NSA had backdoored it.”
He was referring to a Reuters report which came out Friday that NSA has arranged a $10 million-secret contract with RSA to gain access into its Bsafe software as part of its controversial surveillance programs.
In response to the allegation, RSA issued a statement on Sunday denying the “secret contract” with NSA. The company clarified that the contract was publicized to strengthen commercial and security agency. However, it did not deny that it gave the government access on its backdoor.
Hypponen also protested that he felt betrayed that RSA was supporting foreign surveillance. His last words in the letter said:
“Most of your speakers are american anyway – why would they care about surveillance that’s not targeted at them but at non-americans. Surveillance operations from the US intelligence agencies are targeted at foreigners. However I’m a foreigner. And I’m withdrawing my support from your event.”