I don't think the, "We trusted the NSA" explanation makes them look stupid or negligent. This article does reference the fact that people are now retroactively claiming understanding of some of these revelations, but I think the writer forgets that this might apply to him as well.
NOW it makes perfect sense to see how terrible this is, but we haven't always just blatantly assumed the NSA was out to get us. They used to not have the worst reputation in the world in the security community, right? I'm not the best authority for this, but from what I could gather they played a kind of spooky-but-helpful role prior to the Snowden leaks in the intelligence community - that is, you could generally trust they were thought to have the community's best interest at heart, even if they couldn't say why.
Papers were published by reputable cryptographers in 2007 making it clear that a Dual EC DRBG could be backdoored by the entity that chose the points.
The whole point is that this didn't come out of no-where. This algorithm was already regarded as being suspect, and RSA knew that they had been paid to make it the default in their cryptography library.
This isn't like the DES situation, where there was never any real evidence that the changes made by the NSA had made DES weaker (and as we later found out, they'd actually made the algorithm stronger whilst at the same time ensuring that the key-space was small enough that they could crack it).
RSA have seriously let down their customers & not for the first time. If I was an RSA customer I'd be taking a good hard look at dropping them as soon as I possibly could.
I'm loosely quoting a source I can't remember, but I think it was ridiculing a repeated tactic of some candidate. It's a dynamic that seems to play out a lot if you know to look for it in issues that involve a lot of public relations games.
I think you are right to emphasize how little we remember when we learned what. That's why the above tactic works so well. It lets politicians' dance around their tactical mistakes and change positions without undermining their own base. It is also how disingenuous people can now able to talk about "welcoming debate" and have a large portion of the population perceive this as advocating some reasonable middle ground.
I think people get into rhythms and follow the script they've learned. This plays out in the large and in the small. We've all probably had multiple arguments where A says one thing, and B automatically retorts in defense rather than thinking about what we're talking about or even just letting it go. I think a lot of marriages run like that.
People unfortunately think a well spoken response is the same as a truthful response. If the PR flack or representative or CEO seems otherwise calm and unflustered - smooth - then that serves the "reasonable response and explanation" part of that scenario's script.
"It's not true. It's not true. It's not true.
"...
"It's old news."
This also sums up how the underhanded defense of the status quo by hiding behind Hanlon's razor has worked in much internet discourse, including HN discussions, on mass surveillance and cryptography so far.
It seems to me that she addressed those exact concerns:
> So, yes, it is possible that, in 2004, nobody at RSA had any articulable suspicions about Dual EC. They may have taken it on faith that this was another DES situation where the NSA knew it was better but couldn't disclose why. Okay. Is that fair? I think that's fair.
> If that were the end of the story, I would be standing here saying “poor RSA! How cruelly the NSA mistreated them!” But, guess what, it isn't. In 2007 the possibility of a backdoor was made very public, and after that “everyone knew” not to use it. None of us knew for sure it was backdoored (even if some people retroactively pretend they did) but that was kind of a crazy risk to take when there were other RNGs to pick from with no known risks and were faster to boot.
You don't have to assume the NSA is evil to understand that its mandate means you can never trust their incentives in something like this.
You don't have to have any bad guys to have conflicts in purpose and incentive, and this has clearly been true for the entire existence of such interactions.
> how the RSA is supposed to realize the NSA is evil before the Snowden leaks.
I'm surprised at this interrogation. I've classes in schools talking about economic/state intelligence methods. The responsibility of a big corp is to secure itself from outside threats and visible links to state agencies will be analyzed by observers.
"We trusted the NSA" might have been a good excuse without the payment. It seems really strange that the NSA would need to pay RSA to "improve" their RNGs.
And it doesn't change the rest of the post's point - after Dual EC was determined to be backdoorable, RSA didn't say anything.
You forgot to mention that the NSA's S-Box tampering actually made it stronger against differential cryptanalysis, which was unknown to the public at that time. It seems like the key size reduction was a compromise for that enhancement. It's an interesting move because it shifts the power from the smartest adversary to the one with the most brute force, perhaps with the assumption that only the U.S. and its allies had access to systems capable of cracking a 56-bit key at the time. That would have made the cipher more secure against other countries that had to rely on cryptanalysis, while still giving them the access they needed if they so desired it.
NOW it makes perfect sense to see how terrible this is, but we haven't always just blatantly assumed the NSA was out to get us. They used to not have the worst reputation in the world in the security community, right? I'm not the best authority for this, but from what I could gather they played a kind of spooky-but-helpful role prior to the Snowden leaks in the intelligence community - that is, you could generally trust they were thought to have the community's best interest at heart, even if they couldn't say why.