1. Remoção de criptógrafo da NSA de grupo de pesquisa da IETF
Hoje foi feito o pedido de remoção de Kevin Igoe da posição de coordenador do Crypto Forum Research Group (CFRG) da Internet Engineering Task Force. Igoe é empregado da National Security Agency (NSA) e nos últimos dois anos tem forçado a mão para a adoção do protocolo "Dragonfly". O pedido pode ser lido aqui na lista da IETF
Link: Ars Technica - Critics: NSA agent co-chairing key crypto standards body should be removed
2. Valor de contrato secreto entre a NSA e a empresa RSA
Em setembro, o NY Times vazou documento de Edward Snowden dizendo que a NSA inseriu um backdoor num software da empresa RSA, o gerador de números aleatórios do algoritmo de curvas elípticas (Dual Elliptic Curve Deterministic Random Bit Generator - Dual_EC_DRBG). A novidade é basicamente essa aqui:
Undisclosed until now was that RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software, according to two sources familiar with the contract. Although that sum might seem paltry, it represented more than a third of the revenue that the relevant division at RSA had taken in during the entire previous year, securities filings show.
Link: Exclusive: Secret contract tied NSA and security industry pioneer
3. Documentos revelam espionagem dos EUA e Inglaterra contra 1,000 alvos
Secret documents reveal more than 1,000 targets of American and British surveillance in recent years, including the office of an Israeli prime minister, heads of international aid organizations, foreign energy companies and a European Union official involved in antitrust battles with American technology businesses.
Link: N.S.A. Dragnet Included Allies, Aid Groups and Business Elite