>> So why would RSA pick Dual_EC as the default? You got me. Not only is Dual_EC hilariously slow<p>Because the NSA didn't just backdoor the Dual_EC standard. It backdoored the technology industry, as well as the rule of law.
The RSA CTO's answers are hilarious. He can't really be that clueless as the CTO of a security firm, can he?<p>That would be incredibly embarrassing in itself (which it already is), but the alternative is even worse (choosing the one with the backdoor on purpose).
Would you trust a computer security company who didn't hash the passwords of their users on their web site, and instead stored the plain text passwords encrypted in their database, with the keys to decrypt them on their server, because they claim that "Your data are encrypted on our server, if you request the password to be sent to you by email the system knows how to decrypt the information and it will send you the Email. This is for customer convenience as many customer do not wish their password to be reset each time they have a problem."<p>Would you trust a computer security company that when you reset your password on their web site, sent you a new password that was literally the same as your email address that you signed in with?<p>If this company sold closed source encryption software, would you trust that the software was competently written and did not have back doors, if the president of the company defended their actions of not hashing passwords, and of resetting passwords to their user's email addresses?<p>What if the president of that company had been prosecuted for computer crimes in the past, and had spend time in jail for it, because after he was first caught, he went right back to phone freaking again and got caught again?<p>Would you trust the president of the company, who is a convicted felon, who fraudulently made a lot of money by computer crime and got caught, but had most of the charges dropped and his sentence reduced, not to have made a deal with the government and promise to return their favor of giving him a more lenient sentence in exchange for certain favors in the future?<p>Can anyone guess who I'm referring to?