And the veil of secrecy with RSA continues

So RSA still hasn’t learnt that secrecy does not work long-term, especially after your secret is already known to your adversary.

A senior executive of RSA Security, has admitted it has required corporate customers to sign non-disclosure agreements to receive technical advice on how to plug possible new security holes arising from a hacking raid on the company.

This is nothing unusual, nor anything new. Remember the ASN.1 issues all those years back? Yes, key people at global backbone providers knew about the problem way in advance and were given the means to patch their infrastructure before the issue became public. However, here we are dealing with a diametrically opposite problem.

The issue is public, secrecy does not protect anyone and it definitely does not do RSA any good.

RSA clients gagged on hacks