Skip to Content
MIT Technology Review
  • Featured
  • Topics
  • Newsletters
  • Events
  • Podcasts
    • Sign in

    At TrustyCon, Hypponen Says What He Won’t at RSA

    RSA isn’t the only computer security conference in San Francisco this week.
    February 28, 2014

    On Thursday morning, Mikko Hypponen spoke to a crowd in a movie theater in downtown San Francisco, just around the corner from the RSA security conference. Hypponen, the chief research officer at Finnish security software company F-Secure, was originally scheduled to speak this week at RSA, as he’s done eight times since 2004. But he decided to boycott the conference after Reuters reported in December that the U.S. National Security Agency had a secret $10 million contract with RSA, the computer security company behind the conference, under which RSA added a faulty encryption algorithm created by the NSA to one of its computer security products in order to allow the agency to break such encryption when needed.

    Hypponen wasn’t alone. Several others in the industry (security consultancy iSEC Partners, digital rights nonprofit the Electronic Frontier Foundation, hacker conference DEF CON) felt likewise, and quickly organized the daylong TrustyCon—billed as a “trustworthy technology conference”—to serve as an alternative to RSA in a theater at the nearby AMC Metreon. It had 400 attendee slots, which organizers said sold out.

    Speaking early in the day’s schedule, Hypponen addressed the crowd with the same talk he planned to give at RSA, which would have been titled “Governments as Malware Authors” (it was listed on TrustyCon’s agenda as “The Talk I Was Going to Give at RSA”).

    Hypponen spoke about how far-reaching, sophisticated, and threatening government surveillance has become, especially as we become increasingly connected and spend much of our time online feeding data to just a handful of big American Internet companies. He also focused in part on the word of the day, trust, by discussing how reliant customers are on security companies to help keep computers from being hacked.

    Though Hypponen said he was “happy” to not be wearing an RSA Conference badge, he also seemed a bit saddened and frustrated as he addressed the crowd, both by RSA’s action and how the U.S. government’s appettite for surveillance is affecting the security industry and private citizens.

    “I work for a security company. Security companies work on the basis of trust. If our users don’t trust us, there’s really nothing left,” he said.

    If you’d like to watch Hypponen’s talk, it’s available here.

    Keep Reading

    Most Popular

    A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook?

    Robot vacuum companies say your images are safe, but a sprawling global supply chain for data from our devices creates risk.

    A startup says it’s begun releasing particles into the atmosphere, in an effort to tweak the climate

    Make Sunsets is already attempting to earn revenue for geoengineering, a move likely to provoke widespread criticism.

    10 Breakthrough Technologies 2023

    Every year, we pick the 10 technologies that matter the most right now. We look for advances that will have a big impact on our lives and break down why they matter.

    These exclusive satellite images show that Saudi Arabia’s sci-fi megacity is well underway

    Weirdly, any recent work on The Line doesn’t show up on Google Maps. But we got the images anyway.

    Stay connected

    Illustration by Rose Wong

    Get the latest updates from
    MIT Technology Review

    Discover special offers, top stories, upcoming events, and more.

    Thank you for submitting your email!

    Explore more newsletters

    It looks like something went wrong.

    We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.