Talk:RSA Security

Factorization of Dual-Prime Composite Integers

A dual-prime composite, can be looked at as a rectangle with prime numbers as sides, 'P' & 'Q'. Allow that P > Q, if we can discover the value of P - Q, then the finding the factors of the composite is just trivial algebra. The simplest method of discovering the value of P - Q.

This 25 digit dual-prime composite, illustrates my point, I constructed it with the help of my telephone directory and a pin and using the nearest prime integer. You may need Windows Calculator to follow the protocol. First enter the dual-prime composite:-

2,612,064,319,773,176,994,885,077

I will skip the explanation as to how we deduce that the ratio of the two primes, is about 137/207. The method involves an algorithm and a test of 'squareness'. We know if the two primes 'P' and 'Q' form a rectangle of given proportions, a similar much smaller rectangle with the same proportions, when multiplied together, the product is pseudo-square.

We know that:- (P + Q)^2 = 4(P x Q) + (P - Q)^2,

2612064319773176994885077 x (137 x 207)

= 74075532044447526397945898643

The square root of that is:- 272168205425335.32015070563454555

So let's try 272168205425336...Nope! Try again 272168205425337...Nope! Try Again 272168205425338...EUREKA!

272168205425338 x 272168205425338 = 74075532044448985137492414244

And 74075532044448985137492414244 minus 74075532044447526397945898643 is equal to

1458739546515601

And the square root of that is exactly:- 38193449

272168205425338 - 38193449 = 272168167231889

272168167231889 / 137 = 1986628957897

2612064319773176994885077 / 1986628957897 = 1314822432941

1314822432941 & 1986628957897 The two prime factors.—Preceding unsigned comment added by Alastair Carnegie (talk • contribs) 20:07, 31 May 2009 (UTC)

This is well known as Fermat's factorization method. The method only works when P and Q have a small difference. For factoring RSA moduli it is therefore not suitable. Other methods such as the Number field sieve are much faster for breaking RSA keys. Btw, this discussion would be more suitable on Talk:RSA (i.e. the page discussing the algorithm) and not here (i.e. the page discussing the company that owned the RSA patent.) 92.106.113.28 (talk) 07:03, 1 June 2009 (UTC)

Why are the external links removed?

Could someone please check this edit: [1] and explain why company URL and blog URL in the External Links section is treated as self promotion. Many other company pages have their company and blog URL in the external links. Please clarify. -- Countableinfinity (talk) 13:38, 5 March 2009 (UTC)

Competitors

I'm just removing a list of competitors from this page. To be fair and unbiased we should either include competitors to all pages describing companies or leave them away. Including them is difficult and is hard to do without bias. Thus it is better to remove the list of competitors. 85.2.122.37 11:44, 13 April 2007 (UTC)

I meant it as a list of important companies manufacturing similar products. I think that this information is very important when you are looking for a certain solution which is produced by more companies. You can find similar links in other articles under See Also or Competitors like in the Check Point article (not added by me). I think that there are other much bigger differences among articles about companies which are neither fair nor unbiased.

Do you think that creating List of User Authentication Solution Manufacturers or List of User Authentication Solutions would be a better approach to solve this problem? --pabouk 12:44, 13 April 2007 (UTC)

Categories, would seem like the right way to go. Unfortunately, categories are often badly maintained in wikipedia. 85.2.122.37 16:34, 13 April 2007 (UTC)

Data mining

This company knows a lot about individuals and there should be a way to opt out of these databases. I have learned some of the thinks this company knows about be by using etrade which uses them. Does any one know how to find out exactly what they know about someone. Something like a credit report. 98.197.243.41 04:33, 18 September 2007 (UTC)

Fair use rationale for Image:RSA EMC logo highres.jpg

Image:RSA EMC logo highres.jpg is being used on this article. I notice the image page specifies that the image is being used under fair use but there is no explanation or rationale as to why its use in this Wikipedia article constitutes fair use. In addition to the boilerplate fair use template, you must also write out on the image description page a specific explanation or rationale for why using this image in each article is consistent with fair use.

Please go to the image description page and edit it to include a fair use rationale. Using one of the templates at Wikipedia:Fair use rationale guideline is an easy way to insure that your image is in compliance with Wikipedia policy, but remember that you must complete the template. Do not simply insert a blank template on an image page.

If there is other fair use media, consider checking that you have specified the fair use rationale on the other images used on this page. Note that any fair use images lacking such an explanation can be deleted one week after being tagged, as described on criteria for speedy deletion. If you have any questions please ask them at the Media copyright questions page. Thank you.

BetacommandBot (talk) 03:51, 24 January 2008 (UTC)

RSA Australia

Interesting: http://www.columbia.edu/~ariel/cryptofud/openssl/msg00090.html Details the establishment of RSA Australia to avoid US crypto export laws. Could be detailed on the wiki page... Scuba (talk) —Preceding undated comment added 03:50, 28 August 2009 (UTC).

RSA Security => RSA, The Security Division of EMC

• RSA Security → RSA, The Security Division of EMC (move) – Hi, I'm an EMC/RSA employee reviewing our presence on Wikipedia. I suggest that the name of this page change to RSA, The Security Division of EMC. When EMC acquired the company in 2006, it became a division of EMC. Its official name is now RSA, The Security Division of EMC. In fact, this name is already noted in Wikipedia, above the quick facts box on the right side of this page and also in the first line of the page entry. I suggest the name of the page reflect the official name of the company, and that RSA Security redirect to the newly titled RSA, The Security Division of EMC. Socklessrebel (talk) 16:40, 12 October 2010 (UTC) Socklessrebel (talk) 16:40, 12 October 2010 (UTC)

This is an old request, but I'm inclined to agree with it. Our policy is to prefer common names over formal titles in general, but when a name must be disambiguated, a natural name is preferred over using parenthesis, as we have now. See WP:PRECISION. Comments?--agr (talk) 20:01, 24 April 2012 (UTC)

We generally favor natural disambiguation because it tends to be more elegant than the parenthetical type. This is a rare instance in which the opposite is true.

For related reasons, we also favor conventional English usage over special styling preferred by a trademark's owner. "RSA, The Security Division of EMC" is an unconventionally styled, slogan-like name. It receives fairly wide use in corporate documents (such as press releases and stock analysis), a context in which the owner's preference is honored indiscriminately (which we don't do). In general usage, simply "RSA" and even "RSA Security" (the former name) remain predominant. —David Levy 20:30, 24 April 2012 (UTC)

I don't see anything in WP:TRADEMARK that supports our current title. At most it might suggest "RSA Security, a division of EMC" as better matching English usage. Our guidelines say parenthetical is a last resort. I'd even prefer "RSA Security" over "RSA (security firm)," the latter being ugly and inaccurate, as RSA is no longer an independent firm.--agr (talk) 19:23, 25 April 2012 (UTC)

1. "RSA Security, a division of EMC" is neither the company's official name nor a name by which it's commonly known. "...editors should choose among styles already in use (not invent new ones)..."

2. In both that format and the one preferred by the company, the phrase set off by the comma is parenthetical in nature. That it doesn't include parentheses is immaterial; "RSA, The Security Division of EMC" is grammatically equivalent to (and no less ugly than) "RSA (The Security Division of EMC)".

As noted above, we generally prefer natural disambiguation because it typically is more elegant than appending "(disambiguation term)". In this instance, that simply isn't the case. When the logic behind a rule doesn't apply, we ignore it.

Suppose that the Iceland supermarket chain were to officially change its name to "Iceland, Your Source for the Highest Quality Frozen Foods Available". Would it then be desirable to move the article from Iceland (supermarket) to Iceland, Your Source for the Highest Quality Frozen Foods Available (on the basis that natural disambiguation is preferred)?

3. "Firm" is not inaccurate. Its definitions include "the name or title under which associated parties transact business" and "any commercial enterprise" (source). That RSA is no longer independent is irrelevant. —David Levy 20:16, 25 April 2012 (UTC)

1. I'm fine with the official name.

2. Parenthetical disambiguation is a special usage on Wikipedia that is used solely for dismbiguation, and one that is disfavored when a natural English title is available. And "RSA, The Security Division of EMC" is in no way compatible to "Iceland, Your Source for the Highest Quality Frozen Foods Available". The latter is puffery, the former is descriptive.

3. The general usage of "firm" implies an independent company. See e.g. http://www.thefreedictionary.com/business+firm There are no "divisions" in the many examples they give. But there is no need to split this hair when we have a title available that makes everything clear.

I think we ae at an impasse here. I'd like to invite a WP:third opinion.--agr (talk) 17:17, 27 April 2012 (UTC)

1. I'm not fine with the official name. It's inconsistent with conventional English ("The" instead of "the") and consists primarily of a slogan. (Appending a slogan to an official name doesn't make it cease to be one.)

2. Again, there's a reason why we usually disfavor parenthetical disambiguation when natural disambiguation is feasible: the latter typically is more elegant. We don't follow rules for the sake of following the rules.

You're entitled to disagree, but I don't believe that "RSA, The Security Division of EMC" (itself 85% parenthetical, I'll remind you) is more elegant than "RSA (security firm)" is. The slogan is descriptive, but so is "security firm". The former is part of a slick branding effort, while the latter is a common term used in ordinary speech and writing.

3. The word "independent" doesn't appear either, so I don't know why you believe that the absence of "division" constitutes evidence that "the general usage of 'firm' implies an independent company".

A Google search for the phrase "firm is a division" indicates otherwise. (See also: "firm is a subsidiary" and "firm is a wholly owned subsidiary")

I've cited dictionary definitions of "firm" under which RSA clearly falls (and your source provides similar ones). Reliable sources, such as The Wall Street Journal and BBC News, refer to RSA (under its current ownership) as a "security firm". I see absolutely no evidence corroborating your assertion that this is inaccurate/unusual. —David Levy 19:42, 27 April 2012 (UTC)

The name the organization has chosen for itself is merely descriptive, hardly slick. If you find the capitalized "The" offensive, we can make it lower case per WP:TRADEMARK. Ultimately, this is a judgement call, and hardly the most pressing of issues. I've list this on WP:3O to get another's viewpoint. --agr (talk) 22:07, 27 April 2012 (UTC)

The name the organization has chosen for itself is merely descriptive, hardly slick.

It's descriptive (as acknowledged above), but it isn't merely descriptive.

In no way did EMC's acquisition of RSA necessitate a name change. The division could have continued to operate as "RSA Security". "The Security Division of EMC" is a slogan used to advertise the parent company.

If you find the capitalized "The" offensive, we can make it lower case per WP:TRADEMARK.

That isn't the only issue. A Wikipedia article title's purpose is to identify the subject and distinguish it from others. In my view, "RSA (security firm)" best accomplishes that. "RSA, The Security Division of EMC", conversely, best supports the company's marketing efforts (hence an employee's visit to this page to request its use). That it's a "natural" form of disambiguation is a technicality with no meaningful significance to Wikipedia or its readers.

Ultimately, this is a judgement call, and hardly the most pressing of issues. I've list this on WP:3O to get another's viewpoint.

Fair enough. —David Levy 23:02, 27 April 2012 (UTC)

Note: I just repaired the WP:3O request by switching to a neutral description and removing your signature. —David Levy 01:22, 28 April 2012 (UTC)

Hey, guys, I'm here from the 3O board. I'd say that just disambiguating it as "RSA (EMC division)" or some such thing is the least awkward way of doing it. "The Security Divison of EMC" is just too long and really just beside the point. It's not so much that it's advertising, it's that it seems like a description more than a name, and titles just aren't supposed to be descriptive like that. It's just too cumbersome with that long phrase tacked on the end. I know that having something in parentheses is pretty cumbersome too, but at least we have some flexibility that way to improve it. Writ Keeper ⚇♔ 03:29, 28 April 2012 (UTC)

I'm not sure that's enough of an improvement to warrant a change. In general, I prefer the terms in a parenthetical disambig be clear to a reader unfamiliar with the subject. I think its time to concede the argument to David and move on. Thanks for your help, though.--agr (talk) 09:35, 30 April 2012 (UTC)

Blacklisted Links Found on the Main Page

Cyberbot II has detected that page contains external links that have either been globally or locally blacklisted. Links tend to be blacklisted because they have a history of being spammed, or are highly innappropriate for Wikipedia. This, however, doesn't necessarily mean it's spam, or not a good link. If the link is a good link, you may wish to request whitelisting by going to the request page for whitelisting. If you feel the link being caught by the blacklist is a false positive, or no longer needed on the blacklist, you may request the regex be removed or altered at the blacklist request page. If the link is blacklisted globally and you feel the above applies you may request to whitelist it using the before mentioned request page, or request it's removal, or alteration, at the request page on meta. When requesting whitelisting, be sure to supply the link to be whitelisted and wrap the link in nowiki tags. The whitelisting process can take its time so once a request has been filled out, you may set the invisible parameter on the tag to true. Please be aware that the bot will replace removed tags, and will remove misplaced tags regularly.

Below is a list of links that were found on the main page:

• http://www.cbronline.com/news/rsa_launches_cybercrime_intelligence_service_100415

  Triggered by \bcbronline\.com\b on the local blacklist

If you would like me to provide more information on the talk page, contact User:Cyberpower678 and ask him to program me with more info.

From your friendly hard working bot.—cyberbot II ^Notify_Online 15:47, 8 December 2013 (UTC)

 Resolved This issue has been resolved, and I have therefore removed the tag, if not already done. No further action is necessary.—cyberbot II ^Notify_Online 13:13, 20 December 2013 (UTC)

Security company?

Currently in the article RSA is listed being "an American computer and network security company". How about we drop the security from this definition, as the company surely isn't about security at all? (Ref. December 20, 2013 backdoor for 10M$.) Usv (talk) 00:03, 21 December 2013 (UTC)

I know this comment is ironic and/or sarcastic, but it raises a question I've had. How confident are we of the $10m figure cited by Reuters? They don't give their source; in particular, they don't attribute it to the Snowden leak compendium. Should we require more of a citation than a single unidentified source before including it in the article? Scryer (talk) 19:06, 22 December 2013 (UTC)

Fair point. I have at least reverted "revealed" to the less credulous "reported". PRRfan (talk) 05:29, 23 December 2013 (UTC)

How about we change their name to the more accurate 'NSA inSecurity' ? 87.50.51.170 (talk) 12:53, 22 December 2013 (UTC)

"adversarial relationship section"

There may be a place in this article for the text about RSA's "adversarial relationship" with NSA, but it's not in the right place now. I presume the main point of it is to note that RSA was a foe of NSA until it was suborned by the agency. But structurally, it doesn't make sense to go from Clipper Chip to post- Dual_EC_DRBG revelations back to pre-Dual_EC_DRBG revelations to post-Dual_EC_DRBG revelations. Edits coming. PRRfan (talk) 05:19, 21 January 2014 (UTC)

Where it was before it was in chronological order, which I think made the most sense. RSA Security's fight for the right to private encryption and against the Clipper Chip is plenty notable on its own, without having to tie it as a afterthought to Dual_EC_DRBG. Thue (talk) 08:36, 21 January 2014 (UTC)

Where it was before presented straddled the NSA Dual_EC_DRBG backdoor section in chromo order -- that is, it described events both before and after, which was confusing. Where it is now gives context to the shift from adversarial to partner. PRRfan (talk)

On second thought (and after some edits), I think you're right about the section belonging ahead of Dual_EC_DRBG. I've moved it back. PRRfan (talk) 17:17, 21 January 2014 (UTC)

Deletion of material from IP addresses owned by RSA parent company

I have posted this at Wikipedia:Administrators' noticeboard/Incidents:

Two anonymous editors have deleted sections of the article RSA Security pertaining to news reports that the company knowingly sold software containing a NSA backdoor. They were made via IP addresses belonging to EMC, the parent company of RSA:

• Edit 1 and Edit 2 by 128.221.224.61
• Edit 3 by 128.221.224.62

These edits removed well-cited material; the editor(s) left change notices but declined to explain the deletions at the article's Talk page. It appears, therefore, that someone at EMC is trying to delete text deemed unfavorable to the company. PRRfan (talk) 17:59, 22 January 2014 (UTC)

Possible Why of It

While reading I kept looking for the "why" of it, i.e. Why did the NSA put so much effort into promoting a flawed method of encryption that would never be used by anyone that knew anything about encryption. I think it would be helpful to include some ideas of "why" into this excellenct, well-written article, and I'd like to offer one that occurred to me. Last week, while watching a crime show, they were looking for a serial murderer in a small town, and the FBI announced that at the town's big meeting, they would have FBI "profilers" there to analyze the body language of all the people attending the meeting, as the murderer would be incapable of hiding their guilt in such a pressurized situation. The FBI then compiled a list of all the people that did not attend the meeting and used that as a starting point in their investigation.

Connecting these two ideas, that the NSA delibarately promoted a flawed encryption standard with the idera that "guilty" people will behave differently than "innocent" people, it occurs to me that the entirety of this NSA effort may have been to promote a flawed encryption standard to "the masses" who would never use or need one, so that they could narrow their pool of "suspects" to only those that were willing to put extra effort into hiding their "suspicious" activities. Meaning that the NSA isn't dabbling in ecryption here, they are doing PsyOps; getting suspect people to self-declare and denying them the ability to hide themselves inside the mass of people that have no need for, and do not use effective encryption. Thought I'd throw this into the mix, in case it's useful, and there are sources that might support the idea's possible, future inclusion. — Preceding unsigned comment added by 66.25.171.16 (talk) 15:06, 14 February 2016 (UTC)

Proposed merge with Netwitness

It isn't clear that this company is independently notable; it also has a cleanup tag since 2012 and is somewhat promotional in nature. Since its products are now apparently part of RSA Security, perhaps the content should be merged there. FalconK (talk) 08:22, 5 October 2016 (UTC)

Opposing: arguments at Wikipedia:Articles for deletion/Netwitness present arguments for independent notability. Klbrain (talk) 07:20, 1 July 2018 (UTC)

Marketing speak

The "Products" section might include content from upstream marketing materials/personnel, thus I've added the "Advert" template. Notice the rather non-descript buzzwords coupled with title-cased words. For example:

"The solution provides Visibility of who has access to what within an organization and manages that access with various capabilities such as Access Review, Request and Provisioning"

"The Platform allows users to adapt solutions to their requirements, build new applications, and integrate with external systems without touching a single line of code."

--Rihards Olups (talk) 15:49, 31 March 2021 (UTC)

Backdoors

• The language in the first paragraph (RSA is known for incorporating backdoors developed by the NSA in its products.[7][8]) should be removed.:
• It is false and defamatory language being used. The so-called sources being used are vague hit-pieces from over a decade ago with regarding a product that RSA does not provide. Furthermore, there is no proof or evidence of any such "NSA connections" because they do not exist. There is nothing from, nor connecting to the NSA in any of RSA's coding and offerings.:
• References are not available as the coding developed by RSA is confidential and proprietary:

I am an in-house counsel for RSA. I believe that makes me a "paid contributor" making this request. I have been informed by my superiors that they do intend to take actions if these false claims are not removed. Please assist me in clearing up this mess. Thank you

207.229.180.36 (talk) 22:18, 30 January 2024 (UTC)

References

 Not done: Absolutely not. Quetstar (talk) 06:49, 31 January 2024 (UTC)

And your reasoning and/or explanation for not editing out false and defamatory language? The reference being made is an incorrect understanding of FIPS certifications and many other items relating to an old Dual_EC_DRBG standard of crypto that was forced upon many companies...when it was found that this standard was forced by the government because NDA had their ways around it, no one utilizes Dual_EC_DRBG anymore, in fact, almost no one utilizes ECC type solutions anymore due to the faultiness that was discovered. I digress...RSA does not utilize any code provided by the NSA or any other organization that would have "back doors" into secure data.

Furthermore, the "articles" that are being sourced are not transparent and even contradict the statements themselves. Not to mention they are not legitimate and substantiated sources for true reporting. Reuters has many issues with its reporting, but if we ignore those problems, it is an "exclusive" report with no supporting evidence. The second report cites the Reuters as its source...therefore they are the same, weak source. Now if we actually look at the Reuters article, it clearly states that the key processing weaknesses they were complaining about had already been removed and were no longer used due to discovered vulnerabilities PRIOR to anyone writing this article.

With all of that being said, I would like an explanation as to why you are supporting false and defamatory language, and I would like to know if you even bothered to look at and/or read the "sources" that are presenting this false information. 207.229.180.36 (talk) 15:16, 31 January 2024 (UTC)

Please have a read of WP:NLT before proceeding here. Thanks. MrOllie (talk) 15:29, 31 January 2024 (UTC)

I would like an explanation as to why the untrue and false language is being allowed...I was told that this was the "proper channel" to get this corrected...and it is being ignored 207.229.180.36 (talk) 19:01, 1 February 2024 (UTC)

It is properly supported by the cited sources, which is the primary basis on which content is allowed to be on Wikipedia. You won't get far by just asserting that the cited sources are 'false' - the culture of Wikipedia is such that we take independent sources from reputable publishers at their word. You might benefit from a read of WP:NOTTRUTH. MrOllie (talk) 03:57, 2 February 2024 (UTC)