What happens when Russian and American security vendors butt heads at a large European tradeshow? It's like the cold war all over again, only instead of fighting with Walther PPKs and poison pills, they're using seltzer bottles and cream pies. Think John LeCarre meets the Three Stooges.

First, some background.

The trade show: Infosecurity Europe, which gained notoriety last year when show reps stood outside a London Tube station and offered chocolates to anyone who'd surrender their email passwords.

About one out of five happily gave up their logons (including 45 percent of women - as The Inquirer's Sylvie Barak snidely noted, they should have offered beer).

This year they asked London Tubers if they'd give up their employers' sensitive data for a bribe. More than a third said yes, though they wanted a lot more than confectionary - generally in excess of a million pounds.

The Russians: ElcomSoft, in essence a small group of hackers who've decided to use their powers for good instead of evil. They specialise in password cracking - kind of like a safecracker who gives up the game and decides to show clients how to break into their own safes when they forget the combination.

(In the past, ElcomSoft has uncovered backdoors into Quicken software and successfully fought off a DMCA law suit brought by Adobe against ElcomSoft and its employee, Dmitry Sklyarov.)

This year, ElcomSoft decided to come out of the woodwork and buy a tiny booth at Infosec Europe to show off their wares, including a new app that lets you recover passwords from PGP encryption [PDF] software.

Posters on the walls of the booth proclaimed that ElcomSoft offered "the only way to break into PGP".

This did not sit well with the brass at PGP Corp, who contacted Reed Exhibitions (organisers of Infosec). Reed sent an employee named Malcom Wells to visit ElcomSoft's booth and rip down the signs.

We know this because ElcomSoft captured pix of the man's name tag, as well as photos of Wells doing his best John Gotti trying to shield his face from the cameras, and posted them to the company blog. (They then proceeded to email journalists about the incident, which is how I got on the trail.)

So ElcomSoft put up a note saying its posters were removed by Reed, due to complaints from PGP. Those got yanked down as well. CEO Vladimir Katalov writes:

"Only two hours later, they (Reed Exhibitions Group Event Director) came to our booth and asked to remove this note. Oops, sorry: not asked, just removed. Without explanation.

"Well, the explanation was: we have the right to do anything here... What are they (PGP) scared about? I don't have an answer. Do we say that PGP protection/encryption is not secure? No we don't. But we DO say that PGP passwords can be cracked - if they are not selected carefully. But if PGP people cannot explain that to their clients - this is not our fault."

NEXT PAGE: The Americans

What happens when Russian and American security vendors butt heads at a large European tradeshow? It's like the cold war all over again, only instead of fighting with Walther PPKs and poison pills, they're using seltzer bottles and cream pies. Think John LeCarre meets the Three Stooges.

The Americans: In a blog post titled "Lies, Damned Lies, and Marketing", PGP CTO Jon Callas fired back, noting that a) ElcomSoft's product doesn't actually break into PGP, it merely recovers passwords, and b) it's not the only product out there that does this. He writes:

"I'm not going to apologise. We take our reputation seriously. We and our customers hold us to a higher standard and we do our best to live up to it.

"We also come clean when we make mistakes. It's even flattering to be mentioned as a gold-standard product. But, we will defend our reputation, and there's a difference between saying that you can crack passwords and saying you can break into PGP."

Callas also calls ElcomSoft's product "very cool". But he didn't say whether PGP asked that the posters be removed, or if it was Reed Exhibitions' idea. So I asked PGP marketing veep Lauren Ames, who confirmed the company did in fact ask Reed to strip off the posters.

I also asked ElcomSoft if it's possible to use their PGP recovery software for illicit purposes - like, breaking into someone else's encrypted data.

I'm still waiting on a response from them (but it's like 9 hours later over there, and they're probably off somewhere drinking vodka and wearing fuzzy hats).

If tradeshow directors removed every piece of marketing collateral filled with half truths and hyperbole, at least half the booths would be stripped naked. Generally, when somebody makes false claims about your product, you're supposed to call them out on it, not strong arm them into silence.

Meanwhile, Elcomsoft is using this incident to raise its profile. (Maybe their marketing is more clever than it appears.) But nobody comes away from this looking good.