What happens when Russian and American security vendors butt heads at a large European tradeshow? It's like the cold war all over again, only instead of fighting with Walther PPKs and poison pills, they're using seltzer bottles and cream pies. Think John LeCarre meets the Three Stooges.
First, some background.
The trade show: Infosecurity Europe, which gained notoriety last year when show reps stood outside a London Tube station and offered chocolates to anyone who'd surrender their email passwords.
About one out of five happily gave up their logons (including 45 percent of women - as The Inquirer's Sylvie Barak snidely noted, they should have offered beer).
This year they asked London Tubers if they'd give up their employers' sensitive data for a bribe. More than a third said yes, though they wanted a lot more than confectionary - generally in excess of a million pounds.
The Russians: ElcomSoft, in essence a small group of hackers who've decided to use their powers for good instead of evil. They specialise in password cracking - kind of like a safecracker who gives up the game and decides to show clients how to break into their own safes when they forget the combination.
(In the past, ElcomSoft has uncovered backdoors into Quicken software and successfully fought off a DMCA law suit brought by Adobe against ElcomSoft and its employee, Dmitry Sklyarov.)
This year, ElcomSoft decided to come out of the woodwork and buy a tiny booth at Infosec Europe to show off their wares, including a new app that lets you recover passwords from PGP encryption [PDF] software.
Posters on the walls of the booth proclaimed that ElcomSoft offered "the only way to break into PGP".
This did not sit well with the brass at PGP Corp, who contacted Reed Exhibitions (organisers of Infosec). Reed sent an employee named Malcom Wells to visit ElcomSoft's booth and rip down the signs.
We know this because ElcomSoft captured pix of the man's name tag, as well as photos of Wells doing his best John Gotti trying to shield his face from the cameras, and posted them to the company blog. (They then proceeded to email journalists about the incident, which is how I got on the trail.)
So ElcomSoft put up a note saying its posters were removed by Reed, due to complaints from PGP. Those got yanked down as well. CEO Vladimir Katalov writes:
"Only two hours later, they (Reed Exhibitions Group Event Director) came to our booth and asked to remove this note. Oops, sorry: not asked, just removed. Without explanation.
"Well, the explanation was: we have the right to do anything here... What are they (PGP) scared about? I don't have an answer. Do we say that PGP protection/encryption is not secure? No we don't. But we DO say that PGP passwords can be cracked - if they are not selected carefully. But if PGP people cannot explain that to their clients - this is not our fault."
NEXT PAGE: The Americans