There wasn't really a point to comment on the RSA incident, as a lot of good people already said. There's not enough information to talk about and a lot of the news circulating around are just noise or bad opportunistic marketing. However, I noticed a lot of "assume SecurID is broken" advice in the last two days, and I thought I should say why I don't necessarily agree with that.
Not so fast about SecurID
Not so fast about SecurID
Not so fast about SecurID
There wasn't really a point to comment on the RSA incident, as a lot of good people already said. There's not enough information to talk about and a lot of the news circulating around are just noise or bad opportunistic marketing. However, I noticed a lot of "assume SecurID is broken" advice in the last two days, and I thought I should say why I don't necessarily agree with that.