Catfight at Infosec! That was going to be the original title for this report, because that's exactly what this is about, an honest to goodness catfight between two security vendors presenting at Infosec this week in London. On one side, we have encryption specialists PGP, on the other is password recovery expert ElcomSoft, and in the middle sit Infosec’s organizer Reed Exhibitions.
Booth wallpaper stirs things up at Infosec. (IMG:J.Anderson)
The story, broken by IDG News scribe Jeremy Kirk, has all the makings of a high school drama. PGP took offence when ElcomSoft engaged in a little pure tradeshow marketing by boldly using wallpaper in its booth that said: “The only way to break into PGP.”
For those unfamiliar with ElcomSoft, feel free to check out our prior coverage of the password recovery specialist. Essentially, the company creates software that harnesses the power of a network to crack or recover passwords. In addition, ElcomSoft Distributed Password Recovery leverages the power of graphics processing units (GPUs), which seriously reduces the time it takes to crack a password on a file or disk.
According to an ElcomSoft blog post, when it opened its show booth on Monday, it discovered two “persons (from Reed Exhibitions, the organizers of this event) removing one of the wallpapers from our booth – the one that said that we’re doing PGP password recovery. Moreover, we were not able to get the clear answer why they’re doing that, except the fact that ‘PGP Corporation complained’. And the reference to some ‘regulations’ we still have not seen. We asked for some official paper (act?) about our ‘violation’, and [are] still waiting for it.”
Along with its rant about the wallpaper removal, the company also posted images of the people taking the offending advertisement down. In one image, as if there were paparazzi snapping the image, one of the Reed Exhibitions staff even attempts to shield his face. So, aside from the wording of the poster, what was ElcomSoft claiming about PGP?
“Effective password recovery requires heavy parallel computations that no modern CPU can provide. Even a single NVIDIA GeForce GTX 285 exceeds Intel Q6600 (Core 2 Quad 2.4 GHz) by up to 15 times when trying to get original plain-text passwords to PGP Discs back. As the modern computer cases can be packed with 4 graphic cards, the recovery speed grows accordingly. When compared to a dual-core E4500 (Core 2 Duo 2.2 GHz), 4 GeForce GTX 295 graphic cards perform computations even 200 times faster,” reads the marketing materials from ElcomSoft used at Infosec this week.
Simple math and password cracking, nothing fancy here. It’s all marketing anyway. Yet, according to a PGP corporate blog post about the issue, it’s: “Lies, Damned Lies, and Marketing”.
“We complained to the trade show that someone else was being factually incorrect about our product, and the trade show staff spoke to the company in question, and then took the sign down,” wrote PGP CTO Jon Callas. Callas also said ElcomSoft makes “a very cool product,” but said that the poster in the booth was, “factually incorrect, and lies about PGP.”
“We take our reputation seriously,” Callas added. “We and our customers hold us to a higher standard and we do our best to live up to it... But, we will defend our reputation, and there’s a difference between saying that you can crack passwords and saying you can break into PGP.”
In his conclusion, Callas said the entire issue was created by ElcomSoft’s marketing people.
“On the one hand, ElcomSoft is a responsible company that makes a great product as evidenced by the measured words of their CEO. And on the other hand, ElcomSoft’s marketing people were called out in their lies and are trying to cover up a marketing gaffe by documenting their very lies.”
So, at the end of the day, Reed Exhibitions, in attempting to prevent a booth war, acted on a complaint. Should it have acted on the complaint at all? That’s up for debate, but it now finds itself stuck in the middle.
It doesn’t matter if ElcomSoft’s claims and marketing materials were lies or merely bent the truth. Infosec is a tradeshow aimed at security professionals. Does PGP honestly think people would see the poster and think the company was any less secure because someone with a fleet of computers and a stack of NVIDIA cards can recover PGP passwords?
Sadly, both companies look foolish. If PGP’s marketing staff were so worried, why not use those marketing skills to point out to booth visitors how ElcomSoft’s claims are false or misguided? If, in fact, wording was indeed the real cause behind the initial complaint.
As for ElcomSoft, it would appear it's just unhappy to be at the show. According to the blog post against PGP, it was also short changed on booth space and had experienced other issues before the floor even opened.
The Tech Herald: Cracking billions of passwords a minute with NVIDIA cards
The Tech Herald: WPA and WPA2 still safe, experts call BS on NVIDIA cracking
Want regular updates from The Tech Herald? Follow us on Twitter.
Interested in a more interactive TTH? Join our Facebook Group.
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Advertising
Comment on this Story