Contrary to some comments we have seen, RSA is not “walking around” the Project Team Prosecco research as is asserted in a recent Root Labs blog; in fact we have repeatedly stated to bloggers and the press that we support this specific research (as I did here, yesterday) as well as other cryptanalysis. Our problem is with the reporting on the research and its relationship to RSA. Much of this reporting is misleading and inaccurate, leading to unwarranted fear among customers. Reports have been published that claim the cracking of RSA SecurID 800 devices, stealing of private keys and possible cloning of smart cards; all of which of course are not true. In addition, other reports link this attack against smartcards to the RSA SecurID One Time Passcode technology, which is strictly false.