Weezul writes: "RSA has recommended that developers desist from using the Dual_EC_DRBG random number generator — which happens to be the default in RSA's BSafe cryptographic toolkit." "Dual_EC_DRBG is the random number generator voted most likely to be backdoored by the NSA." Link to Original Source
It's not hard to admit errors that are [only] cosmetically wrong.
-- J.K. Galbraith