Small Victory Against NSA: Amendment Says NIST No Longer Has To Consult NSA On Standards
from the it's-a-step dept
Even as major NSA reform appears to have become a cruel joke, there are still some small wins happening elsewhere. As noted by Access, the House Science and Technology Committee adopted an amendment to the FIRST Act (Frontiers in Innovation, Research, Science, and Technology — which is supposed to be about increasing funding in science and technology) that says the National Institute for Standards and Technology (NIST) no longer has to consult with the NSA on encryption standards.
As you may recall, the NSA secretly took over an encryption standard, purposely weakened it, paid RSA to make it a “default” in one of its products and basically weakened everyone’s security. NIST has been dealing with the consequences ever since.
The Amendment, authored by Rep. Alan Grayson, would mean that NIST can skip dealing with the NSA altogether. As Grayson noted in a statement:
These are serious allegations. NIST, which falls solely under the jurisdiction of the Science, Space, and Technology Committee, has been given “the mission of developing standards, guidelines, and associated methods and techniques for information systems”. To violate that charge in a manner that would deliberately lessen encryption standards, and willfully diminish American citizens’ and business’ cyber-security, is appalling and warrants a stern response by this Committee. Many businesses, from Facebook to Google, have lamented the NSA’s actions in the cyber world; and some, such as Lavabit, have consciously decided to shut their doors rather than continue to comply with the wishes of the NSA. Changes need to be made at NIST to protect its work in the encryption arena.
Filed Under: alan grayson, encryption, nist, nsa, standards, surveillance
Comments on “Small Victory Against NSA: Amendment Says NIST No Longer Has To Consult NSA On Standards”
About bloody time
Even if it’s not much, it’s better than the bills in Congress that those noodle spined wimps passed.
When will the government realize not knowing what both hands are doing is counterproductive?
At least there appear to be a few members of Congress who haven’t sold their brains/ votes.
Though, we yet again have an instance of fallout from one part of the government not paying attention to the shadows of the other part of the government. We need to find a way to shine the Batsignal (a large spotlight, that gets a genius’s attention — it can also be moved, so the Bat in the middle won’t be a place to hide either) on the entire Government to ferret out & highlight stuff that conflicts w/ the mandates the Government has… starting w/ their Oath to defend the Constitution, not the country like so many think/ say, rather than undermine it like they seem to keep doing.
Keyword there is “supposed”. Do we really have to support this bad Act (bad for open access, bad for basic science research, bad for social science and economics research, etc.) in order to fix NIST?
Overlooking the NIST independence clauses in the new bill was an oversight. (Details, details.) Likely, the Senate will correct that little glitch in its version of the bill.
So, this bill is going nowhere, right?
Or it’ll immediately be gutted, with this amendment replaced with another pro-NSA one, yeah.
Yeah…I don’t know if that makes NIST trustworthy all of the sudden.
How do we know other NIST hasn’t otherwise been comprimised?
Sad, In A Way
The NSA consultation was supposed to help strengthen the security of standards proposed by NIST, by taking advantage of the incredible pool of security knowledge available there.
What a pity they could not use that power for good, only for evil.