Small Victory Against NSA: Amendment Says NIST No Longer Has To Consult NSA On Standards

from the it's-a-step dept

Even as major NSA reform appears to have become a cruel joke, there are still some small wins happening elsewhere. As noted by Access, the House Science and Technology Committee adopted an amendment to the FIRST Act (Frontiers in Innovation, Research, Science, and Technology -- which is supposed to be about increasing funding in science and technology) that says the National Institute for Standards and Technology (NIST) no longer has to consult with the NSA on encryption standards.

As you may recall, the NSA secretly took over an encryption standard, purposely weakened it, paid RSA to make it a "default" in one of its products and basically weakened everyone's security. NIST has been dealing with the consequences ever since.

The Amendment, authored by Rep. Alan Grayson, would mean that NIST can skip dealing with the NSA altogether. As Grayson noted in a statement:
These are serious allegations. NIST, which falls solely under the jurisdiction of the Science, Space, and Technology Committee, has been given "the mission of developing standards, guidelines, and associated methods and techniques for information systems". To violate that charge in a manner that would deliberately lessen encryption standards, and willfully diminish American citizens' and business' cyber-security, is appalling and warrants a stern response by this Committee. Many businesses, from Facebook to Google, have lamented the NSA's actions in the cyber world; and some, such as Lavabit, have consciously decided to shut their doors rather than continue to comply with the wishes of the NSA. Changes need to be made at NIST to protect its work in the encryption arena.

Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    silverscarcat (profile), May 22nd, 2014 @ 3:29pm

    About bloody time

    Even if it's not much, it's better than the bills in Congress that those noodle spined wimps passed.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Lurker Keith, May 22nd, 2014 @ 3:38pm

    When will the government realize not knowing what both hands are doing is counterproductive?

    At least there appear to be a few members of Congress who haven't sold their brains/ votes.

    Though, we yet again have an instance of fallout from one part of the government not paying attention to the shadows of the other part of the government. We need to find a way to shine the Batsignal (a large spotlight, that gets a genius's attention -- it can also be moved, so the Bat in the middle won't be a place to hide either) on the entire Government to ferret out & highlight stuff that conflicts w/ the mandates the Government has... starting w/ their Oath to defend the Constitution, not the country like so many think/ say, rather than undermine it like they seem to keep doing.

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    sorrykb (profile), May 22nd, 2014 @ 3:48pm

    FIRST Act

    adopted an amendment to the FIRST Act (Frontiers in Innovation, Research, Science, and Technology -- which is supposed to be about increasing funding in science and technology)

    Keyword there is "supposed". Do we really have to support this bad Act (bad for open access, bad for basic science research, bad for social science and economics research, etc.) in order to fix NIST?

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    Coyne Tibbets (profile), May 22nd, 2014 @ 5:58pm

    An oversight

    Overlooking the NIST independence clauses in the new bill was an oversight. (Details, details.) Likely, the Senate will correct that little glitch in its version of the bill.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, May 22nd, 2014 @ 6:00pm

    So, this bill is going nowhere, right?

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, May 22nd, 2014 @ 7:43pm

    Yeah...I don't know if that makes NIST trustworthy all of the sudden.

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    McCrea (profile), May 23rd, 2014 @ 12:14am

    How do we know other NIST hasn't otherwise been comprimised?

     

    reply to this | link to this | view in thread ]

  8.  
    icon
    That One Guy (profile), May 23rd, 2014 @ 12:35am

    Re:

    Or it'll immediately be gutted, with this amendment replaced with another pro-NSA one, yeah.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Lawrence D’Oliveiro, May 23rd, 2014 @ 1:50am

    Sad, In A Way

    The NSA consultation was supposed to help strengthen the security of standards proposed by NIST, by taking advantage of the incredible pool of security knowledge available there.

    What a pity they could not use that power for good, only for evil.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
Advertisement
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
Advertisement
Recent Stories
Advertisement
Support Techdirt - Get Great Stuff!

Close

Email This

This feature is only available to registered users. Register or sign in to use it.