Small Victory Against NSA: Amendment Says NIST No Longer Has To Consult NSA On Standards

from the it's-a-step dept

Even as major NSA reform appears to have become a cruel joke, there are still some small wins happening elsewhere. As noted by Access, the House Science and Technology Committee adopted an amendment to the FIRST Act (Frontiers in Innovation, Research, Science, and Technology -- which is supposed to be about increasing funding in science and technology) that says the National Institute for Standards and Technology (NIST) no longer has to consult with the NSA on encryption standards.

As you may recall, the NSA secretly took over an encryption standard, purposely weakened it, paid RSA to make it a "default" in one of its products and basically weakened everyone's security. NIST has been dealing with the consequences ever since.

The Amendment, authored by Rep. Alan Grayson, would mean that NIST can skip dealing with the NSA altogether. As Grayson noted in a statement:
These are serious allegations. NIST, which falls solely under the jurisdiction of the Science, Space, and Technology Committee, has been given "the mission of developing standards, guidelines, and associated methods and techniques for information systems". To violate that charge in a manner that would deliberately lessen encryption standards, and willfully diminish American citizens' and business' cyber-security, is appalling and warrants a stern response by this Committee. Many businesses, from Facebook to Google, have lamented the NSA's actions in the cyber world; and some, such as Lavabit, have consciously decided to shut their doors rather than continue to comply with the wishes of the NSA. Changes need to be made at NIST to protect its work in the encryption arena.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: alan grayson, encryption, nist, nsa, standards, surveillance


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    silverscarcat (profile), 22 May 2014 @ 3:29pm

    About bloody time

    Even if it's not much, it's better than the bills in Congress that those noodle spined wimps passed.

    link to this | view in chronology ]

  • identicon
    Lurker Keith, 22 May 2014 @ 3:38pm

    When will the government realize not knowing what both hands are doing is counterproductive?

    At least there appear to be a few members of Congress who haven't sold their brains/ votes.

    Though, we yet again have an instance of fallout from one part of the government not paying attention to the shadows of the other part of the government. We need to find a way to shine the Batsignal (a large spotlight, that gets a genius's attention -- it can also be moved, so the Bat in the middle won't be a place to hide either) on the entire Government to ferret out & highlight stuff that conflicts w/ the mandates the Government has... starting w/ their Oath to defend the Constitution, not the country like so many think/ say, rather than undermine it like they seem to keep doing.

    link to this | view in chronology ]

  • icon
    sorrykb (profile), 22 May 2014 @ 3:48pm

    FIRST Act

    adopted an amendment to the FIRST Act (Frontiers in Innovation, Research, Science, and Technology -- which is supposed to be about increasing funding in science and technology)

    Keyword there is "supposed". Do we really have to support this bad Act (bad for open access, bad for basic science research, bad for social science and economics research, etc.) in order to fix NIST?

    link to this | view in chronology ]

  • icon
    Coyne Tibbets (profile), 22 May 2014 @ 5:58pm

    An oversight

    Overlooking the NIST independence clauses in the new bill was an oversight. (Details, details.) Likely, the Senate will correct that little glitch in its version of the bill.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 May 2014 @ 6:00pm

    So, this bill is going nowhere, right?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 May 2014 @ 7:43pm

    Yeah...I don't know if that makes NIST trustworthy all of the sudden.

    link to this | view in chronology ]

  • icon
    McCrea (profile), 23 May 2014 @ 12:14am

    How do we know other NIST hasn't otherwise been comprimised?

    link to this | view in chronology ]

  • identicon
    Lawrence D’Oliveiro, 23 May 2014 @ 1:50am

    Sad, In A Way

    The NSA consultation was supposed to help strengthen the security of standards proposed by NIST, by taking advantage of the incredible pool of security knowledge available there.

    What a pity they could not use that power for good, only for evil.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.