The National Institution for Standards and Technology is one of the key players in setting standards for cryptography. Following the Snowden-leaked revelation that its standards-setting efforts had been infiltrated and sabotaged by the NSA, it is embarking on a charm-offensive to lure cryptographers back into its processes. It's reassessing all of its standards, and then conducting a public consultation on its conclusions. And they're having independent auditors to look at their process.
As part of what it characterizes as a "rigorous" review of its cryptographic guidance development, NIST says it will investigate its goals and objectives; principles of operation; processes for identifying cryptographic algorithms for standardization; methods for reviewing and resolving public comments; and other important procedures.
"Once complete, we will invite public comment on this process," the statement says. "We also will bring in an independent organization to conduct a formal review of our standards development approach and to suggest improvements. Based on the public comments and independent review, we will update our process as necessary to make sure it meets our goals for openness and transparency, and leads to the most secure, trustworthy guidance practicable."
NIST to Review Crypto Guidance Methods
Wired has published another long excerpt from Sandworm, reporter Andy Greenberg's (previously) forthcoming book on the advanced Russian hacking team who took the US-Israeli Stuxnet program to the next level, attacking Ukrainian power infrastructure, literally blowing up key components of the country's power grid by attacking the embedded code in their microcontrollers.
For decades, it was a commonplace in western business that no one could afford to ignore China: whatever problems a CEO might have with China's human rights record could never outweigh the profits to be had by targeting the growing Chinese middle-class.
A little over a year ago, Bloomberg stunned the world with a report that claimed that Chinese intelligence services had figured out how to put undetectable, rice-grain-sized hardware implants into servers headed for the biggest US cloud and enterprise IT firms, and that when some of the victims discovered this fact, they quietly ripped out […]
People tend to keep luggage around for a long time. And why not? New suitcases are pricey, and no matter how banged up or patched up that old bag gets, it still holds your clothes. Right? Maybe not. Here are 15 travel bags and accessories that make a strong case for upgrading your gear. They’ve […]
Do you own a Mac? Unless you’re using it for a paperweight, you almost can’t afford not to get the Magnificent Mac Bundle. It’s a roundup of some truly essential security and file management apps, bundled up with great photo and video enhancers. The best part is that all nine apps are potentially available for […]
As much as vaping has taken over the market during the last decade, there’s still a lot of questions about the technology, as well as health concerns that we’re just now finding out about. One thing you can say about smoking: You know exactly what you’re getting, especially when it comes to pipes that you […]