The National Institution for Standards and Technology is one of the key players in setting standards for cryptography. Following the Snowden-leaked revelation that its standards-setting efforts had been infiltrated and sabotaged by the NSA, it is embarking on a charm-offensive to lure cryptographers back into its processes. It's reassessing all of its standards, and then conducting a public consultation on its conclusions. And they're having independent auditors to look at their process.
As part of what it characterizes as a "rigorous" review of its cryptographic guidance development, NIST says it will investigate its goals and objectives; principles of operation; processes for identifying cryptographic algorithms for standardization; methods for reviewing and resolving public comments; and other important procedures.
"Once complete, we will invite public comment on this process," the statement says. "We also will bring in an independent organization to conduct a formal review of our standards development approach and to suggest improvements. Based on the public comments and independent review, we will update our process as necessary to make sure it meets our goals for openness and transparency, and leads to the most secure, trustworthy guidance practicable."
NIST to Review Crypto Guidance Methods
Shenzhen Gwelltimes Technology Co., Ltd is the white-label vendor behind a whole constellation of Internet of Things networked home cameras sold as security cameras, baby monitors, pet monitors, and similar technologies; these cameras are designed to be monitored by their owners using an app, and because of farcically bad default passwords ("123") and other foolish […]
Fingerprint locks are catastrophically awful, part LXVII: the software security on the crowdfunded Tapplock "is basically nonexistent" -- the lock broadcasts its own unlock code over Bluetooth, and if you send it back to the lock, it pops open.
A team of computer scientists, psychologists and neuroscientists used eye-tracking and fMRI to measure how users perceived security warnings, such as warnings about app permissions and browser warnings about insecure pages and plugin installations.
Spring came and went, but we’re not here to judge if you didn’t get around to cleaning up your living space. After all, taking the time to vacuum your floors can stretch out into a lengthy task when you’re constantly switching between power outlets and trying to jam your machine into those tight corners. With […]
Projects big and small always go smoother when the whole team is collaborating, but members tend to get lost once the conference call ends. Timelinr is a project management solution that helps keep your stakeholders, team, and clients in the loop with high-level project roadmaps and granular task boards. Subscriptions are available today for $49.99. […]
The Adobe Creative Cloud is home to a suite of editing tools today’s creatives count on to produce their content. Whether you’re an aspiring photographer, animator, or graphic designer, Adobe’s programs can help you in your creative pursuits, and with the Complete Adobe CC Training Bundle, you can come to grips with six of them for […]