Obama s Silent on NSA’s Crypto Subversion

Obama Stays Silent on Reform of NSA’s Crypto Subversion

• BY DAVID KRAVETS
• President Barack Obama in his State of the Union on Tuesday failed to address an issue that affects everyone on the internet — the NSA’s subversion of cryptographic standards and technologies.
  Privacy advocates and business interests were crossing their fingers that Obama would announce he was following the recommendations of a presidential panel that recently urged a dramatic overhaul of the NSA’s efforts to undermine encryption on a global scale.
  It was the second public address to the nation this month, and both times Obama overlooked the cryptography debacle disclosed by NSA whistleblower Edward Snowden.
  When Obama outlined a host of reforms to address the Snowden revelations in a Jan. 17 public address, the 44th president was also mum on whether he would accept the crypto recommendations of the “President’s Review Group on Intelligence and Communications Technologies.”
  There would have been no better time for Obama to address the global community about a hot-button issue that has sparked a cottage industry of crypto-product makers and one that is impacting the tech sector’s ability to conduct business overseas.
  “The State of the Union offered President Obama an opportunity to clear the air on outstanding surveillance issues that were not addressed in his recent reform speech. Chief among these is the government’s introduction of vulnerabilities in cryptographic standards and commercial products. Unfortunately, this did not occur,” says Daniel Castro, an analyst with the Washington, D.C.-based Information Technology and Innovation Foundation. “As long as these questions go unanswered, U.S. technology companies will face a disadvantage in global markets and lose market share to foreign competitors.”
  The presidential panel’s two recommendations in that area were to “fully support and not undermine efforts to create encryption standards” and to “not in any way subvert, undermine, weaken, or make vulnerable generally available commercial software.”
  Those recommendations were in response to classified documents Snowden obtained while an NSA contractor that suggested the agency engineered a backdoor into a random number generator standard promulgated by NIST..
  The Snowden documents also highlighted that the NSA has worked with industry partners to “covertly influence technology products.” The documents also underlined that the NSA has vast crypto-cracking resources, a database of secretly held encryption keys used to decrypt private communications, and an ability to crack cryptography in certain VPN encryption chips.
  
  David Kravets is a WIRED senior staff writer and founder of the fake news site TheYellowDailyNews.com. He's a dad of two boys and has been a reporter since the manual typewriter days. His PGP fingerprint is 066F 245D 22A0 7511 B36B CB4F 0F53 B742 5919 4A18.
  Read more by David Kravets
  http://www.wired.com/threatlevel/2014/01/obama-silent-on-crypto-reforms/