US Fails To Renegotiate Arms Control Rule For Hacking Tools

An anonymous reader quotes a report from ABC News: The Obama administration has failed to renegotiate portions of an international arms control arrangement to make it easier to export tools related to hacking and surveillance software -- technologies that can be exploited by bad actors, but are also used to secure computer networks. The rare U.S. move to push for revisions to a 2013 rule was derailed earlier this month at an annual meeting in Vienna, where officials from 41 countries that signed onto it were meeting. That leaves it up to President-elect Donald Trump's administration whether the U.S. will seek revisions again next year. U.S. officials had wanted more precise language to control the spread of such hacking tools without the unintended negative consequences for national cybersecurity and research that industry groups and lawmakers have complained about for months. Critics have argued that the current language, while well meaning, broadly sweeps up research tools and technologies used to create or otherwise support hacking and surveillance software. As one of those 41 member countries of the 1996 Wassenaar Arrangement, which governs the highly technical world of export controls for arms and certain technologies, the United States agreed to restrict tools related to cyber "intrusion software" that could fall into the hands of repressive regimes. The voluntary arrangement relies on unanimous agreement to abide by its rules on export controls for hundreds of items, including arms such as tanks or military aircraft and "dual-use" technologies such as advanced radar that can be used for both peaceful and military means.

Oh please

[fibonacci8]

Please, please let this mean that the 2nd amendment applies to software again.

Re:Oh please

[guises]

The second amendment has never applied to exports.

Re:Oh please

[Noishkel]

The second amendment has never applied to exports.

True enough. But let's also not forget that the US State Department has tried to regulate CAD and other 3D printer files posted online just like firearms in order to have them taken down. Even though just raw information on how to build a gun conventionally is still legal. Hell, you can still get all of PL Luty's how-to guides over at http://thehomegunsmith.com/

It's a strange world

[sunderland56]

You can buy an AK-47 at the local store, but tcpdump is a prohibited weapon.

Re:It's a strange world

[Noishkel]

Well we're a bit beyond that. We're at the point where sophisticated and relatively cheap machine tools make it easy for anyone to build an entire arms factory out of their garage. And much the same way with these hacking 'tools' any real hope of trying to regulate just simple code is long since past.

Re:It's a strange world

Please tell me this is sarcasm.
As an European, I'm not really sure if it is intended as such.
I want to believe the US isn't that horrible a place, but the propaganda bots just keep on droning on...

Re:It's a strange world

[ShanghaiBill]

Please tell me this is sarcasm.

It is either sarcasm or ignorance. In America, a private citizen cannot buy or possess an AK-47.

Re:It's a strange world

What bull is this?
You can buy different AK variants legally in most USA states.
The ones you need to worry about are CT, NY, NJ, MA and CA. Check their laws.
Any state that does not prohibit firearms taxed under the National Firearms Act of 1934 would allow you to own and use an Avtomat Kalashnikova if you could find a transferable one for sale and acquired the NFA tax stamp and purchased it through a dealer of Title II firearms.

Re:It's a strange world

Why is it horrible? Because any American citizen can buy tools to protect themselves from an "Allahu Akhbar" mussie?
Americans don't have a victim mentality and are not scared of guns; those who did, already left for Europe or California.

Re:It's a strange world

[K.+S.+Kyosuke]

Probably because not having to do that in the first place would be preferable?

Re:It's a strange world

It certainly would, now how do you propose stopping those people from existing in or entering the US without trodding all over all sorts of civil rights?

Re:It's a strange world

[jonwil]

Its a lot harder to stop someone exporting or sharing or transferring digital data (whether that be a 3D model file for a 3D-printable/CnC machinable firearm or firearm part, source code for a strong encryption algorithm or binaries for a set of hacking tools) than it is to stop someone exporting a physical object like an AK-47.

This is why we need technocracy.

[eyenot]

If the government were staffed by people with at least 20 years (30 right here) of experience building and programming computers, they would stop acting like they wholeheartedly believe that shouting at computers (which legislating and regulating computer programming and data-sharing is equivalent to) gets anything done.

Re:This is why we need technocracy.

Doesn't have to be Programmers, just anyone with a solid enough STE(A)M degree (Science, Technology, Engineering, (Arts*), & Math(s)) degrees)

The most important thing is not that they have programming experience (that certainly helps) but that they understand science, aren't almost all lawyers, and aren't almost all lawyers (yes repeated twice, because it is that important) ... because congressional staffers are the people who "should" write bills anyways (it is now mostly corporations... but that is another issue)

Obama's #1 pick for any seat was hands down for Dept. of Energy. who up to a year after being in office still had research papers being published with his name on them in physics journals.... And do you know he was the best pick... because we NEVER heard about him again... because he didn't fuck up at all... and being in charge of nuclear power plants, and things like that... NO NEWS IS GOOD NEWS.... Hell the only news related to DOE I remember was that we further promoted nuclear de-proliferation and destroyed many nation's former stocks of nuclear material... Scientists in charge = gets shit done.

*Arts included because you CAN have a 'strong' ARTS degree (for example: many smaller schools included CS in math or engineering, but a lot include them in the "Arts & Sciences" college, so a LARGE number of people actually have "Bachelors of Arts in Computer Science, etc... vs 'Bachelors of Science;...) Let alone people who get normal 'arts' degrees such as art/English/etc. who just also have strong base in modern sciences. Again... most important thing is NOT all lawyers

-RC

Re:This is why we need technocracy.

[DonaId+Trump]

You're gonna LOVE what we do with the cyber, folks. I'm putting together a team of cyber EXPERTS, headed by digital guru Ted Kaczynski and my son Barron, some very smart people are saying he's the BEST at cyber.

Re:This is why we need technocracy.

Technocracy is even less workable than communism which is really saying something. With technocracy corruption would be inevitable and practically immediate. He who makes the tests controls everything. It is like how "voter tests" were just an excuse to exclude. You wouldn't be making politicians scientists you would be making scientists politicians.

While tempting on a shallow level the entire idea needs to be shredded, incinerated, and the ashes mixed into a peat bog.

Re:This is why we need technocracy.

I don't know the current stats, but something like 19 out of the top 20 Chinese party officials were engineers a few years ago...

Obviously it isn't as unworkable as you claim... we just have to decide if we want to continue to be a democratic republic. Because the "few deciding for the populace" is baked into the Constitution in several places (the Senate, the Electoral College) etc... (all of which were compromises stemming from the issues we faced pre-industrial revolution (slavery, distances being too far to easily travel by horse, slavery, low population density, slavery, etc..)

Re:This is why we need technocracy.

You're gonna LOVE what we do with the cyber, folks. I'm putting together a team of cyber EXPERTS, headed by digital guru Ted Kaczynski and my son Barron, some very smart people are saying he's the BEST at cyber.

How do I get on this team of cyber sexperts?

Re: This is why we need technocracy.

We don't need shit nerds in positions of power, no matter how much you losers wish for it.

Re:This is why we need technocracy.

Would it really be any worse than the sociopath lawyers we currently have?

Re: This is why we need technocracy.

If you hate "shit nerds" so much, why are you even on this site?

I'll see you in 4 or 8 years, and we can discuss why we couldn't "make America great again".

It must hurt to be so stupid. I feel sorry for you.

Boooo

And the entire population of the world couldn't give a flying fuck

Obama:

He may have a big dick but it is of no help if he's impotent.

Maybe it'll turn out Trump's 'small hands' don't relate to the size of his other thigns, and he has access to enough viagra to keep impotence at bay.

Maybe it was the delegation we sent?

[xxxJonBoyxxx]

>> The failed effort was a "bummer" said (random)...part of this year's Wassenaar delegation as a U.S. industry expert.

Like, just a "bummer" or a "total bummer"? Inquiring minds want to know.

And Barry, did you just send your "JV team" or is really the best you think the security community has to offer?

Re:Maybe it was the delegation we sent?

We sent Katie Mo, the feminist who sued Microsoft because she didn't get promoted quickly enough. She may know a few things about security, but she's abrasive as broken glass. Which is why she didn't get promoted and has since bounced from job to job. I'm not sure how she got the delegation job, but my guess is bad politics.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Intrusion software?

[AHuxley]

Considering the crypto the US tried to hold back as "munitions" decades ago?
The demand for back doors and trap doors in US crypto?
Now other gov are not to get 'intrusion software" for their own police, mil and security services?
The good news is many other smarter nations will just go on exporting their own really great software.
The really interesting market will be in the safe export of counter surveillance software.
What did the NSA fear? That nations domestically will buy in from their own experts rather than flying in US NSA contractors with "legal" export grade software?
Good security globally protects everyone. Holding good crypto, tools and methods back from the free market just allows more trapdoors and backdoors to stay in place and not be fixed.
The more academics and exports that are free to look at crypto and tools and share results the better. Things that fail can then be reported and fixed. The US suggesting limits on software, methods, academic free speech does not make for secure software, networks. People with skills will just move to free nations and sell their really good, secure products. US untested, export grade software will then be questioned as it will be NSA, FBI, GCHQ backdoor "ready" as a gov approved product. What nation likes to be told that their exports just have to use US products and have to change their own laws so that US products and severs get a free pass to be imported?

Re:Intrusion software?

"The demand for back doors and trap doors in US crypto?"
There is no such requirement in the US. People can demand what ever they want but 9 times out of 10 they never get their demands met.

"Now other gov are not to get 'intrusion software" for their own police, mil and security services? "
Other governments can build their own shit if they want it bad enough. And there are a lot of countries who do just that and I seriously doubt they are exporting their systems so they can be picket apart the software to see how it works.

"The good news is many other smarter nations will just go on exporting their own really great software"
There is no such thing as a smart country but there are smart individuals. And the vast number of smart individuals in other countries were educated and trained in the US.

"The really interesting market will be in the safe export of counter surveillance software."
Allies may cooperate when it comes to sharing counter surveillance tools and methods but they do not share any classified systems or software that the government is using.

"People with skills will just move to free nations "
You are perfectly correct on this point. The US is the number one destination for people with skills. H1B visas are the most sought after ticket for people wanting to work in and study in the US. On a general note you can look at every Foreign Embassies in the US and you will never see a line for US citizens trying to immigrate to some foreign country. The US Embassy in China has lines of Chinese nationals that wrap around an entire city block trying to get a US Visa. While all you hear is that the US has a large number of illegal immigrants you never hear anything about the thousands legal immigrants who are sworn in as US citizens every week.

I could go on but all the rest of your comments show a complete lack of understanding

Re:Intrusion software?

There is no such thing as a smart country but there are smart individuals. And the vast number of smart individuals in other countries were educated and trained in the US

I stopped reading here, because my ass fell off, and I'm rolling on the floor!

Re: Intrusion software?

This is true: the US needs a very good educational system because it's populated by morons. Europe does not because, Herrenvolk.

technologies

[Kasem]

https://goo.gl/Ba6q7 oIn minutes, you’ll get a personalized report detailing any problems found, plus a list of recommended fixes.