Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Fails To Renegotiate Arms Control Rule For Hacking Tools (go.com)

Posted by BeauHD on from the falling-apart dept.

An anonymous reader quotes a report from ABC News: The Obama administration has failed to renegotiate portions of an international arms control arrangement to make it easier to export tools related to hacking and surveillance software -- technologies that can be exploited by bad actors, but are also used to secure computer networks. The rare U.S. move to push for revisions to a 2013 rule was derailed earlier this month at an annual meeting in Vienna, where officials from 41 countries that signed onto it were meeting. That leaves it up to President-elect Donald Trump's administration whether the U.S. will seek revisions again next year. U.S. officials had wanted more precise language to control the spread of such hacking tools without the unintended negative consequences for national cybersecurity and research that industry groups and lawmakers have complained about for months. Critics have argued that the current language, while well meaning, broadly sweeps up research tools and technologies used to create or otherwise support hacking and surveillance software. As one of those 41 member countries of the 1996 Wassenaar Arrangement, which governs the highly technical world of export controls for arms and certain technologies, the United States agreed to restrict tools related to cyber "intrusion software" that could fall into the hands of repressive regimes. The voluntary arrangement relies on unanimous agreement to abide by its rules on export controls for hundreds of items, including arms such as tanks or military aircraft and "dual-use" technologies such as advanced radar that can be used for both peaceful and military means.

14 of 31 comments (clear)

  1. Oh please by fibonacci8 · · Score: 1

    Please, please let this mean that the 2nd amendment applies to software again.

    --
    Inheritance is the sincerest form of nepotism.
    1. Re:Oh please by guises · · Score: 1

      The second amendment has never applied to exports.

    2. Re:Oh please by Noishkel · · Score: 1

      The second amendment has never applied to exports.

      True enough. But let's also not forget that the US State Department has tried to regulate CAD and other 3D printer files posted online just like firearms in order to have them taken down. Even though just raw information on how to build a gun conventionally is still legal. Hell, you can still get all of PL Luty's how-to guides over at http://thehomegunsmith.com/

  2. It's a strange world by sunderland56 · · Score: 1

    You can buy an AK-47 at the local store, but tcpdump is a prohibited weapon.

    1. Re:It's a strange world by Noishkel · · Score: 1

      Well we're a bit beyond that. We're at the point where sophisticated and relatively cheap machine tools make it easy for anyone to build an entire arms factory out of their garage. And much the same way with these hacking 'tools' any real hope of trying to regulate just simple code is long since past.

    2. Re:It's a strange world by ShanghaiBill · · Score: 1

      Please tell me this is sarcasm.

      It is either sarcasm or ignorance. In America, a private citizen cannot buy or possess an AK-47.

    3. Re:It's a strange world by K.+S.+Kyosuke · · Score: 1

      Probably because not having to do that in the first place would be preferable?

      --
      Ezekiel 23:20
    4. Re:It's a strange world by jonwil · · Score: 1

      Its a lot harder to stop someone exporting or sharing or transferring digital data (whether that be a 3D model file for a 3D-printable/CnC machinable firearm or firearm part, source code for a strong encryption algorithm or binaries for a set of hacking tools) than it is to stop someone exporting a physical object like an AK-47.

  3. This is why we need technocracy. by eyenot · · Score: 1

    If the government were staffed by people with at least 20 years (30 right here) of experience building and programming computers, they would stop acting like they wholeheartedly believe that shouting at computers (which legislating and regulating computer programming and data-sharing is equivalent to) gets anything done.

    --
    "Stratigraphically the origin of agriculture and thermonuclear destruction will appear essentially simultaneous" -- Lee
    1. Re:This is why we need technocracy. by DonaId+Trump · · Score: 1

      You're gonna LOVE what we do with the cyber, folks. I'm putting together a team of cyber EXPERTS, headed by digital guru Ted Kaczynski and my son Barron, some very smart people are saying he's the BEST at cyber.

  4. Maybe it was the delegation we sent? by xxxJonBoyxxx · · Score: 1

    >> The failed effort was a "bummer" said (random)...part of this year's Wassenaar delegation as a U.S. industry expert.

    Like, just a "bummer" or a "total bummer"? Inquiring minds want to know.

    And Barry, did you just send your "JV team" or is really the best you think the security community has to offer?

  5. Comment removed by account_deleted · · Score: 1

    Comment removed based on user account deletion

  6. Intrusion software? by AHuxley · · Score: 1

    Considering the crypto the US tried to hold back as "munitions" decades ago?
    The demand for back doors and trap doors in US crypto?
    Now other gov are not to get 'intrusion software" for their own police, mil and security services?
    The good news is many other smarter nations will just go on exporting their own really great software.
    The really interesting market will be in the safe export of counter surveillance software.
    What did the NSA fear? That nations domestically will buy in from their own experts rather than flying in US NSA contractors with "legal" export grade software?
    Good security globally protects everyone. Holding good crypto, tools and methods back from the free market just allows more trapdoors and backdoors to stay in place and not be fixed.
    The more academics and exports that are free to look at crypto and tools and share results the better. Things that fail can then be reported and fixed. The US suggesting limits on software, methods, academic free speech does not make for secure software, networks. People with skills will just move to free nations and sell their really good, secure products. US untested, export grade software will then be questioned as it will be NSA, FBI, GCHQ backdoor "ready" as a gov approved product. What nation likes to be told that their exports just have to use US products and have to change their own laws so that US products and severs get a free pass to be imported?

    --
    Domestic spying is now "Benign Information Gathering"
  7. technologies by Kasem · · Score: 1

    https://goo.gl/Ba6q7 oIn minutes, you’ll get a personalized report detailing any problems found, plus a list of recommended fixes.