Feeds

Museum unscrambles secret agency's past

But recent activity still matter of national security, natch

Reducing security risks from open source software

Inside the NSA A few of us got through the metal detectors before the National Security Agency (NSA) realised we were in the wrong place. We had arrived, expunged of all electronic devices from mobile phones to cameras, at the Visitors' Centre, a security outpost for visiting security personnel, instead of the National Cryptologic Museum 370 metres away by eagle. Oops.

There was a time when the very existence of the National Security Agency was completely secret. Many of the sort of people who are interested in it (such as this crowd from the annual Computers, Freedom, and Privacy conference) are, therefore, somewhat surprised by the idea that it has a cryptologic museum.

Approximately 50,000 people a year find their way to Fort Meade, where the museum and NSA's headquarters are located. The curators will tell you openly that the museum's creation in an abandoned hotel in 1993 was a public relations exercise. The Cold War had ended, and although cryptology has been used in American wars all the way back to George Washington, between wars the effort was generally closed down. So the NSA had to answer: why should the nation keep funding it?

You would think that if anyone was likely to say "we shouldn't" it would be this group of gearheads and privacy wonks. Jostling with the NSA tour for pride of place on the programme was a panel on wiretapping featuring James Bamford, author of The Puzzle Palace, the 1982 exposé of the NSA. The NSA hasn't really forgiven him yet; mentioning his name at the museum draws a waspish response. David Kahn, whose 1967 book The Codebreakers drew a government suit when it was published, however, is now a scholar working there.

The curators seem refreshingly open, at least in the sense that they voice opinions they disassociate from the NSA. Still, the last 40 years of increasingly controversial activity is omitted. For national security reasons, of course. No one argues about wiretapping in World War II or even Korea; it's today's warrantless wiretapping that's controversial. So there is no mention of Bush, the class action suit brought on behalf of AT&T customers, or the revelations by AT&T employee Mark Klein that the NSA has been cheerfully and illegally wiretapping US citizens' domestic phone calls. It's a sign of how far the American government monolith has depressed people's free spirits that even this group does not bring up the subject.

When this museum opened it was also the height of the crypto wars, and cryptography was the hottest topic at this conference. Two government efforts made it so. One: continuing to promote the International Traffic in Arms regulations, which restricted the export of strong cryptography, slowing its adoption to protect, for example, ecommerce transactions. Two: backing a government standard known as the Clipper Chip, which would have included encryption in devices such as telephones and modems, but at the price of storing an escrowed key with the government. ITAR was ultimately defeated by the demands of ecommerce; Clipper Chip by the cracking work of Matt Blaze. The museum has a display of secure telephones, but mentions neither the Clipper Chip nor the ITAR battles.

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Microsoft: You NEED bad passwords and should re-use them a lot
Dirty QWERTY a perfect P@ssword1 for garbage websites
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.