Feeds

Museum unscrambles secret agency's past

But recent activity still matter of national security, natch

The Power of One eBook: Top reasons to choose HP BladeSystem

Inside the NSA A few of us got through the metal detectors before the National Security Agency (NSA) realised we were in the wrong place. We had arrived, expunged of all electronic devices from mobile phones to cameras, at the Visitors' Centre, a security outpost for visiting security personnel, instead of the National Cryptologic Museum 370 metres away by eagle. Oops.

There was a time when the very existence of the National Security Agency was completely secret. Many of the sort of people who are interested in it (such as this crowd from the annual Computers, Freedom, and Privacy conference) are, therefore, somewhat surprised by the idea that it has a cryptologic museum.

Approximately 50,000 people a year find their way to Fort Meade, where the museum and NSA's headquarters are located. The curators will tell you openly that the museum's creation in an abandoned hotel in 1993 was a public relations exercise. The Cold War had ended, and although cryptology has been used in American wars all the way back to George Washington, between wars the effort was generally closed down. So the NSA had to answer: why should the nation keep funding it?

You would think that if anyone was likely to say "we shouldn't" it would be this group of gearheads and privacy wonks. Jostling with the NSA tour for pride of place on the programme was a panel on wiretapping featuring James Bamford, author of The Puzzle Palace, the 1982 exposé of the NSA. The NSA hasn't really forgiven him yet; mentioning his name at the museum draws a waspish response. David Kahn, whose 1967 book The Codebreakers drew a government suit when it was published, however, is now a scholar working there.

The curators seem refreshingly open, at least in the sense that they voice opinions they disassociate from the NSA. Still, the last 40 years of increasingly controversial activity is omitted. For national security reasons, of course. No one argues about wiretapping in World War II or even Korea; it's today's warrantless wiretapping that's controversial. So there is no mention of Bush, the class action suit brought on behalf of AT&T customers, or the revelations by AT&T employee Mark Klein that the NSA has been cheerfully and illegally wiretapping US citizens' domestic phone calls. It's a sign of how far the American government monolith has depressed people's free spirits that even this group does not bring up the subject.

When this museum opened it was also the height of the crypto wars, and cryptography was the hottest topic at this conference. Two government efforts made it so. One: continuing to promote the International Traffic in Arms regulations, which restricted the export of strong cryptography, slowing its adoption to protect, for example, ecommerce transactions. Two: backing a government standard known as the Clipper Chip, which would have included encryption in devices such as telephones and modems, but at the price of storing an escrowed key with the government. ITAR was ultimately defeated by the demands of ecommerce; Clipper Chip by the cracking work of Matt Blaze. The museum has a display of secure telephones, but mentions neither the Clipper Chip nor the ITAR battles.

Designing a Defense for Mobile Applications

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.