Yesterday, nearing the end of the second week of the lame
duck Congress 29 bills were introduced. A trio of software security bills were
introduced:
HR
5793 : To ensure the integrity of any software, firmware, or product
developed for or purchased by the United States Government that uses a third
party or open source component, and for other purposes. Sponsor: Rep
Royce, Edward R. (R,CA)
HR
5800 : To prohibit Federal agencies from mandating the deployment of
vulnerabilities in data security technologies. Sponsor: Rep
Lofgren, Zoe (D,CA)
S.2981 :
A bill to prohibit Federal agencies from mandating the deployment of
vulnerabilities in data security technologies. Sponsor: Sen
Wyden, Ron (D,OR)
According to a press
release from the Wyden office, his bill is designed to stop Federal government
agencies from requiring the existence of backdoors in US software or electronic
devices. A copy of the bill
language available on the Wyden web site contains an interesting loop hole;
it only applies to “any computer hardware, computer software, or electronic device
that is made available to the general
public [emphasis added]” {§2(c)(2)}. A large truck could be driven through
that loop hole.
Posts
No comments:
Post a Comment