

How the NSA could stop sucking and be awesome instead. - olefoo
http://teddziuba.com/post/58735980543/how-the-nsa-could-stop-sucking-and-be-awesome-instead

======
ENOTTY
> Recommendation 1: NSA could provide open source reference implementations of
> cryptographic and other security-sensitive code.

This would negatively impact the market of folks who sell cryptographic
implementations. I'm not sure the government should be doing that kind of
thing. The government, through NIST, already certifies implementations of
cryptographic algorithms and allows the marketplace to decide which product is
superior.

> Recommendation 3: NSA could provide a training program for American software
> and IT professionals on security best practices. For bonus points, the cost
> of this program could be tax-deductible.

There are plenty of training programs that talk about security, some of which
may already be tax deductible. (I am not an accountant, but I believe job
related training is tax deductible.) CERT's Secure C Coding class and several
SANS courses come to mind. Again, why should the government compete in these
markets?

