The Obama administration is revisiting much-criticised 2013 revisions to the Wassenaar Arrangement that made it look like practically any security software is illegal.
The State Department had decided in 2013 that “intrusion software” should be included as one of the “dual use” technologies that needed to be controlled under Wassenaar.
The problem is that while nuclear weapons are quite easy to characterise, a tool like Metasploit can have its powers used for good or evil.
Network mappers are equally valuable to sysadmins and attackers, but again, the blunt-instrument phrasing of the arrangement left researchers concerned that they, also, were banned.
As The Register reported in early February, the government had decided that another round of public consultation was needed.
Now, The Hill reports that a proposal filed by the administration suggests removing the 2013 controls on the development of intrusion software entirely.
If that report is accurate, it would mean the State Department and the White House have agreed that they need to go back to the other 40 nations involved in Wassenaar and renegotiate the text.
The wheels of international treaties grind sure but exceedingly slow: the State Department won't have the chance to ask the other participants to agree to removing intrusion software from the Wassenaar Arrangement until December 2016. ®