Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: National Security Agency

The National Security Agency will release an agency-designed tool to research malware as a free-to-the-public, open source program.

The big picture: The NSA program, known as GHIDRA, is a reverse engineering tool that takes malware and returns the source code used to make it, which otherwise remains inaccessible. That enables researchers and security pros to understand, attribute and even counter the malware.

Why it matters: This small move could be widely disruptive.

  • Reverse engineering tools aren't cheap, costing in the hundreds or thousands of dollars to license. Any group releasing a free, high-quality tool democratizes research into how cyberattacks are waged.
  • But the NSA isn't just any group. Spy agencies typically keep their tech close to the vest, and sharing it in this way changes the dynamic of the NSA's relationship with the American and global public.

GHIDRA will become an open source project, meaning any software developer can use it, modify it and contribute code to help improve the product.

  • Users familiar with GHIDRA describe it as comparable to (some said better than) commercially available offerings, although it may be a little buggy.
  • That's probably not a huge deal to anyone trying to learn or teach the art of malware analysis.
  • "GHIDRA will help level the playing field for cybersecurity personnel, where there is a well-documented skills gap, by providing a tool that they otherwise wouldn't have access to or could afford," said Patrick Miller, a Raytheon researcher and fan of the tool. "This will likely lead to the tool being used in cyber and coding competitions as well as in school curricula."
  • Miller noted that GHIDRA and commercial tools like IDA and Binary Ninja each offer advantages, and serious researchers would find uses for all three programs in their arsenals.

The impact: To the NSA, the move offers a number of advantages.

  • It brings the agency, which has been maligned since the Edward Snowden revelations, out of the shadow and demonstrates a commitment to the public good.
  • Making research easier raises the cost for foreign adversaries to attack Americans, both public and private.
  • It demonstrates NSA confidence in the tools it keeps secret and in those used by its sibling agency, U.S. Cyber Command, in offensive missions.

To answer your least pressing questions: GHIDRA is pronounced "Gee - dra," according to NSA official Rob Joyce, who will be presenting the tool to the RSA cybersecurity conference for its official release later Tuesday. We asked.

  • A Ghidra is (perhaps coincidentally) a character in the Final Fantasy series of video games — an apparent mistranslation of the Japanese word for Hydra.
  • The logo on the NSA site for GHIDRA is a snake with a dragon's head forming an infinity symbol, turning its tail into binary code as it eats it. The binary spells out the first statement programmers traditionally learn how to display: "Hello world."

Go deeper

Scoop: Gina Haspel threatened to resign over plan to install Kash Patel as CIA deputy

CIA Director Gina Haspel. Photo: Win McNamee/Getty Images

CIA Director Gina Haspel threatened to resign in early December after President Trump cooked up a hasty plan to install loyalist Kash Patel, a former aide to Rep. Devin Nunes (R-Calif.), as her deputy, according to three senior administration officials with direct knowledge of the matter.

Why it matters: The revelation stunned national security officials and almost blew up the leadership of the world's most powerful spy agency. Only a series of coincidences — and last minute interventions from Vice President Mike Pence and White House counsel Pat Cipollone — stopped it.

Updated 4 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Health: Coronavirus deaths reach 4,000 per day as hospitals remain in crisis mode — CDC warns highly transmissible coronavirus variant could become dominant in U.S. in March.
  2. Politics: Biden says, "We will manage the hell out of" vaccine distribution — Biden taps ex-FDA chief to lead Operation Warp Speed amid rollout of COVID plan — Widow of GOP congressman-elect who died of COVID-19 will run to fill his seat.
  3. Vaccine: Battling Black mistrust of the vaccines"Pharmacy deserts" could become vaccine deserts — Instacart to give $25 to shoppers who get vaccine.
  4. Economy: Unemployment filings explode againFed chair: No interest rate hike coming any time soon —  Inflation rose more than expected in December.
  5. World: WHO team arrives in China to investigate pandemic origins.

John Weaver, Lincoln Project co-founder, acknowledges “inappropriate” messages

John Weaver aboard John McCain's campaign plane in February 2000. Photo: Robert Schmidt/AFP via Getty Images)

John Weaver, a veteran Republican operative who co-founded the Lincoln Project, declared in a statement to Axios on Friday that he sent “inappropriate,” sexually charged messages to multiple men.

  • “To the men I made uncomfortable through my messages that I viewed as consensual mutual conversations at the time: I am truly sorry. They were inappropriate and it was because of my failings that this discomfort was brought on you,” Weaver said.
  • “The truth is that I'm gay,” he added. “And that I have a wife and two kids who I love. My inability to reconcile those two truths has led to this agonizing place.”