Slashdot Mirror
Report Says China Will Demand Source Code
An anonymous reader alerts us to a two-week-old story that hasn't gotten much traction in the press to date. A Japanese newspaper and the AP report that China plans to demand source code from hardware manufacturers, and ban the sale of products from companies that don't comply. China is calling this an "obligatory accreditation system for IT security products." The plan is to go into effect next May, according to sources. "Products expected to be subject to the system are those equipped with secret coding, such as [a] contactless smart card system developed by Sony Corp., digital copiers, and computer servers. The Chinese government said it needs the source code to prevent computer viruses taking advantage of software vulnerabilities and to shut out hackers. However, this explanation is unlikely to satisfy concerns that disclosed information might be handed from the Chinese government to Chinese companies. There also are fears that Chinese intelligence services could exploit such confidential information by making it easier to break codes used in... digital devices."
Haha,
Yes, why would chinese business go to the effort of replicating the functionality of western devices when their government can just demand we give the source code to the devices.
Expect to see more Sorny goods if this goes ahead!
Just use open source. ;-)
My guess is that this is to check the hardware for backdoors. Probably figures that they have put out so many backdoors in products like Cisco, Dell, Acer, HP, Apple, etc and now wants to check to make sure that nobody is doing the same to them.
that disclosed information might be handed from the Chinese government to Chinese companies
It might. And then they have a massive re-engineering problem on their hands. It would usually be easier for them to reimplement the functionality than try to start with undocumented, unsupported source code.
Doing security audits on software is a legitimate request by a governmental agency. Of course, they should just request that vendors provide open source software.
Do companies think that the market in China is big enough to justify giving them the source code?
It doesn't really matter what foreign governments think of this. The can scream all they want. If a company thinks the Chinese market is big enough and they want a piece of it. Then they will cough up the code.
Privacy, security and IP rites are second tier considerations when it comes to product sales.
So again. Do companies think that the market in China is big enough to justify giving them the source code?
Don't do business with them if you don't like it. The Chinese concerns are valid, the hyperbole response is lame.
They will balk. The more they tighten their grip...
If someone thinks China is a big enough market, the Chinese-market goods can simply ship with their own damn set of code, API's, and even unique board revision if a company worries about it that much.
China is out of control. How can anyone compete if they have cheaper labor and can demand everyone hand over technologies. They can pirate the hardware but reverse engineering the rest is harder. What's next them demanding chip manufacturers hand over chip templates to "make sure they meet China's standards".
Bunch of idiots. Boycott chinese products and don't export anything to China. While you are at it pull the plug on Internet access.
So China demands source code from manufacturers, yet we still run our elections on closed-sourced voting software...
I understand that it's just a political move, but a part of me feels like, somehow, this is all very wrong.
I thought source should be free?
I know American are scared, losing world leader status, economy going down the drain, hockey mom for vp and everything but seriously it's a great move on the Chinese government that you should be applauding. You should be hoping it will be replicated by ALL other governments and that distributing the source becomes an habit for HW manufacturer.
China has its issue (police state, freedom of the press...), but they seem sometime to have the balls to go where no other lobbyist sponsored government in the "free world" would go and when it's a good move at least have the intellectual honesty to recognize it.
"Your source code or your life!"
I can see this being effective.
Knowledge is power. Knowledge shared is power lost.
It's the Prisoner's Dilemma. Unless you want to make it illegal to give source code to the Chinese, there will be some companies who will comply because it is better for their bottom line to do so.
They are doing by legal fiat what the open source community has failed to do through voluntary cooperation, namely, boycotting products that don't provide their source code. Ironically, this autocratic move could be a boon to open source.
Well put.
I fear an official must have been misunderstood.
This would mean that China is asking any supplier to lay down their IP to sell in China with the following risks:
- claims of other nations that the supplier supports Chinese intelligence in bypassing their product (read: NOBODY will buy)
- duplication of the product (China stealing the IP and making its own, which is something it has been repeatedly accussed of in the past)). It's hard enough to bring out anything these days without some US patent troll trying to get a slice of your life's work so avoiding China would thus appear to be a good move.
- leaking any real or alleged deficiency to the rest of the world (espionage and politics is a seriously filthy mix together).
I think this generations of badmouthing China coming home to roost in combination with the shenanigans of the Bush administration which has evaporated the last smidgen of trust in them doing anything NOT self serving. Whereas the main flaw of the previous administration was an overfondness of interns, they did have good international relationships and thus trade, a degree of trust and a budget surplus. Whoever votes to keep the current clowns in place will be ignoring the fact they they CAUSED the problems, making the US a virtual pariah that nobody trusts, turning a surplus that would have helped everyone when deployed into a ginormous black hole that will take decades to recover from.
I can fully understand China not trusting anything coming from the US because it wouldn't be the first time the US administration sells something with a backdoor. (look for the story about Swiss Crypto AG if you want an earlier example)
The most immediate result of this policy would be that only second rate products would be offered to the Chinese, offers by people that feel so little confident about their product that they will happily give away the crown jewels to get a few bucks. There are better ways.
I suspect someone hasn't been quoted right. I'm sure they meant to say they would require full audits of any company supplying security gear, and that company should be in a trusted nation (if such a beast exists, but that's my theory).
They could combine that with what a large quantity of Arab banks have done over the last few months: eject everything US sourced. I've heard of banks even throwing out Messagelabs because it's American (no kidding). No idea if that led to an upsurge in Linux desktops, though..
The thinking behind the demand is good. Implementation, however, could be better.
Insert
Why would I buy security equipment from a company who gave the source code to the Chinese government?
The tatoo artist down the road is tatooing 'Idiot' on peoples forehead for free - that sounds like a better option.
I used to work in a CE firm that manufactured in China and sold across the world - reverse engineering was a particular problem and IP protection was the talk of the day.
And now they demand source code? Well I can assure you that it will *not* happen.
I hear Hungary and eastern Europe are offering particularly cheap factory sites - and this might persuade some firms to relocate.
Honestly you cannot make this stuff up. I suspect they will allow manufacturing in china of export goods with no access to source code (to protect their national growth and wealth), but only "approved" population control devices will be allowed to be sold inside China (to spy on their own citizens) - it's control freakery gone mad. This would allow them the best of both worlds, after all its no secret that China has various special economic zones (and they are huge) to allow export factorys to undercut everywhere else in the world - so they just make export rules different.
We really are a joke to them, I remember the hilarious conversations we used to have about IP in Shenzhen with the local engineers, they have no concept of it at all. Its all fair game if they can work out how we did it. Of course, that never stopped them abusing our own system by buying as many patents as they could and hitting us over the head with them on one side, whilst copying everything we did on the other. And now they will try and demand the source code as well? No matter what safeguards they pretend to employ corruption is a business tactic out there and the information will be just another market to exploit. I remember sitting at a conference table with out local contact (who we found out was also employed by the client) taking both sides of the argument as well as two pay checks, literally forwarding out confidential information to competitors because they paid him to do so. NDAs, contracts and so are meaningless.
Yes I am rather bitter and annoyed about it years later, and I accept that they are probably not all like that and things *might* of improved.
What makes you think the source code will be publically available outside the government (and perhaps select "partners" who will help them "understand" the source code?)
So you would have no issue if Bush, Blair, Putin or any other government figurehead demanded that companies hand over their source code?
Comparing RMS to the Chinese government is apples and oranges. Our culture/society is based on the idea that we are free to choose (albeit, sometimes with consequences) many facets of our lives and businesses.
I, personally, believe that open source is a better process from a software development standpoint. That being said, I also respect that companies are free to choose their licensing and business models as they see fit (within reason, of course). RMS is saying that he wants the source to be free, whereas the Chinese government is demanding it.
Isn't this the same country that has been sending picture frames with viruses embedded to infect USB drives attached to them? They're making demands without having the common courtesy to pretend to have the moral high ground. Of course, that's just my opinion; I could be wrong.
If I mod you up, it doesn't necessarily mean I agree with what you've said, sorry.
If you live in a world where you believe everyone has the same motives, well then I hope when you get burned by that view it is in a way that doesn't hurt you too much. People are perfectly justified in calling in to question the motives of various entities. For example if your family doctor tells you to remove your clothes because he needs to perform a complete medical check, I think it is reasonable to trust him. His motives are most likely pure. However if a random guy in an alley with unkempt hair and a crazy expression asks you to do the same thing, I'd say you should probably question his motives, lest you end up getting hurt.
You are also mistaken that various governments haven't seen the source to commercial products. Microsoft, would be an example. The Windows source code isn't secret. It isn't public, but it isn't secret. Many organizations, including universities, have it.
The reason people find China's proposition scary is because of their track record. For example if you search around on the web you'll find that counterfeit Cisco gear form China is fairly common (often called 'Chisco'). It looks similar to real Cisco gear, but it of inferior production quality, and is of course unsupported. China has a very poor track record with regards to ownership laws and thus it is reasonable to call their motives in to question.
There's also a big difference between believing in open source, and believing in ripping people off. Let's not pretend that it doesn't take a lot of work to write good code. If you want people to be able to do that work as a job, they need to get paid. However if what you support is for company A to spend lots of money writing it, and then company B to just rip it off and give nothing back, well you'll find that doesn't work. Open source works only when everyone contributes. If you have a bunch of people/companies that spend a lot of time and money to make something, only to have it ripped off, well they can't afford to keep doing it.
So the problem isn't with a government wanting to see source code. I think you'll find that the US government verifies the code for anything used in critical systems. The problem is that the Chinese government does not have a good track record on this kind of thing. Thus I (and others) question their motives. I don't believe it is really about openness. I do not question RMS's motives. I believe he really just wanted openness.
You know, it's not like Chinese companies haven't been at the top of the list at gpl-violations.org pretty much since energy began condensing into matter.
Don't buy Chinese equipment unless it comes with full source code.
Could this broaden with time to include, non-security software or even Operating Systems? If so, Microsoft could find it's way out of a LOT of sales, not that most of the copies of Windows in China are legal...
The Chinese government is well within it's rights to make decisions regarding what goes on within it's borders. Infact, the whole purpose of a government is to put the interest of it's own country first above the interest of any foreign power.
In this case, seeing the source code of electronic devices being sold in China is very much in their interest, why should the chinese government trust foreign corporations to supply black box equipment when they have no idea how it works? There are many people who boycott products, at least in certain areas, where they don't have source code... I wouldn't run an internet facing server on anything for which i didn't have the source for many reasons.
If you don't like it, noone is forcing you to sell or manufacture your products in china. If you don't like their rules, go somewhere else... If you want to take advantage of the large customer base in china, as well as the cheap labour costs then you have to play by chinese rules.
Ofcourse, this policy is also beneficial for those companies who already release their source code, since they're already compliant.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
They are doing by legal fiat what the open source community has failed to do through voluntary cooperation, namely, boycotting products that don't provide their source code. Ironically, this autocratic move could be a boon to open source.
Wha wha whaat? The open source community says:
... that looks almost exactly like the one from Germany, bases on the very same technology. That's your altruistic Open Source project right there.
"Hey we're writing tools, everyone should be able to participate so we release the code for free"
Companies say: "We build specialized applications and machines that would ruin us if everybody knew how we do it, under no circumstances will we give away the implementation of X that we've spent millions of R&D on."
So you say the second one will be happy to give it's source code to the Chinese? You must be bleeding from both eyes right now.
The reason why China does this is clear: Cheap technology, you cut out the research and development costs and go straight to production. That's what they mainly do anyway, all the stuff we send there to have produced cheaply now backfires. You got the manpower and the facilities all you need is something to build. They did the same thing with the Maglev train from Germany. They send engineers to work with the ICE speed train team, the team went to China to do material research and quality checks etc. and once the Chinese had enough the contact was interrupted and a couple of months later they introduced their own Maglev train
*shakes head*
Because its not. The Chinese Government wants the source code for themselves, not to share it with the public. So don't you dare try and compare this to anything RMS would say. More than likely, the Chinese government is going to use this to spy on its users.
It sorta makes me sick. Makes me really wish the Chinese government would fall.
...there's not much we can really do about this. Soon, if not already, they can either buy the manufacturers or just make their own stuff.
N.B. This really has nothing to do with Free Software or Open Source Software. They want the source, but aren't planning to release it generally.
"Not an actor, but he plays one on TV."
"Expect to see more Sorny goods if this goes ahead!"
Maybe not. Maybe: "Expect to see a lot of counterfeit products labeled Sony, in the same kind of packaging Sony uses."
Ever since the days of the DOS operating system, when it was only the Taiwanese who supplied computer parts, the Chinese have been extremely dishonest. They would deliver computer parts until a distributor got established. They would get paid when a load was delivered to a ship in Taiwan. But, the would eventually deliver a huge load of junk, stuff that had failed testing but had been saved for that purpose. That would put the U.S. distributor out of business.
At the same time, there would be a Chinese distributor in town that just began doing business, selling the same items.
Now that everyone has paid to build factories and complicated procedures in China, they are very vulnerable to Chinese control.
Here are a few stories, chosen from thousands. The Chinese governments, in Taiwan and mainland China, have always pretended to be interested in stopping counterfeiting:
FBI and Chinese seize $500 million of counterfeit software.
Dangerous Fakes: How counterfeit, defective computer components from China are getting into U.S. warplanes and ships.
YouTube videos about Chinese counterfeiting
The World's Greatest Fakes: Chinese Copies Are Making Their Way Back To U.S.
Heparin Find May Point to Chinese Counterfeiting
Chinese Product Counterfeiting Causes US Job Layoffs
A hacker worth his salt should be able to exploit any kind of technology. All the rest of us demand is openness on the part of technology makers that are already protected by patents. Typically the path of least resistance is the easiest to exploit. China, as an outsider in to the rest of the world, is suspicious of the rest of the world so why shouldn't they demand transparency. As a positive side effect it benefits the rest of us and the FOSS movement.
The chinese government opens it's borders to foreign companies if they are willing to share the blueprints of key components of that industry. They have demanded construction blueprints, machinery schematics, manufacture process information and even end product components. They, meanwhile, have used that information to develop their tech grasp and have incorporated those designs on native industrial enterprises. That's the secret behind China's ultra-fast development and the main reason behind the plague of chinese knock-off products.
This is nothing different. It's simply another step in the ladder. They developed (stole is more appropriate word) enough to have gained the capability to produce advanced electronic components like processors and now they are refining that knowledge and taking the next step. Get ready for a capable dragon chip.
It is only a matter of time (probably not even 5 years) before China becomes not only self-sufficient but also competing for the lead in the world's high tech industry, all thanks to capitalism and the good folks who brought you the globalization and outsourcing experience. Were all those cheap goods worth the loss of western values like democracy and freedom of expression?
it's the first thing i thought. this might not be about viewing the source to check for security, in fact it can't be - any software is going to have security flaws in it. i think this might end up meaning a chinese special edition, complete with government backdoors. face it, that kind of thing is right up their alley.
If you mod me down, I will become more powerful than you can imagine....
So sell with what demands they make.
Just because they can get the western world to bend over and take their EULA reaming, doesn't mean that everyone else must.
And such devices would be copyrighted elsewhere, so if they did use the source code in their products for export, they can be banned quite easily.
And, if they use them for internal markets only, then they can ignore copyrights ANYWAY because copyright is granted by the country. And do you think that China COULDN'T reverse engineer your product and take its "secrets" with it anyway? That way you don't even get the sales.
So why are you so pissy with China NOT sucking the cock of corporates with software?
But we aren't just talking about drivers here, I imagine we're talking about hardware description language code as well.
Now the companies providing said hardware are in effect forced to open source the drivers of their products. This might very well result in linux support from manufacturers which previously refused to support it. On another note: Microsoft hates this, simply because Microsoft's control over the market gets damaged by this (Something China wants to happen).
Oh, you can't because you make this assertion based on being impossible to be proven wrong (unless we invent a time machine).
Way to go!
I would say that if last month you posted a "MS is wonderful and Vista is the best by far" you'd be bumped up into +5 territory almost immediately because your other MS workers in the same cube has been told to do it.
Using free software is probably the easiest/safest way for many companies to comply with this ruling. Everyone wins.
Look out!
And you thought China won't bother to flex its muscles?
Now, when US is very vulnerable. Reap what you sow.
- Arwen, I'm your father, Agent Smith.
- Well, you're just Smith, but my father is Aerosmith!
Now that's finally someone who gets it. Apparently, Chinese want to take security seriously and finally say out loud that having black boxes managing your network is not the way it should be done.
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
"An outsider would see the US govt's complete lack of dealing with mass scale copyright infringement as collusion."
I agree. It probably is collusion, because of U.S. government corruption.
Easy. You can supply obfuscated source and claim it is the original. Some of the source code I've come across has looked like it was run through an obfuscator anyway.
These posts express my own personal views, not those of my employer
How is this an example of Prisoner's Dilemma?
I see the game like this:
5,5 0,2
3,1 0,0
If Corp A and China uphold their end of the deal, then everyone benefits modestly. I'm calling this a (+5, +5) benefit to both parties.
If corporation A cooperates with the Chinese Gov't and release the source code and China "defects" by making knock offs, Western Corporations are hurt, and China gains immensely. Big fat 0 for A, +10 to the Chinese. However, I factor in China losing the trust of other companies for a short term gain; thus they lose immensely in the future, since no one will want to cooperate again. I am calling this 0 benefit for Corp A, and a very modest +2 gain to the Chinese.
On the other hand, If China cooperates, and western companies don't sell the Chinese goods, western companies still benefit from sales elsewhere, and China suffers marginally, but still gets by doing there own thing. (+3, +1)
If neither party cooperates, corporations can still make money else where, and china suffers. This is a wash (0, 0).
So, in fact, this is the OPPOSITE of a prisoner's dilemma game. It isn't a dilemma at all...since everyone has the proper incentives to cooperate with each other...the Nash Equilibrium is stable at +5, +5 since this is where everyone is maximizing there utility. A defect costs way too much in the long term and in a game that is played more than once.
... using melamine and other toxic chemicals in not only their exported foods, but their domestic foods.
An important exception I forgot...
C - the footgun of programming languages
I say fuck China and the WTO. Leave the WTO and tax the hell out of any imports so that it's cheaper to make it domestically. Go back to strictly individual country by country trade agreements where both sides can agree to mutually beneficial trade.
Sounds like the world is richer by a few trains then...
Why is that so bad?
"The majority of the "fakes" are misapplied trademarks."
You ignored the stories linked in the grandparent post.
Here's another link, about deliberate poisoning of food to make more money: Filler in Animal Feed Is Open Secret in China.
And another: Melamine in pet food may not be accidental.
Maybe simply the Chinese want to make sure no spyware has been put by the Americans... Not like a NSA/CIA-big_american_corpo secret deal has never been seen.
I prefer Panaphonics.
Do daemons dream of electric sleep()?
He said, boy, never trust anything without the source. I think he was ahead of his time. He was chinese, before the communism came, in the long, long time before.
Ok, I often think that the anti-China hype is a lot of hot air propaganda intended purely to turn China into the new Russia-of-old but this is just daft. Yeah. Right. Hand over source code for all hardware. Sure. Let's get right on that.
Even if this wasn't from the Chinese government which, even in the best light, is a not-good government, and was instead from some "good" government that really did want the best for citizens, this would still be a bad idea. They may really want to use the source code for beneficial reasons. They may want to use the code to make sure people are safer and the world is a better place. But, people run the government and people are notoriously stupid. All it takes is one government employee with their head up their ass to accidentally leave the harddrive with all the source code in their unlocked car and have it be stolen or some other daft and moronic way of having state secrets slip into the hands of the unscrupulous. This is a situation where the motives of the government (which, of course, are going to be suspect at the best of times) don't matter in the least because the competency of the people who make up the government ensures that this is a "very bad idea"(tm).
...to finally get much hardware to work with Linux.
I'm sure you know how much gray channels have their source in China. The Russians provide the cracks and the Chinese supply the world with cracked versions, or so I'm told.
So if someone in China leaks all that source... an you can be assured that it will leak... then we can finally understand the interfaces and implement the drivers.
My hope is, that nVidia, AMD/ATi and intel will decide to still sell to that market and give them the source. Then when they notice the leakage, it's already too late, and 1. we have enough information to implement fast graphics card drivers and 2. china will develop knock-offs for their own market, which then strangely find themselves for a fraction of the price, in your local computer store.
Oh, and hopefully, nobody tries to go to war over it, or we might be fscked. But hey. at least we all finally got our 8x dual-chip-card Crossfire setups at home.. in our bunker basements. :D
Any sufficiently advanced intelligence is indistinguishable from stupidity.
So, you want to take advantage of cheap chinese labour, but don't want to pay the "hidden costs" of using chinese labour?
What part of "I hear Hungary and eastern Europe are offering particularly cheap factory sites - and this might persuade some firms to relocate." did you miss?
Products expected to be subject to the system are those equipped with secret coding, such as the Felica contactless smart card system developed by Sony Corp., digital copiers and computer servers.
All of these have DRM built in, either explicitly or in things like the anti-counterfeiting code in copiers. Are they targeting all software, or do they mainly want to be able to bypass DRM restrictions?
I feel disturbed by the news. I view this as a suicidally silly move.
Remember, you are *trading* with foreign guys. When you trade, play fair --- or at least *appear* to be fair. You blatantly demanded everybody else to hand over you the source, so now everybody else can claim the same thing over you, or even more.
By the way, I am rather suspicious at TFA (yes, I know this is Slashdot and nobody cares about it). It was posted on the website of Yomiuri (Japan's number one newspaper) but I can't even find which guy on earth wrote it. TFA also failed to make clear reference to the source of the story and use cover-all phrases like "the Chinese government said ..." or "according to the source" without telling us where the source actually is. It is so obscure that I highly doubt its credibility.
Colorless green Cthulhu waits dreaming furiously.
As China is taking over the spot for the #1 economy on Earth, it is starting to change the rules of the games. Simple like that. Just like all #1 economy used to do it in the past.
Former #1 economies won't really like the new rules of the game and probably China will not offer the same what she demands. It's obvious, that sooner or later the #1 economy will transform from copycat and will start to produce the original cutting edge products and it is yet to be seen if China will open up the "source code" to others, as she demands now. My bet: no way.
China is demanding this from the #1 economy position at a time when USA has managed to screw up completely her own economy. It's amazing, how the USA made the similar mistake within two decades what made the fall of the USSR, by destroying their very own economy, even if they did it with different kind of stupidity.
It is a real concern of course, that the #1 economy is a Communist political system. The former #1 economy made great deal of efforts to ignore this fact and say that changing economy in China will change the Communist political system. Well, Wall Street collapsed while the Chinese Communists have not even blinked.
"i have this nice shiny ipod here..."
---- Booth was a patriot ----
People who post these so called "news" - have some common sense.
So Intel/AMD can't sell CPUs in China anymore because they have to give the source code?
What is China going to use???
Same goes for a lot of other things.
Stop degrading this lovely site for posting naive and flame bait stories.
even if you try to just stay within the US, the stuff you invent and make and market will get cloned rapidly and start to be sold here at half price. No way to avoid it either. It put my boss out of the inventing business for the most part, he used to design and patent specialty tooling and devices for agricultural purposes, he gave up some years back, he said sometimes it was a matter of mere weeks or a couple of months before clones of his devices appeared on the market, once he started shipping. They must have a huge effort out there to buy and reverse engineer new products. Now all he does is prototype until he gets a good model, call his old established customer base and get pre orders, build exactly that amount, then that's it, no more. He doesn't even bother with either a patent if applicable -he calls it pissing away ten grand for no reason to get a patent now- nor larger mass production because of that short window before the chinese clones show up. For all practical purposes that has put at least one good domestic manufacturer out of business doing that stuff, because we have no controls at the border and all the trade treaties are routinely circumvented. And this isn't crap software or business process stuff, these are real tangible and practical goods. It is stifling invention and progress to the detriment of our own society.
How 'bout if everyone else on the planet (ha! as if...) would demand, en masse, the source code of all Chinese products, including virtual (i.e. network-delivered or resident) products. I'm not talking about items built in China by non-PRC entities, but Sino-designed and constructed products. No source, no import license.
Of course, the practicality of this is non-existent - Americans (especially, but not exclusively) are addicted to cheap 5h1t, and the only source for that right now is Zhngguó.
The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
I hope they make it a requirement to not just disclose the source to them, but to everybody. It should be every consumer's right to know what the thing they're buying does with their data.
Security threat? Bullshit. For security, use encryption. An encryption algorithm that isn't open source is defective by definition, because it evades proper peer review. All experience shows that closed source isn't more secure but less. And vulnerabilities are found the hard way: not by testing the code, but when the exploit hits.
I have a feeling a number of people will have very harsh sentences for this one. I don't know Chinese law, but wilfully causing the death of so many people may lead to the death penalty. After all, they didn't exactly care about killing others either.
The Chinese have to build trust. The morons who have done this will be dealt with, I'm sure.
Umm, you write as if you believe that industrial espionage is only inbound in China.
Why do you think the US likes to tap as much of the world's communication as possible? I hope you don't buy the myth that this is exclusively to look for Osama buddies..
AFAIK, about the earliest example of IP theft from China is silk production, but I may be wrong.
Back to the topic: I think what China is asking for is unrealistic if they really need good products. I can see what they're trying to achieve, but nobody with a REALLY good product is going to do this because that's commercial suicide in more ways then one.
Insert
What are you talking about? First, ICE isn't maglev. It's a conventional high-speed train, known for some devastating train wrecks because of sloppy quality control. Not exactly cutting edge anymore.
The Shanghai maglev train was built by the German Transrapid consortium (Siemens + ThyssenKrupp). It's the only successful implementation of a Transrapid worldwide. Germany will probably never get one, because of corporate price-rigging that went too far, plus an accident that had little to do with the technology. So Transrapid must be thanking the Chinese on their knees. They would be out of business without them.
Don't give those snakes-in-the-grass a damn thing they ask for-you WILL regret it. The Chinese authorities are well known for saying one thing and then IMMEDIATELY doing the other.
Well, leaks will happen, but I think it is more the other way around. If you need to give away the proprietary source to a potentially insecure organisation, you may decide that you will just skip that market. OTOH, you will really want to figure out how to get access to a maret that big. Then, suddenly one of you engineers shows up to work one day bragging about how he got Linux running on your FooBocker 9000b, and you realise you can ship to a major market and not care about giving away the source code.
Net win for open source.
Comment removed based on user account deletion
Their goddamned fucking xenophobic totalitarian government is to blame for the fact that they can't innovate anything competitive on their own, so of course they have to resort to ripping everyone else off and flooding the world market with their substandard ripoff crap. What's worse is that not only would giving them source code to everything make it easier for them to eavesdrop and control their own citizens but also to attempt to destabilize the economy of the free world as well. All this on TOP OF trying to poison us, our kids, and our PETS for fuck's sake. The U.S. may be pretty corrupt and fucked up right now, but we're Amateur Night compared to the Chinese government. Oh, and by the way: The rest of the world shoudn't let them get to the Moon -- because the bastards will try to claim it as their property, U.N. or no U.N.
You show me yours and I'll show you mine...
Two of my imaginary friends reproduced once
Personally, I think everyone should demand the source code. Most people won't be able to use it, but without the source code they are at a severe disadvantage in getting bugs fixed.
And "everyone" includes China. I may not trust their intentions, but their request is reasonable. I don't trust closed source applications or products either. I just have less leverage.
I think it's reasonable to not trust China. I don't trust any government's intentions, and few corporations...and those only at a single point in time.) Individual people can be trustworthy. Organizations can be trustworthy only if they are controlled by a trustworthy individual, and then only for as long as that person remains in charge, and only to the extent that that person prevents his subordinates from acting in an untrustworthy manner. This is difficult, and requires the development of a strong corporate culture...note that this is like one of the problems of evil. It's immensely more easy to destroy than to build. Equally it's immensely more easy to have an untrustworthy organization than a trustworthy one. Just, e.g., allowing the sales department to put selling before honor will do so...and that's what salesmen WANT to do. Especially if they're on a commission, but not only then.
I think we've pushed this "anyone can grow up to be president" thing too far.
I don't consider the Chinese demand for source code to be a moral position, but rather a self-serving one. I just happen to think that EVERY customer should have the right to make that demand.
If China wanted to make a moral demand, then they would have required that every device that was sold in China should publish it's source code openly. That would have been a moral statement. Not sure I would agree with them, but it would have been taking a moral position.
RMS took a moral position. I happen to agree with the moral position that he took, which is that customers should have the right to the source code. If he had just re-implemented the printer driver for his own use, or reverse-engineered it, then it would not have been a moral position, but merely a self-serving one.
N.B.:
1) Self-serving isn't particularly bad. Not in essence. It can be, but that's an independent argument, and it's bad for other reasons than for being self-serving.
2) Self-serving also isn't particularly good. It can be, but that's an independent argument, and it's good for other reasons than for being self-serving.
To say that something is done for self-serving reasons is to say that it's done without taking a moral position. Things generally aren't that clear and separate, especially when organizations are involved. Some people in an organization are usually taking a moral stance, while others are acting in a self-serving manner, either for themselves or for their organization (and thus, indirectly for themselves).
I think we've pushed this "anyone can grow up to be president" thing too far.
I'm sure most, if not all, of the source code will not be "allowed" to be publically available.
I would assume most of the source code would be given under something like a commercial license with source.
Something similar to: This source code is licensed for use only within said organization, and is not to be distributed outside of said organization and only in proprietary product X of said organization.
because once the corps see their ip protection is worthless they are likely to go the open source route and build protections via other means. you cant steal whats open source. you cant sell in target markets (read: the western world) if whats open source is also patented.
if your only protection is closed source youre DOA. this is why im an advocate of putting FPGAs into every devie and having it programmed once it reaches western shores. good luck with reverse engineering an FPGA built specifically to resist such attacks and good luck trying to sell patented goods in western countries.
They'll buy your hardware (with that source code) just one time. Then, given the source code, they'll clone the hardware, produce their own, and effectively put you out of business.
Don't do it. It's bad enough that they'll back-engineer both the hardware and the software and firmware (by disassembly if nothing else). You only make their job easier by giving it to them.
So don't. At least make the thieving bastiges work for it.
And every developer who looks at the sources is from that point on considered tainted, and completely ineligible to actually contribute to said projects. The only way would be to essentially sacrifice someone to write up a spec based on the stolen source code, and even that wouldn't be safe. If it were, I'm sure that WINE would be a lot farther along due to the availability of Windows source code.
If you want to deal with the legal disaster that would result in outside of China, sure.
Yes, what better way to encourage the development of future graphics cards by fucking over the companies that put in the time and effort to develop the chips and boards, than to buy bootleg knockoffs. That'll show them, thinking they were doing something valuable by investing in research and development!
Of your list of vendors, only nVidia does not contribute documentation to X.org. Intel's drivers have been open-source and vendor-supported for a while, and although it might be interesting to peek at AMD/ATI's driver source, it would not be very helpful in the long run, since most of the cards' structures are already documented. (Also AMD has committed to giving us documentation as fast as they can get it to clear legal review.)
The main things standing in the way of speed are KMS and GEM, both of which are currently in the process of migrating into the main kernel.
Oh, and finally, chipset prices are already falling thanks to AMD's refusal to fix prices with nVidia's offerings. Go take a look for yourself. :3
~ C.
Sure I was talking about two different trains to begin with. They worked hard on gaining info on both. I was talking about this in reference to the ICE: http://www.imagetours.de/wpblog/2008/05/04/chinesen-haben-den-ice-3-langst-kopiert/ (German).
Well they still handed over this technology despite knowing about things like the above. I can only hope they charged them a lot of money for the Shanghai Transrapid. But since it's Siemens and Thyssen I am not at all worried that they undersold.
...that the Chinese have come up with in ages. If only our stupid government were half as smart.
They will eventually dump their US bonds and wreck the dollar.
Granted it will hurt them too.
The real question is will the Arabs or the Chinese be the ones to trigger the crash of the dollar?
The next question is how many weeks later the Euro will crash.
I'm guessing around 2015 and less then one.
They know we are scheduled to turn the printing presses up extra extra high in 2017 (SS 'trust' fund starts being 'tapped') and will crash our currency before we can do it to ourselves. The European union is also unable to control it's members use of the printing press and they mostly have unfunded retirement obligations to their baby boom.
IIRC 2015 is also about when China will become China's #1 customer.
I'm investing in rural land, steel, brass and copper jacketed led.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
http://www.yomiuri.co.jp/dy/business/20081006TDY07301.htm
Are you fucking kidding me? this is ridiculous. We need to realize that china is slowly earning control of our lives and economy through our own stupidity! Get a brain and say FUCK YOU CHINA
Practically everything for sale in China is a ripped off copy. I think most companies would respond to that threat with a "Yippee".
An engineer who ran for Congress. http://herbrobinson.us
The source code will be made publicly available in many cases because once its released in China, where it will be widely pirated and exploited to produce competing products, there is very little to be gained by keeping it secret elsewhere. So companies might as well just release it and let the open source community do their debugging for them.
Of course, not all source code will be released, but this shifts the balance a lot toward release.
China is concerned about firmware because of backdoors that can be placed in it to undermine security. There is a reason they are so paranoid about this, it's because they sell US products that contain the same backdoors.
A Japanese newspaper and the AP report that China plans to demand source code from hardware manufacturers, and ban the sale of products from companies that don't comply. China is calling this an "obligatory accreditation system for IT security products."
What I would immediately suspect is that China knows quite well that is is possible to put back doors, sniffers, and data sentries in firmware and the end user will never know.
Remember that, the next time you are concluding a frantic night's work on a breakthrough process on your Lenovo PC.
Orwell: "In a Time of Universal Deceit, telling the Truth is a Revolutionary Act"
[We've sold software for years, all over the world including the most unlikely of places, seemingly everywhere EXCEPT CHINA. Take the hint. ALL thieves, no exceptions. And no that's not just our experience, that's software-industry wide.]
It's a developing economy which has very little of its own Intellectual Property, so what's the incentive to enforce IP laws?
This is very similar to the US in its early days, is it not? I hear that a business man named Thomas Edison, although coming up with many ideas himself, also became very rich by ripping off the ideas and work of people elsewhere before they'd had an opportunity to do so themselves. (example here). Gilbert & Sullivan had similar issues getting copyrights recognised and enforced in the USA, and had to go to great lengths to stop people performing verbatim (or sometimes sub-standard) copies of their works and taking lots of money from it before they'd had a chance to cross the Atlantic and make the money from the work themselves.
Now that the USA is the source of large amounts of intellectual property that gets sent around the world, rather than the user of other people's ideas, there's a much higher incentive for it to insist on other countries' cooperation in enforcing it's citizens' IP ownership.
So, the USA and other western countries could either wait (or even try to encourage the development of IP within China), or it could stop doing business with China until China changes. China's another country, IP laws are artificial constructs anyway, and there really needs to be an incentive for Chinese people to take IP seriously. Give China its own IP as well as ability and reasons to create more, and it might actually have a reason to respect other people's.
This seems to be significantly less nasty than the US using its global monitoring network to intercept commercially valuable information and supply it to its own companies for gain..
You guys are just pissed that China is big enough to throw some weight around also - if you dont like it, dont sell your stuff there. Its their dirt, and it would have to argue this voilates any human rights, so whats the problem?
'During the Clinton administration, NSA agents monitored Japanese communications during auto talks and French communications during talks on world trade.'
'An office was created within the Department of Commerce, the Office of Intelligence Liaison, to forward intercepted materials to major US corporations.'
http://cndyorks.gn.apc.org/mhs/mhscommerce.htm
http://www.papillonsartpalace.com/clinteons.htm
The same thing has been happening in the United States for a while now. When you enter the country the TSA has the legal right to inspect all digital data that you are attempting to bring into the country.
One could argue that handing over data in some official capacity is better than handing it over to some random inspector at the airport.
geekmux said: "I sure as hell don't see people boycotting Coca Cola products because they haven't revealed their secret formula to EVERYONE"..
I haven't seen one instance of someone cracking Coke's secret formula and using it to break into a system -- nor have I once seen a buffer overflow or backdoor or just stupid program error in Coke's formula cause billion dollar threats to the internet.
It's real different -- code that goes into computers doesn't go through testing like food or drug products -- as corrupt as drug testing is, it's orders of magnitude more testing than every line of code in a product goes through before being released in a closed source product.
If food and drugs were sold like code, they'd cause fatal lingering diseases that required you to buy a lifetime supply of "patch" drugs from the manufacturer...
> and although it might be interesting to peek at AMD/ATI's driver source, it would not be very helpful in the long run, since most of the cards' structures are already documented
Yeah. As far as I know it only misses the most irrelevant part: The 3D- and video acceleration interfaces. Very useful... </sarcasm>
I'll look up KMS and GEM. Thanks for the tip.
About the prices: I hope, this also happens to the graphics card market.
By the way: Shouldn't nVidia be punished for even offering price fixing?
Any sufficiently advanced intelligence is indistinguishable from stupidity.
If you want to deal with the legal disaster that would result in outside of China, sure.
What legal disaster? If you create drivers for a card, and they work, this means shit. First nVidia would have to prove that you posess(ed) that source code. Good luck with that! Then they would have to go to the one who *broke the license*! Or do you still live in **AA wonderland, where downloading is illegal for no reason? You should know that 1) The uploader gave you the right to use it how you please, by letting you download it without license, and 2) the uploader broke a *license*! This is still far away from breaking a law!
Oh, and the one who broke the license would be *China*! So good luck with THAT!
And your country being controlled by companies and making up laws does not change a thing for the rest of the world.
Get real!
Any sufficiently advanced intelligence is indistinguishable from stupidity.
Without going into NDA territory, there are acceleration docs for the r3xx-r5xx at http://www.x.org/docs/AMD/ , and r6xx documentation is currently pending legal review. Xvideo and EXA are done in Radeons in the 3D engine.
nVidia and ATI are currently being investigated by SEC and DoJ for price fixing and antitrust violation, yes.
~ C.
I haven't seen any Chinese companies disclosing their source code so that we in the US can feel good about their products. I think that they think they can do this because we want to sell into their vast population, but I predict that after we disclose, similar chinese products will appear, and those expected sales will not. A country with as little regard for copyright issues and pirate DVD and CD markets can hardly be depended on to do the right thing with our source code, and while we are at it, I would like to review the source code of the high end routers we buy from China that are being used to operate our network infrastructure.
They will be able to know if there are backdoors in the hardware. The will be able to known if there are backdoors in the software. They will be able to replicate and improve the hardware they have the design for. We may end-up will *all* hardware specifications (thinking of nvidia) for Linux. If those companies want to produce chips using the cheap money from China... they will have to pay the real price in another way... actually I think that would be fair.
Copyright considerations and concerns have been dealt with in other threads so I won't do anything more on that than accept that source code given to the Chinese government should be considered as compromised. In China's defence, they know very well that the US and other governments require their companies to allow their intelligence services access to their products....whether they admit it publicly or not. The illegal, warrantless spying that the US government has been doing via US network providers must be seen by China and anyone else as only the tip of the iceberg. It has effectively compromised all these companies and rendered their products unsalable to many foreign governments. The German government didn't move to Linux and away from Windows because they don't like Bill Gates. They wanted secure systems and they can't get that using closed-source software from a country with a government that has no respect for the law...be that country the US or China. Not much difference between them in this area.
Only boring people are ever bored.
Somehow I don't see Cisco doing this; their DoD and USG presence would preclude them to allowing that kind of backdoor penetration.
Oops, wrong thread.
You mean to tell me that they can install hidden malware into out hardware devices, but when we sell them items(we , i mean poepl that are not chinese) we have to show them proof that there are no hidden backdoors, smart....very smart grasshoper....now take stone from my hand!
Precisely. My argument is simply game theory. Some players will find it in their favour to give their source code to the Chinese. Once they have done that, it is much more likely to be advantageous to them to go fully open source. Since they have already sacrificed a significant portion of the benefits of playing the closed-source strategy, they are more likely to play the open-source strategy. In other words, the opportunity of foregoing closed-source is lower once the Chinese already have your source.
Communism 2.0