Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tech Companies Worried Over China's New Rules For Selling To Banks

Posted by Soulskill on from the worried-all-the-way-to-the-bank dept.

An anonymous reader writes: China is putting into place a new set of regulations for how banks interact with technology, and it has many companies worried. While the rules might enhance security for the Chinese government, they devastate it for everyone else. For example, not only will China require that companies turn over source code for any software sold to banks, the companies building the software (and hardware) must also build back doors into their systems. The bad news for us is that most companies can't afford to simply refuse the rules and write China off. Tech industry spending is estimated to reach $465 billion in 2015, and it's projected for a huge amount of growth.

31 of 127 comments (clear)

  1. Painted target by reanjr · · Score: 4, Insightful

    Those Chinese banks are going to be the target of a huge amount of hacking. It's like an invitation. We've built a way for you to take over our system. Please try and find it.

    1. Re:Painted target by Altus · · Score: 3, Insightful

      do you really think that the banks in the rest of the world wont have the same back doors? Even if they don't, any flaws they do have will be exposed to whomever gets their hands on the source provided to the Chinese (here is a hint, most of those people are probably not going to responsibly report the flaws so this is not a case of many eyes resulting in more secure code, but a few eyes finding ways to compromise code).

      I know the article says that these companies can't afford to ignore china, but really, if they all got together and said no, could china really afford that? They could always make their own banking software I suppose. Why don't we let them?

      --

      "In America, first you get the sugar, then you get the power, then you get the women..." -H. Simpson

    2. Re:Painted target by Captain+Splendid · · Score: 5, Insightful

      I know the article says that these companies can't afford to ignore china

      Well, big companies, like MS, Apple, Oracle, etc.

      When you run a small (or more local) business, one of the nice things is being able to avoid certain markets and customers. In fact, unless your future growth (and corresponding funding) aren't a lock, you have to avoid them because all they'll do is destroy your business.

      So if the big boys have to jump through ridiculous hoops in order to keep those profit margins sky-high, fuck 'em. That's how the game works.

      --
      Linux, you magnificent bastard, I read the fucking manual!
    3. Re:Painted target by gstoddart · · Score: 5, Insightful

      Because globalization is the directive, and you can't think this way and be a globalist.

      And what evidence do we have the globalization helps anybody except corporations who fuck the rest of us over in the process?

      Everybody acts like globalization is a good thing ... and unless you're a multinational corporation, I have yet to be convinced that's true.

      H1B visas are just large corporations cheating the system by bringing in cheaper labor from other countries.

      I'm of the opinion that globalization is a crock, championed by those who make money from it, and which comes at the expense of everybody else.

      --
      Lost at C:>. Found at C.
    4. Re:Painted target by hodet · · Score: 3, Insightful

      Ahh....thank you. A thousand times this. They could always....say no!

    5. Re:Painted target by unixisc · · Score: 2

      Precisely!!! The Microsofts, Apples & Oracles - they could remain profitable in the rest of the world, and just not report the sort of growth daytraders want. Leave out China, and let them decide what software their banks should use.

      Funny thing here - all the tinfoil posts about Snowden & NSA and big government getting our private data and being able to access our bank accounts - all of that here is actually true about China, which nobody can boycott

    6. Re:Painted target by jythie · · Score: 2

      The crux is 'all get together'. If you have X companies in the market and all but one say 'no', that one just got a lot richer, even if unity would have benefited everyone.

    7. Re:Painted target by Em+Adespoton · · Score: 3, Interesting

      ...until the point where that one company has its software totally pwned, all source code released to the public, and an overproportionate number of security holes and backdoors found.

      Suddenly, they're an industry pariah, not just because they were a scab, but because nobody can trust their prioduct anymore. The short term profit is not sustainable.

    8. Re:Painted target by ItsJustAPseudonym · · Score: 2

      ... if they all got together and said no, could china really afford that?

      Prisoner's Dilemma:
      http://en.wikipedia.org/wiki/P...

    9. Re:Painted target by Wootery · · Score: 2

      That is one of several things thing which makes the corporate system inherently evil.

      I'd have gone for "amoral" personally. Public companies are structured to chase profit above all else, not to deliberately pursue evil.

    10. Re:Painted target by Bob+the+Super+Hamste · · Score: 3, Interesting

      Hey not all globalization is bad. I personally like German cars, Swiss mechanical watch movement, French cheese and digestifs, Indian silk rugs, British TV, Swedish tools, Japanese and Korean electronics, Dutch toys, large Nepali knives, and Canadian winter boots. What I don't like is the race to the bottom type of globalization that seems to be happening with cheap crap products made to increase profits and would prefer globalization where it is a race to the top in quality.

      I don't like what I have seen with the quality going down on what once were great things because someone thought they could save a few cents per item by shipping manufacturing overseas. For example when I looked at small wire feed welders there were a bunch of highly questionable cut every corner ones around the $100 price point and in researching them they might work out of the box for some definitions of work and would likely fail in fairly short order all of which were made in China. From there to the one I got there was nothing but I ended up getting the smallest Hobart that while they cut corners (no thermal switch for the fan so it run all the time and the gas kit was separate but could be added if you didn't want to use flux core wire) it cost ~$270 on sale but came with a great warranty, was made in the US, is heavy as hell, and worked out of the box flawlessly for years.

      --
      Time to offend someone
  2. Reuse the code by sinij · · Score: 4, Funny

    No additional development is required, just reuse the code that was written for NSA backdoors.

    1. Re:Reuse the code by Infiniti2000 · · Score: 2

      No joke, that's the reason called out in TFA for the Chinese to do this.

  3. At least they are up front about it..... by Anonymous Coward · · Score: 2, Interesting

    US banks say "there is no backdoor" while waving their Jedi arms over our heads.

  4. Thanks NSA and others by houghi · · Score: 4, Insightful

    This is what you get for spying on each and everybody and infiltrating everything. So now they distrust everybody and (rightfully) are asking for the source.

    The result will be that they then will have the source and will do their own improvement and not coming back for more. This basically means that they can do one more deal by selling the software and then they will start selling the software themselves (including the backdoors)

    So the wise thing would be NOT to sell anything. However if just one company will sell, they are all lost.

    I am not even worried about the backdoor, because that was in there already.

    The next will be that they ask the source code for other software as well (Microsoft anybody?)

    --
    Don't fight for your country, if your country does not fight for you.
    1. Re:Thanks NSA and others by iMadeGhostzilla · · Score: 2

      More like, if one (Western) company sells, that company is lost. Because they will have to give away their source code knowing that any guarantees about it being kept private will mean exactly nothing, and might as well put it up on their web site. So unless they are already open source and live off of providing services, that will be the end of them.

  5. Sure they can by aliquis · · Score: 2

    Refuse and have the rest of us as your costumers.

    Just tell me whom to trust and whom to not.

    1. Re:Sure they can by Qzukk · · Score: 2

      Just tell me whom to trust and whom to not.

      "Trust us"

      --
      If I have been able to see further than others, it is because I bought a pair of binoculars.
    2. Re:Sure they can by gstoddart · · Score: 4, Insightful

      Easy answer: don't trust any of them.

      You'll be far less disappointed by assuming all corporations and government are lying, self-serving bastards who don't give a fuck about you, and will happily climb over you to get what they want.

      It's probably not far from the truth.

      --
      Lost at C:>. Found at C.
  6. I don't get it by oodaloop · · Score: 4, Interesting

    They want the source code and backdoors written in? Why not write your own backdoors?

    --
    Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
    1. Re:I don't get it by nikkipolya · · Score: 2

      Why not write your own backdoors?

      They want nothing but the state-of-the-art in backdoor technology, that was developed by NSA. They don't want to reinvent the wheel i guess.

  7. I'm sorry ... by gstoddart · · Score: 5, Insightful

    Sorry, but am I meant to believe the US government doesn't also insist on backdoors?

    Because they pretty blatantly want backdoors in crypto and everything else.

    So let's not pretend it's just China doing this ... every damned government is insisting on this crap.

    And, really:

    With these new regulations, foreign companies and business groups worry that authorities may be trying to push them out of the fast-growing market. According to the Times, the groups -- which include the US Chamber of Commerce -- sent a letter Wednesday to a top-level Communist Party committee, criticizing the new policies that they say essentially amount to protectionism.

    Boo frickin' hoo. You think China gives a crap about a stern letter from the US Chamber of Commerce? Or that they care if you have access to their markets?

    Other than that's the only way they can keep expanding indefinitely, what makes corporations feel like they're entitled to be in any market?

    I'm betting a bunch of the companies involved in this collective hand-wringing are already enabling the US government to have access through other backdoors -- so don't pretend it's even more terrible when China does it.

    If America is so concerned about backdoors and exploits in Chinese made products ... make 'em yourselves.

    American companies need to stop acting like they can tell countries where they do business what they're willing to do. Suck it up, you want access to the market you play by the rules. Just like they would have to do to do business in the US.

    I hear this crap and I just hear "Waaah, how are we to make a profit if you impose rules on us, woe is us, how will be maximize executive bonuses if there are rules?"

    --
    Lost at C:>. Found at C.
  8. One-Way street by Virtucon · · Score: 4, Interesting

    doing business with the PRC is a One-Way street, they'll absorb your technology, your techniques and your skills and will saturate your markets to kill off your own industries. We're in a war folks, it's time people woke up to that fact and stopped treating the Chinese Government as friendly.

    --
    Harrison's Postulate - "For every action there is an equal and opposite criticism"
  9. Give up the source? Ain't gonna happen by sirwired · · Score: 4, Insightful

    China can ask for the source, but I don't see any US firm agreeing. They certainly wouldn't care about China-only builds having back-doors; that I'm sure they'd agree to. But giving up the source? No way. If they do that, they know that the code will quickly be incorporated into products from Chinese companies and their sales will drop soon afterwards as the thieves sell their own versions for far less.

    1. Re:Give up the source? Ain't gonna happen by khchung · · Score: 2

      China can ask for the source, but I don't see any US firm agreeing.

      Sure, that automatically disqualifies them from selling to any China banks, which means all the money that would have gone to foreign software companies now go to local Chinese software companies, thus kickstarting their growth and eventually they will grow big enough to compete outside of China.

      It would not surprise me if that was the real goal here.

      --
      Oliver.
  10. Unbelieable by hyperar · · Score: 2

    Backdoors are there for everyone that finds them, not just those who requested them, i see major bank system hacks in the next few years.

  11. I wonder what the motive is by ErichTheRed · · Score: 3, Interesting

    OSS stuff like Linux and xBSD is already out there, and they can build their own back doors. Microsoft already gives companies and governments access to the source code for its products. I guess the mainframe providers (IBM, Fujitsu, etc.) are the only ones left that this would affect. That, and the network device manufacturers...I could definitely see Huawei getting a boost by being the only network device manufacturer allowed to sell to Chinese banks.

    I guess the question is why -- every country on earth spies on every other country and its own citizens. So, it's probably being done to boost domestic companies. One of the things that's really going to make China come out on top this century is their ability to do stuff like this...it's one of their greatest strengths. If they decide they want to do something, it's done with zero debate. Their big overarching project right now is a massive urbanization project -- just picking up millions of rural peasants and physically moving them to cities. Can you imagine the US or a European country trying something like that? It would never work, look how much people complain when a local government uses eminent domain to build a road or public works project.

    The summary is right though - companies can't ignore China. There are billions of people and a huge growing middle class, all with the full will of their government pushing through whatever is needed. There are always possible bumps in the road, but I'm assuming China will be the dominant superpower in a couple of decades just because they can make stuff happen that we can't/won't.

  12. Write different software for China by Nyder · · Score: 3, Informative

    Write different software for China and suggest to the rest of the world that they never use the Chinese version of the software.

    Problem solved.

    --
    Be seeing you...
  13. let us know who sells to china by WindBourne · · Score: 2

    Then if said company is selling to western banks, these should be avoided.

    --
    I prefer the "u" in honour as it seems to be missing these days.
  14. The markets will now force the opposite by davecb · · Score: 2

    Libraries and library systems are a major, long-term target of the security services and politicians. Those guys want to know if you read "Steal This Book", or in an older age, "Lady Chatterly's Lover", so they can blackmail you. The library community soon learned that it was smart to meet the most stringent privacy standards set by law. After all, you also can't afford to cheese off Germany and the EU and get tossed out of their market.

    Countries who would prefer to have back-doors have a hard time making a case for them, as they don't want be seen publicly trying to convince a company to break a good law.

    The same logic applied to all software: China has just encouraged all countries to demand open or at least auditable source, and builds that can be proven to be from those sources, so customers can be sure that the backdoors aren't in.

    Smart customers will insists on open source, so they can check themselves.

    --
    davecb@spamcop.net
  15. Re:Just say No! by Anonymous Coward · · Score: 2, Insightful

    The problem is Wall Street, which doesn't care whether a company is put out of business by Chinese competition next year if it makes a good profit this quarter.