Slashdot Mirror

← Back to Stories (view on slashdot.org)

McAfee Says It No Longer Will Permit Government Source Code Reviews (reuters.com)

Posted by msmash on from the tussle-continues dept.

Dustin Volz, Joel Schectman, and Jack Stubbs, reporting for Reuters: U.S.-based cyber firm McAfee said it will no longer permit foreign governments to scrutinize the source code of its products, halting a practice some security experts have warned could be leveraged by nation-states to carry out cyber attacks. Reuters reported in June that McAfee was among several Western technology companies that had acceded in recent years to greater demands by Moscow for access to source code, the instructions that control basic operations of computer equipment. The reviews, conducted in secure facilities known as "clean rooms" by Russian companies with expertise in technology testing, are required by Russian defense agencies for the stated purpose of ensuring no hidden "backdoors" exist in foreign-made software. But security experts and former U.S. officials have said those inspections provide Russia with opportunities to find vulnerabilities that could be exploited in offensive cyber operations. McAfee ended the reviews earlier this year after spinning off from Intel in April as an independent company, a McAfee spokeswoman said in an email to Reuters last week.

5 of 79 comments (clear)

  1. Re:Clickbait headline by Anonymous Coward · · Score: 2, Insightful

    Of course, the US govt doesn't need to review mcafee's source code, they already know exactly what back doors they have inserted into it, just like they claim Russia has done

  2. Re:Maybe if Russia stops meddling in our elections by Archangel+Michael · · Score: 4, Insightful

    You mean, stop bribing Secretary of States, former presidents under the watchful eye of the Robert Mueller FBI ?

    --
    Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
  3. The Antivirus War is On by cloud.pt · · Score: 3, Insightful

    This is interesting news, I didn't know Russia demanded this, but I guess they wised up before, well, the US.

    I do love the tongue-in-cheek from McAfee: they're blatantly trying to get the Kaspersky US market with the patriotic card by exiting the Russian one, and going backwards on the exact thing Kaspersky has stated they would allow from US!

    Now, in all seriousness - does McAfee really think they are gonna catch any market with this? Does anyone with a 2 digit IQ still install McAfee?

  4. Double standard, anyone? by Scarred+Intellect · · Score: 2, Insightful

    So it's OK for the US to audit Kaspersky's source code for hidden backdoors (and Kaspersky is highly regarded for offering it), but it's not OK for Russia to audit McAfee's source code for hidden backdoors.

    Because Russia.

    Did I get that right?

    1. Re:Double standard, anyone? by Frosty+Piss · · Score: 4, Insightful

      So it's OK for the US to audit Kaspersky's source code for hidden backdoors (and Kaspersky is highly regarded for offering it), but it's not OK for Russia to audit McAfee's source code for hidden backdoors.

      McAfee does not set the policies of Kaspersky as to if they let people look at the code. Whether or not it's "OK" for one company to choose one thing and another company to choose another thing is a false dynamic. Both can choose to do whatever they like.

      --
      If you want news from today, you have to come back tomorrow.