Submitted via IRC for BoyceMagooglyMonkey
The U.S. government is stepping up its sensitivity to foreign governments insisting on reviews of software company's source code.
The section of the bill that passed the Senate with an 87-10 vote stipulates that the Department of Defense cannot use any software product in a range of its systems unless the manufacturer fully discloses the software reviews by foreign governments that it has previously allowed or is under obligation to allow in the future. The language of the order is typically convoluted, and it does not include all foreign governments, only governments that are placed on a forthcoming list of cyber threats that is due within 180 days after the bill is signed. The president still has to sign off on the legislation, something he's expected to do, but you never know with this guy.
It appears that the section was prompted by a Reuters investigation from last year that found Hewlett Packard Enterprise permitted a company to review its source code for a piece of cyber defense technology on the behalf of the Russian government. The software is also used by the Pentagon. A subsequent report found that SAP, Symantec, and McAfee had also given the Russian government permission to dig through their code for software that's also used by the DOD.
Source: https://gizmodo.com/congress-votes-to-force-software-makers-to-reveal-if-th-1828064013
(Score: 5, Insightful) by jmorris on Monday August 06 2018, @06:19PM (2 children)
Instead of buying pigs in pokes and worrying whether somebody else got a peek in the sack and you didn't, just insist on open source and let everybody see what is in it and audit it. And if it can't be Open Sourced at least only buy Source code and build it yourself and audit it. Selling opaque binaries are merely an artifact of the way computers worked a generation ago, now they try to maintain that fell tradition by building obfuscators for scripting languages and shit. Enough. A copyrightable work should only be the human readable sources and binaries a "derived work" not independently capable of receiving copyright protection. Copyright and Patent protection are only permitted to "advance the progress of science and the useful arts" and closed binaries do the opposite and harm progress.
(Score: 1, Troll) by MichaelDavidCrawford on Monday August 06 2018, @06:40PM
You must be unfamiliar with Open Source.
Have you actually seen any lately?
I'm not talking about Richard Stallman's source. That's Free Software. Open Source is quite a different thing.
No, I'm talking about Eric Raymond's source.
Yes I Have No Bananas. [gofundme.com]
(Score: 2) by Azuma Hazuki on Tuesday August 07 2018, @12:13AM
Modded up. You've, for once, said something that makes sense and is at least tangentially related to the real world and the betterment thereof. Plz2do more often.
I am "that girl" your mother warned you about...