U.S. Congress Passes Bill Forcing Tech Companies to Disclose Foreign Software Probes

[DooKey]

Last year Reuters published a story that described how foreign defense agencies were given access to source code of software that was also sold to the U.S. military. These agencies were looking for vulnerabilities in the software and this knowledge could be used to hack said software. In response to this report, Reuters is reporting that the 2019 defense budget levies a requirement for all software developers to notify the government if they have allowed foreign agencies to review the source code. This is a welcome addition in my opinion and I'm surprised it took this long to create legislation to close this security loophole.

The legislation, part of the Pentagon’s spending bill, was drafted after a Reuters investigation last year found software makers allowed a Russian defense agency to hunt for vulnerabilities in software used by some agencies of the U.S. government, including the Pentagon and intelligence services.

 

[Cyraxx]

This might be welcome, but it shouldn't have been something that needed to be mentioned in the first place. Companies that would share their source code with ANY customers (be it government or another company) is absolutely retarded.

It's like having to put in requirements like "Don't stab yourself in the face" or "Don't zip up your pants and get your pecker stuck in it" it should normally go without being said... but some companies are so stupid they seemed to have joined the special olympics.

 

[PantherBlitz]

Disclose? They should be arrested for allowing this.

 

[Delicieuxz]

Disclose? They should be arrested for allowing this.

Why? It's how companies like Microsoft are able to sell in markets like China and Russia. Otherwise, those countries wouldn't allow their software to be sold in their regions due to espionage concerns.

Russian software developers, like Kaspersky, have likewise volunteered their source code for review.

 

[tetris42]

Disclose? They should be arrested for allowing this.

We don't arrest people in big companies anymore, we have the economy to think about.

 

[katanaD]

We don't arrest people in big companies anymore, we have the economy to think about.

of course we do!! its of course the newly hired intern.. that was of course responsible for the past years of issues.. but hey.. they found the guilty party