Multinational corporations have foreign policies, and the "home" country doesn't necessarily get special treatment: In an effort to curb distrust, in 2003 Microsoft signed a pact with China, Russia, the United Kingdom, NATO and other nations to let them see the Windows source code.
A couple of thoughts: 1) Possession of source code has limited defensive value unless you actually build your software from that source. Based on press reports the agreement does not facilitate local compilation. 2) Is it really feasible for a third party to audit the Vista source? The people involved seem to think so, or are at least making a show of it. I am dubious. 3) The utility of this 'pact' would seem to be primarily offensive. Consider: Microsoft has reportedly signed a new government security program source code agreement with China Information Technology Security Certification Center, allowing CNITSEC and other approved institutions to look over the source code and relevant technical data of Microsoft's products, including Windows Vista ,so as to improve their evaluation on the security of Microsoft products. The agreement is an important part of the MOU signed between National Development and Reform Commission and Microsoft in April 2006. Microsoft's Government Security Program helps government departments and international organizations evaluate the security of Microsoft products. CNITSEC previously signed an agreement with Microsoft on security source code in February 2003 and was authorized to check over the company's major source code and technical data.
From 2003: According to sources at the software company, China is the eighteenth nation to sign such an agreement to view Microsoft's proprietary source code.
Surely the number has grown since then. Craig Mundie's doublespeak: This program is an integral element of our efforts to help address the unique security requirements of governments.
Microsoft Forges 'Pact' With Cyberwarriors Worldwide |