Latest in Gear

Image credit:

US bill forces tech companies to disclose foreign software checks

Companies have allowed foreign agencies to scour source code for vulnerabilities.
Share
Tweet
Share

Sponsored Links

LPETTET via Getty Images

Technology companies could soon be forced to reveal if they have allowed agencies in countries such as China and Russia to closely examine their software. The legislation -- part of the Pentagon's spending bill -- was drafted in response to a Reuters investigation last year which found that in order to sell to the Russian market, some software makers had allowed a Russian defense agency to hunt for vulnerabilities in software also used by some US government agencies.

The bill -- approved by the Senate in an 87-10 vote and expected to be given the go ahead by President Trump -- is designed to prevent US adversaries discovering vulnerabilities that could be used to attack government systems. In a statement emailed to Reuters, Democratic senator Jeanne Shaheen, who drafted the rules, said that the first-of-its-kind mandate is "necessary to close a critical security gap in our federal acquisition process."

The Reuters investigation found that companies such as Hewlett Packard, SAP and McAfee have previously allowed Russian agencies to scour software source code prior to purchase, in most cases without informing US agencies that it was doing so. However, they all claim that source code reviews were conducted in company-controlled facilities, where there was no chance of the reviewer copying or altering the software.

Nonetheless, some experts say the move could force companies to choose between selling to US and foreign markets. Considering the US government is known to make things hard for a number of software companies, they may end up choosing the latter. As The Software Alliance's senior director for policy, Tommy Ross, told Reuters, "we are seeing a worrying trend globally where companies are looking at cyber threats and deciding the best way to mitigate risk is to hunker down and close down to the outside world."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

NBCUniversal’s Peacock launches today: Here’s what you need to know

NBCUniversal’s Peacock launches today: Here’s what you need to know

View
Amazon sellers use 'collectible' label to dodge price gouging rules

Amazon sellers use 'collectible' label to dodge price gouging rules

View
OnePlus and McLaren have ended their phone partnership

OnePlus and McLaren have ended their phone partnership

View
Earth’s first off-world colonies will be built on soil

Earth’s first off-world colonies will be built on soil

View
Is there a good reason to buy the Apple Watch Series 5 ?

Is there a good reason to buy the Apple Watch Series 5 ?

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr