funsec mailing list archives

Previous By Date Next
Previous By Thread Next

IT vendors cry foul at new Chinese security rules requiring built-in backdoors

From: Jeffrey Walton <noloader () gmail com>
Date: Thu, 29 Jan 2015 11:46:36 -0500
I suppose the Chinese are better than the US - they are honest and
forthright about their spying... They are probably saving boatloads of
cash, too (so they can buy junk US debt to keep they world economy
from imploding).

http://arstechnica.com/tech-policy/2015/01/it-vendors-cry-foul-at-new-chinese-security-rules-requiring-built-in-backdoors/

Last year, the Chinese government started laying out new rules for
technology products used by government agencies and banks, in part as
a response to revelations about the National Security Agency’s
exploitation of Chinese networks. Now, new rules for selling products
to China’s financial sector have drawn a protest from North American
and European technology vendors because of how intrusive they
are—including demands for back-doors into hardware and complete source
code.

In May, China’s State Internet Information Office announced it would
institute a “cyber security vetting process” for screening all IT
products sold in China. (The Chinese government also banned the use of
Windows 8 on government PCs, citing “energy consumption” issues). Late
last year, the government approved the final rules for vetting
technology sold to key industries in China.

The New York Times reports that the rules include a requirement for
turning over the source code of all software and firmware for
computing and network equipment to the Chinese government, and
providing management ports for the government to use to observe and
control the equipment. The rules for banking systems require that 75
percent of technology products used in the financial sector be “secure
and controllable” by 2019. Additionally, a new anti-terror law being
drafted by China would require all companies doing business with
Chinese citizens to keep that data within the country on servers that
could be monitored by the Chinese government.
...

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: