Feeds

Gates gives China peeking rights at Windows source

It'll be on ISOnews next...

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

Explaining Microsoft's Government Security Program a while back Craig Mundie intimated that it applied to practically everybody except Cuba and Iraq, and he even gave China as an example of a qualifying country. So Bill Gates goes to China and it's not exactly a surprise that Chinese participation in the GSP is announced. Hey, it's free, so why wouldn't they?

Microsoft has already had a couple of bites of the 'India signs up for GSP' story, although that one hasn't quite happened yet. But next trip, trust us. Where, however, is the beef this trip?

Aside from providing Bill with a handy auto-announcement which can be used on his travels, giving governments looking rights to Microsoft source code has other advantages. As we sourly noted earlier, the process of looking will tend to draw governments into the Microsoft kirk, and if they had previously been digging around on a freelance basis (not of course that we'd suggest China would do such a thing), then it's useful to Microsoft to have such activities to some extent 'officialised' and controlled.

We note that Dr. Wu ShiZhong, Director of the China Information Technology Security Certification Center (CNITSEC), himself comments that: "Microsoft's GSP provides us with the controlled access to source code and technical information in an appropriate way." Which is more what you'd expect the Microsoft rep to say while explaining why the company was giving China source access.

Microsoft's own explanation of the GSP makes it clear it has restrictions, although it's bashful about what they are, and it also makes it clear that it is intended to provide a jumping-off point for wider co-operation:

"The Government Security Program...is a no-fee initiative that provides program participants the ability to review Windows source code using a smart-card-based secure online access and subject to certain license restrictions. [which are?]... In addition to source access, the GSP provides for the disclosure of technical information about the Windows platform, enhancing governments? ability to build and deploy computing infrastructures with strong security technologies in place. The program also promotes increased communication and collaboration between Microsoft security professionals and program participants, providing opportunities to visit Microsoft development facilities in Redmond, Wash.; review various aspects of Windows source-code development, testing and deployment processes; discuss existing and potential projects with Microsoft security experts, and generally interact with and provide feedback directly to Microsoft staff."

You can almost see the colour brochure. We do not expect Chinese IT people to be wildly impressed by being able to hang out with the cool geeks in Redmond - not anything like as impressed by the weaker-willed ones at UK.gov, anyway. But you can see the objective, and see how Microsoft might think it can profit handsomely from the "no-fee initiative." ®

What else Bill did in China

Beijing signs MS deal with Gates, Linux deal with IBM

Beginner's guide to SSL certificates

More from The Register

next story
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Microsoft adds video offering to Office 365. Oh NOES, you'll need Adobe Flash
Lovely presentations... but not on your Flash-hating mobe
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
HTML5 vs native: Harry Coder and the mudblood mobile app princes
Developers just want their ideas to generate money
prev story

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.