McAfee announced this week that no longer allows governments to undertake revisions of the source code for its security products. The change, according to the company, it is a requirement, mainly from Russia, which obliges companies in the sector, when foreign, to submit their products for analysis.
The Kremlin, through its security department, points out that this would be a request with a focus on security, to ensure that there are no vulnerabilities or backdoors placed there by foreign governments. On the other hand, the security agencies of the USA and Europe point to the exact opposite – this review could lead to the discovery of vents that would be, then, exploited by the russians internationally.
It is precisely on that account that, since June, she joined the companies that have announced no more meet the demands of the country. Symantec was one of the first to do this, refusing since 2016 to deliver the source code of your solutions for any organization that is, even if it means the loss of a portion of a market that is so important when the of the governmental organizations.
In the case of McAfee, that in itself, the decision occurred in April, after the company have aimed to be independent, leaving behind the years of union with the Intel. However, when talking about the subject, the company has not said exactly when it ceased to send the source code for review by the Russian government, which prevents us to discover which versions were analyzed by the country.
In its communiqué, the company claims that there is no indication that the revisions made by Russia have resulted in security failures, whether in operations, orchestrated by the government itself or by hackers that are working for him. Even so, the company has decided to accept the recommendations of the u.s. state department, who expressed fears as to the methods of digital warfare used by country, not always an ally in this regard.
Other companies, keeping an eye on the slice of the Russian market, have taken different attitudes. HPE, for example, already claimed to have hired an independent agency to do the security check required by the Russian government. She, on the other hand, has not said if the alternative was accepted by the Kremlin, since the Echelon, hired to do the service, also provides this kind of assistance to the Pentagon and other security agencies american.
McAfee also said already have used the services of this type, including their own Echelon. However, with the changes, nor even that it is more acceptable to the company, that is definitely terminating any type of external review of their products and solutions.