McAfee puts an end to government source code reviews because they just can’t be trusted
McAfee is to end the process of allowing foreign governments to review the source code of its security software.
A McAfee spokesperson told Reuters that it was stopping the practice because it has become too much of a security risk, suggesting that the problem is that governments simply can’t be trusted.
Many governments around the globe have been placing code-reviewing demands on software companies, ostensibly to ensure that their products don’t contain any Western government spy agencies’ back doors.
However, the fear is that they could, equally, use their privileged access to the source code to find and exploit their own vulnerabilities.
Moscow, in particular, has upped the pressure on Western technology companies in recent years.
In June, Reuters reported that Russia had upped the ante on source code reviews, with Russian companies carrying out them in secure “clean rooms”, where the source code could quickly and easily be copied.
These reviews are mandatory requirements from Russian defence agencies when foreign software is being used within government departments.
McAfee initially ended these reviews in April 2017, after it was spun-out of Intel. But the spokesperson didn’t give a specific timeline for when it exactly stopped these reviews or any cases of security issues.
“The new McAfee has defined all its own new processes, reflecting business, competitive and threat landscapes unique to our space,” the spokeswoman told Reuters . “This decision is a result of this transition effort.”
Other cyber security companies have taken similar actions in recent months amid reports of Russian meddling. In June, Symantec refused to give Russia access to its source code.
And, last year, the company announced a global policy of refusing to hand over its source code to governments, even if it was required to access a new market.
“It poses a risk to the integrity of our products that we are not willing to accept,” Symantec spokesperson Kristen Batch told Reuters .