IBM Gives China Access to Software Code

Uploaded on 2015-10-27 in INTELLIGENCE--USA, INTELLIGENCE-Hot Spots-China, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, NEWS-Cybersecurity News

IBM said it is giving the Chinese government access to some software code, seeking to demonstrate the security of its products as the company tries to expand its business in the country.

Beijing won’t receive client data or “back doors” into the technology, International Business Machines Corp. said recently in a statement. Technology providers including Microsoft Corp. have reached similar agreements in China, IBM said. Microsoft established a program with China in 2003, giving the government access to some Windows source code.
“Strict procedures are in place within these technology demonstration centers to ensure that no software source code is released, copied or altered in any way,” IBM said. “Those are applied rigorously regardless of country.”
 
Concerned about cybersecurity, China this year enacted security measures requiring foreign technology companies to show software code to the government. The purpose of the law is to prevent other parties from illegally accessing China’s systems and data through computer programs like viruses, said Ray Wang, principal analyst at Constellation Research.

Diversified Economy
China also has been making efforts to ease its dependence on manufacturing for economic growth and support domestic companies in other industries. President Xi Jinping laid out plans this year to accelerate the development of the country’s information technology industry. There’s an opportunity for companies such as IBM to increase their presence in the market as China figures out how to get established in these new sectors, Wang said.
“As everybody knows, there’s a tacit understanding that if you want to do business in China, you need to show them how this stuff works,” he said. For IBM, “the significance here is the first-mover advantage.”
By fulfilling the government’s requirements, IBM will also get access to foreign companies operating in China that may be more inclined to store their data on the company’s servers rather than those owned by Chinese businesses, said Daryl Plummer, chief of research at Gartner Inc.
“In order to grow globally, you have to do business in China, you have to be representative there,” Plummer said. Giving the government access to the code “seems to be a reasonable risk to take.”
IBM also reduces the risk that its intellectual property will be copied by granting the government access in a controlled environment on the company’s machinery, Wang said. IBM is probably revealing code for basic features, he said, rather than disclosing proprietary algorithms.

Reverse Engineering
“It’s more about the Chinese government being comfortable that source code won’t kill their government, though there’s definitely a little bit of: ‘Can we reverse engineer this?”’ Wang said in a phone interview. “For IBM to do this is a little ballsy.” Companies such as IBM that have closed-source, or proprietary, software typically maintain tight control of its underlying source code.

This is the first time IBM has given the Chinese government access to its software code, having previously shown some proprietary information on its chip technology, Wang said. IBM and other companies have had their intellectual property imitated before, he said, adding that software is more difficult to reproduce than hardware.
Info-Management: http://bit.ly/1Xt0coe

 

« China Still Hacking US Firms Despite Xi’s Vow
Who Is responsible For Security in the Cloud? »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

HackRead

HackRead

HackRead is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends.

Zurich

Zurich

Zurich is a leading multi-line insurer providing a wide range of property and casualty, and life insurance products and services in more than 210 countries and territories.

8MAN

8MAN

8MAN is a leading Access Rights Management (ARM) solution in Microsoft and virtual server environments.

Minerva Labs

Minerva Labs

Minerva’s patent pending solution keeps malware in a constant sleep state before it can infiltrate your network and cause any damage.

Packet Ninjas

Packet Ninjas

Packet Ninjas is a niche cyber security agency with specialized expertise in the use of digital intelligence to strengthen cyber security.

PeCERT

PeCERT

PeCERT is the national Computer Emergency Response Team for Peru.

Communications Security Establishment (CSE) - Canada

Communications Security Establishment (CSE) - Canada

CSE is Canada's national cryptologic agency, providing the Government of Canada with IT Security and foreign signals intelligence (SIGINT) services.

Privitar

Privitar

Privitar is leading the development and adoption of privacy engineering technology enabling our customers to innovate and leverage data with an uncompromising approach to data privacy.

GovCERT Austria

GovCERT Austria

GovCERT Austria is the Austrian Government Computer Emergency Response Team. Its constituency consists of Austria's public administration.

Cyber Army Indonesia (CyberArmyID)

Cyber Army Indonesia (CyberArmyID)

Cyber Army Indonesia (CyberArmyID) is the first platform in Indonesia to collect and validate reports from hackers (referred to as Bug Hunter) regarding vulnerabilities that exist in an organization.

Norwest Venture Partners (NVP)

Norwest Venture Partners (NVP)

Norwest Venture Partners offer entrepreneurs a broad range of services to help them build their businesses at every stage of growth. Key sectors include AI, Infrastructure, SaaS and Security.

Envieta

Envieta

Envieta is a leader in cryptographic solutions. From server to sensor, we design and implement powerful security into new or existing infrastructure.

Comparitech

Comparitech

Comparitech strives to promote cyber security and privacy for all. We are committed to providing detailed information to help our readers become more cyber secure and cyber aware.

ARC Risk and Compliance

ARC Risk and Compliance

ARC Risk and Compliance is a consulting company comprised of a team of AML Specialists completely focused on anti-money laundering compliance and the technologies used to support compliance programs.

Lyvoc

Lyvoc

Lyvoc is a premier cybersecurity integration partner renowned for its expertise in supporting its clients to accelerate and secure their digital transformation.

North Pole Security

North Pole Security

North Pole Security provide Endpoint Protection For macOS. Meet Workshop, the first modern endpoint protection platform for macOS. Stop threats before they start while keeping the business moving.