Cyber security firm McAfee will no longer permit foreign governments to analyze or dissect source code of its products. This brings to an end the practice which some security experts say could be leveraged by various states for cyber-attacks.
McAfee had been complying with the demands of Moscow in recent years to provide access to their source codes. Russian companies used to conduct these tests in what they refer to as “clean rooms,” where they test foreign-made software to ensure there are no backdoor entries, particularly when they are using these products in defense agencies. However, U.S officials have stated that access to this software makes it extremely vulnerable to cyber-attacks.
According to a McAfee spokesperson the company will become independent after spinning off from Intel. They have not disclosed any timelines to put this new rule into effect. “The new McAfee has defined all its own new processes, reflecting business, competitive and threat landscapes unique to our space. This decision is a result of this transition effort,” the spokesperson said.
The move is similar to one made by its competitor Symantec in 2016, when it set up a global policy of refusing to comply with any source code review mandate by any government, even if it was to get an entry into the market. It has prompted questions from lawmakers in Washington, raising concerns about Russia’s involvement the US Presidential elections and other western countries. The Kremlin has continuously denied the allegations.