FITUG e.V.

Förderverein Informationstechnik und Gesellschaft

FC: China wants virus samples from software firms, by Te

------- Forwarded message follows ------- Date sent: Mon, 02 Apr 2001 19:24:29 -0400 To: politech@politechbot.com From: Declan McCullagh <declan@well.com> Subject: FC: China wants virus samples from software firms, by Ted Bridis Send reply to: declan@well.com

**********

From: "Bridis, Ted" <Ted.Bridis@dowjones.com> To: "'declan@well.com'" <declan@well.com> Subject: WSJ Date: Fri, 30 Mar 2001 08:36:32 -0500

http://interactive.wsj.com/articles/SB985910528688563410.htm

China Is Asking Software Firms To Provide Samples of Viruses

By TED BRIDIS Staff Reporter of THE WALL STREET JOURNAL

WASHINGTON -- Security officials in Beijing have been requiring that in order to sell their products in China, leading antivirus-software companies must provide samples of destructive computer programs and rogue wiretap software from their research labs.

Between 1999 and the end of last year, three of the industry's largest vendors -- Network Associates Inc. and Symantec Corp., both based in the U.S., and Trend Micro Inc. of Tokyo -- gave the Chinese security ministry roughly 300 different samples of the most common, malicious software found on the Internet, in exchange for permission to market their products in China. The three companies collectively represent nearly 75% of the $1.2 billion world-wide antivirus-software market.

Executives at the three companies said China's Ministry of Public Security, the nation's principal police authority, told them that they needed virus samples to independently test the effectiveness of their software products before they could be sold to consumers.

"We've met with this organization, developed a certain level of trust and believe they're doing what they're talking to us about," said Vincent Gullotto, senior director of the research labs at Network Associate's McAfee Corp. unit in Beaverton, Ore.

Still, the move has raised concerns among some international-trade and national-security officials here who worry about China developing information-warfare tools.

Others characterized the request as a potential time-saver for China that could provide researchers there with insights into developing not just future viruses but also an increasingly popular class of surreptitious monitoring software known as "back doors."

It is also possible that the Chinese ministry could be looking to use the viruses to develop their own antivirus products at the expense of research done by foreign companies, although the authorities didn't seek access to the more useful source code that the software companies use to write antivirus products.

An official at the press office of the Chinese embassy directed calls to its Commercial Office here. Repeated phone calls to that office weren't returned. Executives at the three companies said they rejected persistent Chinese demands for their broader research collections of viruses and other malicious software.

A fourth company, F-Secure Inc. of Finland, said it negotiated last summer to let Chinese researchers conduct virus studies at its new laboratory in Beijing, but declined to surrender the samples directly.

"This is very unusual," said Mikko Hypponen, virus-research manager at F-Secure. "No other country has anything similar to this."

McAfee President Gene Hodges said that within 90 days of complying with the Chinese request, his company notified the U.S. government that it had provided the samples. "No specific concern was expressed" by the government officials that the company spoke with, Mr. Hodges said. He declined to say who or which U.S. government department his company contacted.

Meanwhile, experts also were divided about the potential military usefulness of the common viruses turned over to China. Many of those samples can be found within rogue virus collections already on the Internet, though others are more rare. Mr. Gullotto of McAfee estimated that determined Chinese researchers "might be able to find 80% to 90%" of what the companies provided, and noted that antivirus software currently protects against those samples.

Still, the unprecedented request to trade virus samples and other software programs for market access surprised some researchers at the companies. Sharing of viruses for research purposes is usually restricted to fewer than three dozen members world-wide of the loosely organized Computer Antivirus Researchers Organization. Software firms keep their sample virus collections -- code zoos -- in secure rooms and on separate computer networks that are off-limits to all but a handful of experienced employees.

U.S. international-trade and national-security officials expressed disappointment with the companies' decisions to share any malicious software with China's government. They noted that the ministry has an intelligence division, and that China's military is developing a "Net Force" of young computer experts trained in information warfare. In late 1999, the Chinese army's official newspaper discussed the need for "software and technology for Net offensives so as to be able to launch attacks and countermeasures on the Net."

These same officials said they were somewhat mollified that the software companies had negotiated to hand over to China only samples of relatively common viruses, not their more substantial collections of tens of thousands of dangerous programs. The shared collection was described as easily stored on a single CD-ROM disk.

"The concept is troubling," said Commerce Undersecretary William Reinsch, the outgoing head of the U.S. Bureau of Export Administration. "We don't want to promote or encourage information warfare or the further dissemination of viruses that even unintentionally could bring down our systems." He added that the Bush administration may need to consider restricting in some ways the intentional export of malicious software to some countries.

---------------------------------------------------------------------- --- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if it remains intact. To subscribe, visit http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ ---------------------------------------------------------------------- ---

------- End of forwarded message -------

Zurück