When the US and other countries tries to do it, it is some how portrayed as "those pesky government people" but when China wants to do it, its all ":O"
Pretty sure most people who oppose one, oppose the other as well. Personally, I think the only "principles" technologists should be signing with regards to this sort of thing are these: https://projects.eff.org/~barlow/Declaration-Final.html (yes, I am being hyperbolic, but only up to a point)
Not at all. I endorse both restricting location of data to safer places and security review of products. The specifics vary considerably from country to country. The consensus is that a Swiss ownership/company offering services in their country evaluated by INFOSEC professionals would be ideal. If any L.I. exists, it would have low likelihood of abuse. Iceland may not have L.I. or crypto regs but it's unknown how they will handle future U.S. pressure. Swiss handled it pretty well and aren't NSA SIGINT partners unlike most of Europe.
Then, there's Europe with its data protections of unknown effectiveness for me as an American. Then, there's America where the sue happy, LEO's, and courts can get away with a lot. Your actual trade secrets, source code, etc are more protected here plus stronger patents. Then we have China and Russia where some employees and external parties on the network will be hacking the crap out of you while the government protects them when caught.
So, quite different situations in different countries even for same topic.
Because China is one of the biggest I.P. thieves in the world. The likes of Huwei have played that to huge advantage with real losses for U.S. companies. Having an I.P. thief wanting to look at your I.P. or have it in their jurisdiction to "protect them" is different than the norm in U.S. and Europe.
Plus, most products certified in those don't even have to turn in their source code. It's one of the reasons I call bullshit every time companies get such a certification and say it means something.
lazaroclapp|10 years ago
nickpsecurity|10 years ago
Then, there's Europe with its data protections of unknown effectiveness for me as an American. Then, there's America where the sue happy, LEO's, and courts can get away with a lot. Your actual trade secrets, source code, etc are more protected here plus stronger patents. Then we have China and Russia where some employees and external parties on the network will be hacking the crap out of you while the government protects them when caught.
So, quite different situations in different countries even for same topic.
nickpsecurity|10 years ago
Plus, most products certified in those don't even have to turn in their source code. It's one of the reasons I call bullshit every time companies get such a certification and say it means something.