back to article NATO gets a front-door to look for Microsoft backdoors

Microsoft has renewed its 12-year-old agreement with NATO which, among other things, lets the organisation check for bugs, vulnerabilities, and backdoors in Redmond's products. The company announced the agreement here. The essence of the release is that NATO's Communications and Information Agency, NCI, has signed with …

  1. Chairo
    Devil

    "controlled access to source code"

    Now that is a nice term. Is there perhaps a tool-chain included to make sure this code really compiles to the binaries they got? Otherwise "controlled access to source code" could well mean - "we edited out the stuff you are not supposed to see, before we handed it over".

    But my guess is rather that it means "we can show you printouts which you can search while we are together with you in a meeting room and we'll collect everything afterwards" - good luck finding anything in this heap of paper!

    Oh well, I guess I haven't got enough faith in humankind. Oh, wait - megacorps and gouvernment agencies are non-human entities, right?

    1. Mark 85 Silver badge

      But my guess is rather that it means "we can show you printouts which you can search while we are together with you in a meeting room and we'll collect everything afterwards" - good luck finding anything in this heap of paper!

      Hell, good luck with sitting in a meeting room and examining a zillion lines of code.

      1. Anonymous Coward
        Anonymous Coward

        I'm pretty good with assembler so that wouldn't be too much trouble. Now one of the guys I trained to take my job could read straight hexadecimal and was/is eidetic to boot. Go ahead and try to snow job him. He'd be on the NATO team if available. And quite a few more lurking in odd corners of the military.

        [Part of the "if the going got weird, the weird grabbed their duffle bag and got going."]

    2. Vic

      we can show you printouts which you can search while we are together with you in a meeting room and we'll collect everything afterwards

      I had someone try to pull that one on me once.

      This company were trying to sell me mask-programmed microcontrollers. Given the volumes involved, this was a multi-million pound deal. They were cheaper than the competition - but we'd been using the competition flawlessly for some years (and I used to work for them).

      I wasn't going to sign this order without confidence in the code that was to be installed on them, and the FAE who was writing it - well, let's just say he didn't fill me with confidence. So I insisted on seeing the source. He refused.

      We eventually ended up in a big meeting with his management and mine. I stuck to my guns - I wasn't going to put this chip on the board if I didn't see the source. After I'd said my piece, the supplier's management turned to this FAE and said "just show him the code."

      So the FAE duly turned up at the office a couple of days later with hard copy. Talk about being a bad loser. And I still found a critical bug within 60 seconds[1] that would have left the machine unusable...

      Vic.

      [1] I did know where to start looking, having been through the development at my previous employer.

  2. Anonymous Coward
    Anonymous Coward

    Microsoft's bug-ridden software is used in US Military systems?

    Sounds like a (nuclear) accident waiting to happen.

    Gives a whole new meaning to the phrase "Blue Screen of Death".

    1. Anonymous Coward
      Anonymous Coward

      Re: Microsoft's bug-ridden software is used in US Military systems?

      Good idea, show me a version of Linux, BSD or Unix that is bug free.

      1. Herbert Meyer

        Re: Microsoft's bug-ridden software is used in US Military systems?

        No, but I will show you versions where bugs are publicly disclosed and quickly fixed, and no back doors.

  3. M7S

    Can't NATO just ask NATO members?

    I got the impression from the news recently that security organisations in the UK and US already have a good insight such things, perhaps even better than MS does.

    1. Chairo
      Joke

      Re: Can't NATO just ask NATO members?

      That is a bit like asking your wife, if she put poison into your coffee. You'll probably not get an honest answer.

      1. Ian Emery Silver badge

        Re: Can't NATO just ask NATO members?

        I suspect it would depend how much you had drunk. "You will find out in 3...2...1...(thud)"

        BTW, does this story replace the "NASA gets a front-door to look for Microsoft backdoors" story I spotted this morning.

  4. Your alien overlord - fear me

    NATO's Communications and Information Agency, NCI

    Isn't that the CIA lurking in there. Hidden in plain sight.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019