In order to continue selling Microsoft products to the Russian government, the Redmond Washington software company granted various agencies of the Russian government access to source code for Windows 7, Server 2008, and other products.
The government agencies listed in the agreement include the former KGB. The source code access will help the Russian government to find security flaws in Microsoft products. What the Russians do with this knowledge is unclear.
Ten percent of Microsoft’s $1 billion Russian business revenue comes from the Russian government, according to a Bloomberg web article.
This isn’t the first time that Microsoft has allowed foreign governments access to their source code. They have a Government Security Program to grant source code level access to Microsoft products. GSP started in January of 2003 as a more formal name for their Shared Source Initiative which started in 2001.
According to the GSP home page:
Microsoft offers eligible, participating national governments no-cost, online smart-card access to source code for the most current versions and service packs of Windows Client, Windows Server, Windows Embedded CE, and Office. In addition, subject to such requirements as U.S. export approval, qualified GSP participants may also obtain access to cryptographic code and development tools. The GSP also provides transparency through disclosure of Microsoft technical information. This engineering-level view of Windows architectural design provides greater insight regarding the platform’s integrity and enhances national governments’ ability to design and build more secure computing infrastructures.
The recent Russian spy story makes this a little sensitive for Microsoft as ghosts of the Cold War resurfaced in the news this week. I wonder who else has access. The GSP web pages touts that this no-cost partnership is available in 65 geographic markets.