India proposes forcing smartphone makers to give source code in security overhaul

Submitted ⁨⁨1⁩ ⁨day⁩ ago⁩ by ⁨Gemini24601@lemmy.world⁩ to ⁨technology@lemmy.world⁩

https://www.reuters.com/world/china/india-proposes-forcing-smartphone-makers-give-source-code-security-overhaul-2026-01-11/

I think that this would be great, since source code auditing would provide insight into anti-consumer additions like malicious backdoors, hidden spyware capabilities, unintended vulnerabilities, etc. However, this could be very bad if this passes and then escalates to mandatory source code modification at the request of a sovereign state. As always, there are possible pros and cons to this approach.

source

Comments

Sort:hotnew top

PierceTheBubble@lemmy.ml ⁨2⁩ ⁨hours⁩ ago

India proposes requiring smartphone makers to share source code with the government and make several software changes as part of a raft of security measures.

How does that sound promising at all? Especially when initiated by a government, previously having attempted to enforce government spyware, to be installed on all consumer smartphones. The following excerpts are from India’s proposed phone security rules that are worrying tech firms

Devices must store security audit logs, including app installations and login attempts, for 12 months.

Phones must periodically scan for malware and identify potentially harmful applications.

Defined to be potentially harmful by who? Right.

Phone makers must notify a government organisation before releasing any major updates or security patches.

We cannot approve of the security patch just yet, as we must first extensively exploit the vulnerability…

Devices must detect if phones have been rooted or “jailbroken”, where users bypass built-in security restrictions, and display continuous warning banners to recommend corrective measures.

Phones must permanently block installation of older software versions, even if officially signed by the manufacturer, to prevent security downgrades.

source
floofloof@lemmy.ca ⁨1⁩ ⁨day⁩ ago

India proposes requiring smartphone makers to share source code with the government

Before anyone gets their hopes up that India is pushing for open source software.

source
- UnfortunateShort@lemmy.world ⁨11⁩ ⁨hours⁩ ago
  Man, if this was about open-sourcing, it might have seriously improved security…
  
  source
icerunner_origin@startrek.website ⁨1⁩ ⁨day⁩ ago
Hmm, doubt it’s for security. Seems more likely they’re looking for backdoors in order to spy on users. There are far too many governments desperate to backdoor encryption and messaging apps to trust any government’s stated intent when it comes to technology

source
- SaltySalamander@fedia.io ⁨1⁩ ⁨day⁩ ago
  100%.
  
  source
acosmichippo@lemmy.world ⁨1⁩ ⁨day⁩ ago
lol good luck

source
evol@lemmy.today ⁨21⁩ ⁨hours⁩ ago
Whats even the point theirs plenty of engineers in the country with source code access? Maybe the Chinese ones don’t hire in India so its aimed towards them.

I want a government thats requires mandatory AGPL for most classes of software.

source