In an interview with Reuters, security company Symantec reveals it's no longer giving governments access to the source code of its software. The company's CEO, Greg Clark, told the news agency that the threat of nation-state hacking has made source code reviews an unacceptable risk.
As such, Symantec decided the risk of the potential compromise of the security of its products outweighs the potential business it could win by continuing to allow source code reviews:
In an hour-long interview, Clark said the firm was still willing to sell its products in any country. But, he added, “that is a different thing than saying, ‘Okay, we’re going to let people crack it open and grind all the way through it and see how it all works’.”
While Symantec had seen no “smoking gun” that foreign source code reviews had led to a cyberattack, Clark said he believed the process posed an unacceptable risk to Symantec customers.
“These are secrets, or things necessary to defend (software),” Clark said of source code. “It’s best kept that way.”