"The source code proposal comes alongside a series of additional recommendations such as restrictions on background permissions for apps and the option to remove all preinstalled apps. Reuters also reports the package would mandate periodic malware scanning and require phones to store system logs for at least 12 months, requirements that industry groups told the publication would drain battery life, run into storage limits and slow the rollout of necessary security updates."
"The nation's IT ministry told Reuters it "refutes the statement" that it is proposing manufacturers hand over their source code. This was despite a review of internal government and industry documents as part of the reporting. Government officials and industry executives are reportedly due to meet Tuesday for more discussions. Last month, India was set to require a state-owned cybersecurity app be preinstalled on every smartphone in the nation before backpedaling after intense backlash."
India is considering smartphone security rules requiring manufacturers to provide government access to device source code for vulnerability analysis and to notify authorities of major software updates and security patches before rollout. Any source-code review would be analyzed and potentially tested at designated labs in India. A package of 83 draft security standards could be made legally binding. Recommendations include restrictions on background app permissions, the option to remove preinstalled apps, periodic malware scanning, and requiring phones to store system logs for at least 12 months. Industry groups warn these measures could reveal proprietary information, drain battery life, strain storage, and slow security updates.
Read at Engadget
Unable to calculate read time
Collection
[
|
...
]