Explaining Microsoft's Government Security Program a while back Craig Mundie intimated that it applied to practically everybody except Cuba and Iraq, and he even gave China as an example of a qualifying country. So Bill Gates goes to China and it's not exactly a surprise that Chinese participation in the GSP is announced. Hey, it's free, so why wouldn't they?
Microsoft has already had a couple of bites of the 'India signs up for GSP' story, although that one hasn't quite happened yet. But next trip, trust us. Where, however, is the beef this trip?
Aside from providing Bill with a handy auto-announcement which can be used on his travels, giving governments looking rights to Microsoft source code has other advantages. As we sourly noted earlier, the process of looking will tend to draw governments into the Microsoft kirk, and if they had previously been digging around on a freelance basis (not of course that we'd suggest China would do such a thing), then it's useful to Microsoft to have such activities to some extent 'officialised' and controlled.
We note that Dr. Wu ShiZhong, Director of the China Information Technology Security Certification Center (CNITSEC), himself comments that: "Microsoft's GSP provides us with the controlled access to source code and technical information in an appropriate way." Which is more what you'd expect the Microsoft rep to say while explaining why the company was giving China source access.
Microsoft's own explanation of the GSP makes it clear it has restrictions, although it's bashful about what they are, and it also makes it clear that it is intended to provide a jumping-off point for wider co-operation:
"The Government Security Program...is a no-fee initiative that provides program participants the ability to review Windows source code using a smart-card-based secure online access and subject to certain license restrictions. [which are?]... In addition to source access, the GSP provides for the disclosure of technical information about the Windows platform, enhancing governments? ability to build and deploy computing infrastructures with strong security technologies in place. The program also promotes increased communication and collaboration between Microsoft security professionals and program participants, providing opportunities to visit Microsoft development facilities in Redmond, Wash.; review various aspects of Windows source-code development, testing and deployment processes; discuss existing and potential projects with Microsoft security experts, and generally interact with and provide feedback directly to Microsoft staff."
You can almost see the colour brochure. We do not expect Chinese IT people to be wildly impressed by being able to hang out with the cool geeks in Redmond - not anything like as impressed by the weaker-willed ones at UK.gov, anyway. But you can see the objective, and see how Microsoft might think it can profit handsomely from the "no-fee initiative." ®