Prediction: at some point (if it isn't already happening as we speak), the government insistence on "we need to be able to hack into any software if it's important" will collide with "we need to be able to keep foreign powers out of our software", and there will be bitter internal fights about it, both sides claiming national security interests.
Wasn't Pulse Secure VPN the one that required an ActiveX control and IE in order to "secure" your system on Windows? I mean, when I see that kind of shit, I kind of assume the vendor sells some shit software.
> The U.S. plans to address some of these systemic issues with an upcoming executive order that will require agencies to identify their most critical software and promote a “bill of materials” that demands a certain level of digital security across products sold to the government.<p>Interesting, no mention of any requirements towards software manufacturers themselves.<p>If you think about it, this will further incentivize poor-quality software as responsibility of vulnerability response is now being laid on the product owner.
This new arms race can eventually lead us to militarization of the whole economy. Almost every business operation will cost 40% more than now because of security costs. Security doesn't scale well and can't be commoditized (until we get AGI I guess). You can't just outsource it to Google or other megacorp.<p>That would be an insane waste of resources.