The Yomiuri Shimbun reported additional information. Some products that will be subject to the approval:
- OS of contactless cards such as Felica (Sony’s contactless smart card) and MultOS
- Digital photocopier, OS of AV products, ATMs or Point Of Sales devices!
- Routers (no surprise at all, it would have been the first category I would have requested)
- Software for data backup
The list is rather interesting because most of them may have an impact of overall security of the nation. An entity that would have a backdoor in these devices would have access to interesting data. Let’s take a simple device like a digital photocopier machine. The OS may have access to the digitized image. It could store it in some hidden storage unit. Maintenance crew could retrieve the storage unit. Of course storage capacity is limited. But now add an OCR software and a filtering software that spots a list of sensitive tag names. The spy software stores only the potentially interesting data. By the way, how are we sure that it is not already the case? Photocopier have some hidden features that are not often publicized. Try to copy a banknote with a high res color XEROX. Surprise, surprise…
To the mere intent of economical intelligence, we could add to the list: detecting potential backdoors and spywares, or implementing such backdoors.
By the way, the new regulation is scheduled for May 2009!
Many thanks to Masaru san.