> i thought it was strategic - to ensure global dominance in tech
I don't like the way this is phrased because it nearly implies that doing this is an advantage to the US population.
"Preventing foreign dominance in tech" is plausibly a legitimate goal. Preventing a foreign tech monopoly is a good thing. But the assumption that this can only be achieved by a domestic one is the fallacy. A domestic monopoly is still a disadvantage compared to a competitive market with a multitude of domestic companies.
Unless you're an authoritarian that wants to leverage the monopoly for the purposes of e.g. censorship. But then you're an enemy whose goal is to harm even the domestic population.
Why do you think Windows, MS Office, MSSQL, Azure, and other MS applications are used extensively in the federal government?
Its to prop up American businesses, and as a form of corporate welfare.
We see this a lot in various vertical industries. The USG could pay and make it free, but they would rather prop up proprietary software as long as its US based.
> Its to prop up American businesses, and as a form of corporate welfare.
You say that like it's an actual policy goal. You don't think it's because those companies donate to the campaigns of the politicians doing it? It's corruption.
I do. There's reasons for that from previous employment that would indicate that as a policy goal.
Red Hat is also technically accepted by US Gov. Technically. But you need to use? They're bypassing all sorts of security shit with ongoing POAMs and doing their own thing.
And yes, I would agree that its corruption as well.
Getting it written down as a policy goal in formal documents or training materials for mid-level bureaucrats is a mechanism of action for the corruption.
It's a matter of whether it would happen even if nobody was writing a check, and it still seems like the answer is no.
A great case example of this corruption is the following:
AC-2 : Kerberos/LDAP/DNS/Shibboleth CAN suffice, but auditors will absolutely look for Active Directory. Most auditors don't even know how to prove Linux this way.
CM-6 : this is just a roundabout way of saying 'do you support GPOs? '. Sure, Puppet can work, as can on-login bash scripts stored on a Windows AD server. But why use Linux clients when you're already using Windows AD?
Now, nowhere in NIST actually says 'MS Windows'. Its just that the control is worded in such a way that proving it on Windows is easy, and Linux is very hard to impossible to prove.
There was a single exception to vendor agnoticism, and that was the requirement of McAfee security software. I can't find the control offhand, but now its called Trellix.
A domestic monopoly might not be the only way to prevent a foreign monopoly, but it is a guaranteed way so it makes sense to let it proliferate.
Look at the state of the industry vertically. There's exactly 1 company that can produce the cutting-edge chip fabs, ASML. TSMC utterly dominates using the fabs to actually produce the chips. That's already 2 foreign-controlled horizontal monopolies on which the rest of the industry relies.
If you want any sort of control in the industry (and not be bullied for access like we do to China), you need to be the biggest buyer / operator of those chips. And so we encourage US mega-tech companies buying up all the GPUs, so those other monopolies aren't used to cripple us (or at least they'd cripple the whole chain if they tried).
> A domestic monopoly might not be the only way to prevent a foreign monopoly, but it is a guaranteed way so it makes sense to let it proliferate.
It isn't in any way guaranteed, and you just listed an example of it failing. Intel used to be the world leader in fabs and now it's TSMC, because that's what happens if you let the domestic market consolidate until the incumbents feel they can rest on their laurels and then a foreign competitor throws down the gauntlet.
> If you want any sort of control in the industry (and not be bullied for access like we do to China), you need to be the biggest buyer / operator of those chips.
Or you need an actual diverse competitive market so that that sort of bullying doesn't work for anyone.
Suppose the GPU market had a dozen or more companies with significant market share and four of them were in the US. Then it doesn't matter where the other ones are, nobody can deprive the US of GPUs because the US can always get them from the US vendors or have them increase production.
It would mean that the US can't do the bullying anymore because then others could buy from the non-US vendors, but what is the rest of the world doing not causing that to happen on purpose?
It's necessary to distinguish between the things that happen and the things we would prefer to happen as citizens if we want to get from one to the other.
I don't like the way this is phrased because it nearly implies that doing this is an advantage to the US population.
"Preventing foreign dominance in tech" is plausibly a legitimate goal. Preventing a foreign tech monopoly is a good thing. But the assumption that this can only be achieved by a domestic one is the fallacy. A domestic monopoly is still a disadvantage compared to a competitive market with a multitude of domestic companies.
Unless you're an authoritarian that wants to leverage the monopoly for the purposes of e.g. censorship. But then you're an enemy whose goal is to harm even the domestic population.