Bruce Schneier writes:
China is getting a copy of the Windows source code. I’ve already written about the security risks of open-source versus proprietary software. One of the problems with open source is that the bad guys get to look at the code. One of the good things about open source is that the good guys get to look at the code, too. If I were the Chinese government, I’d turn that code upside down looking for vulnerabilities, and then not tell anyone about them. This seems like a huge security risk to me, even though Microsoft might consider it a smart business move.
Good point. Microsoft probably sees China as just another customer, but from a security standpoint we should be wary. If there is any advantage to be gained here, the Chinese government will take it. The fact that we habitually view a technology as benign does not preclude someone else from using that technology as a weapon. (See, in this regard, Lex’s recent post about China’s space program.)