Jun 5, 2018 - Technology

What Microsoft's GitHub acquisition means for cybersecurity

Cartoon of Github helper cat offering assistance dialogue box for corporate acquisition

Illustration: Lazaro Gamio/Axios

Much of the conversation around Microsoft's purchase of computer code repository GitHub revolves around the potential culture clash — a corporate giant buying the keys to a scrappy open source community. But there are some potential consequences in security worth taking a gander at, too.

Why it matters: GitHub is so big in the coding world that no nation with a software industry could ever block it. Some freedom fighters have weaponized that indispensability.

In 2015, the "Great Firewall of China" — the nationwide system China uses to censor the internet — was reconfigured to launch a cyberattack on GitHub. It's widely believed that the attack was a Chinese response to GitHub posting a Chinese translation of the New York Times and a mirror of the anti-Chinese-censorship site GreatFire.org.

  • GitHub also contains the code for components of several internet privacy applications that could not make it into countries like China without them.

Microsoft wouldn't comment on what happens to material hosted on GitHub if a government asked it to filter certain content from its country. Microsoft is more powerful than GitHub on the world stage, but an oppressive government also has a lot more levers it can pull to influence a corporation of Microsoft's size.

Go deeper