China vs The Internet, GitHub DDoS edition

LincLinc OwnerDetroit Icrontian
edited March 2015 in Internet & Media

GitHub is currently under a sophisticated DDoS attack (now in day 4) that appears to originate from China. Iconfactory recently had a similar attack and hypothesized that most companies experiencing these types of attacks are simply keeping quiet.

The non-technical summary is that Chinese sources are using tactics like DNS poisoning and malicious Javascript in popular sites to cause non-Great Firewall'd traffic to torch websites that do things they don't like. To them, GitHub et al are nuisances to be punished for defying them and they will manipulate the entire Internet to do so.

LincCreeperbane2

Comments

  • EMTEMT Seattle, WA Icrontian

    Some Sunday learning. Could this even possibly force GitHub to abandon certain projects they host?

    The attack is hijacking the Chinese-bound traffic of users outside China, so you may be participating in it when you browse Youku, Taobao, or even nearby websites that incorporate Baidu user tracking. While you browse, the attack injects Javascript to silently bother GitHub projects that aid circumvention China's firewall for people in China. Allegedly, the Javascript is being injected by that same firewall.

    Some technical sleuthing. It sounds like it won't happen on sites that refer to Baidu via HTTPS for user tracking/analytics.

  • LincLinc Owner Detroit Icrontian

    @EMT said:
    Could this even possibly force GitHub to abandon certain projects they host?

    Knowing their company, no. Censoring code is anathema to why they're in business.

  • GargGarg Purveyor of Lincoln Nightmares Icrontian

    What's funny is this time, China is messing with programmers that know how to defend themselves. They're not just running to their CDN and asking for help. The temporary solution of inserting an alert() in the page is pretty clever.

    @EMT said:
    Could this even possibly force GitHub to abandon certain projects they host?

    Since they are targeting two repos in particular (Greatfire and Chinese NY Times), the message is pretty clear, but I can't imagine GitHub would give in.

  • LincLinc Owner Detroit Icrontian
    edited April 2015
  • primesuspectprimesuspect Beepin n' Boopin Detroit, MI Icrontian

    Uh, that link takes me to a french affiliate linkbait site.

  • That's because your affiliate link interception robot has been reprogrammed by Chinese hackers.

  • primesuspectprimesuspect Beepin n' Boopin Detroit, MI Icrontian

    Jesus

  • RyderRyder Kalamazoo, Mi Icrontian

    @Linc 's link edited, some garbage at the end caused the fracas

Sign In or Register to comment.