I remember reading a comment a long time ago -- maybe here or Quora, I think -- talking about how people don't usually realize how much trouble organized crime gives small and midsize businesses. You'll start getting DDOSed and then an email appears a day later: pay us and we'll stop bringing down your site. I have no idea if extortion is what's happening here versus simple lulzseekers or a grudge someone holds against them, but I wouldn't be surprised.
If I were a DDoS attacker, I wouldn't want to make enemies with the sort of people that rely on github.<p>Though it's easy to imagine that those guys think differently than I do.
Very nice. Just one thing: I already know I'm awesome and I don't need my source revision control provider to boost my self confidence (I'm referring to the line "...you, our awesome GitHub users"). OTOH, it's clear that it's GitHub's employees, rather than its users that need constant reassurance of their coolness. GitHub is a nice company that provides a good, solid and necessary service - hosted SCM. Then why is it that their <i>company</i> blog focuses on their drinking habits?<p>Dear GitHub,<p>Although your product may sound boring to laymen, you provide a good service to a very important industry. Your "boring" day job reflects nothing on your personal and very exciting lives. Your customers, however, like you for what you provide them with, not for your companionship, and I'm sure your friends like you for the opposite reasons, as they very well should. In fact, everybody loves you for many reasons, and you are all very lovable. So please, keep your extra-curricular activities to your friends, and your work activities to your customers. You can call your friends "awesome" if that's your kind of thing, but for various reasons it is better to treat your customers with proper decorum. If you're unable to keep the two separate, you're in for some bitter disappointment later in life.<p>Love, everyone.
Couldn't they just keep adding IP's to some blacklist (not htaccess, but something more efficient), and the attackers will eventually run out of IPs to attack from? There's only a finite # of computers you can really have control of. So you end up blocking some innocents, but you take care of that after the attack is over.
I think if you build your app properly the only problem with DDoS is traffic. Github partnerships with Rackspace so their cloud traffic can't be expensive. Correct me if I'm wrong.
Github is really great, but I'm a cynic.<p>Indeed, why _would_ anyone want to DDoS github? How can we believe Github that the outages were due to a DDoS? They're smart people, aren't they using solid load balancesrs that can mitigate DDoS attacks? Why haven't they issued an actual statement describing the supposed attacks in better detail?