The PRC's DDoS of GitHub seems a little risky.[1] If GitHub is inventive (or desperate) enough, they could call on their users for aid. The perpetrators would immediately draw the ire of vast numbers of talented programmers. And GitHub is positioned to direct this ire toward useful ends. They could encourage users to contribute to GreatFire, or even start other initiatives and projects to stymie censorship. The outcome could easily be worse for the PRC than if the attack had never happened.<p>1. Even if this isn't a PRC-ordered or sponsored attack, large parts of their infrastructure are being co-opted. If they aren't criminally involved, they're criminally irresponsible.
From looking at the Javascript injection code (<a href="http://www.theregister.co.uk/2015/03/27/github_under_fire_from_weaponized_great_firewall/" rel="nofollow">http://www.theregister.co.uk/2015/03/27/github_under_fire_fr...</a>) it seems like the quality of the script is pretty amateur.<p>They inject jQuery not once, but twice, and only use jQuery to make a simple XHR request. Perhaps they are worried about one instance of jQuery being taken down or made unavailable to them, but they really don't need jQuery at all for something this simple.
Can Github ask for US Government help with it, since it's an attack by [presumably] foreign sovereign entity? It's paying taxes in US, right — so it may expect some kind of protection, isn't this what taxes are about?
> <i>0:50 UTC - Into hour 71 defending the attack. Mitigation is holding and service is stable.</i><p>Wow, this has been going on for quite some time now!<p>> <i>8:18 UTC - The ongoing DDoS attack has changed tactics.</i><p>Someone knows more about this new tactics?
This attack is perhaps just a taste of something nastier.
The GitHub infrastructure is rock solid and gives valuable real time information via its status dashboard .
This seems ideal for measuring the impact of an attack before choosing a more critical target.
Hi, foreigner working in Chinese high tech company here. I wonder a bit, on which ground is this attack attributed to Chinese gov? It looks a bit unlikely to me. China has some cyber military but they are more likely to be pragmatic and choose wisely their targets. There's a bunch of script kiddies but they would choose also something else. However it seems possible that many servers hosted in China are not secured and could be used for this attack, by some other people.<p>Just my first thought as an insider...
Interestingly enough, if the attacks never stop (which is a possibility), the engineers at GitHub might still come up with a way to effectively nullify DDOS and continue their normal operations.<p>Which would be a massive advance in cyberdefense. It's unlikely, but it would be a great example of "natural selection" (via their intelligent engineers' efforts) at work.<p>It will no doubt take ingenuity, but I don't think any other website than GitHub is in the position to do this. Especially right now.
It would be interesting to compute the value (in MWh for example) of the energy used for this attack. Seems massive to me. Not just the traffic but the job performed by each computer.
Blog post from GitHub related to this.<p><a href="https://github.com/blog/1981-large-scale-ddos-attack-on-github-com" rel="nofollow">https://github.com/blog/1981-large-scale-ddos-attack-on-gith...</a>
If this is China doing this, it makes me so upset the US has spent years and billions of dollars building up their economy instead of countries like Mexico.<p>Our relationship with them is almost as bad as our middle-eastern oil addiction.
This news about attack make me wonder why isn't GitHub just blocked these repositories for all Chinese IPs. It's would be logical after they censored certain repositories for Russian IPs:<p><a href="https://github.com/github/roskomnadzor" rel="nofollow">https://github.com/github/roskomnadzor</a><p>Just in case anyone who try to access repos from Russia get something like that:<p><a href="http://imgur.com/ytD5VYx" rel="nofollow">http://imgur.com/ytD5VYx</a><p>And no I'm don't support any of this and strictly against any censorship, but still it's looks weird why GitHub agree to deal with Russians, but not Chinese.
As convenient as GitHub is, let this be a lesson to ensure you have multiple remotes for your repositories. The more popular GitHub gets, the more it will become a target from a wide range of vectors.
Thanks (China) for doing this on a weekend! Works out well for what I imagine are a large portion of Github's paying users.<p>Please stop by tomorrow morning.
Anybody else like me who doesn't understand why China is really doing this? Fun? The closest explanation I found is this - <a href="http://www.wsj.com/article_email/u-s-coding-website-github-hit-with-cyberattack-1427638940-lMyQjAxMTA1ODIzOTgyNDkzWj" rel="nofollow">http://www.wsj.com/article_email/u-s-coding-website-github-h...</a>
Perhaps, if a country is shown to launch these kind of attacks[1], a second "great firewall" could be installed at peering points with that country, to filter out this kind of attack before it can reach the internet as a whole ...<p>[1] assuming, of course, this is the work of a government, and not simply some disenfranchised actors inside said government
Github could respond to requests that match the attack pattern with compression bombs: <a href="http://www.aerasec.de/security/advisories/html-bomb/" rel="nofollow">http://www.aerasec.de/security/advisories/html-bomb/</a>
Each time i hear about DDoS attacks i wonder why we don't have serious effective mitigation strategies even though there are brilliant computer scientists out there who always come up with very smart solutions, this is a genuine question and not a rhetorical one.
If this is being funded and/or perpetrated by a foreign government with China-like resources, I wonder how much extra capacity they have to expand the attack? Are they throwing everything they have at it now? I kind of doubt that.
If the attack crosses certain lines, it could be considered to be an act of war[1]. Considering many government agencies use GitHub[2], where are these lines drawn?<p>[1] <a href="http://www.forbes.com/sites/reuvencohen/2012/06/05/the-white-house-and-pentagon-deem-cyber-attacks-an-act-of-war/" rel="nofollow">http://www.forbes.com/sites/reuvencohen/2012/06/05/the-white...</a><p>[2] <a href="https://government.github.com/" rel="nofollow">https://government.github.com/</a>
What is Github's backend like? Do they use cloud service providers or do they manage their own infrastructure?<p>Highly curious to know how Github is preventing the site from crashing down.
While many seem to immediately yell out that the PRC did it, conversely a hacker could just intend to make it seem like PRC was responsible by diverting the attention away from themselves and there to... I simply just don't feel like PRC would be as stupid as to so openly DDoS a target, it doesn't take much to be a bit more elaborate than that.
I'd be interested to hear what this attack ends up costing GitHub in man power, bandwidth fees and so on. I wonder if any cost will be waived - I could see, for example, a large cost if they host DNS with AWS (although it sounds like they may host DNS at Akamai - I haven't checked as I'm writing on the go).
Maybe not the best tactic, but they can selectively issue a 301, and point to a page that contains a new link to the project? The new page can be cached. In the future they can issue another 301 to point back to the original page. Hopefully web browsers will cache the new url.
I must say I wonder a lot of the volume of generated traffic. Is that hundreds of connections? Thousands? Millions? What is the number of unique IP's hitting them, bandwidth, etc.<p>Does anyone have any data on that?
Why are there so many condescending comments about "saving the Chinese people". Ask yourselves, are you really qualified to judge the Chinese people? Have you been to China? Have you been to different parts of China? What are the main sources that you obtain news? Are you reading the "assumptions" over and over again until they are "assumed" as facts? I liked this place when it used to be just about technologies.
There are a few comments about China being involved. Is there any indication of that? I haven't seen anything from Github themselves or elsewhere, just the comments here.
The github service is nice, but do you really want to put your [code|website|etc] somewhere that can become inaccessible if some [person|group|criminal|government] decides they don't like something about it?
Time to DDOS the entire Chinese IP space.
Once the citizens experience network outages, they'll be able to direct their anger at the PRC who started this bullshit.<p>PRC wins if Github null-routes the Chinese IP space, Github must stay up no matter what.
Gitchain needed please, if we can stop ignoring the root of the problem is the habit to preserve corporal central force.<p><a href="http://Gitchain.org" rel="nofollow">http://Gitchain.org</a> links with <a href="http://Factom.org" rel="nofollow">http://Factom.org</a> and needs complement not ignore the deep research and development environment we need to profoundly edit safed social structure.<p>(Their author failed to secure funding for Gitchain and then made Factom, while the issue needs equally relate each part as a side of research, expression, development log, proof, and safety machinations important to combine.)