Everyone who cares about free speech should care about the attacks on Github

31 Mar 2015 | Author: | No comments yet »

China Appears to Attack GitHub by Diverting Web Traffic.

If you’re not a programmer, you’ve probably never heard of Github, a website programmers use to track and share software source code. A nonprofit group developing tools to get around Chinese online censorship says the Chinese government is behind a recent attack that sent a flood of traffic to its site and services.According to The Wall Street Journal, the ongoing cyber assault directed massive volumes of traffic from China’s popular Baidu search engine to GitHub, paralyzing GitHub’s website in what appears to be an attempt to shut down anti-censorship tools.Activists battling internet censorship in China said Monday they had proof a massive online assault on their websites had been coordinated by the Chinese authorities.

China is effectively using the national firewall in place to censor the Internet for Chinese residents to weaponize the browsers of millions of global Internet users, according to GreatFire. Citing unnamed security experts, the Journal said traffic was directed specifically to two GitHub pages with links to websites that are banned in China—one from Greatfire.org that helps users circumvent government censorship, the other the New York Times’ Chinese-language site. In recent days, popular coding service GitHub faced a massive denial of service (DDoS) attack – an online attack aimed at bringing down a service by overloading it with fake traffic.

But in a recent series of attacks on websites that try to help Internet users in China circumvent this censorship, the Great Firewall appears to have been used instead as a weapon, diverting a portion of the torrents of Internet traffic that flow through it to overload targeted websites. Github, a popular site where coders store and collaborate on software projects, was hit on Thursday and again on Sunday with cyberattacks that researchers believe originated from China. As of press time, Greatfire’s website was reporting a connection error; the company has asked Twitter users to send samples of the code behind the attack. In a statement on the GreatFire.org blog, an activist identified as “Charlie” wrote: “On March 17th 2015, our websites and partner websites came under a DDoS attack. The aggressive new strategy shows vividly how Beijing is struggling to balance its desire to control the flow of information online with the aim of encouraging the growth of its tech sector.

The company’s engineers have been working around the clock to keep the site operational, but it won’t be easy for Github to keep resisting the sophisticated attacks. The attackers altered the software Baidu uses to serve ads on Chinese websites, causing Baidu users’ computers to automatically and repeatedly connect to other sites. If programmers have software they want to share — either inside the same company or with the general public — Github is the most popular way to do it. Among the users targeted were customers of Baidu, which offers a Chinese search engine and a Wikipedia-like service, and is one of China’s largest internet companies. Because GitHub is fully encrypted, China’s domestic web filters cannot distinguish between pages that host code useful to programmers and code that circumvents censorship.

In 2013, when the government fully blocked GitHub, it caused an outcry among China’s many computer engineers, leading to the site’s subsequent unblocking. In January, many virtual private network (VPN) services used by those in China to evade online censorship became inaccessible within the country. “The last couple months, we’ve seen a real sea change in Chinese Internet policy, where they’ve become more assertive about blocking Western sites and pushing back on their citizens’ ability to access information from outside of the country,” said James A. In a number of recent public appearances, China’s Internet czar, Lu Wei, has called for respect for China’s Internet sovereignty, meaning that China should have the right to manage the Internet within its borders as it wants.

But the decision was reversed just two days later, after the government got an earful from Chinese engineers, who said they wouldn’t be able to do their jobs effectively without access to the huge amount of useful computer code available on the Github site. The traffic that flooded GitHub’s servers originated from browsers outside China that used Baidu’s advertising software, suggesting China itself is to blame. That means the government has to choose between blocking the site altogether — which could damage the competitiveness of China’s technology sector — or let its users access everything, including politically sensitive content. This kind of attack, known as a distributed denial-of-service (DDoS) attack, is designed to overwhelm Github’s servers and make the site inaccessible to legitimate users. In particular, because the traffic comes from real users scattered across the globe, instead of a concentrated network of infected computers, it is hard to sort the real traffic from the fake.

GitHub is widely used by individual programmers and software companies alike to collaborate on projects, and is all but indispensable to the technology industry. First, many of the attacks targeted two Github addresses — https://github.com/greatfire/ and https://github.com/cn-nytimes/ — that are associated with anti-censorship projects. But it appears that signals to or from Baidu ads and analytics tools are being redirected toward the targeted sites when users outside China visit a site inside China. GitHub said in a blog post on Friday that the attack – the largest in the site’s history – was probably meant to “convince us to remove a specific class of content.” As of Monday, GitHub was back up and running, and the project that allows Chinese users to access the Times was reachable.

Baidu says it wasn’t responsible for this malicious code, which either means Baidu was hacked (it says it wasn’t) or someone was modifying Baidu pages as they traveled from Baidu to the user. If all of these attacks are coming from the same corner of the internet, that’s relatively easy — they can just block a range of internet addresses controlled by the attackers, while keeping the site available for everyone else. It appears Github came up with a clever countermeasure: when it received a request from one of the URLs that had been targeted for attack, it responded with code that caused the victim’s computer to display an alert with the message “WARNING: malicious javascript detected on this domain.” This not only warned users that they were unknowingly participating in the attack, it also stopped that computer from attacking until the user acknowledged the alert, which is better than nothing.

So far, Github has shown no sign that it’s ready to surrender, and over time it may become more difficult for the attackers to come up with new tactics.

Here you can write a commentary on the recording "Everyone who cares about free speech should care about the attacks on Github".

* Required fields
Our partners
Follow us
Contact us
Our contacts


ICQ: 423360519

About this site