from the pay-attention----this-matters-a-lot dept
If you want the technical details, Netresec explains how the DDoS works, noting that it's a "man-on-the-side" attack, injecting certain packets alongside code loaded by Chinese search engine Baidu (including both its ad platform and analytics platform), but is unlikely to be coming directly from Baidu itself.
But the much more interesting part is why China is using a DDoS attack, rather than its standard approach of just blocking access in China, as it has historically done. The key is that, two years ago, China tried to block Github entirely... and Chinese programmers flipped out, pointing out that they couldn't do their jobs without Github. The Chinese censors were forced to back down, leading to a sort of loophole in the Great Firewall. That leads to the next question of why China doesn't just block access to the URLs of the two repositories it doesn't like? And the answer there: HTTPS. Because all Github traffic is encrypted via HTTPS, China can't just block access to those URLs, because it doesn't know specifically what's being accessed.
And thus, we get the decision to turn its firewall around, launching a rather obvious DDoS attack on the two sites it doesn't like, with the rather clear message being sent to Github: if you stop hosting these projects, the DDoS will stop. Of course, so far Github is taking a stand and refusing to take down those projects (which is great and exactly what it should be doing).
However, this does suggest an interesting escalation in questions about the increasing attempts to fragment the internet. You see various countries demanding (or forcing) certain websites get blocked. But those solutions are truly only temporary. Because the overall internet is too important to block, and because some sites are necessary (like Github) there are always holes in the system. Add in a useful dose of encryption (yay!) and the ability to control everything that's read in one particular country becomes increasingly difficult. You might hope the response would be to give up attempts to censor, but China isn't likely to give up just like that. So, instead, it's basically trying to censor the global internet, by launching a high powered attack on the site that is the problem, while basically saying "get rid of these projects and we'll stop the attack."
It seems likely that this sort of escalation is only going to continue -- but in some ways it's actually a good sign. It shows that there are real cracks in China's attempts to censor the internet. We're basically realizing the limits of the Great Firewall of China, and useful services like Github have allowed a way to tunnel through. China is responding by trying to make life difficult for Github, but as long as Github and others can figure out ways to resist, censorship attempts like the Great Firewall will increasingly be useless.
In the early days of the internet, people talked about how it was resistant to censorship. Over the past decade or so, China has challenged that idea, showing that it could basically wall off large parts of the internet, and actually keep things semi-functional. Yes, there were always cracks in the wall, but for the most part, China showed that you could censor large parts of the internet. This latest move suggests that we may be moving back towards a world where the internet really is resistant to censorship -- and China is freaking out about it and responding by trying to increase the censorship globally. It's a battle that is going to be important to follow if you believe in supporting free expression online.