Slashdot Mirror

← Back to Stories (view on slashdot.org)

Github DDoS Attack As Seen By Google

Posted by Soulskill on from the i-can-see-my-house-from-here dept.

New submitter opensec writes: Last month GitHub was hit by a massive DDoS attack originating from China. On this occasion the public discovered that the NSA was not the only one with a QUANTUM-like capability. China has its own "Great Cannon" that can inject malicious JavaScript inside HTTP traffic. That weapon was used in the GitHub attack. People using Baidu services were unwitting participants in the denial of service, their bandwidth used to flood the website. But such a massive subversion of the Internet could not evade Google's watchful eye. Niels Provos, engineer at Google, tells us how it happened. Showing that such attacks cannot be made covertly, Provos hopes that the public shaming will act as a deterrent.

12 of 52 comments (clear)

  1. Public Shaming the Red Chinese ? by Crashmarik · · Score: 3, Interesting

    I'll love seeing how that works out. Their people are locked behind their firewall and don't get to see any criticism the government doesn't want them to see. Hell you can't even get politicians here shamed if the media doesn't do a full bore dog pile.

    1. Re:Public Shaming the Red Chinese ? by fustakrakich · · Score: 2

      You can't shame a sociopath. And even with the 'cannon' in China, do we know who lit the fuse?

      QOTD from one of the links:

      We have one network in the world today. Either we build our communications infrastructure for surveillance, or we build it for security. Either everyone gets to spy, or no one gets to spy. That's our choice, with the Internet, with cell phone networks, with everything.

      Wonderfully put

      --
      “He’s not deformed, he’s just drunk!”
    2. Re:Public Shaming the Red Chinese ? by thegarbz · · Score: 3, Informative

      Their people are locked behind their firewall and don't get to see any criticism the government doesn't want them to see.

      I wouldn't be so sure about that. It's effectively no different in China than it is in the west. Yes there are people who are locked behind technology, just like there are Americans who only ever watch Fox News. Maybe it's representative of where in China I was staying, or the class of people who I worked with, but all of them had some form of service to get around the great firewall. Even if they don't at home or on their phone (I realised this when people constantly showed me stuff on Google Maps which is blocked) then if these people work for an international corporation they nearly always have some form of corporate VPN too.

      The people are well and truly clued in on what their government is doing.

    3. Re:Public Shaming the Red Chinese ? by bill_mcgonigle · · Score: 2

      And even with the 'cannon' in China, do we know who lit the fuse?

      Almost certainly the same people who arranged for NXDOMAIN on github.com a few weeks back. They really hate that there are open source anti-censorship tools on there.

      They had to stop breaking DNS for github since most of China's Internet developers couldn't get any work done anymore.

      That Chinese developers are freely using a California hosting service which has benefits to everybody in the world, and everybody recognizes that the "damage" here is government, it actually gives me a bit of hope. People do prefer to cooperate on all things, until a few sociopaths get a set of keys.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  2. Shaming? More like helping by Sarusa · · Score: 2

    You can't shame the (mainland) Chinese government on this one. They were fairly overt about it by using their own govt search engine to do it. It's a scarcely veiled threat to anyone who might want to mess with them, like doing an atomic bomb test or running your aircraft carriers around in sensitive regions. I'm sure they welcome the extra publicity.

    1. Re:Shaming? More like helping by tnk1 · · Score: 4, Insightful

      "As the representative of the Chinese government, I can categorically deny the Chinese government's use of Baidu for a highly effective attack on GitHub. We did not make use of this capacity, which can be used to quickly and efficiently shut down any networked target at will.

      As China is a responsible citizen of the world, we would never use specially trained teams of professional PLA hackers to provide a demonstration of our significant power.

      Although China is a global superpower and leader in computer science education, and we certainly have the ability to call down multiple, simultaneous, and devastating defensive DDoS's, (a tactic that we refer to as the Great Worker's and Peasants' Rain of Steel), we are a peace loving nation who does not resort to aggression to pursue our policies.

      We condemn in the strongest terms this attack, although we do note its effectiveness and our preparation to do battle on these terms, if such a thing was necessary to maintain the sovereignty of the People's Republic of China from similar aggression.

      Thank you."

  3. Shitty story, shitty blog by Anonymous Coward · · Score: 5, Insightful

    >Will China get the message ?

    What message? The one it has been getting forever, the one that says "we know it's you, but we're never going to do anything about it because we rely on you for cheap everything"?

    1. Re:Shitty story, shitty blog by myid · · Score: 2

      we're never going to do anything about it because we rely on you for cheap everything"?

      That's true, but I'm afraid it's even worse than that. If China is the only country with factories for certain items, then we rely on them for those items, cheap or not. China is developing the power to tell us to stop supporting Taiwan or whatever, or else they'll stop selling us things that we need.

      The US government should make up a list of manufactured goods that the US needs. Then have tax incentives for US companies to make those items in the US, with American managers and workers.

  4. Easy to solve by melting_clock · · Score: 2

    Cyber attacks by China are easy to fix; give them exactly what they want and cut them off the Internet. Problem solved.

    The website operators have little ability stop these attacks but those controlling the Internet infrastructure between the attacker and victim absolutely do. Once the attacker is identified there should be procedures to quickly block the attack. If that means taking an entire country off the Internet to encourage them to stop the attack and not do it again in the future that is perfectly reasonable action.

  5. A "subversion" of "github"... by RingDev · · Score: 4, Funny

    I see what you did there.

    -Rick

    --
    "Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
  6. Yes and No by s.petry · · Score: 2

    Sure, the US needs enemies but this is not the case of faking enemy action. This attack was easily traced to Chines devices which were injecting Javascript into HTML files, resulting in a massive DDOS. The servers performing this were part of the Chinese version of Google, which returned contaminated cache pages to queries.

    Call me a skeptic, but I don't think the injections were limited to the cache servers Google names. I think this was done at a lower level to achieve the scale. The reason for the attack is somewhat of a mystery as well. China can just block Github, they don't need to DDOS.

    --

    -The wise argue that there are few absolutes, the fool argues that there are no probabilities.

  7. Shaming anyone? Hahahaha by X.25 · · Score: 4, Insightful

    Shaming "western" governments/agencies doesn't have any effect at all, why would anyone think thank shaming Chinese would be any different?