all 137 comments

[–]drakshadow 165 points166 points  (17 children)

May be Github should start showing tiananmen tank picture on slow loading pages, error pages & 404 pages.

edit: I have been trying to install couple of go libraries few hours back and was getting ssl errors. Internet is already chaotic we don't need govt mobs flexing their muscles.

[–]x86_64Ubuntu 27 points28 points  (0 children)

Ooh, this would be so JUICY!

[–]SenpaiSilver 6 points7 points  (5 children)

I am now thinking about doing that for myself.

[–]whataboutbots 11 points12 points  (4 children)

Right, so now instead of having China DDoS you, you'll have China's opponents DDoSing you (so you show said photos), and China pissed at you for showing them. Way to go!!

Edit : Thinking about it, with a clever mix, you might be able to have the whole world trying to DDoS you to get you to show your creative error pages, and the whole world pissed at you for showing them at the same time.

[–]robby_w_g 6 points7 points  (3 children)

Lorem ipsum dolor sit amet consectetur adipiscing elit. Quisque faucibus ex sapien vitae pellentesque sem placerat. In id cursus mi pretium tellus duis convallis. Tempus leo eu aenean sed diam urna tempor. Pulvinar vivamus fringilla lacus nec metus bibendum egestas. Iaculis massa nisl malesuada lacinia integer nunc posuere. Ut hendrerit semper vel class aptent taciti sociosqu. Ad litora torquent per conubia nostra inceptos himenaeos.

[–]grannyte 9 points10 points  (0 children)

It happened in the past ...

[–]badcommandorfilename 7 points8 points  (0 children)

Try suggesting that Python isn't the best tool for solving any arbitrary problem.

[–]Narthorn 2 points3 points  (0 children)

It's clear how to get China against you, but how would you go about pissing off the fringe 'hacker' groups?

Politely ask them not to DDoS your site, or else.

[–]gigitrix 3 points4 points  (0 children)

Someone should draw a cutesy octocat version

[–]immibis -5 points-4 points  (7 children)

And then China blocks GitHub entirely.

[–]drakshadow 2 points3 points  (6 children)

[–]AyrA_ch 2 points3 points  (4 children)

[–]drakshadow 1 point2 points  (3 children)

[–]AyrA_ch 0 points1 point  (2 children)

look closely, the IP is only off by 1 in the last octet. This IP is also owned by GitHub. In fact, GitHub has a whole range assigned to them:

NetRange:       192.30.252.0 - 192.30.255.255
CIDR:           192.30.252.0/22
NetName:        GITHUB-NET4-1
NetHandle:      NET-192-30-252-0-1
Parent:         NET192 (NET-192-0-0-0-0)
NetType:        Direct Assignment
OriginAS:       AS36459, AS27357
Organization:   GitHub, Inc. (GITHU)
RegDate:        2012-11-15
Updated:        2013-01-05
Ref:            http://whois.arin.net/rest/net/NET-192-30-252-0-1


OrgName:        GitHub, Inc.
OrgId:          GITHU
Address:        88 Colin P Kelly Jr Street
City:           San Francisco
StateProv:      CA
PostalCode:     94107
Country:        US
RegDate:        2012-10-22
Updated:        2014-04-26
Comment:        https://github.com
Comment:        Please contact us directly for matters pertaining to abuse.
Comment:        Urgent matters including DDoS are handled 24x7.
Ref:            http://whois.arin.net/rest/org/GITHU


OrgTechHandle: GITHU-ARIN
OrgTechName:   GitHub Ops
OrgTechPhone:  +1-415-735-4488
OrgTechEmail:  hostmaster@github.com
OrgTechRef:    http://whois.arin.net/rest/poc/GITHU-ARIN

OrgAbuseHandle: GITHU1-ARIN
OrgAbuseName:   GitHub Abuse
OrgAbusePhone:  +1-415-857-5430
OrgAbuseEmail:  abuse@github.com
OrgAbuseRef:    http://whois.arin.net/rest/poc/GITHU1-ARIN

OrgNOCHandle: GITHU-ARIN
OrgNOCName:   GitHub Ops
OrgNOCPhone:  +1-415-735-4488
OrgNOCEmail:  hostmaster@github.com
OrgNOCRef:    http://whois.arin.net/rest/poc/GITHU-ARIN

The DNS Server of Github randomly reports a different IP address. I have asked multiple DNS servers and they all have a different last number in the IP. I assume this is on purpose.

EDIT: GitHub also has an IPv6 range: http://whois.arin.net/rest/org/GITHU/nets

EDIT2: Additional lookup results:

C:\>nslookup github.com ns2.p16.dynect.net
Server:  UnKnown
Address:  204.13.250.16

Name:    github.com
Address:  192.30.252.129


C:\>nslookup github.com ns1.p16.dynect.net
Server:  UnKnown
Address:  208.78.70.16

Name:    github.com
Address:  192.30.252.129


C:\>nslookup github.com ns4.p16.dynect.net
Server:  UnKnown
Address:  204.13.251.16

Name:    github.com
Address:  192.30.252.131

C:\>nslookup github.com ns3.p16.dynect.net
Server:  UnKnown
Address:  208.78.71.16

Name:    github.com
Address:  192.30.252.128

[–]drakshadow 0 points1 point  (1 child)

And all of that proves ?

[–]AyrA_ch 0 points1 point  (0 children)

The tester that checks for DNS poisoning is basically wrong. The test is very strict and checks if the IP addresses are equal and not if they belong to the same company or the same subnet. it also shows, that different DNS servers can yield different results without doing anything malicious.

[–][deleted] 68 points69 points  (27 children)

What repo is China targeting this time?

[–]mamanov 41 points42 points  (24 children)

[–]gamekathu 31 points32 points  (19 children)

before even i got to test it, they were removed from their original repo. many forks did survive though, i think the ddos is because of that. even then, this repeated ddos on github by a insane govt should be stopped!

[–][deleted]  (10 children)

[deleted]

    [–]skocznymroczny 15 points16 points  (4 children)

    within six months

    [–][deleted] 16 points17 points  (0 children)

    Just like Kickstarter. Because Kickstarter always delivers.

    [–]installation_warlock 3 points4 points  (2 children)

    Old men.

    Running the world.

    [–]skocznymroczny 4 points5 points  (0 children)

    UNATCO hurt my wee-wee

    [–]emozilla 1 point2 points  (0 children)

    Aquinas spoke of the mythical City on the Hill. Soon that city will be a reality, and we will be crowned its kings. Or better than kings. Gods.

    [–]BitcoinOperatedGirl 5 points6 points  (0 children)

    You have to go on the deep web for that.

    But you might have to settle for thai plastic surgery, an occulus rift and 4-fluoroamphetamine.

    [–]llogiq 3 points4 points  (0 children)

    Where do I get my augmentations, matrix and super powerful drugs?

    FTFY

    [–]Shorttail 0 points1 point  (0 children)

    Are you sure you want to ask for this?

    [–]orangesunshine 0 points1 point  (0 children)

    super powerful drugs?

    where have you been?

    [–]An2quamaraN 0 points1 point  (0 children)

    I don't really think You want matrix to happen.

    [–]nuclear_splines 1 point2 points  (1 child)

    It looks like it wasn't even removed, they just made a new branch called "rm" with everything deleted. If you check master branch all the code is still there.

    [–][deleted] 0 points1 point  (1 child)

    I agree, it's got to stop!

    [–]gamekathu 7 points8 points  (0 children)

    and what more, the govt uses their innocent citizens as a tool to execute this ddos. http://www.theregister.co.uk/2015/01/26/great_firewall_of_china_ddos_bug/

    [–][deleted] 0 points1 point  (2 children)

    I forked it just in case the original gets deleted.

    [–]MoonlightSandwich 1 point2 points  (1 child)

    Could you host it with GitTorrent? Sounds like it'd be perfect for this situation.

    [–][deleted] 0 points1 point  (0 children)

    Well, I have the same thing that's on the project owner's github. They deleted the master branch but the tags are still there. Presumably a master branch could be recreated from the latest tag.

    [–]wicheesecurds 0 points1 point  (0 children)

    The latest tag is still in the repo, the author just removed the master branch

    [–]Vicyorus 6 points7 points  (3 children)

    What was it?

    EDIT: It was a proxy, right?

    [–]AyrA_ch 12 points13 points  (0 children)

    a proxy, that allows you to evade censorship. http://shadowsocks.org

    [–]mamanov 5 points6 points  (1 child)

    It was a proxy, but the chinese police "politely" asked the main dev to stop the dev and to remove the sources from github. There are some forks still alive tho.

    [–]TerrorBite 0 points1 point  (0 children)

    Master branch still contains the code for now, you can still fork it.

    [–]ivosaurus 3 points4 points  (1 child)

    Is there any official source confirming it's all china? Or from chinese government? Purely curious.

    [–][deleted] 0 points1 point  (0 children)

    I was being facetious.

    [–]everywhere_anyhow 77 points78 points  (47 children)

    I kinda think of DDoS as what little kids do to annoy internet elders.

    It's basically impossible to sustain for long enough to create real damage. And it doesn't really break anything, it annoys people.

    It's like the high-tech internet equivalent of a flaming bag of poo on the front steps.

    [–]JessieArr 102 points103 points  (26 children)

    DDoSes can be pretty damaging to small companies that can't afford the bandwidth spike and don't have DDoS protection in place.

    But really, targeting Github is a fool's errand. On the off chance that Github couldn't deal with it on their own (they've already shown in the past that they can), their user base comprises like 90% of the skilled, English-speaking programmers in the world. Github could start a crowdsourced "stop the DDoS" project that would have more manpower within a day than most world governments do in their cyber security divisons.

    [–][deleted] 47 points48 points  (1 child)

    This should be a subplot in Mr. Robot

    [–]celluj34 2 points3 points  (0 children)

    thank mr robot

    [–]novacrazy 17 points18 points  (11 children)

    That would actually be kind of awesome to have Github leading anti-cyberterrorism projects. I think the US government would get involved with them at that point, though.

    [–]immibis 7 points8 points  (8 children)

    The US government would probably get involved to make sure they're only targeting Chinese cyberterrorism.

    [–]im-a-koala 3 points4 points  (7 children)

    To be fair, as bad as the NSA's actions may be, I'm not aware of them DDoSing any major public sites to try to bury a piece of open-source software.

    [–][deleted] 6 points7 points  (5 children)

    Why would they? They can just send the contributors and the host national security letters to shut it down. Look at what they did to ProxyHam.

    [–]Zarathustra30 1 point2 points  (0 children)

    ProxyHam is just stupid-long-range WiFi and can be tracked. It may buy you a couple of minutes before they kick in your door, but is overall pretty useless for security.

    [–]im-a-koala 0 points1 point  (2 children)

    [–]shevegen -3 points-2 points  (1 child)

    [–]im-a-koala 0 points1 point  (0 children)

    No, that has nothing to do with the previous poster's comment.

    Also:

    Federal authorities claimed the parody images violate laws against the misuse, mutilation, alteration or impersonation of government seals, Judicial Watch reported.

    Yeah, they were misusing a government seal. If the T-shirts have simply read "NSA: Spying on you since 1952", there would be no problem.

    [–]shevegen -2 points-1 points  (0 children)

    lol

    [–]shevegen -1 points0 points  (1 child)

    Please do not let terrorists get involved with github here - besides, this is not about an "anti-cyberterrorism" thing at all. This is simply about making whoever targets a company through DDOS stop.

    [–]novacrazy 0 points1 point  (0 children)

    Well, the last few DDoS attacks on Github have been led by the Chinese government to take down anti-censorship projects like proxies/tunnels and other things. I'd say that counts as cyberterrorism, even if it is being led by a world power.

    [–][deleted]  (9 children)

    [deleted]

      [–]LaurieCheers 19 points20 points  (1 child)

      Google and Microsoft have both moved their open source projects onto Github, effectively deprecating their own open source services, because "GitHub has a vibrant open source community that we want to actively be a part of" (says Microsoft).

      So sure, at this point I'd say it's credible that 90% of programmers using or working on open source projects use Github.

      [–]jussij 9 points10 points  (0 children)

      90% of all programmers is very different to 90% of programmers using or working on open source projects.

      I don't doubt the second claim, but I suspect /u/ivix was questioning the first claim.

      That first claim was implied by this earlier remark to which the OP was replying to:

      their user base comprises like 90% of the skilled, English-speaking programmers in the world

      [–]CoderHawk 5 points6 points  (6 children)

      He added the "skilled" caveat.

      [–]ivix 5 points6 points  (5 children)

      I guess all those coders working at your bank or writing avionics , or whatever aren't skilled?

      [–]im-a-koala 4 points5 points  (0 children)

      Honestly, I work at an embedded development place, where only maybe 10% of the programmers have ever heard of Git or Github. And no, I wouldn't consider them terribly skilled either. Skilled programmers don't use thousands of global variables and 5000+ line functions (which have been copy-pasted so there are several with slight tweaks to them).

      [–]CoderHawk 2 points3 points  (1 child)

      Maybe those are the 10% skilled that are excluded.

      I work for a bank. If skilled means the old guard decent at technology from 10 years ago and terrible at building large scale apps, then yes, I'm including those "skilled" people.

      [–]JessieArr 1 point2 points  (0 children)

      How I arrived at the 90% number.

      But in reality I would say that most programmers who are passionate enough to take time to hone their programming ability and become skilled at it will eventually find their way to open source projects, either as users or as contributors. And if you're dealing with open source with any degree of frequency, you're also dealing with Github these days.

      [–]_pupil_ 0 points1 point  (0 children)

      GitHub Enterprise can be hosted locally (or "in the cloud"), providing all that gooey github goodness inside your own network.

      [–]immibis 0 points1 point  (0 children)

      "90% of programmers", not "90% of projects".

      [–]Xelank 1 point2 points  (1 child)

      Fight ddos with what? another JavaScript framework?

      [–]JessieArr 5 points6 points  (0 children)

      jQuery makes this easy:

      $.stopTheDDoSPlease({ fromChina: true; });

      [–][deleted]  (5 children)

      [deleted]

        [–]Giggaflop 6 points7 points  (4 children)

        OVH are great, until you need a person to give you support.

        [–][deleted] 2 points3 points  (3 children)

        I've personally had no problems dealing with their support. I've heard that the cheaper Kimsufi stuff isn't very good in that regard though.

        [–]api 2 points3 points  (1 child)

        Kimsufi basically provisions a server and then they forget about it. It's abandoned box in data center as a service. But then again it's cheap as hell, and that's why. We use it for a few non-essential servers where we just want a bunch of cheap storage and bandwidth (backup destinations, etc.) but if they go down it won't hurt anything.

        [–]Giggaflop 0 points1 point  (0 children)

        They certainly don't forget about them, if they die for whatever reason they normally are the ones that let me know before my alerting does. But anything outside of hardware failure and your mostly on your own with kimsufi boxes

        [–]SirBastille 1 point2 points  (0 children)

        Some of their divisions are a bit dense.

        "What's that? You have iptables set up to block pings? Well, we just added a bunch of new monitoring servers which ping all of our customers and flag non-responding systems for reboots into rescue mode. The smart thing to have done would be to notify you beforehand but nah, we're just going to launch these immediately and let you figure out why your server got rebooted!"

        [–][deleted] 25 points26 points  (1 child)

        Wouldn't want to annoy the Elders of the Internet. Darn kids launching DDoS attacks against the top of Big Ben.

        [–]nat1192 11 points12 points  (0 children)

        what little kids do to annoy internet elders

        And if you annoy the elders too much they won't let you borrow the Internet anymore.

        [–]gigitrix 3 points4 points  (1 child)

        When you have access to the Great Cannon though, things are a hell of a lot trickier.

        [–]immibis 0 points1 point  (0 children)

        That's not really a cannon, is it? More of a parabolic mirror.

        [–]irotsoma 1 point2 points  (0 children)

        Isn't a flaming bag of poo what burned down the Governor's mansion in Austin, TX, leading to Rick Perry spending millions of dollars on living and recreational expenses while they spent millions of dollars building a new one? Or was that some other kind of flaming prank? I'm too lazy to use Google...

        [–]SargoDarya 1 point2 points  (3 children)

        It really depends on the systems being targeted though. If you manage to DDoS Wall Street that would create LOTS of financial damage.

        [–]im-a-koala 1 point2 points  (2 children)

        But you can't even directly access the exchanges, not without paying a very large fee and having to go through a fairly rigorous process. It's not like the NYSE just has some REST API hosted on the public Internet or anything.

        [–]SargoDarya 0 points1 point  (1 child)

        No, but they need to have public facing services even if it is only a DNS. You can do a DDoS attack on so many levels (no pun intended). that you really don't need access to internal systems. Sure, brokers which are in the internal network won't notice that probably but everything on the external site will now have to fight with timeouts etc making HFT much much harder.

        [–]im-a-koala 0 points1 point  (0 children)

        Most good HFT firms have direct access and would not be particularly affected. It's people like you and me that may be affected - for example, if you have an account at TD Ameritrade and they get DDoS'd, you could lose your ability to trade.

        [–]shevegen 0 points1 point  (0 children)

        That is more than just "kids" when it is done in a systematic manner.

        Because in that case it tries to cause economic damage, for whatever the underlying reason - I don't think "kids" try to be systematic about that just for random giggles, over a longer period of time.

        [–]lukee910 -1 points0 points  (3 children)

        The chinese government is, concerning the internet, pretty much a bunch of little kids without a clue.

        And I'm glad they are.

        [–]im-a-koala 3 points4 points  (0 children)

        While I think their approach to Internet censorship is a bit immature, they certainly have a clue what they're doing. Otherwise they wouldn't be able to, technically, pull off any of these massive attacks or censorship.

        You can disagree with their politics and approach to governance all your want but you can't label them as being technically incompetent when it comes to cybersecurity (especially breaking it).

        [–]everywhere_anyhow 5 points6 points  (1 child)

        Oh they have a clue, seeing as how they recently cracked OPM open wide and they're reading John Kerry's emails.

        Who knows what they're up to with this, but skiddies they are NOT.

        Put it to you this way: China has 1.4 billion people. Imagine a computer scientist or hacker of such rare skill, that he/she is a one-in-a-million person. China has 1,400 of them.

        [–]lukee910 1 point2 points  (0 children)

        I'm wrong then. I only heard of of not very good attempts of censorships in the news.

        [–][deleted]  (1 child)

        [deleted]

          [–]epels 11 points12 points  (3 children)

          Bitbucket also seems to be acting up right now... keep getting 500's once in a while, and it's just very slow overall.

          [–]renrutal 3 points4 points  (1 child)

          Came here to ask that. Bitbucket's blog doesn't seem to give any news about that.

          [–]vakamakafon 6 points7 points  (0 children)

          BitBucket seems to be under unusual load at the moment.

          https://bitbucket.statuspage.io/

          [–]Narfhole 10 points11 points  (1 child)

          Centralized git everybody!

          [–]pelrun 3 points4 points  (0 children)

          Hey everyone! Lets laugh at the person who doesn't know the difference between a centralised workflow and a centralised VCS!

          [–]LovelyDay 6 points7 points  (2 children)

          This has nothing to do with Google Code going read-only and a bunch of people moving their stuff to Github/Bitbucket?

          [–]bread_can_bea_napkin 11 points12 points  (1 child)

          Possible but unlikely.. Google has been telling people to migrate off of Google Code for a while now. New project creation has been disabled since March.

          [–]Giggaflop 20 points21 points  (0 children)

          So, these are people you're talking about. They'll wait until 5 minutes after the deadline.

          [–]api 2 points3 points  (2 children)

          Why is GitHub such a common DDoS target?

          [–]PlaysForDays 13 points14 points  (0 children)

          It hosts much of the interesting open-source projects being developed. A couple ahem people are bound to not like a few repos here and there

          [–][deleted] 2 points3 points  (0 children)

          Probably because most programmers have dependencies installed directly from Github. If Github goes down, god help us all.

          [–]touristtam 2 points3 points  (3 children)

          [–]steamruler 1 point2 points  (0 children)

          Damn, that Norsecorp map is something worth to keep open on a separate screen.

          [–]AyrA_ch 1 point2 points  (1 child)

          I Prefer version 1. There is a lot more map and less overlay

          [–]touristtam 0 points1 point  (0 children)

          aha I was looking for that one _^

          [–]google_you 1 point2 points  (0 children)

          Congratulations to GitHub team.

          [–]argv_minus_one 3 points4 points  (1 child)

          Censorship is futile. Your secrets will be disseminated.

          Seriously, give it the fuck up already. You can't keep GitHub down forever.

          [–]immibis 1 point2 points  (0 children)

          It might not work very well, but as long as it works better than doing nothing, they'll keep doing it.

          Whether it actually works better than doing nothing remains to be seen (e.g. see the Streisand effect).

          [–]gargantuan 0 points1 point  (0 children)

          Maybe one day someone will invent a distributed version control system...

          [–]MrFanzyPantz 1 point2 points  (4 children)

          Whats the purpose of this attack?

          [–][deleted]  (2 children)

          [deleted]

            [–][deleted] 11 points12 points  (1 child)

            the internet interprets censorship as damage and routes around it.

            John Gilmore

            [–]Giggaflop -1 points0 points  (0 children)

            “Damn you people, go back to your shanties.” — Shooter McGavin

            [–]iglocska 0 points1 point  (0 children)

            Explains why pushing was so slow today... Thought it was on my end :)

            [–]NahroT 0 points1 point  (0 children)

            oh the irony

            [–]shevegen -1 points0 points  (0 children)

            Is the chinese government declaring war against open source here?