1. Censorship

Category Archives: Censorship

Why experts think China launched the cyberattacks against GitHub

Posted on by

Github, a popular site where coders store and collaborate on software projects, was hit on Thursday and again on Sunday with cyberattacks that researchers believe originated from China.

Two GitHub pages were flooded with an onslaught of Internet traffic, bringing the entire site to its knees as GitHubs servers buckled under the distributed-denial-of-service (DDoS) attack. Security experts say the attack is an attempt by China to cripple anti-censorship tools.

The attack began when an individual or group hacked software used by Baidu, Chinas largest search engine. The attackers altered the software Baidu uses to serve ads on Chinese websites, causing Baidu users computers to automatically and repeatedly connect to other sites. The attack was invisible, so Baidu users didnt know that their browsers were hammering away at other servers.

That flood of traffic was directed toward two anti-censorship tools hosted on GitHub. One is a piece of software developed by GreatFire, a non-profit group that monitors censorship in China. The Chinese government harshly restricts what websites its people may visit, and has repeatedly censored products from Google and other Western companies in recent years. The other tool under attack allows Chinese users to access a translated version of The New York Times, which is blocked in China. It isnt known who is behind the software that copies the Timess content.

GreatFires own site was subjected to a similar DDoS attack earlier in March. The traffic that flooded GitHubs servers originated from browsers outside China that used Baidus advertising software, suggesting China itself is to blame. Its unclear who exactly was behind the attack, but security researcher James A. Lewis told The Washington Post that the most likely candidate is the Chinese government itself. The attack could be a way for the government to make a show of force, or to target specific tools it dislikes.

The Chinese government briefly censored the entire GitHub site back in 2013, but reversed its decision after software developers complained that this made it too difficult for them to do their jobs. GitHub is widely used by individual programmers and software companies alike to collaborate on projects, and is all but indispensable to the technology industry. Because the site is encrypted, governments cant block access to some parts of GitHub while leaving others accessible.

The DDoS attack didnt disrupt service to Baidu itself, and the company denied that its own servers had been hacked. GitHub said in a blog post on Friday that the attack the largest in the sites history was probably meant to convince us to remove a specific class of content. As of Monday, GitHub was back up and running, and the project that allows Chinese users to access the Times was reachable.

Read the original here:

Why experts think China launched the cyberattacks against GitHub

PSA Project for English 212 SVSU (Censorship Causes Mixed Messages) – Video

Posted on by


PSA Project for English 212 SVSU (Censorship Causes Mixed Messages)
BY: Shane Guerin, Tyler Newell, Jason Churray, and Chris Currie and special guest star, Jennifer Mielke PSA Project for English 212 SVSU (Censorship Causes Mixed Messages) This is a public...

By: Shane Guerin

Read the original here:

PSA Project for English 212 SVSU (Censorship Causes Mixed Messages) - Video

is Censorship Vital in White Peoples System of White Supremacy? Pt 1 – Video

Posted on by


is Censorship Vital in White Peoples System of White Supremacy? Pt 1
I discussed what I think is an oxymoron in America, which is free speech. Do white people feel it is absolutely necessary to control speech? There is no doubt in my mind that white people censor...

By: Aaron B

The rest is here:

is Censorship Vital in White Peoples System of White Supremacy? Pt 1 - Video

China anti-censorship projects attract GitHub's largest ever DDoS attacks

Posted on by

Home News Security China anti-censorship projects attract GitHub's largest ever DDoS attacks GitHub has halted most of the distributed denial-of-service (DDoS) attacks it has faced from Thursday of last week.

Share

A GitHub service called Gists, which lets people post bits of code, was still affected,the site said yesterday (Sunday 29 March). On Twitter, GitHub said it continued to adapt its defenses.

The attacks appeared to focus specifically on two projects hosted on GitHub, according to a blogger who goes by the nickname of Anthr@Xon a Chinese- and English-language computer security forum.

One project mirrors the content of The New York Times for Chinese users, and the other is run by Greatfire.org, a group that monitors websites censored by the Chinese government and develops ways for Chinese users to access banned services.

China exerts strict control over Internet access through its "Great Firewall," a sophisticated ring of networking equipment and filtering software. The country blocks thousands of websites, including ones such as Facebook and Twitter and media outlets such as The Wall Street Journal, The New York Times and Bloomberg.

Anthr@X wrote that it appeared advertising and tracking code used by many Chinese websites appeared to have been modified in order to attack the GitHub pages of the two software projects.

The tracking code was written by Baidu, but it did not appear the search engine -- the largest in China -- had anything to do with it. Instead, Anthr@X wrote that some device on the border of China's inner network was hijacking HTTP connections to websites within the country.

The Baidu tracking code had been replaced with malicious JavaScript that would load the two GitHub pages every two seconds. In essence, it means the attackers had roped in regular Internet users into their attacks without them knowing.

"In other words, even people outside China are being weaponised to target things the Chinese government does not like, for example, freedom of speech," Anthr@X wrote.

Read more from the original source:

China anti-censorship projects attract GitHub's largest ever DDoS attacks

'Largest DDoS attack' in GitHub's history targets anticensorship projects

Posted on by

GitHub has been hammered by a continuous DDoS attack for three days. It's the "largest DDoS attack in github.com's history." The attack is aimed at anti-censorship GreatFire and CN-NYTimes projects, but affected all of GitHub; the traffic is coming from China as attackers are reportedly using China's search engine Baidu for the purpose of "HTTP hijacking."

According to tweeted GitHub status messages, GitHub has been the victim of a Distributed Denial of Service (DDoS) attack since Thursday March 26. 24 hours later, GitHub had "all hands on deck" working to mitigate the continuous attack. After GitHub later deployed "volumetric attack defenses," the attack morphed to include GitHub pages and then "pages and assets." Today, GitHub said it was 71 hours into defending against the attack.

Seven hours later, GitHub said the attackers changed DDoS tactics and it was experiencing outages again.

Four hours later, GitHub said its services were stable although it was continuing to mitigate against the large-scale DDoS attack. Four hours after that, GitHub said the ongoing attack was affecting connectivity to GitHub Gist.

The attack is aimed at GreatFire and CN-NYTimes projects that help Chinese users get around their government's online censorship, but affected all of GitHub. The traffic is coming from China.

According to analysis by Insight Labs, by a Chinese security researcher living outside of China, "My first thought was someone naughty XSSed the page, so I opened developer tools to find the source of the XSS," Anthr@X wrote. "Almost instantly I saw it was keep trying to load these two URLs: github.com/greatefire/ and github.com/cn-nytimes/ every a few seconds."

Baidu is like China's Google and many Chinese website using tracking and advertising code from Baidu. The "HTTP hijacking" was explained as "a certain device at the border of China's inner network and the Internet has hijacked the HTTP connections" and "replaced some JavaScript files from Baidu with malicious ones" that would load GitHub's GreatFire and CN-NYTimes projects "every two seconds."

CN-NYTimes gets around censorship by mirroring NYTimes and GreatFire has long been fighting against Chinese censorship.

Ten days ago, GreatFire said it was "under attack" and asked for help. Last week GreatFire wrote about having "concrete proof from Google that CNNIC (and by extension CAC) is indeed complicit in MITM attacks." That post pointed to Google Security Engineer Adam Langley saying Google was aware of "unauthorized digital certificates for several Google domains." The certificates were issued by CNNIC (China Internet Network Information Center).

While GreatFire was reportedly "delighted that Google, Microsoft and Mozilla have taken steps to blacklist the intermediate certificate used in the attack," the online censorship watchdog called on "Google, Mozilla, Microsoft and Apple to revoke trust for CNNIC immediately in order to protect Chinese user data and user data worldwide."

More:

'Largest DDoS attack' in GitHub's history targets anticensorship projects


  1. Censorship