China's Man on the Side Attack of Github [Link]

April 04, 2015 by Gabe | [mmd] | ℳ↫

This seems like an absolutely terrible precedent. Javascript injection of 1% of Chinese Baidu users is all it takes to bring Github down. Imagine what they could do with 5%.

Oh, and also trying to make forensics more difficult:

What is interesting with this new attack on GitHub is that the attackers are now trying to make it difficult to locate the injection point of the malicious JavaScript by modifying the IP TTL values of injected packets.

By way of Craig Hockenberry. Be sure to read his original post that predates the Github attack.