

Ask HN: Block Baidu - nailer

If what we read at http:&#x2F;&#x2F;www.netresec.com&#x2F;?page=Blog&amp;month=2015-03&amp;post=China%27s-Man-on-the-Side-Attack-on-GitHub and http:&#x2F;&#x2F;www.washingtonpost.com&#x2F;world&#x2F;asia_pacific&#x2F;anti-censorship-group-china-behind-cyberattacks-on-us-sites&#x2F;2015&#x2F;03&#x2F;31&#x2F;f7e2e910-d781-11e4-bf0b-f648b95a6488_story.html is true, then Baidu&#x27;s network is being used to attack GitHub and the worldwide technology industry.<p>But Baidu, like everyone else, has a responsibility to ensure their network isn&#x27;t used to attack others. Yes, China is a large and powerful malicious actor. But Baidu is a global presence - this entire attack uses their outside-of-China audience - and a NASDAQ listed company $BIDU. There are many things Baidu could do to ensure its network aren&#x27;t used to attack others, most obviously locate servers used by customers outside China inside a secure network where they can not be compromised, i.e. outside China. This may be difficult, but that does not change the fact that it is still Baidu&#x27;s responsibility to stop their networks from being used to attack others.<p>Until such time as Baidu have taken active steps to prevent their networks from being used to attack others, we should drop their packets and consider their network compromised.
======
alondonstartup
Baidu has to comply with the Chinese government, it is effectively almost
impossible for them not to. Considering there are communist party officials
embedded within Baidu's office. And they would not be able to exist without
the permission and good relations with the Chinese Government - or the
Government would just take control.

Also Baidu has an interest in working with the Chinese government or at least
allowing some of this to happen without kicking up a fuss because China
helpfully blocks all Western technology companies to ensure that they can copy
and clone their own versions without foreign companies gaining any market
share.

Block them.

------
auganov
I don't think it only affects servers outside of China. Just users loading
Baidu Analytics from outside of China. Given that most of these sites are
probably domestic, they'd need to take action domestically. All non-Chinese
sites blocking Baidu would do little to mitigate the attack.

Also I don't think it's accurate to say "their networks are being used to
attack others". Nor does their network have to be compromised. Someone is just
MITMing their js. (assuming their innocence and no hack).

Baidu is in a very bad position (govt-relations wise). Best they can do is
report it to some department/police and hope for an answer.

~~~
nailer
Since the consumer traffic to Baidu, that is being told to attack GitHub,
comes from outside the GFW, a tier 1 provider could block consumer access to
Baidu and stop the attacks (since people can't visit Baidu, and therefore
don't have their browsers told to attack github via JS injection).

> lso I don't think it's accurate to say "their networks are being used to
> attack others".

It's Baidu's datacenter, and Baidu's bandwidth, which Baidu pay for.

> Baidu is in a very bad position (govt-relations wise). Best they can do is
> report it to some department/police and hope for an answer.

Yep. Or add extra capacity outside China.

