"Chinese hackers cost US economy $100,000 / h"
Well, replace random accusations and numbers by facts of course, but that's a valid question: How many employees can currently not to any meaningful work because they don't have access to what they're supposed to work on? This times salaries spent on them anyway is a good lower bound for the damage done to the economy (actual damage should be higher since employees should of course add more value to the economy than their salary).
"It's Obama's fault."
"It's the republicans."
"I make pee pee."
What mainstream news do you read?
I'm sick of this mentality that old-media news is all evil. Fox News and MSNBC are not the industry.
Disclaimer: I do not work in journalism.
It's not blind "hate" for Al Jeezera as much as concerns that the parent organization is owned by the rulers of Qatar.
Also, it's Sunday, so very few employees are expected to be working today.
Oh the irony! Actually I bet many developers are sitting on their hands when they can't access github.
I don't want to dump on github. It has been a great driver of open-source software. But by making itself a single-point-of-... so much, it kind of defeats the purpose of git sometimes.
Ideally we'd be able to download not just the repo but all the meta-info; issues, comments, pull requests, etc.
Continuous integration tools directly pull from github.
When github is down, all exchange of patches between employes essentially halts, as does continuous integration and testing.
Of course, this is not the fault of git.
This is the fault of people keeping using centralized servers, instead of setting up and using their own local servers.
The same goes for email (gmail anybody? Really???)
The Internet is meant to be a decentralized, peer-to-peer, meshed network. Not a centralized, star network!!!
Now I don't know if this was directly related, but the timing raises an eyebrow.
Nothing is "obvious".
For all we know this could be a bored teenager sitting in his basement in New York, Paris, Tokyo or Moscow.
It could also be a false flag operation by the NSA, to massage the western adolescent nerd's mindset into quietly accepting their next round of mass surveillance ("Must protect from the evil chinese!").
The Chinese openly attacking GitHub is the least plausible scenario, unless you think they are stupid.
Sorry but how would a bored teenager somewhere have control over injecting attacks in traffic passing through the "Great Firewall of China". This really doesn't seem like a typical attack to me but you are right in that I should not be claiming this an obvious attack by a nation-state without the facts.
The same way a 15yr old once took out Yahoo, CNN, eBay, Dell and Amazon: Dedication.
Perhaps it's even a Chinese activist, looking to draw attention to the firewall or to spark a little diplomatic quarrel with the US?
At least as guilty, imho.
And who is "they"? Baidu? The Chinese Government? The great firewall administrator himself?
This is the kind of story where a tech individual should probably do a compressive blog post which gets syndicated, rather than relying on journalists. I can understand why no one at Baidu, GitHub, or Fastly is doing this, though.
If companies really want the media to get on board then create a figure for how many $/hour you're losing. Heck make a widget which counts upwards (e.g. we've lost $25,000 due to this DDoS since the start).
The downside is it might just encourage the DDoS-ers, the upside is the media might take it seriously.
Is anyone out there even attempting to estimate how much revenue they've lost as a result of this DDoS?
It seems to me like you trying to make a parallel to the Sony hacking. These two instances are very different. The Sony hackers used a much more diverse toolset to inflict damage on a number of different vectors.
Perhaps it's interesting to reframe in a language that affect most people:
"Linux development halted by ciberattack!!!"
That's not completely true and too linkbaity, especially with the three bang sings. Is there another huge mainstream project hosted there?
"Hackers break hackers site!!!"
Not so appealing to most people, but you can exploit curiosity. Also, you'll get a lot of complains about the incorrect use of the word "hackers" in both positions.
Github still runs on Ruby on Rails, right?
"Massive blow to computer hobbyists as the Chinese government brings down their community website!"
Top 10 ways to DDOS a code repository. Number 7 will surprise you.
Millions of people are now accessing github. Who they are will surprise you!
You've been DDOS wrong your whole life. Find out how to do it correctly.
Millions of people now unknowingly going to github. Find out who, and why you might be too.
Also don't forget WhiteHouse has a github account...."WhiteHouse code repository under attack by China"
They beat BuzzFeed to it!
Another thing to consider: what is particularly newsworthy about it to the general public? Software technology focused people would find this very news worthy. I have little sympathy for a business of any size that uses github as its primary repository: the most-current source should be maintained on an internal server, in my opinion, and companies that require github to be fully available to operate are doing it wrong. I mean one of the primary advantages of a distributed repo is that there is a complete history for every node that has synced with the most recent commit. There shouldn't be a strong dependence on a central repo.
Most groups are not setup like the Linux kernel where there is a "gatekeeper" who is a person that directly pulls from other people's repos (or from commits sent to an email list).
A central repository becomes "the truth" and once something is "the truth" it becomes the person that wants to push their code to this repo to do the merging. There is nothing about this that is inherent to Github in particular, but telling everyone to change their "origin" remote to point somewhere else can be an issue depending on how large your group is. And what if someone manages to get a push to (e.g.) master through the Github DDoS before everyone is on the new remote repo? Now Github and BackupRemote have branched, when you really want BackupRemote to be a superset of the copy on Github.
As should the net-based political press.
Never mind what "most people" care about -- this is news.
Gizmodo, slashdot, the register.
WashPo also had a blog, as did a few other non-tech sites.
The reason they don't show as Github specifically is because it is reported as "Anti-censorship group is under DDOS"
The other group of people who care are those engaged in ongoing cyber warfare. To them Github is probably not worth defending at the risk of escalating to a wider cyber and economic conflict.
Even should US government cyber warefare assets attribute the attack directly to an entity with a direct relationship to 中华人民共和国 diplomatic corps, why would the US deploy assets to protect a company that is knowingly violating 中华人民共和国 policy? Github is neither required nor prohibited from hosting projects that violate 中华人民共和国 foreign or domestic policy. It has made a business decision for business reasons.
Don't get me wrong, I am not defending 中华人民共和国 policies in regard to the dissemination of information and propaganda [or the US policies regarding the same]. Nor am I criticizing or praising Github's business decisions. I am just explaining what I believe is the case, not what I think should or should not be the case.
If the U.S. government is not going to protect us from this shit, then what is the purpose of our military?
Yes. Why not? People complain about it not being in the "mainstream" news, but then say, "well, that's someone else's problem to deal with".
Although I'll note that it's just now getting to be a big enough story for this, i.e. how long it's gone on and how clear it's become that it is a state action.
- Hackers stealing information
- Billion dollar acquisitions
- Harassment scandals
- Apple announces anything
It's getting wall to wall online coverage mate.
Now to get back to the OPs question:
1. Mainstream media might have too much to lose if they criticize China, just like in many countries where property bubbles burst the mainstream media suppressed any mention of bubble forming since they were making out like bandits from advertising property, could be something similar happening here.
2. The story is a non-story outside nerd circles, now if Facebook or Twitter was being DDOSed your sure would hear about it since journalists do care about these sites.
I'd like to ask back some questions:
1) What makes you think it's a worthy topic?
2) What makes you think China or any powerful group - not sure in what terms this group is supposed to be powerful - has anything to do with it?
Ironically, you realize of course that if something is mainstream news (or any news at all) then that's a trophy that creates a greater likelihood of future copycat events happening. Notoriety is certainly part of the buzz of doing something like this.
(Of course, political conversations could be going on but not publicized.)
It seems almost certain, however, that in the coming week, this story will be told in the "mainstream news" (I don't really know what that is anymore tho, TBH)
I am sure, when things shake out, the attacks will be used in some political-posturing kind of way and by some politician who will judiciously use it to drum up support among an interested group.
HackerNews, Reddit, Twitter, and Facebook aren't mainstream? I beg to differ.
If this event was reported on any other media, I'd have no idea that it was occurring.