But upstream providers within the TTL range will. And during a DDoS like this you can bet that everybody in the chain that is on the good side is in constant communication.
A sufficiently sophisticated man in the middle can be anywhere between origin and destination and have arbitrary distribution. Proving that a particular node is responsible for a particular alteration requires using a trusted trust computer to send packets into the great wall on their first hop.
The experiment in the article required trusted trust of packets destined for the great wall passing through US infrastructure. That this infrastructure can generally be considered neutral is no guarantee that it was in this case. Any router or switch can use arbitrary tables and conditional logic on any packet. The purpose of the experiment was prosecuting a particular suspect not arm's length analysis.
So that experiment would need to be repeated in a distributed manner from as many points of origin as possible.
A friend of mine runs a honeypot service that uses servers all around the planet, someone like him would be in a good position to run analysis like this.
Logically, sufficient distribution of testing doesn't negate sufficient distribution of evil demons. Practically, if the evil demon has state actor level resources, it is more likely to have sufficient distribution than an ordinary commercial or private interest.
On the other hand, I don't think it's really necessary to prove with technology that the 中國人民解放軍 is behind this. Diplomatic logic is sufficient. The behavior is simply an internet equivalent to jamming the Voice of America.[1]
Github is broadcasting. The 中华人民共和国 has a sovereign's policies regarding broadcasting. The 中國人民解放軍 executes those policies. Github operates with a business model that ignores sovereigns at its own peril. Calling one sovereign for aid when dealing with another sovereign also carries peril.
Allowing political content in an online community always comes with the risk of trolling and flamewars. A hands off editorial policy only means Github hasn't made a tough decision about what the Github community is not. Decision day can only be put off so long.
That's the odd thing, they could jam it instantly if they so chose to. The GFWs primary purpose is to limit access to certain urls from within China.
Now of course those repos are intended to circumvent that but once someone has them they are out of reach of the GFW. So blocking those urls at the GFW would seem to be all that's really needed.
Tools like these should be accessible from as many places as possible.
Diplomatic logic suggests Github is serving as an object lesson:
1. 中华人民共和国 has laws.
2. 中华人民共和国 is well connected to the internet.
3. 中华人民共和国 can project its interests
around the world easily in rather nasty ways.
4. 中华人民共和国 can project its interests from
within its borders.
5. 中华人民共和国 has an interest in controlling
commerce within its borders.
I believe this is an act of foreign policy, not domestic. It's not about unplugging citizens from the internet. It is about achieving some parity with other state level actors in regard to what is and isn't allowed on the internet.
中华人民共和国 's interests are orthogonal to those of the US and UK. It is not so much interested in the internet as an organ of a surveillance state or as an alternative source of foreign intelligence in lieu of boots on the ground.
The mechanics of the attack are entirely within the realm of sanctioned internet behavior: visiting a site places javascript in the browser without explicit approval of the end user. The javascript may do something not in the user's interest. The javascript may generate unnecessary internet traffic. The purposes for which the javascript does so are solely the purposes of the site injecting it.
I don't consider myself subject to those terms and conditions and attacking github affects me in a very direct way. As such this is not acceptable and I hope that sufficient work will go into un-ambiguously determining who did this.
Github is a commercial interest. 中华人民共和国 has in recent years worked with commercial interests to mutually acceptable solutions. From 中华人民共和国's standpoint, what the internet's surfs want is Github's concern and they can make their business decisions accordingly.
For the same reason I use "Github" instead of saying "distributed version control ddos'ed" or "git unavailable on the internet". It picks out a more precise set of attributes and methods and limits the likelihood of slipping into anthropomorphisms such as "The Chinese." In particular it limits the range of what is historically relevant: ground combat against the US Army in the 1950's is, against the USMC in 1900 not so much.
Since I believe this is a matter of foreign policy and international trade, the sovereign and the corporation are the appropriate level of abstraction for analysis and language should reflect that in order to be clear.
I haven't read all your posts, but it seems like you've spent some time in China. You articulate matters as I'd expect a mainlander Chinese to do so, eg Western governments, or "sovereigns" as you say, restricting freedoms to maintain a harmonious society.
Never been near to China. I read some Hobbes. Thinking about sovereignty helps me referee futball matches. On the one hand in terms of foul selection and its change during the course of a match, on the other hand the abstraction of a Leviathan with six eyes, two flags and a whistle is a useful theme for the crew pregame regarding roles, responsibilities and expectations.
That Hobbes underpins pretty much any political discussion in the Anglophone world even if not explicitly acknowledged is just a bonus, and I use the terms in the sense of "is" not "ought".
That the Hobbesian model maps onto the political traditions of the Middle Kingdom and futball with little friction suggests the pervasiveness and universality of little '\p` politics.
The mechanics of the attack are entirely within the realm of sanctioned internet behavior
Not sure what you mean by "sanctioned" here. Technically possible? Yes. But also abusing and perverting the most important medium of our age.
The internet largely works BECAUSE of trust and cooperation and BECAUSE actors chose to not fuck with each other. If China truly is behind this I have half a mind to just cut them entirely out, except in a way that is exactly what they want and figuring out how to maintain the positive effects of said internet on democracy and free speech is worth the trouble.
The web is built to permit any website to load arbitrary javascript on a person's browser for whatever use that website chooses. It is also built to permit any website from loading arbitrary tracking technology for whatever purpose the website chooses, but 中华人民共和国 is not really interested in that.
There is significant evidence that the US, UK, and other state actors are fucking with people. That it is not in the same way 中华人民共和国 is is a relevant fact to some people and hair splitting to others. Likewise the trend in 中华人民共和国 toward greater democracy and in the US, UK and other nation states toward greater oligarchy is a relevant fact to some and hair splitting to others.
Free speech and democracy only exit so long as the sovereign believes they will keep the peace. The US, UK and other sovereigns willingly restrict free speech in favor of intellectual property interests in recent days. They have always been willing to curtail the trappings of popular sovereignty to keep the peace. That's the social contract.
The internet has grown where and in directions that coincide with the interests of sovereigns. Sometimes that means acceding to popular demand. Sometimes it doesnt (e.g. Napster).
