Feeds

Great Firewall architects fingered for GitHub attack

Crude man-in-the-middle attack followed White House petition

  • alert
  • submit to reddit

Next gen security for virtualised datacentres

The Chinese computer scientists who helped build the country’s infamous Great Firewall may have been responsible for a man-in-the-middle attack on users of GitHub after they were named and shamed on the social code sharing site.

This is the theory put forward by GreatFire.org, a not-for-profit organisation which monitors and reports on online censorship in China. It explained in a blog post that users trying to access GitHub last weekend were faced with browser messages warning of an invalid SSL certificate – a tell-tale sign of a man-in-the-middle attack.

“The attack happened on a Saturday night. It was very crude, in that the fake certificate was signed by an unknown authority and bound to be detected quickly. The attack stopped after about an hour,” said GreatFire.org.

Its theory is that the attack was connected to a high profile petition created on the White House web site the day before.

This petition – which has now amassed over 9,000 signatures and could theoretically end up influencing US policy – calls on the Obama administration to deny entry to the architects of the Great Firewall, should they try and visit the US in the future.

A link on the petition takes the user to another GitHub page listing the names and some contact details of three key figures responsible for the Great Firewall.

Among the comments are the supposed address and ID number of Fang Binxing – often dubbed Father of the Great Firewall – and a link to another list with scores of others named and shamed.

GreatFire argued that because GitHub is HTTPS only, the authorities in China cannot block individual pages but only the entire site. This actually happened around a fortnight ago but after pretty vocal protests from developers who rely on the site to collaborate, it was unblocked again.

In this way, “the only tool left in the censorship toolbox is man-in-the-middle attacks” which can help the attackers intercept and monitor traffic, said GreatFirewall, adding the following:

"The whole episode seems rather irrational. It’s conceivable that one or several individuals identified on these lists as enemies of a free internet decided to take action into their own hands. They are the technical people behind the Great Firewall and so they would clearly be capable of implementing this attack. They had a motive in that they were personally being targeted by the people behind the White House petition. And they had no other options since they had been barred from blocking GitHub completely."

The Party has certainly been unafraid in the past to completely block sites or even cut the internet for large swathes of the population if social order is threatened.

However, it faces a more difficult problem if the sites in question are deemed too important to the international competitiveness of Chinese businesses to take down completely – as GitHub’s supporters argued.

This is where man-in-the-middle comes in. Although the attack last weekend was limited in scope, pretty crude and flagged by most browsers, GreatFire warned that such attacks may become more common and sophisticated in the future, especially if the number of sites in China using HTTPS keeps growing. ®

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New twist as rogue antivirus enters death throes
That's not the website you're looking for
prev story

Whitepapers

Best practices for enterprise data
Discussing how technology providers have innovated in order to solve new challenges, creating a new framework for enterprise data.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?