[andreyf]

Was that trusted root cert ever misused? IIRC, it was un-trusted because they did not do their due diligence on how an issued sub-cert was being used by an Egyptian company.

What does the GitHub DDOS have to do with MITM attacks on https?

[mil0]

the ddos was achieved by altering the contents of one of the script on a large chinese site (was it baidu? google it). Once every user on that site loaded the tampered script, it made sure to send many requests to github.

[therein]

Was the large Chinese site serving traffic over HTTPS?

[dujiulun2006]

Sadly, they (Baidu) are not, which is why the script content was easily modified.

To clear it up, I said that GFW "can" do (but has not yet done) these. But it tried to MITM some https traffic earlier with a non-trusted certificate as an experiment.

[dujiulun2006]

@andreyf: More like a social experiment. See whether people would notice (we did) and what's their reaction.

[andreyf]

Experiment? This isn't science. They can ask any engineer what MITM with a non-trusted cert would do, and that's nothing.