[i_am_proteus]

Please. For it not to be the government would mean that there's an extra-governmental organization within the PRC with the resources and network access to conduct a massive DDoS attack, which the communist government would never allow.

[ethbro]

> conduct a massive DDoS attack

That's not an accurate summary of what they're doing.

They're intermittently serving poisoned js in place of known analytics scripts.

Which changes the potential "who" a bit.

[dmix]

Either someone hacked the root Baidu servers, Baidu is involved, or the network requests are being manipulated by Chinese controlled entities.

There’s a high probability this is state run. There’s probably tons of offensive cyber teams in China and these are hitting sites like Greatfire.org which documents Chinese censorship (which was also why Github was hit if I’m not mistaken).

It’s not surprising that the organs of censorship would be used to target attempts to expose said censorship.

[ethbro]

Absolutely. Or potentially some cert wonkery.

I haven't looked at this closely enough to know how the script's chaining works, or if China retains MitM capability across TLS.

Regardless, it's nice to be reasonably accurate when we're tossing around claims.

[erikpukinskis]

“Conduct” in this case could mean performing but most likely means directing.