[teknologist]

What I don't get is why they didn't inject a script into all html passing through the firewall. That would have achieved a much greater effect if they really wanted to take out GitHub - the Baidu Analytics tracker is just a single script.

[dengnan]

Easy to implement?

This is just my theory: I think that GFW is currently entering its next stage, which probably includes MITM attack to TLS traffic and some attack specific to websites outside China. I suppose that since everything now is in a "research" stage, they are just trying to see if the technique works and how much it could go.

Disclaimer: I was an user inside China and being blocked from the real Internet. So please take my words with a grain of salt.

[nothrabannosir]

This is actually the most plausible explanation I have seen so far: they just finished implementing this new injection feature and they needed something to test it on. For lack of a better target, they chose those two github projects.

Everybody's talking about how this is a targeted attack against GH, but I'm starting to think you might just have hit the nail on the head...

[sthreet]

What is GFW?

[peletiah]

The Great FireWall of China - https://en.wikipedia.org/wiki/Great_Firewall

[sthreet]

Thanks.