This analysis doesn't just prove the attack orriginated in China, it shows that it takes place immediately inside the first Chinese network the connection reaches on it's way into China. The second piece of analysis shows that this is the same network layer in which the network blocking performed by the Great Firewall occurs. So the great firewall and this attack are both being implemented at the same point in the network infrastructure.
I think an interesting question is how likely it is that some of the great firewall is compromised.
(It could be by some party outside of China, or by some group inside of the Chinese government that does not have an official mandate to use it for things like the Github attack)
Ironically? How is it ironic that a centerpiece of the he Chinese Government's control and monitoring of information is considered critical infrastructure and closely monitored by the Chinese Government?