by Andrea Little Limbago
Last Friday, GitHub, the popular collaborative site for developers, experienced a series of distributed denial of service (DDoS) attacks. The attacks are the largest in the company’s history, and continued through Tuesday before fully coming under control. GitHub has not been immune to these kinds of attacks in the past, and is quite experienced at maintaining or restoring the site during the onslaught. In both 2012 and 2013, GitHub experienced a series of DDoS attacks and experienced similar attacks earlier in March. By all independent accounts, the Cyberspace Administration of China (CAC) is behind this latest wave of attacks, redirecting traffic from the Chinese search engine, Baidu, to overwhelm GitHub. While the malicious activity bears the fingerprints of a Chinese campaign, they may have awoken a sleeping giant in the open source development community. Unlike the latest high profile attacks – such as Sony and Anthem – these attacks visibly disrupted the day-to-day life of a tight knit, transnational and largely middle-class social network. And it is these kinds of transnational networks that, when unified, spawn social movements.
This week’s attack focused on pressuring GitHub to remove content related to GreatFire.org and another site that hosts links to the Chinese version of The New York Times. Both of these are platforms for circumventing the Great FireWall, and therefore are a direct attack both on free speech and also the tech community. In the past, China has restored access to GitHub due to criticism from the domestic developer community. However, China has been tightening censorship over the last few years, which has instigated the creation of groups like Great Fire to partner with external partners – such as Reporters without Borders – to help fight Chinese censorship. With over 300 cofounders, Great Fire is gaining traction and has tightened relations with the major media outlets outside of China. It is these kinds of transnational activist networks that have proven so successful in the past. Written well before rise of social media, Margaret Keck and Kathryn Sikkink’s Activists without Borders introduced the concept of the boomerang effect. The boomerang effect occurs when a state is unresponsive to the demands of domestic groups, who then form transnational alliances to amplify the demands of the groups and readdress the demands via international pressure. To date, Great Fire is pursuing a similar trajectory to previous successful social movements.
Is it possible that the latest wave of DDoS attacks is enough to fully solidify the relationship of groups like Great Fire not only with journalists, but also with the open source development community? A brief review of Twitter content (similar to those screenshots below) pertaining to the GitHub DDoS attacks produces three general themes: 1) who is doing this?; 2) why are they doing this; 3) stop messing with my project. In fact, one popular source for open source news asks, “Who on Earth would attack GitHub?” The open source community is clearly one of the largest proponents of free speech and collaboration, which has been very vocal in issues of privacy, but has been relatively silent on global events. Nevertheless, couple that intrinsic and core set of beliefs with disruption to their own projects, and the conditions are created under which social movements begin to coalesce. More recent literature on social movements further highlights the greater success of the movements when pursuing non-violent means to instigate change.
The latest executive order sanctions those associated with cyber attacks, but it is more so reactive than proactive. The open source community could build upon lessons learned from the GitHub experience, and collaborate with colleagues throughout the tech community to inflict economic damage on those who are directly attacking open source development. For instance, a de facto embargo on certain technologies to China is much more politically feasible and costly than working through the ITAR process. While the tipping point for awareness has not yet been reached – one indication of which is the lack of prominent mainstream media on the GitHub breach – the conditions are ripe for the start of a transnational social movement, driven by the open source development community if it coalesces around this cause (similar to that which occurred over privacy concerns) instead of allowing it to silently dissipate.
In contrast, China likely sees this latest GitHub campaign as simply an extension of previous breaches, which failed to garner any political blowback, but aided their larger censorship efforts. However, China will increasingly have to deal with the growing paradox of promoting censorship as well as technical development. This is one of the many contradictions China continues to encounter as it simultaneously modernizes its economy and seeks global ambitions. The choice of Baidu, for instance, potentially reveals another rift in China’s approach to development. Robin Li is the CEO of Baidu, is the third wealthiest man in China, and a member of the government’s top political advisory council. This makes the choice of Baidu potentially confrontational, as it is publicly traded and not part of the state-owned enterprises that tend to operate at the behest of the government. So far, Baidu has denied any connection to the GitHub attacks. Contradictions like these are only increasingly surfacing as corruption campaigns, censorship and extension of power dominate Chinese politics.
The latest GitHub attack, the largest in its history, remains off the radar for all but those in larger technology and open source communities. This is unfortunate as it has the potential to have much broader long term implications within China than any of the other Chinese-associated attacks in the last year. It will be interesting to watch whether the open source community will use this as a springboard for global advocacy for free speech with the potential to inflict economic and technological pain. The current response has been luke warm at best, but the conditions are ripe for change. China might do well to heed the advice of Barrington Moore, who over a half century ago wrote about the preconditions for social movements toward democracy and dictatorships. He notes that the tipping point of change tends to occur when the daily routines of the middle class is disrupted or threatens to be destroyed. China has crossed this threshold, and very well may be uniting the transnational network on which movements are made.