That's a big freaking gamble. How effective does Github's mitigation need to be to make the costs tolerable? They're already using a full 1% of the traffic to ddos, they can only double that 7 times.
Really, at this point Github could probably put together a really nice blacklist of baidu users outside of china, and whitelist those that actually use the service. I can think of a couple of cute ways to accelerate the whitelisting.
Banking on Github not finding a good enough solution seems really risky.
Why not just ddos every time there's positive Github news? Ideally a half hour in advance of the event? China must know when MS is going to host some cool new project. China must know when the U.S. data service is going to host a cool new project. China must know when Github is going to announce a new feature.
They do, but a real ruby on rails site typically serves most html content out of memcache, even higher for users that aren't logged into the platform. Its not unknown to see 5-10ms response times in those scenarios
Really, at this point Github could probably put together a really nice blacklist of baidu users outside of china, and whitelist those that actually use the service. I can think of a couple of cute ways to accelerate the whitelisting.
Banking on Github not finding a good enough solution seems really risky.
Why not just ddos every time there's positive Github news? Ideally a half hour in advance of the event? China must know when MS is going to host some cool new project. China must know when the U.S. data service is going to host a cool new project. China must know when Github is going to announce a new feature.
This approach is just super half assed.