Ask HN: Block Baidu

8 points

11 years ago

If what we read at http://www.netresec.com/?page=Blog&month=2015-03&post=China%27s-Man-on-the-Side-Attack-on-GitHub and http://www.washingtonpost.com/world/asia_pacific/anti-censorship-group-china-behind-cyberattacks-on-us-sites/2015/03/31/f7e2e910-d781-11e4-bf0b-f648b95a6488_story.html is true, then Baidu's network is being used to attack GitHub and the worldwide technology industry.

But Baidu, like everyone else, has a responsibility to ensure their network isn't used to attack others. Yes, China is a large and powerful malicious actor. But Baidu is a global presence - this entire attack uses their outside-of-China audience - and a NASDAQ listed company $BIDU. There are many things Baidu could do to ensure its network aren't used to attack others, most obviously locate servers used by customers outside China inside a secure network where they can not be compromised, i.e. outside China. This may be difficult, but that does not change the fact that it is still Baidu's responsibility to stop their networks from being used to attack others.

Until such time as Baidu have taken active steps to prevent their networks from being used to attack others, we should drop their packets and consider their network compromised.

3 comments