risingthumb.xyz | Agora Zines | Webring | achtung | github | itch | site map

risingthumb.xyz computers considered harmful

Want a free shirt kids? #

I will recommend people participate in this, not to spam open source repositories, but because there's no system in place for checking if you just make a new github repository and make 4 valid but lame pull requests. It's literally a free shirt.

Go here to see what it's all about.

It's interesting that free shirts is an incentive that people will use to spam public FOSS repositories. I have my suspicions on what it should be considered. I would consider it(alongside Google Summer of Code) a mildly effective distributed denial of service attack. Distributed in many people making low quality pull requests. Denial of service by preventing quality pull requests being seen, discussed and merged. It may also deny service to the use of issues. For Free Open Source Software hosted over Github, this is not good. For hacker culture it sets a concerningly low bar, especially as hacker culture is commonly intrinsically motivated as opposed to extrinsically motivated by rewards. I will not be surprised if some genuine pull request gets marked as spam and invalid simply due to this spike.

Talking more on why this is interesting. By a search, we can see in a single day, over a thousand related issues have been made. I am expecting that some of these developers are unaware of where and why this surge in traffic has been experienced. The HTML Standard is subject to these troubles as well as the website for phpMyAdmin.

Thousands of Issues

HTML standard subject to troubles

phpMyAdmin subject to troubles

Now for the real meat and potatoes of this. This event proves that any corporation with the capital can initiate such an event and likely get away with it. In the case of digitalocean it is not strongly targeted towards any particular repository except those who willingly participate with a "digitalocean" issue tag. For political, or financial purposes, a company or corporation could very well target a specific set of repositories denying them service, at least over Github. How useful is this? Consider that one could target an essential service or nearly essential service that powers a lot of websites such as openssl. Although a fork exists call libressl, if this was timed appropiately, the backlash and fallout would not be insignificant. While I do not think it is the specific interests of any companies to behave in such a manner, I pose the example to demonstrate how it could be used as an attack on a particular repository.

So now I will present the solutions and fixes that remain available. Firstly I shall acknowledge that Digital Ocean are aware this is a problem, but their solution is akin to shrugging off the problem(as we have established, this is a denial of service problem).

At the very least, it must be said. From my perspective this has been the best joke I've seen in the last week. Some people were even making Pull requests on the 30th of September over this. This does prove however that Git in general is vulnerable to denial of service by poor or low quality pull requests.

Further reading can be done here.


Published on 2020/01/14

Articles from blogs I follow around the net

OLD MAUDE #2

THE PARLIAMENT OF THE SELF The black panther is sacred to Binah. —Grant Morrison The driveway smelled like perfume. Whose? They were back at Aunt Maude's, seizing the means of randomness before they cut out the Internet. No token anxiety here. They? Trust w…

via I'm not really Stanley Lieber. July 5, 2026

Old Computer Challenge 2026 > -- Home-Made Cartoon Network on a 20 Year Old Computer

Table of Contents Day 1 Day 2 Day 3 Day 4 Day 5 Day 6 Day 7 Hello and welcome to the Old Computer Challenge - 2026 Edition! This is the third year when I’m participating, and if you didn’t read my previous years’ entries, you can check OCC24 – Party like it’s 200…

via andrei.xyz July 5, 2026

thecozycat 💻 Webring Maintenance Today! Anyone who hasn't updat...

Webring Maintenance Today! Anyone who hasn't updated their widgets since the switch will need to reapply for membership.

via thecozycat July 2, 2026

Generated by openring