That project was Shadowsocks, a secure SOCKS5 proxy plug-in protocol for Internet users and one of the most popular Great Firewall circumvention tools in China. The developer, who posted under the username clowwindy, reported on GitHub on August 22, “Two days ago the police came to me and wanted me to stop working on this. Today they asked me to delete all the code from GitHub. I have no choice but to obey. I hope one day I’ll live in a country where I have freedom to write any code I like without fearing.” He later deleted that comment, leaving only a statement, “I believe you guys will make great stuff with Network Extensions.” However, the code for Shadowsocks has been mirrored elsewhere on GitHub.
GreatFire.org also reports that GoAgent, another Great Firewall circumvention tool, was removed from GitHub on Tuesday, hours before the DDoS attack started. GoAgent used Google App Engine to provide a tunnel to conceal traffic from the Great Firewall. A number of other such services have been targeted by Chinese officials this summer.