September 23, 2014
Hot Topics:
RSS RSS feed Download our iPhone app

GitHub Search Update Exposes Security Vulnerabilities

  • January 28, 2013
  • By Developer.com Staff

On Tuesday, the popular code hosting service GitHub updated its search capabilities. By Thursday, developers had discovered that those new search capabilities were turning up private information that was publicly available through GitHub. In many cases, that information included private encryption keys for GitHub projects. Armed with those keys, hackers could potentially access and make changes to the code for various projects.

Security experts are warning GitHub users to make sure they don't accidentally include their private files when they upload code to GitHub. But some are calling for GitHub to take stronger measures to ensure this sort of thing doesn't happen. One security researcher tweeted, "When one person pushes their private key to GitHub, it's an idiot problem. When a hundred people do, it's not about idiot users anymore."

View article






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Sitemap | Contact Us

Rocket Fuel