November 28, 2014
Hot Topics:

GitHub Search Update Exposes Security Vulnerabilities

  • January 28, 2013
  • By Developer.com Staff

On Tuesday, the popular code hosting service GitHub updated its search capabilities. By Thursday, developers had discovered that those new search capabilities were turning up private information that was publicly available through GitHub. In many cases, that information included private encryption keys for GitHub projects. Armed with those keys, hackers could potentially access and make changes to the code for various projects.

Security experts are warning GitHub users to make sure they don't accidentally include their private files when they upload code to GitHub. But some are calling for GitHub to take stronger measures to ensure this sort of thing doesn't happen. One security researcher tweeted, "When one person pushes their private key to GitHub, it's an idiot problem. When a hundred people do, it's not about idiot users anymore."

View article






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

Sitemap | Contact Us

Rocket Fuel