dcsimg
September 26, 2018
Hot Topics:

Researcher Finds 390,000 Websites with Exposed Source Code

  • September 4, 2018
  • By Developer.com Staff

Security researcher Vladimír Smitka said he found 390,000 Internet domains with a .git folder in a publicly accessible part of the site. That could lead to problems if the folder includes sensitive information. "Sometimes you can get very sensitive data such as database passwords, API keys, development IDE settings, and so on," Smitka said. "This data shouldn't be stored in the repository, but... I have found many, many developers that do not follow these best practices."

Smitka has notified the developers involved. "After sending the emails, I exchanged about 300 additional messages with affected parties to clarify the issue," Smitka reported. "I have received almost 2,000 thank-you emails, 30 false positives, two scammer/spammer accusations, and one threat to call the Canadian police."

View article






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that developer.com may send you developer offers via email, phone and text message, as well as email offers about other products and services that developer believes may be of interest to you. developer will process your information in accordance with the Quinstreet Privacy Policy.

Sitemap

Thanks for your registration, follow us on our social networks to keep up-to-date