View Single Post
  #1   (View Single Post)  
Old 25th January 2013
J65nko J65nko is offline
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,544
Default GitHub search exposes uploaded credentials


Users of the GitHub project hosting system have been reminded not to upload sensitive information to the system's Git repositories. The reminder comes after GitHub launched a new search service based on elasticsearch. The launch of the service sent people off searching the code and, as people tend to do, they searched for private information. Various searches for terms such as "BEGIN RSA PRIVATE KEY" were revealing many people had, in fact, been uploading private keys.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote