Passwords, SSH keys exposed on GitHub

Powered by SC Magazine
 

GitHub search down, but user mistakes still exposed.

 

Updated: Github users have been caught out storing keys and passwords in public repositories.

Search links popped up throughout Twitter today pointing to stored keys including what was reportedly credentials for the Google Chrome source code repository, Chromium.

Scores of other credentials were exposed, some representing serious security blunders.

 

 

While the keys are no longer searchable via the GitHub due to technical problems, they remain exposed through normal internet search queries.There is also no mechanisms to prevent users from uploading keys, a point which some security boffins say GitHub should implement.

Copyright © SC Magazine, Australia


Passwords, SSH keys exposed on GitHub
 
 
 
Top Stories
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
 
A call for timely reporting
[Blog post] Businesses need incentives to keep customer data secure.
 
Doubts cast on Queensland's ICT Dashboard
Opposition, former Govt CIO say it can't be trusted.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  26%
 
Application integration concerns
  3%
 
Security and compliance concerns
  29%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  5%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 859

Vote