Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Open Source Security IT

AWS Urges Devs To Scrub Secret Keys From GitHub 109

Posted by timothy
from the key-is-under-the-mat dept.
An anonymous reader writes "GitHub contains thousands of 'secret keys', which are stored in plain text and can be used by miscreants to access AWS accounts and either run up huge bills or even delete/damage the users files. Amazon is urging users of the coding community site to clean up their act."
This discussion has been archived. No new comments can be posted.

AWS Urges Devs To Scrub Secret Keys From GitHub

Comments Filter:
  • Re:And? (Score:3, Interesting)

    by gweihir (88907) on Monday March 24, 2014 @08:42AM (#46563111)

    Indeed. But stupid people (being stupid) will blame Amazon publicly anyways. Remember the random-number generator "bug" in Android recently that left some 30'000 Apps vulnerable? Turns out this was 100% developer error because they did not read the documentation and assumed the Sun/Oracle (but not 'Java') default behavior applied to Android as well. But who got the blame? Google. They did not even try to argue, although they were clearly wronged.

    These days stupid people assume that they have a right to demand that everything is idiot-proof. Well, that is just not possible. Especially when mistakes that cannot really be topped in stupidity like the one under discussion are being made. People cannot be this low in intelligence and still be able to learn how to read and write. They can just refuse to apply what intelligence they have to make mistakes this severe. There is a price to pay for that.

I have never seen anything fill up a vacuum so fast and still suck. -- Rob Pike, on X.

Working...