Sahwa@reddthat.com to Technology@lemmy.worldEnglish · 1 month ago‘The Worst Leak That I’ve Witnessed’: U.S. Cybersecurity Agency Leaves Its Digital Keys Out in Public on GitHubgizmodo.comexternal-linkmessage-square93linkfedilinkarrow-up1785
arrow-up1785external-link‘The Worst Leak That I’ve Witnessed’: U.S. Cybersecurity Agency Leaves Its Digital Keys Out in Public on GitHubgizmodo.comSahwa@reddthat.com to Technology@lemmy.worldEnglish · 1 month agomessage-square93linkfedilink
minus-squaredemonsword@lemmy.worldlinkfedilinkEnglisharrow-up212·edit-21 month agovibe code go brrrrrrr EDIT: wow it’s far worse, it was a single contractor that decided that his convenience was above any and all security recommendations ever written. Pure. Genius!
minus-squarelIlIlIlIlIlIl@lemmy.worldlinkfedilinkEnglisharrow-up75·1 month agoLeaving passwords in plaintext has zero to do with “vibe coding”
minus-squaredemonsword@lemmy.worldlinkfedilinkEnglisharrow-up27·1 month agoyeah, and this is why I edited my original post after reading the article.
minus-squarenymnympseudonym@piefed.sociallinkfedilinkEnglisharrow-up7·1 month agoYou know what’s ironic? FedRAMP rules dictate that Thou Must Scan Thy Repos for Secrets (tokens, passwords, etc) GitHub, ButrBucket, etc all have this out of the box for enterprise customers https://support.atlassian.com/bitbucket-data-center/kb/how-to-scan-for-and-remove-passwords-or-secrets-in-bitbucket-server-repositories/
minus-squarewonderingwanderer@sopuli.xyzlinkfedilinkEnglisharrow-up16·1 month agoContractor, eh? How much do you wanna bet he has close personal ties to the trump family and zero cybersecurity experience?
vibe code go brrrrrrr
EDIT: wow it’s far worse, it was a single contractor that decided that his convenience was above any and all security recommendations ever written. Pure. Genius!
Leaving passwords in plaintext has zero to do with “vibe coding”
yeah, and this is why I edited my original post after reading the article.
Only the best people
You know what’s ironic? FedRAMP rules dictate that Thou Must Scan Thy Repos for Secrets (tokens, passwords, etc)
GitHub, ButrBucket, etc all have this out of the box for enterprise customers
https://support.atlassian.com/bitbucket-data-center/kb/how-to-scan-for-and-remove-passwords-or-secrets-in-bitbucket-server-repositories/
Contractor, eh?
How much do you wanna bet he has close personal ties to the trump family and zero cybersecurity experience?