On Wed, Mar 31, 2021 at 3:14 PM @lbutlr wrote:
>
> On 31 Mar 2021, at 12:02, Jose Quinteiro wrote:
> > I've found passwords checked into public Github repos more than once. I
> > don't equate Github with security.
>
> Have you also found the code necessary to replicate a 2FA token checked in to
On 31 Mar 2021, at 12:02, Jose Quinteiro wrote:
> I've found passwords checked into public Github repos more than once. I
> don't equate Github with security.
Have you also found the code necessary to replicate a 2FA token checked in to a
GitHub repo?
--
I WILL NOT DO THE DIRTY BIRD Bart chalk
System is 11.4-STABLE r366937.
I've ports built with OpenSSL from ports (DEFAULT_VERSIONS+=ssl=openssl).
After upgrade to latest 1.1.1k,1 my nginx reject HTTPS connections with cryptic
SSL_do_handshake() failed (SSL: error:02015019:system
library:ioctl:Inappropriate ioctl for device error:
On 3/31/21 7:03 AM, @lbutlr wrote:
>
> That is making an assumption that the people running the php git server were
> incompetent, which is not something I am willing to do at this point.
>
Isn't it too early to learn any lessons, then?
I've found passwords checked into public Github repos more
* @lbutlr [20210331 08:03]:
> On 31 Mar 2021, at 07:58, Felix Palmen wrote:
> > I'd say the lesson is keep your systems updated and pay attention to
> > keep your credentials safe/secret. I don't see how Github would
> > prevent such an incident any better.
>
&
* @lbutlr [20210331 08:03]:
> > Apart from the fact there's only one ports treeā¦
>
> How does that make any difference? If someone gains access to the repo
> and makes changes everyone gets this changes.
Difference is that it has nothing to do with FreeBSD 13.
> >
On 31 Mar 2021, at 07:58, Felix Palmen wrote:
> * @lbutlr [20210331 07:47]:
>> Which brings me to the reason for this post, as it seems that the
>> ports collection of FreeBSD 13.x will be in the same position, running
>> a private git server network and using GitHub as
* @lbutlr [20210331 07:47]:
> Which brings me to the reason for this post, as it seems that the
> ports collection of FreeBSD 13.x will be in the same position, running
> a private git server network and using GitHub as a mirror and I wonder
> if some lessons from php's exp
As you may know, PHP has decided to move their repo to GitHub after an
unauthorized "hack" was committed to PHP.
I say "hack" because it appears the code was intentionally obvious and went to
some lengths to draw attention to itself, so it appears someone did this to
highlight issues with the p
