Fix Redit changing IDs
[gofetch.git] / test / expected / SLASHDOT / 0102639752.header
CommitLineData
299a08f3
NR
10400,000 Websites Vulnerable Through Exposed .git Directories (scmagazine.com) null/SLASHDOT/0102639752 70\r
2i Thursday September 06, 2018 @11:30PM (msmash)\r
3i from the security-woes dept.\r
4i\r
5i Open .git directories are a bigger cybersecurity problem than\r
6i many might imagine, at least according to a Czech security\r
e818d449 7i researcher who [1]discovered almost 400,000 web pages with an\r
299a08f3 8i open .git directory possibly exposing a wide variety of data.\r
e818d449
NR
9i From a report:\r
10i \r
11i > Vladimir Smitka began his .git directory odyssey in July\r
12i when he began looking at Czech websites to find how many were\r
13i improperly configured and allow access to their .git folders\r
14i within the file versions repository. Open .git directories are\r
15i a particularly dangerous issue, he said, because they can\r
16i contain a great deal of sensitive information. "Information\r
17i about the website's structure, and sometimes you can get very\r
18i sensitive data such as database passwords, API keys,\r
19i development IDE settings, and so on. However, this data\r
20i shouldn't be stored in the repository, but in previous scans\r
21i of various security issues, I have found many developers that\r
22i do not follow these best practices," Smitka wrote. Smitka\r
23i queried 230 million websites to discover the 390,000 allowing\r
24i access to their .git directories. The vast majority of the\r
25i websites with open directories had a .com TLD with .net, .de,\r
26i .org and uk comprising most of the others.\r
27i \r
28i \r
29i \r
30i [1] https://www.scmagazine.com/home/news/400000-websites-vulne-\r
31i rable-through-exposed-git-directories/\r
299a08f3 32i\r