[gofetch.git] / test / expected / SLASHDOT / 0102639752.header

0400,000 Websites Vulnerable Through Exposed .git Directories (scmagazine.com)	null/SLASHDOT/0102639752		70\r
i  Thursday September 06, 2018 @11:30PM (msmash)\r
i  from the security-woes dept.\r
i\r
i    Open  .git  directories are a bigger cybersecurity problem than\r
i    many  might  imagine,  at  least  according to a Czech security\r
i    researcher  who  [1]discovered almost 400,000 web pages with an\r
i    open  .git  directory possibly exposing a wide variety of data.\r
i    From a report:\r
i    \r
i    >  Vladimir  Smitka  began  his  .git directory odyssey in July\r
i    when  he  began looking at Czech websites to find how many were\r
i    improperly  configured  and  allow access to their .git folders\r
i    within  the file versions repository. Open .git directories are\r
i    a  particularly  dangerous  issue,  he  said,  because they can\r
i    contain  a  great  deal  of sensitive information. "Information\r
i    about  the  website's structure, and sometimes you can get very\r
i    sensitive   data   such   as   database  passwords,  API  keys,\r
i    development  IDE  settings,  and  so  on.  However,  this  data\r
i    shouldn't  be  stored  in the repository, but in previous scans\r
i    of  various  security issues, I have found many developers that\r
i    do  not  follow  these  best  practices,"  Smitka wrote. Smitka\r
i    queried  230  million websites to discover the 390,000 allowing\r
i    access  to  their  .git  directories.  The vast majority of the\r
i    websites  with  open directories had a .com TLD with .net, .de,\r
i    .org and uk comprising most of the others.\r
i    \r
i    \r
i    \r
i    [1] https://www.scmagazine.com/home/news/400000-websites-vulne-\r
i    rable-through-exposed-git-directories/\r
i\r
Commit	Line	Data
299a08f3 NR	1	0400,000 Websites Vulnerable Through Exposed .git Directories (scmagazine.com) null/SLASHDOT/0102639752 70\r
	2	i Thursday September 06, 2018 @11:30PM (msmash)\r
	3	i from the security-woes dept.\r
	4	i\r
	5	i Open .git directories are a bigger cybersecurity problem than\r
	6	i many might imagine, at least according to a Czech security\r
e818d449	7	i researcher who [1]discovered almost 400,000 web pages with an\r
299a08f3	8	i open .git directory possibly exposing a wide variety of data.\r
e818d449 NR	9	i From a report:\r
	10	i \r
	11	i > Vladimir Smitka began his .git directory odyssey in July\r
	12	i when he began looking at Czech websites to find how many were\r
	13	i improperly configured and allow access to their .git folders\r
	14	i within the file versions repository. Open .git directories are\r
	15	i a particularly dangerous issue, he said, because they can\r
	16	i contain a great deal of sensitive information. "Information\r
	17	i about the website's structure, and sometimes you can get very\r
	18	i sensitive data such as database passwords, API keys,\r
	19	i development IDE settings, and so on. However, this data\r
	20	i shouldn't be stored in the repository, but in previous scans\r
	21	i of various security issues, I have found many developers that\r
	22	i do not follow these best practices," Smitka wrote. Smitka\r
	23	i queried 230 million websites to discover the 390,000 allowing\r
	24	i access to their .git directories. The vast majority of the\r
	25	i websites with open directories had a .com TLD with .net, .de,\r
	26	i .org and uk comprising most of the others.\r
	27	i \r
	28	i \r
	29	i \r
	30	i [1] https://www.scmagazine.com/home/news/400000-websites-vulne-\r
	31	i rable-through-exposed-git-directories/\r
299a08f3	32	i\r