[gofetch.git] / test / expected / SLASHDOT / 0102639752.header

0400,000 Websites Vulnerable Through Exposed .git Directories (scmagazine.com)	null/SLASHDOT/0102639752		70\r
i  Thursday September 06, 2018 @11:30PM (msmash)\r
i  from the security-woes dept.\r
i\r
i    Open  .git  directories are a bigger cybersecurity problem than\r
i    many  might  imagine,  at  least  according to a Czech security\r
i    researcher  who  discovered  almost  400,000  web pages with an\r
i    open  .git  directory possibly exposing a wide variety of data.\r
i    From  a  report:  Vladimir  Smitka  began  his  .git  directory\r
i    odyssey  in  July  when  he  began looking at Czech websites to\r
i    find  how  many  were improperly configured and allow access to\r
i    their  .git  folders  within the file versions repository. Open\r
i    .git  directories  are a particularly dangerous issue, he said,\r
i    because   they   can   contain   a   great  deal  of  sensitive\r
i    information.  "Information  about  the website's structure, and\r
i    sometimes  you  can  get  very  sensitive data such as database\r
i    passwords,  API  keys,  development  IDE  settings,  and so on.\r
i    However,  this  data shouldn't be stored in the repository, but\r
i    in  previous  scans  of  various  security issues, I have found\r
i    many  developers  that  do  not  follow  these best practices,"\r
i    Smitka  wrote.  Smitka queried 230 million websites to discover\r
i    the  390,000  allowing  access  to  their .git directories. The\r
i    vast  majority of the websites with open directories had a .com\r
i    TLD with .net, .de, .org and uk comprising most of the others.\r
i\r
Commit	Line	Data
299a08f3 NR	1	0400,000 Websites Vulnerable Through Exposed .git Directories (scmagazine.com) null/SLASHDOT/0102639752 70\r
	2	i Thursday September 06, 2018 @11:30PM (msmash)\r
	3	i from the security-woes dept.\r
	4	i\r
	5	i Open .git directories are a bigger cybersecurity problem than\r
	6	i many might imagine, at least according to a Czech security\r
	7	i researcher who discovered almost 400,000 web pages with an\r
	8	i open .git directory possibly exposing a wide variety of data.\r
	9	i From a report: Vladimir Smitka began his .git directory\r
	10	i odyssey in July when he began looking at Czech websites to\r
	11	i find how many were improperly configured and allow access to\r
	12	i their .git folders within the file versions repository. Open\r
	13	i .git directories are a particularly dangerous issue, he said,\r
	14	i because they can contain a great deal of sensitive\r
	15	i information. "Information about the website's structure, and\r
	16	i sometimes you can get very sensitive data such as database\r
	17	i passwords, API keys, development IDE settings, and so on.\r
	18	i However, this data shouldn't be stored in the repository, but\r
	19	i in previous scans of various security issues, I have found\r
	20	i many developers that do not follow these best practices,"\r
	21	i Smitka wrote. Smitka queried 230 million websites to discover\r
	22	i the 390,000 allowing access to their .git directories. The\r
	23	i vast majority of the websites with open directories had a .com\r
	24	i TLD with .net, .de, .org and uk comprising most of the others.\r
	25	i\r