git://git.nikiroo.be / gofetch.git / blob
? search:


1e0819fda76bcd874a9e8271a406744a1a09c4c9
[gofetch.git] /
1 <!-- html-header type=current begin -->
2
3 <!DOCTYPE html>
4
5 <html lang="en">
6 <head>
7 <!-- Render IE9 -->
8 <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
9
10
11
12 <script>window.is_euro_union = 1;</script>
13 <script src="https://a.fsdn.com/con/js/sftheme/vendor/promise.polyfill.min.js"></script>
14 <script src="https://a.fsdn.com/con/js/sftheme/cmp.js"></script>
15 <script src="https://slashdot.org/country.js"></script>
16 <script type='text/javascript'>
17 if (window.is_euro_union) {
18 bizx.cmp.init({
19 // to test: 'Display UI': 'always',
20 'Publisher Name': 'Slashdot',
21 'Publisher Logo': 'https://a.fsdn.com/sd/sdlogo.svg',
22 'Consent Scope': 'global group',
23 'Consent Scope Group URL': 'https://slashdot.org/gdpr-cookies.pl',
24 });
25 }
26 </script>
27 <link rel="stylesheet" href="//a.fsdn.com/con/css/sftheme/sandiego/cmp.css" type="text/css">
28 <style type="text/css">
29 .qc-cmp-publisher-logo, .qc-cmp-nav-bar-publisher-logo {
30 background-color: #016765;
31 }
32 </style>
33 <script>
34 if (!window.is_euro_union) {
35 (function (s,o,n,a,r,i,z,e) {s['StackSonarObject']=r;s[r]=s[r]||function(){
36 (s[r].q=s[r].q||[]).push(arguments)},s[r].l=1*new Date();i=o.createElement(n),
37 z=o.getElementsByTagName(n)[0];i.async=1;i.src=a;z.parentNode.insertBefore(i,z)
38 })(window,document,'script','https://www.stack-sonar.com/ping.js','stackSonar');
39 stackSonar('stack-connect', '66');
40 }
41 </script>
42
43 <script id="before-content" type="text/javascript">
44 (function () {
45 if (typeof window.sdmedia !== 'object') {
46 window.sdmedia = {};
47 }
48 if (typeof window.sdmedia.site !== 'object') {
49 window.sdmedia.site = {};
50 }
51
52 var site = window.sdmedia.site;
53 site.rootdir = "//slashdot.org";
54 }());
55
56 var pageload = {
57 pagemark: '425547131907250267',
58 before_content: (new Date).getTime()
59 };
60 function pageload_done( $, console, maybe ){
61 pageload.after_readycode = (new Date).getTime();
62 pageload.content_ready_time = pageload.content_ready - pageload.before_content;
63 pageload.script_ready_time = pageload.after_readycode - pageload.content_ready;
64 pageload.ready_time = pageload.after_readycode - pageload.before_content;
65 // Only report 1% of cases.
66 maybe || (Math.random()>0.01) || $.ajax({ data: {
67 op: 'page_profile',
68 pagemark: pageload.pagemark,
69 dom: pageload.content_ready_time,
70 js: pageload.script_ready_time
71 } });
72 }
73 </script>
74 <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
75
76 <title>400,000 Websites Vulnerable Through Exposed .git Directories - Slashdot</title>
77 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
78
79 <meta name="description" content="Open .git directories are a bigger cybersecurity problem than many might imagine, at least according to a Czech security researcher who discovered almost 400,000 web pages with an open .git directory possibly exposing a wide variety of data. From a report: Vladimir Smitka began his .git directory od...">
80
81 <meta name="twitter:card" content="summary">
82 <meta name="twitter:site" content="@slashdot">
83 <meta name="twitter:domain" content="tech.slashdot.org">
84 <meta property="og:url" content="https://tech.slashdot.org/story/18/09/06/1954253/400000-websites-vulnerable-through-exposed-git-directories?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29">
85
86 <meta property="og:title" content="400,000 Websites Vulnerable Through Exposed .git Directories - Slashdot">
87 <meta property="og:description" content="Open .git directories are a bigger cybersecurity problem than many might imagine, at least according to a Czech security researcher who discovered almost 400,000 web pages with an open .git directory possibly exposing a wide variety of data. From a report: Vladimir Smitka began his .git directory od...">
88
89
90
91 <meta property="og:image" content="https://a.fsdn.com/sd/topics/security_64.png">
92
93 <meta property="fb:admins" content="100000696822412">
94 <meta property="fb:page_id" content="267995220856">
95
96 <meta name="viewport" content="width=1000, user-scalable=yes, minimum-scale=0, maximum-scale=10.0" />
97 <meta name="apple-mobile-web-app-capable" content="yes">
98 <meta name="apple-mobile-web-app-status-bar-style" content="black">
99
100 <link rel="canonical" href="https://tech.slashdot.org/story/18/09/06/1954253/400000-websites-vulnerable-through-exposed-git-directories">
101
102 <link rel="alternate" media="only screen and (max-width: 640px)" href="http://m.slashdot.org/story/345540" >
103
104
105 <link rel="stylesheet" type="text/css" media="screen, projection" href="//a.fsdn.com/sd/classic.ssl.css?8f5016a67a2f2048" >
106 <!--[if IE 8]><link rel="stylesheet" type="text/css" media="screen, projection" href="//a.fsdn.com/sd/ie8-classic.ssl.css?8f5016a67a2f2048" ><![endif]-->
107 <!--[if IE 7]><link rel="stylesheet" type="text/css" media="screen, projection" href="//a.fsdn.com/sd/ie7-classic.ssl.css?8f5016a67a2f2048" ><![endif]-->
108
109
110
111
112
113
114
115 <!-- -->
116
117
118
119
120
121 <!-- SMACKS: NEW CSS -->
122 <link rel="stylesheet" href="//a.fsdn.com/sd/css/app.css?8f5016a67a2f2048">
123
124 <script type='text/javascript'>
125 var _gaq = _gaq || [];
126 </script>
127
128
129
130
131
132
133
134
135
136 <script type="text/javascript" id="pbjs_script" data-dom="https://d3tglifpd8whs6.cloudfront.net" src="https://d3tglifpd8whs6.cloudfront.net/js/prebid/slash-story/slash-story.min.js"></script>
137 <script type='text/javascript'>
138 /*global performance */
139 var googletag = window.googletag || {};
140 googletag.cmd = googletag.cmd || [];
141
142 window.Ads_disallowPersonalization = 1;
143 bizx.cmp.ifConsent('all', 'all', function(){
144 window.Ads_disallowPersonalization = 0;
145 }, function(){
146 window.Ads_disallowPersonalization = 1;
147 }, function () {
148 window.bizxPrebid.Ads.initPrebid(window.bizxPrebid.adUnits);
149 });
150 </script>
151
152 <!-- prep GPT ads -->
153 <script type='text/javascript'>
154 (function() {
155 function page_type (loc) {
156 /*
157 only four page types:
158 - Story
159 - Poll
160 - Homepage (/ only)
161 - Other (but AdOps wants 'Homepage' again)
162 */
163 var path = loc.pathname;
164 var just_the_root = /^\/?$/.test(path);
165 var story_or_poll = /^\/(story(?=\/)|submission(?=\/)|poll(?=\/|Booth|s\b))/i.exec(path);
166
167 var page_type = just_the_root ? 'homepage'
168 : story_or_poll ? story_or_poll[1]
169 : 'other'
170
171 // exceptions
172 if (page_type.toLowerCase() === 'submission')
173 page_type = 'story'; // submissions are like stories, right?
174 else if (page_type.toLowerCase() === 'other')
175 page_type = 'homepage'; // this one might move out of here
176
177 return page_type;
178 }
179 function page_section (loc) {
180 //var greek = ['alpha', 'beta', 'gamma', 'delta'].join('|');
181 //var hostwise = '^([a-z]+)(?:-(?:'+greek+'))?\\.(?:slashdot\\.org|\\.xb\\.sf\\.net)$';
182 var pathwise = '^/(?:(recent|popular|blog)|stories/([^/]+))';
183 var rootwise = '^\/?$';
184
185 //var hostwisely = new RegExp(hostwise,'i').exec(loc.hostname);
186 var pathwisely = new RegExp(pathwise,'i').exec(loc.pathname);
187 var rootwisely = new RegExp(rootwise,'i').exec(loc.pathname);
188
189 var section = (rootwisely && 'homepage')
190 || (pathwisely && (pathwisely[1] || pathwisely[2]))
191 || ''
192 ;
193
194 return section.replace(/[^_a-z]/ig, '');
195 }
196 function single_size (size) {
197 return '' + size[0] + 'x' + size[1];
198 }
199 function sz_sz (sz) {
200 var str = '';
201 var sizes = [];
202 if (sz[0] instanceof Array) {
203 for (size in sz) {
204 sizes.push(single_size(sz[size]));
205 }
206 return sizes.join(',');
207 } else {
208 return single_size(sz);
209 }
210 }
211
212 function unique_tpc_array(array1,array2) {
213 var j = array1.concat(array2);
214 j.forEach(function (v,i,a) {
215 a[i] = v.replace(/[^_a-z]/ig, '');
216 });
217 return j.filter(function (v,i,a) {
218 return v != '' && a.indexOf(v) === i;
219 });
220 }
221
222 /* LEGEND:
223 - 'sz' = "size"
224 - 'npt' = "no page type" in ad unit name
225 */
226 var tags = {
227 '728x90_A': { 'sz': [[728, 90], [970, 90], [970, 250], [980, 66]] },
228 '728x90_B': { 'sz': [728, 90] },
229 '728x90_C': { 'sz': [728, 90], 'skip': { 'homepage': 1 } },
230 'HubIcon_200x90_A': { 'sz': [[200, 90], [220, 90]]},
231 'PowerSwitch_980x66_A': { 'sz': [980, 66], 'skip': { 'homepage': 1 } },
232 'PollPeel': { 'sz': [200, 90], 'skip': { 'homepage': 1 } },
233 //'VideoWidget_300x250': { 'sz': [300, 250], 'npt': 1 },
234 '300x250_A': { 'sz': [[300, 250], [300, 600], [300, 1050]] },
235 '300x250_B': { 'sz': [[300, 250], [300, 600]] },
236 '300x250_C': { 'sz': [[300, 250], [300, 600]] },
237 '300x250_D': { 'sz': [[300, 250], [300, 600]] },
238 'Pulse_300x600_A': { 'sz': [300, 600] },
239 //'Polls_Detail_300x250_A': { 'sz': [[300, 250], [300, 600]], 'npt': 1 },
240 //'Poll_300x250_A': { 'sz': [[300, 250], [300, 600]], 'npt': 1 },
241 //'SD_Story_1x1': { 'sz': [1, 1] },
242 '1x1': { 'sz': [1, 1] }
243 };
244
245 //var network_path = '/41014381/Slashdot/';
246 var network_path = '/41014381/Slashdot/';
247 var tag_name_prefix = 'SD';
248 var tag_name_linkage = '_';
249 var tag_name_pagetype = page_type(location);
250 var tag_topic = page_section(location);
251 if(tag_name_pagetype == 'poll'){
252 tag_name_pagetype = 'Poll';
253 }
254 var before_tag_pagetyped = network_path
255 + tag_name_prefix
256 + tag_name_linkage
257 + tag_name_pagetype
258 + tag_name_linkage
259 ;
260 var before_tag_pagetypeless = network_path
261 + tag_name_prefix
262 + tag_name_linkage
263 /* + tag_name_pagetype */
264 /* + tag_name_linkage */
265 ;
266
267
268 googletag.cmd.push(function() {
269
270 function remove_sticky_top() {
271 setTimeout(function(){
272 $('#div-gpt-ad-728x90_a').parent('div').addClass('adwrap-viewed-banner');
273 $('#div-gpt-ad-728x90_a').addClass('viewableImpression');
274 }, 1000);
275 }
276 function remove_sticky_railad() {
277 setTimeout(function(){
278 $('#slashboxes .adwrap-unviewed').addClass('adwrap-viewed-railad');
279 $('.railad').addClass('viewableImpression');
280 }, 1000);
281 }
282 function viewable_imp (slot) {
283 for(var i in slot) {
284 if(typeof slot[i] !== 'string') continue;
285 switch(slot[i]){
286 case "/41014381/Slashdot/SD_homepage_728x90_A":
287 case "/41014381/Slashdot/SD_story_728x90_A":
288 case "/41014381/Slashdot/SD_Poll_728x90_A":
289 case "/41014381/Slashdot/SD_homepage_728x90_Ref_A":
290 case "/41014381/Slashdot/SD_story_728x90_Ref_A":
291 case "/41014381/Slashdot/SD_Poll_728x90_Ref_A":
292 remove_sticky_top();
293 break;
294 case "/41014381/Slashdot/SD_homepage_300x250_A":
295 case "/41014381/Slashdot/SD_story_300x250_A":
296 case "/41014381/Slashdot/SD_Poll_300x250_A":
297 case "/41014381/Slashdot/SD_homepage_300x250_Ref_A":
298 case "/41014381/Slashdot/SD_story_300x250_Ref_A":
299 case "/41014381/Slashdot/SD_Poll_300x250_Ref_A":
300 remove_sticky_railad();
301 break;
302 }
303 //if(slot[i] === "/41014381/Slashdot/SD_homepage_728x90_A") remove_sticky_top();
304 //if(slot[i] === "/41014381/Slashdot/SD_homepage_300x250_A") remove_sticky_railad();
305 }
306 }
307 function define_me_a_slot (tag) {
308 if (tags[tag].skip && tags[tag].skip[tag_name_pagetype])
309 return;
310 var sandbox_regex = /\.xb\.sf\.net$/i;
311 var full_name = tags[tag].npt // "no page type"
312 ? before_tag_pagetypeless + tag
313 : before_tag_pagetyped + tag
314 ;
315 var div_id = 'div-gpt-ad-' + tag.toLowerCase();
316
317 var service;
318 // extend jQuery and get URL query params
319 jQuery.extend({
320 getQueryParameters : function(str) {
321 return (str || document.location.search).replace(/(^\?)/,'').split("&").map(function(n){
322 return n = n.split("="),this[n[0]] = n[1],this
323 }.bind({}))[0];
324 }
325 });
326
327 var queryParams = $.getQueryParameters();
328
329 if( queryParams.source === 'autorefresh' ) {
330 full_name = full_name.replace(/(\d+x\d+)/,'$1_Ref');
331 //console.log('TAG NAME: ', full_name);
332 }
333
334 service = googletag.defineSlot(
335 full_name
336 , tags[tag].sz
337 , div_id
338 ).addService(googletag.pubads());
339
340 service.setTargeting('sz', tags[tag].sz);
341
342
343 var frontend_tpc = tag_topic.split(",");
344 var backend_tpc = [ "it", "technology", "internet", "security", "git" ];
345
346 var tpc_final = unique_tpc_array(frontend_tpc, backend_tpc);
347 service.setTargeting('tpc', tpc_final);
348 if (location.hostname.match(sandbox_regex)) {
349 service.setTargeting('test', 'adops');
350 }
351
352 }
353
354 for (tag in tags) {
355 define_me_a_slot(tag, false);
356 }
357 googletag.pubads().addEventListener('impressionViewable', function(event) {
358 viewable_imp(event.slot);
359 });
360
361 googletag.pubads().setTargeting('requestSource', 'GPT');
362 googletag.pubads().setRequestNonPersonalizedAds(window.Ads_disallowPersonalization);
363 googletag.pubads().enableAsyncRendering();
364
365
366 googletag.pubads().collapseEmptyDivs();
367 window.bizxPrebid.SAFEFRAMES = true;
368 bizxPrebid.Ads.pushToGoogle();
369 googletag.enableServices();
370 });
371 })();
372 </script>
373
374
375
376 <!-- CrossPixel -->
377 <script type="text/javascript"> try{(function(){ var cb = new Date().getTime(); var s = document.createElement("script"); s.defer = true; s.src = "//tag.crsspxl.com/s1.js?d=2397&cb="+cb; var s0 = document.getElementsByTagName('script')[0]; s0.parentNode.insertBefore(s, s0); })();}catch(e){} </script>
378
379 <!-- AdBlock Check -->
380 <script>
381 var isAdBlockActive = true;
382 </script>
383 <script async src="//a.fsdn.com/sd/js/scripts/ad.js?8f5016a67a2f2048"></script>
384
385 </head>
386 <body class="anon firehose ">
387
388
389 <script src="//a.fsdn.com/sd/all-minified.js?8f5016a67a2f2048" type="text/javascript"></script>
390
391
392 <script type="text/javascript">
393 (function(){
394 var regexp=/\s*(?:\d+|many)\s+more\s*/i;
395
396
397 var auto_more_count = 1;
398
399 function auto_more(){
400 var $more_link = $('#more-experiment a');
401 $more_link.each(function(){
402 var $lastitem = $('#firehoselist>article.fhitem:visible:last');
403 if ( Bounds.intersect(window, $lastitem) ) {
404
405
406 !--auto_more_count && (auto_more=undefined);
407 // don't allow a call till the next paginate gets built and |more_possible|
408 $(document).unbind('scroll', call_auto_more);
409 }
410 });
411 };
412
413 function call_auto_more(){ auto_more && auto_more(); }
414
415
416 $('#more-experiment a').
417 live('more-possible', function( event ){
418 var $more_link=$(this);
419 if ( regexp.test($more_link.text()) ) {
420
421 $(document).bind('scroll', call_auto_more);
422 } else {
423 $(document).unbind('scroll', call_auto_more);
424
425 }
426 });
427 })();
428 </script>
429 <!--[if lt IE 9]><script src="//a.fsdn.com/sd/html5.js"></script><![endif]-->
430
431
432 <script type="text/javascript">
433 (function() {
434 if (typeof window.janrain !== 'object') window.janrain = {};
435 if (typeof window.janrain.settings !== 'object') window.janrain.settings = {};
436
437 /* _______________ can edit below this line _______________ */
438
439 janrain.settings.tokenUrl = 'https://slashdot.org/token_callback.pl';
440 janrain.settings.type = 'embed';
441 janrain.settings.appId = 'ggidemlconlmjciiohla';
442 janrain.settings.appUrl = 'https://login.slashdot.org';
443 janrain.settings.providers = [
444 'googleplus',
445 'facebook',
446 'twitter',
447 'linkedin'];
448 janrain.settings.providersPerPage = '5';
449 janrain.settings.format = 'one column';
450 janrain.settings.actionText = 'Sign in with';
451 janrain.settings.showAttribution = false;
452 janrain.settings.fontColor = '#666666';
453 janrain.settings.fontFamily = 'lucida grande, Helvetica, Verdana, sans-serif';
454 janrain.settings.backgroundColor = '#ffffff';
455 janrain.settings.width = '300';
456 janrain.settings.borderColor = '#cccccc';
457 janrain.settings.borderRadius = '5'; janrain.settings.buttonBorderColor = '#CCCCCC';
458 janrain.settings.buttonBorderRadius = '0';
459 janrain.settings.buttonBackgroundStyle = 'gray';
460 janrain.settings.language = '';
461 janrain.settings.linkClass = 'janrainEngage';
462
463 /* _______________ can edit above this line _______________ */
464
465 function isReady() { janrain.ready = true; };
466 if (document.addEventListener) {
467 document.addEventListener("DOMContentLoaded", isReady, false);
468 } else {
469 window.attachEvent('onload', isReady);
470 }
471
472 var e = document.createElement('script');
473 e.type = 'text/javascript';
474 e.id = 'janrainAuthWidget';
475
476 e.src = 'https://rpxnow.com/js/lib/login.slashdot.org/engage.js';
477
478 var s = document.getElementsByTagName('script')[0];
479 s.parentNode.insertBefore(e, s);
480 })();
481 </script>
482
483 <script src="//cdn-social.janrain.com/social/janrain-social.min.js"></script>
484 <script type="text/javascript">
485 (function($) {
486 $(function(){
487 janrain.settings.appUrl = "https://login.slashdot.org";
488 $twitter = $('body .janrain_twitterButton');
489 $twitter.append('<i class="icon-twitter"></i>');
490
491 janrain.settings.social = {
492 providers: [
493 "native-facebook",
494 "twitter",
495 "linkedin",
496 "native-googleplus",
497 "native-reddit"
498 ],
499 shareCountMin: "100",
500 shareCountMode: "combined"
501 };
502 });
503 })($j);
504 </script>
505 <!-- index2_variant ||-->
506
507 <!-- TABOOLA -->
508 <script type="text/javascript">
509 if (!window.is_euro_union) {
510 window._taboola = window._taboola || [];
511 _taboola.push({home:'auto'});
512 !function (e, f, u) {
513 e.async = 1;
514 e.src = u;
515 f.parentNode.insertBefore(e, f);
516 }(document.createElement('script'),
517 document.getElementsByTagName('script')[0],
518 '//cdn.taboola.com/libtrc/slashdot/loader.js');
519 }
520 </script>
521
522 <!-- html-header type=current end --><!-- header type=current begin -->
523
524
525
526 <link rel="top" title="News for nerds, stuff that matters" href="//slashdot.org/" >
527 <link rel="search" title="Search Slashdot" href="//tech.slashdot.org/search.pl">
528 <link rel="alternate" title="Slashdot RSS" href="http://rss.slashdot.org/Slashdot/slashdotMain" type="application/rss+xml">
529 <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
530
531
532 <div id="top_parent"></div>
533 <a name="topothepage"></a>
534
535 <div class="container">
536 <div class="nav-wrap">
537 <nav class="nav-primary" role="navigation" aria-label="Global Navigation">
538 <h1 class="logo">
539 <a href="//slashdot.org"><span>Slashdot</span></a>
540 </h1>
541
542 <ul class="nav-site">
543 <li><a href="//slashdot.org"><i class="icon-book" title="Stories"></i><span>Stories</span></a></li>
544 <li>
545 <ul class="filter-firehose">
546 <li class="nav-label">Firehose <i class="icon-angle-right"></i></li>
547 <li><a href="//slashdot.org/recent">All</a></li>
548 <li><a href="//slashdot.org/popular">Popular</a></li>
549 </ul>
550 </li>
551 <li><a href="//slashdot.org/polls"><i class="icon-chart-bar" title="Polls"></i><span>Polls</span></a></li>
552
553 <!--
554 <li><a href="//ask.slashdot.org"><i class="icon-question-circle"></i><span>Ask</span></a></li>
555
556 <li><a href="//events.slashdot.org"><i class="icon-calendar"></i><span>Events</span></a></li>
557 -->
558 <li><a href="http://deals.slashdot.org/?utm_source=slashdot&amp;utm_medium=navbar&amp;utm_campaign=dealshp_1" target="_blank"><i class="sd-mini" title="Deals"></i> <span>Deals</span></a></li>
559 </ul>
560 <a href="//slashdot.org/submission" class="btn btn-success">Submit</a>
561 </nav>
562 <nav class="nav-user" role="navigation" aria-label="user access and account controls">
563 <form id="search" class="form-inline nav-search-form" method="get" action="//slashdot.org/index2.pl">
564 <!-- //tech.slashdot.org/index2.pl" -->
565 <div class="form-group">
566 <label class="sr-only" for="sitesearch">Search Slashdot</label>
567 <div class="input-group">
568 <input type="text" id="" class="" name="fhfilter" value="" placeholder="Search">
569 </div>
570 </div>
571 <button type="submit" class="btn icon-search"></button>
572 </form>
573 <ul class="user-access">
574
575
576 <li >
577 <a href="//slashdot.org/my/login" onclick="show_login_box(); return false;"><i class="icon-login"></i><span> Login</span></a>
578
579 </li>
580
581
582
583 <li class="nav-label">or</li>
584
585
586
587 <li >
588 <a href="//slashdot.org/my/newuser" ><i class="icon-user-add"></i><span> Sign up</span></a>
589
590 </li>
591
592
593 </ul>
594 </nav>
595 </div>
596 <div class="nav-secondary-wrap">
597 <nav class="nav-secondary" role="secondary-navigation">
598 <ul>
599 <li class="nav-label">Topics: </li>
600 <li><a href="//devices.slashdot.org">Devices</a></li>
601 <li><a href="//build.slashdot.org">Build</a></li>
602 <li><a href="//entertainment.slashdot.org">Entertainment</a></li>
603 <li><a href="//technology.slashdot.org">Technology</a></li>
604 <li><a href="//slashdot.org/?fhfilter=opensource">Open Source</a></li>
605 <li><a href="//science.slashdot.org">Science</a></li>
606 <li><a href="//yro.slashdot.org">YRO</a></li>
607 <!-- <li><a href="//slashdot.org/topics.pl">more...</a></li> -->
608 </ul>
609 </nav>
610 <nav class="nav-social" role="social navigation">
611 <ul>
612 <li class="nav-label">Follow us:</li>
613 <li><a href="http://rss.slashdot.org/Slashdot/slashdotMain" target="_blank"><i class="icon-rss-squared"></i><span class="sr-only">RSS</span></a></li>
614 <li><a href="http://www.facebook.com/slashdot" target="_blank"><i class="icon-facebook-squared"></i><span class="sr-only">Facebook</span></a></li>
615 <li><a href="https://plus.google.com/112601993642376762846/" target="_blank"><i class="icon-gplus-squared"></i><span class="sr-only">Google+</span></a></li>
616 <li><a href="http://twitter.com/slashdot" target="_blank"><i class="icon-twitter-squared"></i><span class="sr-only">Twitter</span></a></li>
617 <li><a href="//slashdot.org/newsletter" target="_blank"><i class="icon-mail-squared"></i><span class="sr-only">Newsletter</span></a></li>
618 </ul>
619 </nav>
620 </div>
621 </div>
622
623 <section>
624
625 <div class="message-bar" id="firehose-message-tray">
626 <span class="icon-quote-left"></span>
627 <p>
628
629
630 Slashdot is powered by <strong><a href="//tech.slashdot.org/submission">your submissions</a></strong>, so send in your scoop
631
632 </p>
633 </div>
634
635
636 <div id='embbeded_login_modal' class="hide">
637 <form action="https://slashdot.org/my/login" method="post" onsubmit="if (global_returnto) { this.returnto.value = global_returnto }" class="embedded"><fieldset style="-webkit-border-radius:10px 10px 0 0;border-radius:10px 10px 0 0;-moz-border-radius:10px 10px 0 0">
638 <div style='height:25px;'>&nbsp;</div>
639 <input type="hidden" name="returnto" value="">
640 <input type="hidden" name="op" value="userlogin">
641 <p>
642 <label class="fleft" for="unickname">Nickname:</label>
643 <input type="text" name="unickname" value="">
644 </p>
645 <p>
646 <label class="fleft" for="upasswd">Password:</label>
647 <input type="password" name="upasswd" placeholder="6-1024 characters long">
648 </p>
649 <label class="checkbox"><input type="checkbox" name="login_temp" value="yes"> Public Terminal</label>
650 <br>
651 <hr>
652 <input type="submit" name="userlogin" value="Log In" class="fno"> <a href="//slashdot.org/my/mailpassword" class="btn link" onclick="getModalPrefs('sendPasswdModal', 'Retrieve Password', 1); return false;">Forgot your password?</a>
653 </fieldset></form>
654
655 <div id="janrainEngageEmbed"></div>
656 <div class="actions">
657 <a class="ico close" onclick="hide_login_slider();" href=""><span>Close</span></a>
658 </div>
659 </div>
660
661
662 <div class="banner-wrapper">
663 <div class="adwrap adwrap-unviewed banner-contain">
664
665 <div id='div-gpt-ad-728x90_a'><script type='text/javascript'>
666 googletag.cmd.push(function(){
667 googletag.display('div-gpt-ad-728x90_a');});</script></div>
668 <div id='div-gpt-ad-hubicon_200x90_a'><script type='text/javascript'>
669 googletag.cmd.push(function(){
670 googletag.display('div-gpt-ad-hubicon_200x90_a');});</script></div>
671 </div>
672 </div>
673
674 <a name="main-articles"></a>
675
676 <!-- header type=current end --><!-- body begin -->
677
678
679
680
681
682
683
684
685
686 <style type="text/css">
687 menu, menu * {
688 text-decoration:none;
689 }
690
691 menu[type=context] {
692 display:none;
693 position:absolute;
694 z-index:10000;
695 }
696
697 menu[type=context]:not(.brief) {
698 background-color:#dfdfdf;
699 margin:0;
700 padding:2px 0.5em;
701 border-style:solid;
702 border-width:1px;
703 border-color:#eeeeee #aaaaaa #aaaaaa #eeeeee;
704 -moz-border-radius-topright:.7em;
705 -webkit-border-top-right-radius: 0.7em 0.7em;
706 }
707
708 menu.full[type=context] > a.slash-hover:first-child {
709 -moz-border-radius-topright:.6em;
710 -webkit-border-top-right-radius: 0.6em 0.6em;
711 }
712
713
714
715 menu.brief[type=context] > a {
716 -moz-border-radius:.6em;
717 -webkit-border-radius: 0.6em;
718 color:#ffffff;
719 background-color:#000000;
720 }
721
722 /*
723 span.briefmenu a.tag:not(.datatype) {
724 padding-left:.5em;
725 }
726 */
727
728
729
730
731 /* #tag-menu a, #feedback-menu a { */
732 menu.tag-menu-admin a {
733 display:list-item;
734 list-style:none;
735 text-align:left;
736 font-weight:bold;
737 color:black;
738 padding:0.1em 0.5em;
739 margin:-0.1em -0.5em;
740 cursor:pointer;
741 }
742
743
744 .tags .edit-bar { position:relative; }
745 article aside .share .addthis_toolbox { display:block; width:60px; float:left; }
746 article aside.view_mode .share { min-width:120px; padding-top:.5em; }
747 #firehose.list article header h2 {padding-left: 20px; !important}
748 .novote .vote { display:none; }
749
750 .vote > a, .votedup > a, .voteddown > a {
751 display:inline-block;
752 height:22px;
753 width:22px;
754 margin: 2px 10px 0 0;
755 color:rgb(255,255,255);
756 text-decoration:none;
757 line-height:22px;
758 text-align:center;
759 font-weight:bold;
760 font-size:14px;
761 border-width:1px;
762 border-style:solid;
763 border-color:rgba(0,0,0,0.5);
764 }
765
766 .vote > a, .votedup > a, .voteddown > a {color:rgb(0,0,0);}
767
768 article.fhitem-submission h2 .vote > a, article.fhitem-submission h2 .votedup > a, article.fhitem-submission h2 .voteddown > a { border-color:rgba(0,0,0,0.15); }
769 .vote .up, .vote .down, .votedup .up, .votedup .down, .voteddown .up, .voteddown .down { border-radius: 4px; -moz-border-radius: 4px; -webkit-border-radius: 4px; /* text-shadow:0 0 2px #000000; }*/}
770 article:not(.fhitem-story) .vote .up,article:not(.fhitem-story) .vote .down,article:not(.fhitem-story) .votedup .up,article:not(.fhitem-story) .votedup .down,article:not(.fhitem-story) .voteddown .up,article:not(.fhitem-story) .voteddown .down { /*text-shadow:none !important; */}
771 .voteddown .down, .votedup .up { margin-right: 10px; text-indent:2px; line-height:24px; }
772 article:not(.fhitem-story) .votedup .up,article:not(.fhitem-story) .voteddown .down {background: rgb(174,174,174);background-image: -webkit-gradient(linear, 0% 0%, 0% 100%, from(rgb(174,174,174)), to(rgb(193,193,193)));background-image: -moz-linear-gradient(100% 100% 90deg,rgb(193,193,193), rgb(174,174,174) 100%);color:rgb(0,0,0);}
773 article.fhitem-story .votedup .up,article.fhitem-story .voteddown .down {background: rgb(0,66,66);background-image: -webkit-gradient(linear, 0% 0%, 0% 100%, from(rgb(0,53,53)), to(rgb(0,102,102)));background-image: -moz-linear-gradient(100% 100% 90deg,rgb(0,102,102), rgb(0,53,53) 100%);}
774
775
776
777
778 #tag-menu span.var-tag {
779 font-weight:normal;
780 color:#444444;
781 }
782
783 menu.reasons-menu a {
784 padding:0 .25em 0 .25em;
785 font-size:80%;
786 -moz-border-radius:.5em;
787 -webkit-border-radius:.5em;
788 cursor:pointer;
789 }
790
791 menu.reasons-menu a:hover {
792 background:rgb(153,153,153);
793 background:-moz-linear-gradient(100% 100% 90deg, rgb(102,102,102), rgb(153,153,153) 70%) repeat scroll 0 0 rgb(102,102,102);
794 background-image: -webkit-gradient(linear, 0% 0%, 0% 100%, from(rgb(153,153,153)), to(rgb(102,102,102)));
795 color:#fff;
796 text-decoration:none;
797 font-weignt:normal;
798 }
799
800 article.fhitem-story menu.reasons-menu a:hover {
801 background:#002323 !important;
802 background:-moz-linear-gradient(100% 100% 90deg, #002323, #005353 70%) repeat scroll 0 0 #002323 !important;
803 background-image: -webkit-gradient(linear, 0% 0%, 0% 100%, from(#005353), to(#002323)) !important;
804 }
805
806
807 menu.reasons-menu {
808 display:none;
809 margin:0;
810 padding:0;
811 }
812
813 div.fhitem h3 menu.reasons-menu {
814 margin:0.25em 0 0;
815 }
816
817 div.fhitem h3 menu.reasons-menu a.tag {
818 font-size:.8em;
819 }
820
821 #tag-menu a.slash-hover,
822 #feedback-menu a.slash-hover,
823
824 .tag-display span.tag:hover,
825 .tag-display span.tag.trigger {
826 color:white;
827 background-color:rgb(0, 85, 85);
828 }
829
830 #tag-menu a.slash-hover span.var-tag {
831 color:#eee;
832 }
833
834 .tag-entry.default {
835 color:#ccc;
836 }
837
838 .brief .nix {
839 margin-top:-1.35em;
840 margin-left:0px;
841 margin-top:-1.15em;
842 text-decoration:none;
843 line-height:1.35em;
844 padding:0 2px;
845 -moz-border-radius:.6em 0 0 .6em;
846 -webkit-border-radius:.6em 0 0 .6em;
847 -o-border-radius:.6em 0 0 .6em;
848 border-radius:.6em 0 0 .6em;
849 color:#fff !important;
850 background:transparent !important;
851 }
852
853 .brief .nix:hover {
854 background:rgb(153,153,153) !important;
855 background:-moz-linear-gradient(100% 100% 90deg, rgb(102,102,102), rgb(153,153,153) 70%) repeat scroll 0 0 rgb(102,102,102) !important;
856 background-image: -webkit-gradient(linear, 0% 0%, 0% 100%, from(rgb(153,153,153)), to(rgb(102,102,102))) !important;
857 }
858
859 </style>
860
861 <menu id="nix-reasons" style="display:none">
862 <a class="tag">binspam</a><a class="tag">dupe</a><a class="tag">notthebest</a><a class="tag">offtopic</a><a class="tag">slownewsday</a><a class="tag">stale</a><a class="tag">stupid</a>
863 </menu>
864 <menu id="nod-reasons" style="display:none">
865 <a class="tag">fresh</a><a class="tag">funny</a><a class="tag">insightful</a><a class="tag">interesting</a><a class="tag">maybe</a>
866 </menu>
867 <menu id="comment-nix-reasons" style="display:none">
868 <a class="tag">offtopic</a><a class="tag">flamebait</a><a class="tag">troll</a><a class="tag">redundant</a><a class="tag">overrated</a>
869 </menu>
870 <menu id="comment-nod-reasons" style="display:none">
871 <a class="tag">insightful</a><a class="tag">interesting</a><a class="tag">informative</a><a class="tag">funny</a><a class="tag">underrated</a>
872 </menu>
873
874 <menu id="tag-nod-reasons" style="display:none">
875 <a class="tag">descriptive</a>
876 </menu>
877 <menu id="feedback-menu" class="tag-menu-admin" type="context">
878 <a class="tag">typo</a><a class="tag">dupe</a><a class="tag">error</a>
879 </menu>
880 <menu id="tag-menu" class="tag-menu-admin none" type="context">
881
882 <!-- <a data-op="!" class="nix">!<span class="var-tag hide"></span></a>-->
883
884 </menu>
885
886 <script type="text/javascript">
887 $(function(){
888 var $CURRENT_MENU, $TAG_MENU=$('#tag-menu'), NOTNOT=/^!!/, IE7=/^7\.0/, TAG_PREFIX=/^\/tag\//;
889
890 function get_tag_name( $tag ){
891 return ($tag.attr('href') || '').replace(TAG_PREFIX, '') || $tag.text().toLowerCase();
892 }
893
894 function trigger_menu( e, selector, $menu, menu_content ){
895 var $target=$(original_target(e, selector)), in_use=$target.is('.trigger');
896 if ( $CURRENT_MENU ) {
897 $CURRENT_MENU.menu('cancel', e);
898 $CURRENT_MENU = null;
899 }
900
901 if ( !in_use ) {
902 menu_content && $menu.stop(true, true).hide().html(menu_content);
903 ($CURRENT_MENU=$menu).menu('context', e);
904 }
905 return !in_use;
906 }
907
908 function open_menu( trigger, $menu ){
909 var $trigger=$(trigger), $fhitem=$trigger.closest('.fhitem');
910 $fhitem.length && user_intent('interest', $fhitem[0]);
911
912 $menu.appendTo(document.body).css({ opacity:0 }).show();
913
914 var right = $fhitem.offset().left + $fhitem.width(),
915 global = $trigger.offset(),
916 local = $menu.offsetParent().offset();
917
918 // Ugly IE position hack required:
919 $.browser.msie && IE7.test($.browser.version) && (local.top = 0);
920
921 // pin the menu (horizontally) on-screen
922 global.left = Math.min(global.left, right-$menu.width());
923
924 $trigger.addClass('trigger');
925 $menu.css({
926 position: 'absolute',
927 top: global.top - local.top + $trigger.height(),
928 left: global.left - local.left,
929 opacity: 1
930 });
931 }
932
933 function close_menu( trigger, $menu ){
934 $menu.hide();
935 $(trigger).removeClass('trigger');
936 ($CURRENT_MENU===$menu) && ($CURRENT_MENU=false);
937 }
938
939 /* T2 tag context-menu */
940 var $TAG_MENU=$('#tag-menu'), NOTNOT=/^!!/;
941
942
943 var user_is_admin = 0;
944
945
946
947 $('a[rel=tag]').live('mousedown',function(ea){
948 window.open(this.href);
949 return false;
950 })
951
952 $('.tag-bar .disagree').live('mousedown',function(ee){
953 var fhitem = $(original_target(ee)).closest('.fhitem')[0],
954 command = ('!' + $(original_target(ee)).attr("data-tag")).replace(NOTNOT, '');
955 try { Tags.submit(fhitem, command); } catch ( err ) { }
956 return false;
957 })
958
959
960
961 $('a[rel=tag]').
962 live('mousedown', function( e ){
963
964 return true;
965
966
967 }).
968 live('click', function( e ){
969 if ( !logged_in ) {
970 var target = original_target(e),
971 tag = $(target).text();
972 addfhfilter(tag);
973 }
974 e.preventDefault();
975 return false;
976 });
977
978 $TAG_MENU.menu({
979 cssNamespace: 'slash',
980 liveTriggers: true,
981 clickDuration: 300,
982
983 start: function( e, ui ){
984 var $tag = $(ui.trigger),
985 tag = get_tag_name($tag),
986 context = firehose_settings && firehose_settings.viewtitle;
987
988 // Insert the tagname into the menu items where needed.
989 $TAG_MENU.find('span.var-tag').text(tag);
990 $TAG_MENU.find('a.nix').attr('title','not ' + tag);
991
992
993 // non-admins may only delete their own tags
994 $TAG_MENU.find('a:[data-op="-"]').toggle($tag.is('.my'));
995
996
997 // *tagname* in *viewtitle*
998 $TAG_MENU.find('a:[data-op="="]').toggle(!!context);
999 context && $TAG_MENU.find('span.var-view').text(context);
1000
1001 open_menu($tag, $TAG_MENU);
1002 },
1003
1004 select: function( e, ui ){
1005 var $tag = $(ui.trigger),
1006 tag = get_tag_name($tag),
1007 op = $(ui.select).attr('data-op'),
1008 fhitem,
1009 command;
1010
1011 // Global for positioning other things.
1012 $related_trigger = $tag;
1013
1014 switch ( op ) {
1015 case '=':
1016 addfhfilter(tag);
1017 break;
1018
1019 default:
1020 fhitem = $tag.closest('.fhitem')[0];
1021 command = (op + tag).replace(NOTNOT, '');
1022 try { Tags.submit(fhitem, command); } catch ( err ) { }
1023 break;
1024 }
1025 },
1026
1027 stop: function( e, ui ){ close_menu(ui.trigger, $TAG_MENU); }
1028 });
1029
1030
1031
1032
1033 /* T2 feedback context-menu */
1034
1035
1036
1037 /* T2 datatype context-menu (admin-only) */
1038
1039
1040
1041
1042
1043
1044 });
1045 </script>
1046
1047
1048
1049 <!-- SMACKS: BEGIN STORY CONTENT -->
1050 <div class="container">
1051 <!--SMACKS: BEGING CENTER COLUMN -->
1052 <div class="main-wrap has-rail-right">
1053 <div class="main-content">
1054 <div class="grid_24 a2 ">
1055 </div>
1056 <div id="firehose" class="nothumbs">
1057 <div id="firehoselist" class="fhroot fleft grid_24">
1058 <div id="announcement">
1059 <div id="announcementText" style="display: none;"> <span class="headline">Migrate from GitHub to SourceForge quickly and easily with <strong><a href="https://sourceforge.net/p/forge/documentation/GitHub%20Importer/">this tool</a></strong>.</span> Check out all of SourceForge&rsquo;s <strong><a href="https://sourceforge.net/blog/brief-history-sourceforge-look-to-future/">recent improvements.</a></strong></div>
1060 <a href="" class="btn-close" title="don't show me this again" onclick="closeAnnouncement(); return false;">&times;</a>
1061 </div>
1062
1063
1064 <script type="text/javascript">
1065
1066 if (!$.cookie('hide_sitenotice_36')) {
1067 $('#announcement').fadeIn(300);
1068 }
1069
1070 function closeAnnouncement() {
1071 $('#announcement').fadeOut(300);
1072 $.cookie('hide_sitenotice_36', 'true', { path: '/', domain: 'slashdot.org', expires: 1 });
1073 }
1074 </script>
1075 <article id="firehose-102639752" data-fhid="102639752" data-fhtype="story" class="fhitem fhitem-story article usermode thumbs grid_24">
1076 <span class="sd-info-block" style="display: none">
1077 <span class="sd-key-firehose-id">102639752</span>
1078 <span class="type">story</span>
1079
1080 </span>
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091 <header>
1092
1093 <span class="topic" id="topic-102639752">
1094 <a href="//tech.slashdot.org/index2.pl?fhfilter=security" onclick="return addfhfilter('security');">
1095
1096 <img src="//a.fsdn.com/sd/topics/security_64.png" width="64" height="64" alt="Security" title="Security">
1097
1098 </a>
1099
1100
1101
1102
1103
1104
1105
1106
1107 <a href="//tech.slashdot.org/index2.pl?fhfilter=internet" onclick="return addfhfilter('internet');">
1108
1109 <img src="//a.fsdn.com/sd/topics/internet_64.png" width="64" height="64" alt="The Internet" title="The Internet">
1110
1111 </a>
1112
1113
1114
1115
1116
1117
1118 <a href="//tech.slashdot.org/index2.pl?fhfilter=it" onclick="return addfhfilter('it');">
1119
1120 <img src="//a.fsdn.com/sd/topics/it_64.png" width="64" height="64" alt="IT" title="IT">
1121
1122 </a>
1123
1124
1125
1126
1127
1128
1129 <a href="//tech.slashdot.org/index2.pl?fhfilter=technology" onclick="return addfhfilter('technology');">
1130
1131 <img src="//a.fsdn.com/sd/topics/technology_64.png" width="64" height="64" alt="Technology" title="Technology">
1132
1133 </a>
1134 </span>
1135
1136
1137 <h2 class="story">
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151 <span id="title-102639752" class="story-title"> <a href="//tech.slashdot.org/story/18/09/06/1954253/400000-websites-vulnerable-through-exposed-git-directories">400,000 Websites Vulnerable Through Exposed<nobr> <wbr></nobr>.git Directories</a> <span class=" no extlnk"><a class="story-sourcelnk" href="https://www.scmagazine.com/home/news/400000-websites-vulnerable-through-exposed-git-directories/" title="External link - https://www.scmagazine.com/home/news/400000-websites-vulnerable-through-exposed-git-directories/" target="_blank"> (scmagazine.com) </a></span></span>
1152
1153
1154
1155 <!--<span class="comments commentcnt-102639752" >32</span>-->
1156
1157
1158
1159 <!-- comment bubble -->
1160
1161 <span class="comment-bubble"><a href="//tech.slashdot.org/story/18/09/06/1954253/400000-websites-vulnerable-through-exposed-git-directories#comments" title="">32</a></span>
1162
1163 </h2>
1164 <div class="details" id="details-102639752">
1165 <span class="story-details">
1166 <span class="story-views">
1167 <span class="sodify" onclick="firehose_set_options('color', 'red')" title="Filter Firehose to entries rated red or better"></span><span class="icon-beaker pop1 " alt="Popularity" title="Filter Firehose to entries rated red or better" onclick="firehose_set_options('color', 'red')"><span></span></span>
1168 </span>
1169 </span>
1170 <span class="story-byline">
1171
1172
1173 Posted
1174 by
1175
1176
1177
1178 msmash
1179
1180
1181
1182
1183
1184
1185 <time id="fhtime-102639752" datetime="on Thursday September 06, 2018 @04:00PM">on Thursday September 06, 2018 @04:00PM</time>
1186
1187
1188 from the <span class="dept-text">security-woes</span> dept.
1189
1190 </span>
1191 </div>
1192 </header>
1193
1194 <div class="body" id="fhbody-102639752">
1195
1196
1197
1198
1199
1200
1201 <div id="text-102639752" class="p">
1202
1203
1204 Open .git directories are a bigger cybersecurity problem than many might imagine, at least according to a Czech security researcher who <a href="https://www.scmagazine.com/home/news/400000-websites-vulnerable-through-exposed-git-directories/">discovered almost 400,000 web pages with an open .git directory</a> possibly exposing a wide variety of data. From a report:<i> Vladimir Smitka began his .git directory odyssey in July when he began looking at Czech websites to find how many were improperly configured and allow access to their .git folders within the file versions repository. Open .git directories are a particularly dangerous issue, he said, because they can contain a great deal of sensitive information. "Information about the website's structure, and sometimes you can get very sensitive data such as database passwords, API keys, development IDE settings, and so on. However, this data shouldn't be stored in the repository, but in previous scans of various security issues, I have found many developers that do not follow these best practices," Smitka wrote. Smitka queried 230 million websites to discover the 390,000 allowing access to their .git directories. The vast majority of the websites with open directories had a .com TLD with .net, .de, .org and uk comprising most of the others.</i><br>
1205
1206 </div>
1207
1208
1209
1210
1211
1212
1213
1214
1215 </div>
1216 <aside class="grid_24 view_mode">
1217
1218 <div class="units-12 story-detail-tags">
1219 <span id="sharethis-102639752" class="">
1220
1221
1222
1223
1224
1225
1226 <div class="story-controls">
1227 <div
1228 class="janrainSocialPlaceholder"
1229 data-janrain-url="https://tech.slashdot.org/story/18/09/06/1954253/400000-websites-vulnerable-through-exposed-git-directories"
1230 data-janrain-title="400,000 Websites Vulnerable Through Exposed .git Directories"
1231 data-janrain-message="400,000 Websites Vulnerable Through Exposed .git Directories @slashdot"
1232 ></div>
1233 </div>
1234
1235
1236 </span>
1237
1238 <div class="story-tags">
1239 <div class="tright tw">
1240
1241 <span class="tright tags">
1242
1243 <menu type="toolbar" class="edit-bar">
1244 <span id="tagbar-102639752" class="tag-bar none">
1245 <a class="topic tag" rel="statictag" href="//slashdot.org/tag/" target="_blank"></a>
1246 <a class="popular tag" rel="statictag" href="//slashdot.org/tag/git" target="_blank">git</a>
1247 <a class="popular tag" rel="statictag" href="//slashdot.org/tag/internet" target="_blank">internet</a>
1248 <a class="popular tag" rel="statictag" href="//slashdot.org/tag/it" target="_blank">it</a>
1249
1250 </span>
1251
1252 <a class="edit-toggle" href="/my/login/" onclick="show_login_box();return false;">
1253 <span class="icon-tag btn collapse"></span>
1254 </a>
1255
1256
1257 <div class="tag-menu">
1258 <input class="tag-entry default" type="text" value="apply tags">
1259 </div>
1260
1261
1262
1263
1264
1265 </menu>
1266
1267 </span>
1268
1269 </div>
1270 </div>
1271 </div>
1272
1273
1274
1275
1276
1277
1278 <section class="grid_24" id="newa2footerv2">
1279 <div class="grid_6 pr">
1280 <h3><a title="Previous story" href="//games.slashdot.org/story/18/09/06/1921222/eve-online-studio-acquired-by-korean-mmo-maker?sdsrc=prev">&larr;</a></h3>
1281 </div>
1282 <div class="grid_12 rl">
1283 <h3>You may like to read:</h3>
1284 </div>
1285 <div class="grid_6 ns">
1286 <h3><a title="Next story" href="//tech.slashdot.org/story/18/09/06/205221/ive-seen-the-future-of-consumer-ai-and-it-doesnt-have-one?sdsrc=next">&rarr;</a></h3>
1287 </div>
1288 <div class="grid_6">
1289 <span class="c">
1290 <a href="//games.slashdot.org/story/18/09/06/1921222/eve-online-studio-acquired-by-korean-mmo-maker?sdsrc=prev">'Eve Online' Studio Acquired By Korean MMO Maker </a>
1291 </span>
1292 </div>
1293 <div class="grid_12">
1294 <span class="c">
1295
1296
1297
1298
1299
1300
1301 <h2><a href="//tech.slashdot.org/story/18/01/08/1954203/james-damore-sues-google-for-allegedly-discriminating-against-conservative-white-men?sdsrc=popbyskid">James Damore Sues Google For Allegedly Discriminating Against Conservative White Men</a><br></h2>
1302 <h2><a href="//tech.slashdot.org/story/18/03/19/1736231/self-driving-uber-car-kills-arizona-woman-in-first-fatal-crash-involving-pedestrian?sdsrc=popbyskid">Self-Driving Uber Car Kills Arizona Woman in First Fatal Crash Involving Pedestrian</a><br></h2>
1303 <h2><a href="//tech.slashdot.org/story/17/11/16/0050243/twitter-bans-removes-verified-status-of-white-supremacists?sdsrc=popbyskid">Twitter Bans, Removes Verified Status of White Supremacists</a><br></h2>
1304 <h2><a href="//tech.slashdot.org/story/18/02/15/2255242/pro-gun-russian-bots-flood-twitter-after-parkland-shooting?sdsrc=popbyskid">Pro-Gun Russian Bots Flood Twitter After Parkland Shooting</a><br></h2>
1305 <h2><a href="//tech.slashdot.org/story/17/11/19/043243/i-see-things-differently-james-damore-on-his-autism-and-the-google-memo?sdsrc=popbyskid">'I See Things Differently': James Damore on his Autism and the Google Memo</a><br></h2>
1306
1307
1308
1309 </span>
1310 </div>
1311 <div class="grid_6">
1312 <span class="c">
1313
1314 <a href="//tech.slashdot.org/story/18/09/06/205221/ive-seen-the-future-of-consumer-ai-and-it-doesnt-have-one?sdsrc=next">'I've Seen the Future of Consumer AI, and it Doesn't Have One'</a>
1315
1316 </span>
1317 </div>
1318 </section>
1319
1320
1321
1322 </aside>
1323
1324
1325
1326
1327 </article>
1328 </div>
1329 </div>
1330 </div>
1331 </div>
1332 <!-- SMACKS: BEGIN RIGHT RAIL -->
1333 <aside id="slashboxes" class="rail-right">
1334
1335 <div id="slashboxesin" class="yui-b">
1336
1337
1338
1339 </div>
1340 <div class="railad adwrap-unviewed">
1341 <div id='div-gpt-ad-300x250_a'><script type='text/javascript'>
1342 googletag.cmd.push(function(){
1343 googletag.display('div-gpt-ad-300x250_a');});</script></div>
1344 </div>
1345 <div id="taboola-below-article-thumbnails"></div>
1346 <script type="text/javascript">
1347 if ( isAdBlockActive) {
1348 window._taboola = window._taboola || [];
1349 _taboola.push({
1350 mode: 'thumbnails-rr2',
1351 container: 'taboola-below-article-thumbnails',
1352 placement: 'Below Article Thumbnails',
1353 target_type: 'mix'
1354 });
1355 };
1356 </script>
1357
1358 </aside>
1359 <!-- SMACKS: END RIGHT RAIL -->
1360 </div>
1361 <!-- END STORY CONTENT -->
1362
1363 <!-- THIS IS THE LOCATION FOR THE NEW STORY_B CODE -->
1364 <div class="adwrap">
1365 <div id='div-gpt-ad-728x90_b'><script type='text/javascript'>
1366 googletag.cmd.push(function(){
1367 googletag.display('div-gpt-ad-728x90_b');});</script></div>
1368 </div>
1369 <div id="stackcommerce-adwrap" style="display:none;">
1370 <div style="margin:auto;max-width:970px;max-height:250px;">
1371 <div data-sc-widget data-publisher-id="66" data-categories="88,90" data-items-per-page="4" data-col-count="4" data-utm-source="slashdot.org" data-utm-content="story-deal-feed"></div>
1372 </div>
1373 </div>
1374 <script type="text/javascript">
1375 if (!window.is_euro_union) {
1376 if (isAdBlockActive) {
1377 $.ajax({
1378 url: '/ajax.pl?op=nel',
1379 success: function(html){
1380 if(html){
1381 $('#firehoselist article').eq(0).after(html);
1382 } else {
1383 (function () {
1384 var stackCommerceDiv = document.getElementById('stackcommerce-adwrap');
1385 stackCommerceDiv.style = '';
1386 var stackCommerce = document.createElement('script');
1387 stackCommerce.async = true;
1388 stackCommerce.type = 'text/javascript';
1389 stackCommerce.src = 'https://widgets.stackcommerce.com/js-deal-feed/0.1/widget.js';
1390 var node = document.getElementsByTagName('script')[0];
1391 node.parentNode.insertBefore(stackCommerce, node);
1392 })();
1393 }
1394 }
1395 });
1396 };
1397 }
1398 </script>
1399 <!--------------------------->
1400
1401
1402 <!-- SMACKS: BEGIN COMMENTS CONTAINER -->
1403 <div class="container">
1404 <!-- SMACKS: BEGIN COMMENTS SECTION -->
1405 <div class="main-wrap">
1406 <div class="main-content">
1407 <div id="comments" class="a2commentwrap">
1408 <div>
1409 <a name="comments"></a>
1410 <div id="comments" class="container">
1411 <div class="main-wrap">
1412 <div class="main-content">
1413 <section class="d2incommentspl">
1414 <div class="commentwrap" id="commentwrap">
1415
1416 <div class="commentBox">
1417 <div class="title hide">
1418 <h4>
1419
1420 <span class="escape-link"><a href="//tech.slashdot.org/story/18/09/06/1954253/400000-websites-vulnerable-through-exposed-git-directories" title="Back to Article - 400,000 Websites Vulnerable Through Exposed&lt;nobr&gt; &lt;wbr&gt;&lt;/nobr&gt;.git Directories">400,000 Websites Vulnerable Through Exposed<nobr> <wbr></nobr>.git Directories</a></span>
1421
1422 <span class="commentBoxLinks"><a href="#" onclick="D2.ajaxFetchComments(0,1); return false"><span id="more_comments_num_d"></span> More</a>
1423
1424
1425
1426 | <span class="ind"></span><a href="//tech.slashdot.org/comments.pl?sid=12580412&amp;op=reply&amp;threshold=1&amp;commentsort=0&amp;mode=thread&amp;pid=" onclick="D2.replyTo(0); return false;">Reply</a>
1427
1428
1429 <a class="login" href="//tech.slashdot.org/login.pl" onclick="show_login_box(); return false">Login</a></span>
1430 </h4>
1431 </div>
1432 </div>
1433
1434
1435 <section class="grid_24" id="d2header"><div>
1436
1437 <h2 class="commentspl test"><a title="Back to Article - 400,000 Websites Vulnerable Through Exposed&lt;nobr&gt; &lt;wbr&gt;&lt;/nobr&gt;.git Directories" href="//tech.slashdot.org/story/18/09/06/1954253/400000-websites-vulnerable-through-exposed-git-directories">400,000 Websites Vulnerable Through Exposed<nobr> <wbr></nobr>.git Directories</a></h2>
1438
1439 <nav class="grid_24">
1440 <div class="grid_14 widthauto">
1441
1442 <span class="ind"></span><a class="btn first" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;op=reply&amp;threshold=1&amp;commentsort=0&amp;mode=thread&amp;pid=" onclick="D2.replyTo(0); return false;">Post</a>
1443
1444 <!-- <a href="//tech.slashdot.org/search.pl?op=comments&amp;sid=12580412" class="btn">Search <span class="totalcommentcnt">32</span> Comments</a> -->
1445
1446
1447 <a href="#" onclick="D2.ajaxFetchComments(0,1,'','',-1); return false" class="btn" id="d2loadall">Load All Comments</a>
1448
1449
1450
1451 </div>
1452 <div class="grid_10 d1or2">
1453
1454
1455
1456 <div id="d2out" class="horizontal rooted grid_15">
1457 <div id="d2act" class="hide">
1458 <div class="loki" id="gods">
1459 <script type="text/javascript">
1460 $(function(){
1461 D2.slider = new D2.Slider(
1462 D2.user_threshold(),
1463 D2.user_highlightthresh(),
1464 'x'
1465 );
1466 });
1467 </script>
1468 <div id="bones" class="grid_12">
1469 <div class="ccw-count-container grid_24">
1470 <span id="ccw-full-count-text" class="grid_8 ccw-count-text tcenter"><span></span><span id="ccw-full-phrase">&nbsp;Full</span></span>
1471 <span id="ccw-abbr-count-text" class="grid_8 ccw-count-text"><span></span><span id="ccw-abbr-phrase">&nbsp;Abbreviated</span></span>
1472 <span id="ccw-hide-count-text" class="grid_8 ccw-count-text tleft"><span></span><span id="ccw-hide-phrase">&nbsp;Hidden</span></span>
1473 </div>
1474 <div id="ccw">
1475 <div id="ccw-body" class="ccw-core">
1476 <div id="ccw-panel-container" class="ccw-core">
1477 <div id="ccw-full-panel" class="ccw-panel">
1478 /Sea<div class="ccw-panel-border"></div>
1479 <div id="ccw-full-count-pos" class="ccw-core-pos ccw-count-pos"></div>
1480 </div>
1481 <div id="ccw-abbr-panel" class="ccw-panel">
1482 <div class="ccw-panel-border"></div>
1483 <div id="ccw-abbr-count-pos" class="ccw-core-pos ccw-count-pos"></div>
1484 </div>
1485 <div id="ccw-hide-panel" class="ccw-panel">
1486 <div id="ccw-hide-count-pos" class="ccw-core-pos ccw-count-pos"></div>
1487 </div>
1488 </div>
1489 <div id="ccw-control" class="ccw-core">
1490 <div id="ccw-centering-rail" class="ccw-core">
1491 <div id="ccw-hide-bar-pos" class="ccw-core-pos">
1492 <div id="ccw-hide-bar" class="ccw-bar">
1493 <div id="ccw-hide-bar-tab" class="ccw-bar-tab"></div>
1494 <div class="ccwa"></div>
1495 <div class="ccwb"></div>
1496 <div id="ccw-hide-bar-upzone" class="ccw-upzone" onclick="D2.slider.stepTHT(HIDE_BAR, +1)"></div>
1497 <div id="ccw-hide-bar-downzone" class="ccw-downzone" onclick="D2.slider.stepTHT(HIDE_BAR, -1)"></div>
1498 </div>
1499 </div>
1500 <div id="ccw-abbr-bar-pos" class="ccw-core-pos">
1501 <div id="ccw-abbr-bar" class="ccw-bar">
1502 <div id="ccw-abbr-bar-tab" class="ccw-bar-tab"></div>
1503 <div class="ccwa"></div>
1504 <div class="ccwb"></div>
1505 <div id="ccw-abbr-bar-upzone" class="ccw-upzone" onclick="D2.slider.stepTHT(ABBR_BAR, +1)"></div>
1506 <div id="ccw-abbr-bar-downzone" class="ccw-downzone" onclick="D2.slider.stepTHT(ABBR_BAR, -1)"></div>
1507 </div>
1508 </div>
1509 </div>
1510 </div>
1511 </div>
1512 <div class="ccw-score-label grid_24">
1513 <div class="grid_3"><span class="sc">Score:</span></div>
1514 <div class="grid_3">5<span class="lg"></span></div>
1515 <div class="grid_3">4<span class="lg"></span></div>
1516 <div class="grid_3">3<span class="lg"></span></div>
1517 <div class="grid_3">2<span class="lg"></span></div>
1518 <div class="grid_3">1<span class="lg"></span></div>
1519 <div class="grid_3">0<span class="lg"></span></div>
1520 <div class="grid_3">-1<span class="lg"></span></div>
1521 </div>
1522 </div>
1523 </div>
1524 <div class="commentControlFooter">
1525 <a href="#" onclick="D2.ajaxFetchComments(0,1); return false"><span id="more_comments_num_c"></span> More</a>
1526
1527
1528
1529 | <span class="ind"></span><a href="//tech.slashdot.org/comments.pl?sid=12580412&amp;op=reply&amp;threshold=1&amp;commentsort=0&amp;mode=thread&amp;pid=" onclick="D2.replyTo(0); return false;">Reply</a>
1530
1531
1532 <a class="login" href="//tech.slashdot.org/login.pl" onclick="show_login_box(); return false">Login</a><div id="login_cover" class="hide" onclick="hide_login_box()"></div>
1533 <div id="login_box" class="hide">
1534 <div id="login_box_content">
1535 <div id='embbeded_login_modal' class="hide">
1536 <form action="https://slashdot.org/my/login" method="post" onsubmit="if (global_returnto) { this.returnto.value = global_returnto }" class="embedded"><fieldset style="-webkit-border-radius:10px 10px 0 0;border-radius:10px 10px 0 0;-moz-border-radius:10px 10px 0 0">
1537 <div style='height:25px;'>&nbsp;</div>
1538 <input type="hidden" name="returnto" value="//tech.slashdot.org/comments.pl?sid=12580412">
1539 <input type="hidden" name="op" value="userlogin">
1540 <p>
1541 <label class="fleft" for="unickname">Nickname:</label>
1542 <input type="text" name="unickname" value="">
1543 </p>
1544 <p>
1545 <label class="fleft" for="upasswd">Password:</label>
1546 <input type="password" name="upasswd" placeholder="6-1024 characters long">
1547 </p>
1548 <label class="checkbox"><input type="checkbox" name="login_temp" value="yes"> Public Terminal</label>
1549 <br>
1550 <hr>
1551 <input type="submit" name="userlogin" value="Log In" class="fno"> <a href="//slashdot.org/my/mailpassword" class="btn link" onclick="getModalPrefs('sendPasswdModal', 'Retrieve Password', 1); return false;">Forgot your password?</a>
1552 </fieldset></form>
1553
1554 <div id="janrainEngageEmbed"></div>
1555 <div class="actions">
1556 <a class="ico close" onclick="hide_login_slider();" href=""><span>Close</span></a>
1557 </div>
1558 </div>
1559 <div class="actions">
1560 <a class="ico close" href="#" onclick="hide_login_box(); return false"><span>Close</span></a>
1561 </div>
1562 </div>
1563 </div>
1564 <script type="text/javascript">logged_in = 0</script>
1565 </div>
1566 <div id="commentControlBoxStatus" class="hide"></div>
1567 </div>
1568 </div>
1569 </div>
1570
1571
1572 <a href="//tech.slashdot.org/search.pl?op=comments&amp;sid=12580412" class="ui-icon search_comments">Search <span class="totalcommentcnt">32</span> Comments</a>
1573
1574 <a class="pref ui-icon-w" href="//tech.slashdot.org/users.pl" onclick="show_login_box(); $('#modal_box').addClass('login'); return false;">Log In/Create an Account</a>
1575
1576 </div>
1577 </nav>
1578 <section id="besttabs" class="grid_24">
1579 <span class="legend">Comments Filter:</span>
1580 <ul class="besttabslist">
1581 <li class="active">
1582 <a href="#" data-filter-url="//tech.slashdot.org/story/18/09/06/1954253/400000-websites-vulnerable-through-exposed-git-directories#comments">All</a>
1583 </li>
1584
1585 <li >
1586 <a href="" data-filter-url="//tech.slashdot.org/story/18/09/06/1954253/400000-websites-vulnerable-through-exposed-git-directories/insightful-comments#comments">Insightful</a>
1587 </li>
1588
1589 <li >
1590 <a href="" data-filter-url="//tech.slashdot.org/story/18/09/06/1954253/400000-websites-vulnerable-through-exposed-git-directories/informative-comments#comments">Informative</a>
1591 </li>
1592
1593 <li >
1594 <a href="" data-filter-url="//tech.slashdot.org/story/18/09/06/1954253/400000-websites-vulnerable-through-exposed-git-directories/interesting-comments#comments">Interesting</a>
1595 </li>
1596
1597 <li >
1598 <a href="" data-filter-url="//tech.slashdot.org/story/18/09/06/1954253/400000-websites-vulnerable-through-exposed-git-directories/funny-comments#comments">Funny</a>
1599 </li>
1600
1601 </ul>
1602 <script>
1603 (function($){
1604 $('#besttabs').show();
1605 $('.besttabslist').on('click', 'li a', function(e){
1606 e.preventDefault();
1607 var url = $(this).data('filter-url');
1608 //console.log('URL= ', url);
1609 $(this)
1610 .closest('ul').find('li').removeClass('active')
1611 .end()
1612 .closest('li').addClass('active');
1613 window.location = url;
1614 });
1615 })($j);
1616 </script>
1617 </section>
1618 <aside class="grid_24">
1619 <p>
1620 <small><strong>The Fine Print:</strong> The following comments are owned by whoever posted them. We are not responsible for them in any way.</small>
1621 </p>
1622 </aside>
1623 </section>
1624
1625 </div>
1626 </div>
1627 </div><script src="//a.fsdn.com/sd/comments-minified.js?8f5016a67a2f2048" type="text/javascript"></script>
1628
1629
1630 <script type="text/javascript">
1631 <!--
1632 D2.d2_keybindings_disable()[191] = 1;
1633 D2.boxStatus(1);
1634 D2.comments({ 57265748: { uid: 666, pid: 0, read: 0, points: 0, kids: [ 57265928 ], opid: 0 }, 57266046: { uid: 666, pid: 57265968, subject: "Re:Alternate headline: 99.8% websites are OK", read: 0, points: 0, kids: [ ], opid: 57265968 }, 57265838: { uid: 666, pid: 0, read: 0, points: 0, kids: [ ], opid: 0 }, 57265702: { uid: 1516577, pid: 57265676, subject: "Re:.htaccess", read: 0, points: 2, kids: [ ], opid: 57265676 }, 57265754: { uid: 265505, pid: 0, read: 0, points: 1, kids: [ 57265854, 57265868 ], opid: 0 }, 57265826: { uid: 666, pid: 0, read: 0, points: 0, kids: [ 57265832 ], opid: 0 }, 57266128: { uid: 124937, pid: 57266028, subject: "Re:So?", read: 0, points: 2, kids: [ 57267568 ], opid: 57266028 }, 57266652: { uid: 898571, pid: 57266554, subject: "Re:So?", read: 0, points: 1, kids: [ ], opid: 57266554 }, 57265760: { uid: 666, pid: 0, read: 0, points: -1, kids: [ ], opid: 0 }, 57267314: { uid: 197329, pid: 57265676, subject: "Re:.htaccess", read: 0, points: 2, kids: [ ], opid: 57265676 }, 57265776: { uid: 666, pid: 0, read: 0, points: 0, kids: [ ], opid: 0 }, 57265832: { uid: 2813011, pid: 57265826, read: 0, points: 2, kids: [ ], opid: 57265826 }, 57266024: { uid: 666, pid: 0, read: 0, points: 0, kids: [ 57266638 ], opid: 0 }, 57265706: { uid: 666, pid: 57265676, read: 0, points: 0, kids: [ 57265724 ], opid: 57265676 }, 57267330: { uid: 197329, pid: 57265868, subject: "Re:Your central git repo ...", read: 0, points: 2, kids: [ ], opid: 57265868 }, 57266650: { uid: 467024, pid: 57266028, subject: "Re:So?", read: 0, points: 2, kids: [ ], opid: 57266028 }, 57266750: { uid: 5486298, pid: 0, read: 0, points: 0, kids: [ ], opid: 0 }, 57266638: { uid: 260285, pid: 57266024, read: 0, points: 2, kids: [ ], opid: 57266024 }, 57266180: { uid: 666, pid: 0, read: 0, points: 0, kids: [ ], opid: 0 }, 57265724: { uid: 666, pid: 57265706, read: 0, points: 0, kids: [ 57265824 ], opid: 57265706 }, 57266028: { uid: 673578, pid: 0, read: 0, points: 2, kids: [ 57266128, 57266554, 57266650 ], opid: 0 }, 57267598: { uid: 182339, pid: 57265676, read: 0, points: 3, kids: [ ], opid: 57265676 }, 57265824: { uid: 666, pid: 57265724, read: 0, points: 0, kids: [ ], opid: 57265724 }, 57265676: { uid: 666, pid: 0, read: 0, points: 0, kids: [ 57265702, 57265706, 57267314, 57267598 ], opid: 0 }, 57265854: { uid: 666, pid: 57265754, subject: "Re:Your central git repo ...", read: 0, points: 0, kids: [ ], opid: 57265754 }, 57265928: { uid: 1122017, pid: 57265748, subject: "Re:https://slashdot.org/.git", read: 0, points: 4, kids: [ ], opid: 57265748 }, 57267568: { uid: 666, pid: 57266128, subject: "Re:So?", read: 0, points: 0, kids: [ ], opid: 57266128 }, 57266554: { uid: 666, pid: 57266028, subject: "Re:So?", read: 0, points: 1, kids: [ 57266652 ], opid: 57266028 }, 57265820: { uid: 2813011, pid: 0, read: 0, points: 3, kids: [ ], opid: 0 }, 57265868: { uid: 30335, pid: 57265754, subject: "Re:Your central git repo ...", read: 0, points: 4, kids: [ 57267330 ], opid: 57265754 }, 57265968: { uid: 148257, pid: 0, read: 0, points: 2, kids: [ 57266046 ], opid: 0 }, 57266440: { uid: 666, pid: 0, read: 0, points: 0, kids: [ ], opid: 0 } });
1635
1636 D2.thresh_totals({6:{6:{1:32,3:0,2:0}},3:{6:{1:28,3:0,2:4},4:{1:28,3:3,2:1},3:{1:28,3:4,2:0},5:{1:28,3:0,2:4}},2:{6:{1:19,3:0,2:13},4:{1:19,3:3,2:10},3:{1:19,3:6,2:7},2:{1:19,3:13,2:0},5:{1:19,3:0,2:13}},1:{6:{1:16,3:0,2:16},4:{1:16,3:3,2:13},1:{1:16,3:16,2:0},3:{1:16,3:6,2:10},2:{1:16,3:14,2:2},5:{1:16,3:0,2:16}},4:{6:{1:30,3:0,2:2},4:{1:30,3:2,2:0},5:{1:30,3:0,2:2}},0:{6:{1:1,3:0,2:31},4:{1:1,3:3,2:28},1:{1:1,3:25,2:6},3:{1:1,3:6,2:25},0:{1:1,3:31,2:0},2:{1:1,3:14,2:17},5:{1:1,3:0,2:31}},"-1":{6:{1:0,3:0,2:32},3:{1:0,3:6,2:26},2:{1:0,3:14,2:18},1:{1:0,3:25,2:7},4:{1:0,3:3,2:29},0:{1:0,3:32,2:0},"-1":{1:0,3:32,2:0},5:{1:0,3:0,2:32}},5:{6:{1:32,3:0,2:0},5:{1:32,3:0,2:0}}});
1637
1638 D2.root_comment(0);
1639 D2.root_comments([57265676,57265748,57265754,57265760,57265776,57265820,57265826,57265838,57265968,57266024,57266028,57266180,57266440,57266750]);
1640 D2.root_comments_hash({57265748:1,57265838:1,57265826:1,57265754:1,57265760:1,57265776:1,57266024:1,57266750:1,57266180:1,57266028:1,57265676:1,57265820:1,57265968:1,57266440:1});
1641
1642 D2.d2_comment_order(0);
1643 D2.user_uid(666);
1644 D2.user_is_anon(1);
1645 D2.user_is_admin(0);
1646 D2.user_is_subscriber(0);
1647 D2.user_smallscreen(0);
1648 D2.user_threshold(1);
1649 D2.user_highlightthresh(4);
1650 D2.user_d2asp(0);
1651
1652 D2.discussion_id(12580412);
1653
1654 D2.d2_seen('57265676,26,4,18,24,6,6,16,44,4,2,6,6,16,14,60,40,56,4,18,82,52,260,114,84,12,2,98,564,16,238,30');
1655 D2.more_comments_num(0);
1656
1657
1658 //-->
1659 </script>
1660
1661
1662
1663
1664
1665
1666
1667
1668 <ul id="commentlisting" class="d2">
1669 <li id="tree_57265676" class="comment hidden"><span class="ind"></span>
1670 <div id="comment_status_57265676" class="commentstatus"></div>
1671 <div id="comment_57265676" class="cw">
1672 </div>
1673
1674 <div id="replyto_57265676"></div>
1675
1676 <ul id="group_57265676">
1677 <li id="hiddens_57265676" class="hide"></li>
1678 </ul>
1679
1680 <ul id="commtree_57265676"><li id="tree_57265702" class="comment oneline"><span class="ind"></span>
1681 <div id="comment_status_57265702" class="commentstatus"></div>
1682 <div id="comment_57265702" class="cw">
1683 <div id="comment_top_57265702" class="commentTop newcomment">
1684 <div class="title">
1685 <h4><a id="comment_link_57265702" name="comment_link_57265702" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57265702" onclick="return D2.setFocusComment(57265702)" >Re:</a>
1686
1687
1688 <span id="comment_score_57265702" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57265702); return false"><span class=opt>Score:</span>2</a>, Informative)</span></h4>
1689 </div>
1690 <div class="details">
1691 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~MidSpeck">MidSpeck</a> <span class="uid"><a href="//slashdot.org/~MidSpeck">( 1516577 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
1692 <span class="otherdetails" id="comment_otherdetails_57265702"></span>
1693 </div>
1694 </div>
1695 <div class="commentBody">
1696 <div id="comment_body_57265702"><p>^/.*/\.git/<br>Protect git repositories in all subdirectories as well.</p></div>
1697 </div>
1698
1699 <div class="commentSub" id="comment_sub_57265702">
1700
1701 </div>
1702 </div>
1703
1704 <div id="replyto_57265702"></div>
1705
1706 <ul id="group_57265702">
1707 <li id="hiddens_57265702" class="hide"></li>
1708 </ul>
1709
1710 </li><li id="tree_57265706" class="comment hidden"><span class="ind"></span>
1711 <div id="comment_status_57265706" class="commentstatus"></div>
1712 <div id="comment_57265706" class="cw">
1713 </div>
1714
1715 <div id="replyto_57265706"></div>
1716
1717 <ul id="group_57265706">
1718 <li id="hiddens_57265706" class="hide"></li>
1719 </ul>
1720
1721 <ul id="commtree_57265706"><li id="tree_57265724" class="comment hidden"><span class="ind"></span>
1722 <div id="comment_status_57265724" class="commentstatus"></div>
1723 <div id="comment_57265724" class="cw">
1724 </div>
1725
1726 <div id="replyto_57265724"></div>
1727
1728 <ul id="group_57265724">
1729 <li id="hiddens_57265724" class="hide"></li>
1730 </ul>
1731
1732 <ul id="commtree_57265724"><li id="tree_57265824" class="comment hidden"><span class="ind"></span>
1733 <div id="comment_status_57265824" class="commentstatus"></div>
1734 <div id="comment_57265824" class="cw">
1735 </div>
1736
1737 <div id="replyto_57265824"></div>
1738
1739 <ul id="group_57265824">
1740 <li id="hiddens_57265824" class="hide"></li>
1741 </ul>
1742
1743 </li><li id="hidestring_57265724"><noscript><b class='more'><span class="ind"></span><a href="//tech.slashdot.org/comments.pl?sid=12580412&amp;threshold=-1&amp;commentsort=0&amp;mode=thread&amp;pid=57265724">1 reply</a> beneath your current threshold.</b></noscript></li></ul></li><li id="hidestring_57265706"><noscript><b class='more'><span class="ind"></span><a href="//tech.slashdot.org/comments.pl?sid=12580412&amp;threshold=-1&amp;commentsort=0&amp;mode=thread&amp;pid=57265706">1 reply</a> beneath your current threshold.</b></noscript></li></ul></li><li id="tree_57267314" class="comment oneline"><span class="ind"></span>
1744 <div id="comment_status_57267314" class="commentstatus"></div>
1745 <div id="comment_57267314" class="cw">
1746 <div id="comment_top_57267314" class="commentTop newcomment">
1747 <div class="title">
1748 <h4><a id="comment_link_57267314" name="comment_link_57267314" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57267314" onclick="return D2.setFocusComment(57267314)" >Re:</a>
1749
1750
1751 <span id="comment_score_57267314" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57267314); return false"><span class=opt>Score:</span>2</a>)</span></h4>
1752 </div>
1753 <div class="details">
1754 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~jrumney">jrumney</a> <span class="uid"><a href="//slashdot.org/~jrumney">( 197329 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
1755 <span class="otherdetails" id="comment_otherdetails_57267314"></span>
1756 </div>
1757 </div>
1758 <div class="commentBody">
1759 <div id="comment_body_57267314">Why stop there? Are there any dot files/directories that need to be served over HTTP?</div>
1760 </div>
1761
1762 <div class="commentSub" id="comment_sub_57267314">
1763
1764 </div>
1765 </div>
1766
1767 <div id="replyto_57267314"></div>
1768
1769 <ul id="group_57267314">
1770 <li id="hiddens_57267314" class="hide"></li>
1771 </ul>
1772
1773 </li><li id="tree_57267598" class="comment oneline"><span class="ind"></span>
1774 <div id="comment_status_57267598" class="commentstatus"></div>
1775 <div id="comment_57267598" class="cw">
1776 <div id="comment_top_57267598" class="commentTop newcomment">
1777 <div class="title">
1778 <h4><a id="comment_link_57267598" name="comment_link_57267598" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57267598" onclick="return D2.setFocusComment(57267598)" >Re: .htaccess</a>
1779
1780
1781 <span id="comment_score_57267598" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57267598); return false"><span class=opt>Score:</span>3</a>)</span></h4>
1782 </div>
1783 <div class="details">
1784 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~spongman">spongman</a> <span class="uid"><a href="//slashdot.org/~spongman">( 182339 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
1785 <span class="otherdetails" id="comment_otherdetails_57267598"></span>
1786 </div>
1787 </div>
1788 <div class="commentBody">
1789 <div id="comment_body_57267598"><p>Why doesn't Apache block all '.'-prefixed directories by default?</p></div>
1790 </div>
1791
1792 <div class="commentSub" id="comment_sub_57267598">
1793
1794 </div>
1795 </div>
1796
1797 <div id="replyto_57267598"></div>
1798
1799 <ul id="group_57267598">
1800 <li id="hiddens_57267598" class="hide"></li>
1801 </ul>
1802
1803 </li><li id="hidestring_57265676"><noscript><b class='more'><span class="ind"></span><a href="//tech.slashdot.org/comments.pl?sid=12580412&amp;threshold=-1&amp;commentsort=0&amp;mode=thread&amp;pid=57265676">1 reply</a> beneath your current threshold.</b></noscript></li></ul></li><li id="tree_57265748" class="comment hidden"><span class="ind"></span>
1804 <div id="comment_status_57265748" class="commentstatus"></div>
1805 <div id="comment_57265748" class="cw">
1806 </div>
1807
1808 <div id="replyto_57265748"></div>
1809
1810 <ul id="group_57265748">
1811 <li id="hiddens_57265748" class="hide"></li>
1812 </ul>
1813
1814 <ul id="commtree_57265748"><li id="tree_57265928" class="comment full contain"><span class="ind"></span>
1815 <div id="comment_status_57265928" class="commentstatus"></div>
1816 <div id="comment_57265928" class="cw">
1817 <div id="comment_top_57265928" class="commentTop newcomment">
1818 <div class="title">
1819 <h4><a id="comment_link_57265928" name="comment_link_57265928" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57265928" onclick="return D2.setFocusComment(57265928)" >Re:https://slashdot.org/.git</a>
1820
1821
1822 <span id="comment_score_57265928" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57265928); return false"><span class=opt>Score:</span>4</a>, Informative)</span></h4>
1823 </div>
1824 <div class="details">
1825 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~ls671">ls671</a> <span class="uid"><a href="//slashdot.org/~ls671">( 1122017 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
1826 <span class="otherdetails" id="comment_otherdetails_57265928">
1827 on Thursday September 06, 2018 @04:52PM (<span class="ind"></span><a href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57265928">#57265928</a>)
1828 <small><a href="http://slashdot.org/" title="http://slashdot.org/" class="user_homepage_display">Homepage</a> </small>
1829 </span>
1830 </div>
1831 </div>
1832 <div class="commentBody">
1833 <div id="comment_body_57265928"><p>Slashdot is still using CVS try <a href="https://slashdot.org/CVS/" title="slashdot.org">https://slashdot.org/CVS/</a> [slashdot.org]</p><p>you will see, it works!<nobr> <wbr></nobr>:)</p></div>
1834 </div>
1835
1836 <div class="commentSub" id="comment_sub_57265928">
1837 <span class="ind"></span><a id="reply_link_57265928" class="btn link" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;op=Reply&amp;threshold=1&amp;commentsort=0&amp;mode=thread&amp;pid=57265928" onclick="D2.replyTo(57265928); return false;">Reply to This</a> <span class="ind"></span><a class="btn link" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;threshold=1&amp;commentsort=0&amp;mode=thread&amp;cid=57265748" onclick="return D2.selectParent(57265748)">Parent</a> <a href="#" class="comment_share_toggle btn link">Share</a>
1838 <div class="comment_share sharethis-0 hide"><span class="au"></span>
1839 <a class="janrain t" href="#" data-provider="twitter" data-message="Re:https://slashdot.org/.git by ls671 @slashdot" data-url="https://tech.slashdot.org/comments.pl?sid=12580412&cid=57265928" data-title="Re:https://slashdot.org/.git">twitter</a>
1840 <a class="janrain f" href="#" data-provider="facebook" data-message="Re:https://slashdot.org/.git by ls671" data-url="https://tech.slashdot.org/comments.pl?sid=12580412&cid=57265928" data-title="Re:https://slashdot.org/.git">facebook</a>
1841 <a class="janrain l" href="#" data-provider="linkedin" data-message="Re:https://slashdot.org/.git by ls671" data-url="https://tech.slashdot.org/comments.pl?sid=12580412&cid=57265928" data-title="Re:https://slashdot.org/.git">linkedin</a>
1842 <a class="g" href="https://plus.google.com/share?url=https://tech.slashdot.org/comments.pl?sid=12580412%26cid=57265928" onclick="javascript:window.open(this.href,'', 'menubar=no,toolbar=no,resizable=yes,scrollbars=yes,height=600,width=600');return false;"><img src="//www.gstatic.com/images/icons/gplus-16.png" alt="Share on Google+"/></a>
1843 </div>
1844 <span class="ind"></span><a id="reply_link_57265928" title="Flag this comment as Inappropriate" class="ui-icon flag fright" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;op=flag&amp;threshold=1&amp;commentsort=0&amp;mode=thread&amp;pid=57265928" onclick="return false;">Flag as Inappropriate</a>
1845 </div>
1846 </div>
1847
1848 <div id="replyto_57265928"></div>
1849
1850 <ul id="group_57265928">
1851 <li id="hiddens_57265928" class="hide"></li>
1852 </ul>
1853
1854 </li></ul></li><li id="tree_57265754" class="comment oneline"><span class="ind"></span>
1855 <div id="comment_status_57265754" class="commentstatus"></div>
1856 <div id="comment_57265754" class="cw">
1857 <div id="comment_top_57265754" class="commentTop newcomment">
1858 <div class="title">
1859 <h4><a id="comment_link_57265754" name="comment_link_57265754" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57265754" onclick="return D2.setFocusComment(57265754)" >Your central git repo ...</a>
1860
1861
1862 <span id="comment_score_57265754" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57265754); return false"><span class=opt>Score:</span>1</a>)</span></h4>
1863 </div>
1864 <div class="details">
1865 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~Qbertino">Qbertino</a> <span class="uid"><a href="//slashdot.org/~Qbertino">( 265505 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
1866 <span class="otherdetails" id="comment_otherdetails_57265754"></span>
1867 </div>
1868 </div>
1869 <div class="commentBody">
1870 <div id="comment_body_57265754"><p>... belongs behind ssh or, at least, behind http access and SSL.<br>If I catch you doing otherwise for anything other than FOSS software I'll smack you. Hard.</p></div>
1871 </div>
1872
1873 <div class="commentSub" id="comment_sub_57265754">
1874
1875 </div>
1876 </div>
1877
1878 <div id="replyto_57265754"></div>
1879
1880 <ul id="group_57265754">
1881 <li id="hiddens_57265754" class="hide"></li>
1882 </ul>
1883
1884 <ul id="commtree_57265754"><li id="tree_57265854" class="comment hidden"><span class="ind"></span>
1885 <div id="comment_status_57265854" class="commentstatus"></div>
1886 <div id="comment_57265854" class="cw">
1887 </div>
1888
1889 <div id="replyto_57265854"></div>
1890
1891 <ul id="group_57265854">
1892 <li id="hiddens_57265854" class="hide"></li>
1893 </ul>
1894
1895 </li><li id="tree_57265868" class="comment full contain"><span class="ind"></span>
1896 <div id="comment_status_57265868" class="commentstatus"></div>
1897 <div id="comment_57265868" class="cw">
1898 <div id="comment_top_57265868" class="commentTop newcomment">
1899 <div class="title">
1900 <h4><a id="comment_link_57265868" name="comment_link_57265868" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57265868" onclick="return D2.setFocusComment(57265868)" >Re:Your central git repo ...</a>
1901
1902
1903 <span id="comment_score_57265868" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57265868); return false"><span class=opt>Score:</span>4</a>, Informative)</span></h4>
1904 </div>
1905 <div class="details">
1906 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~tlhIngan">tlhIngan</a> <span class="uid"><a href="//slashdot.org/~tlhIngan">( 30335 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
1907 <span class="otherdetails" id="comment_otherdetails_57265868"> &lt;<a href="mailto:%5Bten.frow%5D+%5Bta%5D+%5Btodhsals%5D">[ten.frow] [ta] [todhsals]</a>&gt;
1908 on Thursday September 06, 2018 @04:41PM (<span class="ind"></span><a href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57265868">#57265868</a>)
1909 <small> </small>
1910 </span>
1911 </div>
1912 </div>
1913 <div class="commentBody">
1914 <div id="comment_body_57265868"><blockquote><div><p>... belongs behind ssh or, at least, behind http access and SSL.<br>If I catch you doing otherwise for anything other than FOSS software I'll smack you. Hard.</p></div></blockquote><p>And it probably is. The thing is, the website owners are using git to version control and deploy their website (not a bad idea). So they develop their web site, push it to the central git repo, and whenever they need to go live, they just do a "git pull" on the webserver and it'll pull down the latest version of the website.</p><p>Problem is, they forget about the hidden<nobr> <wbr></nobr>.git directory git makes that stores all sorts of useful information and with a little persistence, allow you access to the raw source code since you can access the individual git objects. (Or maybe even clone it using git).</p></div>
1915 </div>
1916
1917 <div class="commentSub" id="comment_sub_57265868">
1918 <span class="ind"></span><a id="reply_link_57265868" class="btn link" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;op=Reply&amp;threshold=1&amp;commentsort=0&amp;mode=thread&amp;pid=57265868" onclick="D2.replyTo(57265868); return false;">Reply to This</a> <span class="ind"></span><a class="btn link" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;threshold=1&amp;commentsort=0&amp;mode=thread&amp;cid=57265754" onclick="return D2.selectParent(57265754)">Parent</a> <a href="#" class="comment_share_toggle btn link">Share</a>
1919 <div class="comment_share sharethis-0 hide"><span class="au"></span>
1920 <a class="janrain t" href="#" data-provider="twitter" data-message="Re:Your central git repo ... by tlhIngan @slashdot" data-url="https://tech.slashdot.org/comments.pl?sid=12580412&cid=57265868" data-title="Re:Your central git repo ...">twitter</a>
1921 <a class="janrain f" href="#" data-provider="facebook" data-message="Re:Your central git repo ... by tlhIngan" data-url="https://tech.slashdot.org/comments.pl?sid=12580412&cid=57265868" data-title="Re:Your central git repo ...">facebook</a>
1922 <a class="janrain l" href="#" data-provider="linkedin" data-message="Re:Your central git repo ... by tlhIngan" data-url="https://tech.slashdot.org/comments.pl?sid=12580412&cid=57265868" data-title="Re:Your central git repo ...">linkedin</a>
1923 <a class="g" href="https://plus.google.com/share?url=https://tech.slashdot.org/comments.pl?sid=12580412%26cid=57265868" onclick="javascript:window.open(this.href,'', 'menubar=no,toolbar=no,resizable=yes,scrollbars=yes,height=600,width=600');return false;"><img src="//www.gstatic.com/images/icons/gplus-16.png" alt="Share on Google+"/></a>
1924 </div>
1925 <span class="ind"></span><a id="reply_link_57265868" title="Flag this comment as Inappropriate" class="ui-icon flag fright" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;op=flag&amp;threshold=1&amp;commentsort=0&amp;mode=thread&amp;pid=57265868" onclick="return false;">Flag as Inappropriate</a>
1926 </div>
1927 </div>
1928
1929 <div id="replyto_57265868"></div>
1930
1931 <ul id="group_57265868">
1932 <li id="hiddens_57265868" class="hide"></li>
1933 </ul>
1934
1935 <ul id="commtree_57265868"><li id="tree_57267330" class="comment oneline"><span class="ind"></span>
1936 <div id="comment_status_57267330" class="commentstatus"></div>
1937 <div id="comment_57267330" class="cw">
1938 <div id="comment_top_57267330" class="commentTop newcomment">
1939 <div class="title">
1940 <h4><a id="comment_link_57267330" name="comment_link_57267330" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57267330" onclick="return D2.setFocusComment(57267330)" >Re:</a>
1941
1942
1943 <span id="comment_score_57267330" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57267330); return false"><span class=opt>Score:</span>2</a>)</span></h4>
1944 </div>
1945 <div class="details">
1946 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~jrumney">jrumney</a> <span class="uid"><a href="//slashdot.org/~jrumney">( 197329 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
1947 <span class="otherdetails" id="comment_otherdetails_57267330"></span>
1948 </div>
1949 </div>
1950 <div class="commentBody">
1951 <div id="comment_body_57267330">I do this, it is very convenient for deploying updates to the site. But I always put the web interface into a subdirectory, and only configure the web server to see that so the<nobr> <wbr></nobr>.git directory is not visible over HTTP. And dotfiles and directories are blocked in the webserver config for extra protection against accidental inclusion of invisible files.</div>
1952 </div>
1953
1954 <div class="commentSub" id="comment_sub_57267330">
1955
1956 </div>
1957 </div>
1958
1959 <div id="replyto_57267330"></div>
1960
1961 <ul id="group_57267330">
1962 <li id="hiddens_57267330" class="hide"></li>
1963 </ul>
1964
1965 </li></ul></li><li id="hidestring_57265754"><noscript><b class='more'><span class="ind"></span><a href="//tech.slashdot.org/comments.pl?sid=12580412&amp;threshold=-1&amp;commentsort=0&amp;mode=thread&amp;pid=57265754">1 reply</a> beneath your current threshold.</b></noscript></li></ul></li><li id="tree_57265760" class="comment hidden"><span class="ind"></span>
1966 <div id="comment_status_57265760" class="commentstatus"></div>
1967 <div id="comment_57265760" class="cw">
1968 </div>
1969
1970 <div id="replyto_57265760"></div>
1971
1972 <ul id="group_57265760">
1973 <li id="hiddens_57265760" class="hide"></li>
1974 </ul>
1975
1976 </li><li id="tree_57265776" class="comment hidden"><span class="ind"></span>
1977 <div id="comment_status_57265776" class="commentstatus"></div>
1978 <div id="comment_57265776" class="cw">
1979 </div>
1980
1981 <div id="replyto_57265776"></div>
1982
1983 <ul id="group_57265776">
1984 <li id="hiddens_57265776" class="hide"></li>
1985 </ul>
1986
1987 </li><li id="tree_57265820" class="comment full contain"><span class="ind"></span>
1988 <div id="comment_status_57265820" class="commentstatus"></div>
1989 <div id="comment_57265820" class="cw">
1990 <div id="comment_top_57265820" class="commentTop newcomment">
1991 <div class="title">
1992 <h4><a id="comment_link_57265820" name="comment_link_57265820" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57265820" onclick="return D2.setFocusComment(57265820)" >reheating yesterday's food</a>
1993
1994
1995 <span id="comment_score_57265820" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57265820); return false"><span class=opt>Score:</span>3</a>)</span></h4>
1996 </div>
1997 <div class="details">
1998 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~Tsolias">Tsolias</a> <span class="uid"><a href="//slashdot.org/~Tsolias">( 2813011 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
1999 <span class="otherdetails" id="comment_otherdetails_57265820">
2000 on Thursday September 06, 2018 @04:32PM (<span class="ind"></span><a href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57265820">#57265820</a>)
2001 <small> </small>
2002 </span>
2003 </div>
2004 </div>
2005 <div class="commentBody">
2006 <div id="comment_body_57265820"><p>just an article from 2015 <a href="https://en.internetwache.org/dont-publicly-expose-git-or-how-we-downloaded-your-websites-sourcecode-an-analysis-of-alexas-1m-28-07-2015/" title="internetwache.org">https://en.internetwache.org/d...</a> [internetwache.org]</p><p>I can give you also next year's article about<nobr> <wbr></nobr>.file vulnerabilities. (spoiler alert) <a href="https://en.internetwache.org/scanning-the-alexa-top-1m-for-ds-store-files-12-03-2018/" title="internetwache.org">https://en.internetwache.org/s...</a> [internetwache.org]</p></div>
2007 </div>
2008
2009 <div class="commentSub" id="comment_sub_57265820">
2010 <span class="ind"></span><a id="reply_link_57265820" class="btn link" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;op=Reply&amp;threshold=1&amp;commentsort=0&amp;mode=thread&amp;pid=57265820" onclick="D2.replyTo(57265820); return false;">Reply to This</a> <a href="#" class="comment_share_toggle btn link">Share</a>
2011 <div class="comment_share sharethis-0 hide"><span class="au"></span>
2012 <a class="janrain t" href="#" data-provider="twitter" data-message="reheating yesterday's food by Tsolias @slashdot" data-url="https://tech.slashdot.org/comments.pl?sid=12580412&cid=57265820" data-title="reheating yesterday's food">twitter</a>
2013 <a class="janrain f" href="#" data-provider="facebook" data-message="reheating yesterday's food by Tsolias" data-url="https://tech.slashdot.org/comments.pl?sid=12580412&cid=57265820" data-title="reheating yesterday's food">facebook</a>
2014 <a class="janrain l" href="#" data-provider="linkedin" data-message="reheating yesterday's food by Tsolias" data-url="https://tech.slashdot.org/comments.pl?sid=12580412&cid=57265820" data-title="reheating yesterday's food">linkedin</a>
2015 <a class="g" href="https://plus.google.com/share?url=https://tech.slashdot.org/comments.pl?sid=12580412%26cid=57265820" onclick="javascript:window.open(this.href,'', 'menubar=no,toolbar=no,resizable=yes,scrollbars=yes,height=600,width=600');return false;"><img src="//www.gstatic.com/images/icons/gplus-16.png" alt="Share on Google+"/></a>
2016 </div>
2017 <span class="ind"></span><a id="reply_link_57265820" title="Flag this comment as Inappropriate" class="ui-icon flag fright" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;op=flag&amp;threshold=1&amp;commentsort=0&amp;mode=thread&amp;pid=57265820" onclick="return false;">Flag as Inappropriate</a>
2018 </div>
2019 </div>
2020
2021 <div id="replyto_57265820"></div>
2022
2023 <ul id="group_57265820">
2024 <li id="hiddens_57265820" class="hide"></li>
2025 </ul>
2026
2027 </li><li id="tree_57265826" class="comment hidden"><span class="ind"></span>
2028 <div id="comment_status_57265826" class="commentstatus"></div>
2029 <div id="comment_57265826" class="cw">
2030 </div>
2031
2032 <div id="replyto_57265826"></div>
2033
2034 <ul id="group_57265826">
2035 <li id="hiddens_57265826" class="hide"></li>
2036 </ul>
2037
2038 <ul id="commtree_57265826"><li id="tree_57265832" class="comment oneline"><span class="ind"></span>
2039 <div id="comment_status_57265832" class="commentstatus"></div>
2040 <div id="comment_57265832" class="cw">
2041 <div id="comment_top_57265832" class="commentTop newcomment">
2042 <div class="title">
2043 <h4><a id="comment_link_57265832" name="comment_link_57265832" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57265832" onclick="return D2.setFocusComment(57265832)" >KKK</a>
2044
2045
2046 <span id="comment_score_57265832" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57265832); return false"><span class=opt>Score:</span>2</a>)</span></h4>
2047 </div>
2048 <div class="details">
2049 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~Tsolias">Tsolias</a> <span class="uid"><a href="//slashdot.org/~Tsolias">( 2813011 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
2050 <span class="otherdetails" id="comment_otherdetails_57265832"></span>
2051 </div>
2052 </div>
2053 <div class="commentBody">
2054 <div id="comment_body_57265832"><p><div class="quote"><p>Thats what you get on hiring those bootcamp "graduates"</p></div><p>Kode w/ Karlie Kloss, like it or not.</p></div>
2055 </div>
2056
2057 <div class="commentSub" id="comment_sub_57265832">
2058
2059 </div>
2060 </div>
2061
2062 <div id="replyto_57265832"></div>
2063
2064 <ul id="group_57265832">
2065 <li id="hiddens_57265832" class="hide"></li>
2066 </ul>
2067
2068 </li></ul></li><li id="tree_57265838" class="comment hidden"><span class="ind"></span>
2069 <div id="comment_status_57265838" class="commentstatus"></div>
2070 <div id="comment_57265838" class="cw">
2071 </div>
2072
2073 <div id="replyto_57265838"></div>
2074
2075 <ul id="group_57265838">
2076 <li id="hiddens_57265838" class="hide"></li>
2077 </ul>
2078
2079 </li><li id="tree_57265968" class="comment oneline"><span class="ind"></span>
2080 <div id="comment_status_57265968" class="commentstatus"></div>
2081 <div id="comment_57265968" class="cw">
2082 <div id="comment_top_57265968" class="commentTop newcomment">
2083 <div class="title">
2084 <h4><a id="comment_link_57265968" name="comment_link_57265968" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57265968" onclick="return D2.setFocusComment(57265968)" >Alternate headline: 99.8% websites are OK</a>
2085
2086
2087 <span id="comment_score_57265968" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57265968); return false"><span class=opt>Score:</span>2</a>)</span></h4>
2088 </div>
2089 <div class="details">
2090 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~jmichaelg">jmichaelg</a> <span class="uid"><a href="//slashdot.org/~jmichaelg">( 148257 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
2091 <span class="otherdetails" id="comment_otherdetails_57265968"></span>
2092 </div>
2093 </div>
2094 <div class="commentBody">
2095 <div id="comment_body_57265968"><p>230 million websites. 400k poorly configured. 4*10^5/2.3*10^8 is less than 0.2% of websites surveyed screwed this up.</p><p>400k is a big number but it's good to know most developers aren't that stupid on this issue.</p></div>
2096 </div>
2097
2098 <div class="commentSub" id="comment_sub_57265968">
2099
2100 </div>
2101 </div>
2102
2103 <div id="replyto_57265968"></div>
2104
2105 <ul id="group_57265968">
2106 <li id="hiddens_57265968" class="hide"></li>
2107 </ul>
2108
2109 <ul id="commtree_57265968"><li id="tree_57266046" class="comment hidden"><span class="ind"></span>
2110 <div id="comment_status_57266046" class="commentstatus"></div>
2111 <div id="comment_57266046" class="cw">
2112 </div>
2113
2114 <div id="replyto_57266046"></div>
2115
2116 <ul id="group_57266046">
2117 <li id="hiddens_57266046" class="hide"></li>
2118 </ul>
2119
2120 </li><li id="hidestring_57265968"><noscript><b class='more'><span class="ind"></span><a href="//tech.slashdot.org/comments.pl?sid=12580412&amp;threshold=-1&amp;commentsort=0&amp;mode=thread&amp;pid=57265968">1 reply</a> beneath your current threshold.</b></noscript></li></ul></li><li id="tree_57266024" class="comment hidden"><span class="ind"></span>
2121 <div id="comment_status_57266024" class="commentstatus"></div>
2122 <div id="comment_57266024" class="cw">
2123 </div>
2124
2125 <div id="replyto_57266024"></div>
2126
2127 <ul id="group_57266024">
2128 <li id="hiddens_57266024" class="hide"></li>
2129 </ul>
2130
2131 <ul id="commtree_57266024"><li id="tree_57266638" class="comment oneline"><span class="ind"></span>
2132 <div id="comment_status_57266638" class="commentstatus"></div>
2133 <div id="comment_57266638" class="cw">
2134 <div id="comment_top_57266638" class="commentTop newcomment">
2135 <div class="title">
2136 <h4><a id="comment_link_57266638" name="comment_link_57266638" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57266638" onclick="return D2.setFocusComment(57266638)" >Re: yarn dist</a>
2137
2138
2139 <span id="comment_score_57266638" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57266638); return false"><span class=opt>Score:</span>2</a>)</span></h4>
2140 </div>
2141 <div class="details">
2142 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~TimMD909">TimMD909</a> <span class="uid"><a href="//slashdot.org/~TimMD909">( 260285 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
2143 <span class="otherdetails" id="comment_otherdetails_57266638"></span>
2144 </div>
2145 </div>
2146 <div class="commentBody">
2147 <div id="comment_body_57266638">... Equifax types for free security tests from 3rd parties and press coverage, presumably...</div>
2148 </div>
2149
2150 <div class="commentSub" id="comment_sub_57266638">
2151
2152 </div>
2153 </div>
2154
2155 <div id="replyto_57266638"></div>
2156
2157 <ul id="group_57266638">
2158 <li id="hiddens_57266638" class="hide"></li>
2159 </ul>
2160
2161 </li></ul></li><li id="tree_57266028" class="comment oneline"><span class="ind"></span>
2162 <div id="comment_status_57266028" class="commentstatus"></div>
2163 <div id="comment_57266028" class="cw">
2164 <div id="comment_top_57266028" class="commentTop newcomment">
2165 <div class="title">
2166 <h4><a id="comment_link_57266028" name="comment_link_57266028" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57266028" onclick="return D2.setFocusComment(57266028)" >So?</a>
2167
2168
2169 <span id="comment_score_57266028" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57266028); return false"><span class=opt>Score:</span>2</a>)</span></h4>
2170 </div>
2171 <div class="details">
2172 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~cshark">cshark</a> <span class="uid"><a href="//slashdot.org/~cshark">( 673578 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
2173 <span class="otherdetails" id="comment_otherdetails_57266028"></span>
2174 </div>
2175 </div>
2176 <div class="commentBody">
2177 <div id="comment_body_57266028"><p>An open git directory will be everything you need to reconstruct the site, more often than not from the same server you're targeting. Scary. Database servers are rarely open. Short of some serious hacking, there isn't a lot you're going to be able to do with this stuff once you've obtained the information you're waving around here.</p><p>Until such time as I see hackers actually logging in with this information and defacing github, I'm going to remain unconvinced of the severity of this one.</p></div>
2178 </div>
2179
2180 <div class="commentSub" id="comment_sub_57266028">
2181
2182 </div>
2183 </div>
2184
2185 <div id="replyto_57266028"></div>
2186
2187 <ul id="group_57266028">
2188 <li id="hiddens_57266028" class="hide"></li>
2189 </ul>
2190
2191 <ul id="commtree_57266028"><li id="tree_57266128" class="comment oneline"><span class="ind"></span>
2192 <div id="comment_status_57266128" class="commentstatus"></div>
2193 <div id="comment_57266128" class="cw">
2194 <div id="comment_top_57266128" class="commentTop newcomment">
2195 <div class="title">
2196 <h4><a id="comment_link_57266128" name="comment_link_57266128" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57266128" onclick="return D2.setFocusComment(57266128)" >Re:</a>
2197
2198
2199 <span id="comment_score_57266128" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57266128); return false"><span class=opt>Score:</span>2</a>)</span></h4>
2200 </div>
2201 <div class="details">
2202 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~OrangeTide">OrangeTide</a> <span class="uid"><a href="//slashdot.org/~OrangeTide">( 124937 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
2203 <span class="otherdetails" id="comment_otherdetails_57266128"></span>
2204 </div>
2205 </div>
2206 <div class="commentBody">
2207 <div id="comment_body_57266128"><p>My website's<nobr> <wbr></nobr>.git directories are open intentionally. Makes for convenient mirroring and viewing of archives without having to hope and pray wayback machine picked up my obscure website.</p><p>I'm not too worried. It's just data on the filesystem, it's not executing programs. And the data is not supposed to contain any secrets. If it ever does then I better rewrite my git history.</p></div>
2208 </div>
2209
2210 <div class="commentSub" id="comment_sub_57266128">
2211
2212 </div>
2213 </div>
2214
2215 <div id="replyto_57266128"></div>
2216
2217 <ul id="group_57266128">
2218 <li id="hiddens_57266128" class="hide"></li>
2219 </ul>
2220
2221 <ul id="commtree_57266128"><li id="tree_57267568" class="comment hidden"><span class="ind"></span>
2222 <div id="comment_status_57267568" class="commentstatus"></div>
2223 <div id="comment_57267568" class="cw">
2224 </div>
2225
2226 <div id="replyto_57267568"></div>
2227
2228 <ul id="group_57267568">
2229 <li id="hiddens_57267568" class="hide"></li>
2230 </ul>
2231
2232 </li><li id="hidestring_57266128"><noscript><b class='more'><span class="ind"></span><a href="//tech.slashdot.org/comments.pl?sid=12580412&amp;threshold=-1&amp;commentsort=0&amp;mode=thread&amp;pid=57266128">1 reply</a> beneath your current threshold.</b></noscript></li></ul></li><li id="tree_57266554" class="comment oneline"><span class="ind"></span>
2233 <div id="comment_status_57266554" class="commentstatus"></div>
2234 <div id="comment_57266554" class="cw">
2235 <div id="comment_top_57266554" class="commentTop newcomment">
2236 <div class="title">
2237 <h4><a id="comment_link_57266554" name="comment_link_57266554" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57266554" onclick="return D2.setFocusComment(57266554)" >Re:</a>
2238
2239
2240 <span id="comment_score_57266554" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57266554); return false"><span class=opt>Score:</span>1</a>)</span></h4>
2241 </div>
2242 <div class="details">
2243 <span class="by"><span class="byby">by </span>Anonymous Coward</span><span class="writes" style="display:none"> writes:</span>
2244 <span class="otherdetails" id="comment_otherdetails_57266554"></span>
2245 </div>
2246 </div>
2247 <div class="commentBody">
2248 <div id="comment_body_57266554"><p>The most likely actual security implication is hard coded keys to 3rd party APIs.</p><p>Not that this is an inevitable threat, it&#226;(TM)s just something I could see being inadvertently exposed and useful without much additional effort.</p></div>
2249 </div>
2250
2251 <div class="commentSub" id="comment_sub_57266554">
2252
2253 </div>
2254 </div>
2255
2256 <div id="replyto_57266554"></div>
2257
2258 <ul id="group_57266554">
2259 <li id="hiddens_57266554" class="hide"></li>
2260 </ul>
2261
2262 <ul id="commtree_57266554"><li id="tree_57266652" class="comment oneline"><span class="ind"></span>
2263 <div id="comment_status_57266652" class="commentstatus"></div>
2264 <div id="comment_57266652" class="cw">
2265 <div id="comment_top_57266652" class="commentTop newcomment">
2266 <div class="title">
2267 <h4><a id="comment_link_57266652" name="comment_link_57266652" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57266652" onclick="return D2.setFocusComment(57266652)" >Re:</a>
2268
2269
2270 <span id="comment_score_57266652" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57266652); return false"><span class=opt>Score:</span>1</a>)</span></h4>
2271 </div>
2272 <div class="details">
2273 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~Orrin+Bloquy">Orrin Bloquy</a> <span class="uid"><a href="//slashdot.org/~Orrin+Bloquy">( 898571 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
2274 <span class="otherdetails" id="comment_otherdetails_57266652"></span>
2275 </div>
2276 </div>
2277 <div class="commentBody">
2278 <div id="comment_body_57266652"><p><div class="quote"><p>it&#226;(TM)s</p></div><p>Clear something up, are you typing curly quotes/apostrophes on purpose or do you have your browser configured to automatically do that.</p></div>
2279 </div>
2280
2281 <div class="commentSub" id="comment_sub_57266652">
2282
2283 </div>
2284 </div>
2285
2286 <div id="replyto_57266652"></div>
2287
2288 <ul id="group_57266652">
2289 <li id="hiddens_57266652" class="hide"></li>
2290 </ul>
2291
2292 </li></ul></li><li id="tree_57266650" class="comment oneline"><span class="ind"></span>
2293 <div id="comment_status_57266650" class="commentstatus"></div>
2294 <div id="comment_57266650" class="cw">
2295 <div id="comment_top_57266650" class="commentTop newcomment">
2296 <div class="title">
2297 <h4><a id="comment_link_57266650" name="comment_link_57266650" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;cid=57266650" onclick="return D2.setFocusComment(57266650)" >Re:</a>
2298
2299
2300 <span id="comment_score_57266650" class="score"> (<a href="#" onclick="getModalPrefs('modcommentlog', 'Moderation Comment Log', 57266650); return false"><span class=opt>Score:</span>2</a>)</span></h4>
2301 </div>
2302 <div class="details">
2303 <span class="by"><span class="byby">by </span><a href="//slashdot.org/~jonwil">jonwil</a> <span class="uid"><a href="//slashdot.org/~jonwil">( 467024 )</a></span></a></span><span class="writes" style="display:none"> writes:</span>
2304 <span class="otherdetails" id="comment_otherdetails_57266650"></span>
2305 </div>
2306 </div>
2307 <div class="commentBody">
2308 <div id="comment_body_57266650"><p>What about if that<nobr> <wbr></nobr>.git folder (and the website's source code) included private keys for stuff. Or credentials/API keys for 3rd party services. Or credentials for database and other servers.</p></div>
2309 </div>
2310
2311 <div class="commentSub" id="comment_sub_57266650">
2312
2313 </div>
2314 </div>
2315
2316 <div id="replyto_57266650"></div>
2317
2318 <ul id="group_57266650">
2319 <li id="hiddens_57266650" class="hide"></li>
2320 </ul>
2321
2322 </li></ul></li><li id="tree_57266180" class="comment hidden"><span class="ind"></span>
2323 <div id="comment_status_57266180" class="commentstatus"></div>
2324 <div id="comment_57266180" class="cw">
2325 </div>
2326
2327 <div id="replyto_57266180"></div>
2328
2329 <ul id="group_57266180">
2330 <li id="hiddens_57266180" class="hide"></li>
2331 </ul>
2332
2333 </li><li id="tree_57266440" class="comment hidden"><span class="ind"></span>
2334 <div id="comment_status_57266440" class="commentstatus"></div>
2335 <div id="comment_57266440" class="cw">
2336 </div>
2337
2338 <div id="replyto_57266440"></div>
2339
2340 <ul id="group_57266440">
2341 <li id="hiddens_57266440" class="hide"></li>
2342 </ul>
2343
2344 </li><li id="tree_57266750" class="comment hidden"><span class="ind"></span>
2345 <div id="comment_status_57266750" class="commentstatus"></div>
2346 <div id="comment_57266750" class="cw">
2347 </div>
2348
2349 <div id="replyto_57266750"></div>
2350
2351 <ul id="group_57266750">
2352 <li id="hiddens_57266750" class="hide"></li>
2353 </ul>
2354
2355 </li><li id="hidestring_0"><noscript><b class='more'><span class="ind"></span><a href="//tech.slashdot.org/comments.pl?sid=12580412&amp;threshold=-1&amp;commentsort=0&amp;mode=thread&amp;pid=0">10 replies</a> beneath your current threshold.</b></noscript></li>
2356 <li id="roothiddens" class="hide"></li>
2357 </ul>
2358
2359
2360
2361
2362
2363 <noscript><p><b>There may be more comments in this discussion. Without JavaScript enabled, you might want to <a href="//tech.slashdot.org/users.pl?op=editcomm">turn on Classic Discussion System</a> in your preferences instead.</b></p></noscript>
2364 <div id="discussion_buttons" class="clearfix">
2365
2366
2367
2368
2369
2370
2371 </div>
2372
2373
2374 <div class="newcmnt"><div id="replyto_0"></div></div>
2375
2376
2377 <script type="text/javascript">
2378 <!--
2379 D2.currents()['hidden'] = 16;
2380 D2.currents()['full'] = 3;
2381 D2.currents()['oneline'] = 13;
2382 // D2.currents_total(32);
2383
2384 D2.abbrev_comments({});
2385 D2.noshow_comments([57265676,57265706,57265724,57265824,57265748,57265854,57265760,57265776,57265826,57265838,57266046,57266024,57267568,57266180,57266440,57266750]);
2386 D2.pieces_comments([57265702,57267314,57267598,57265754,57267330,57265832,57265968,57266638,57266028,57266128,57266554,57266652,57266650]);
2387 D2.init_hiddens([57265724,57265706,57265676,57265754,57265968,57266128,0]);
2388
2389 D2.finishLoading();
2390
2391
2392 if (D2.thresh_totals()[6][6][1] == 0) {
2393 D2.replyTo(0, 1);
2394 }
2395
2396
2397 //-->
2398 </script>
2399
2400
2401 </div>
2402
2403
2404
2405
2406
2407 <div id="clickgen" class="grid_24 b">
2408 <section class="grid_16 f">
2409 <div>
2410 <h4 class="nobg">
2411 <a href="" class="selected btmrel" onClick="getRelatedStoriesForStory(345540);return false">Related Links</a>
2412 <span class="tops fright">Top of the: <a href="" class="btmday" onClick="getTopStories(1);return false">day</a>, <a class="btmweek" href="" onClick="getTopStories(7); return false">week</a>, <a href="" onClick="getTopStories(30);return false" class="btmmonth">month</a>.</span>
2413 </h4>
2414 <ul class="nobullets bmrelatedlist">
2415
2416
2417
2418 <li>
2419 <span class="cmntcnt"><span class="slant"></span><span>1175<span class="hide"> comments</span></span></span><a href="//tech.slashdot.org/story/18/01/08/1954203/james-damore-sues-google-for-allegedly-discriminating-against-conservative-white-men?sdsrc=popbyskidbtmprev">James Damore Sues Google For Allegedly Discriminating Against Conservative White Men</a>
2420 </li>
2421
2422
2423 <li>
2424 <span class="cmntcnt"><span class="slant"></span><span>953<span class="hide"> comments</span></span></span><a href="//tech.slashdot.org/story/18/03/19/1736231/self-driving-uber-car-kills-arizona-woman-in-first-fatal-crash-involving-pedestrian?sdsrc=popbyskidbtmprev">Self-Driving Uber Car Kills Arizona Woman in First Fatal Crash Involving Pedestrian</a>
2425 </li>
2426
2427
2428 <li>
2429 <span class="cmntcnt"><span class="slant"></span><span>707<span class="hide"> comments</span></span></span><a href="//tech.slashdot.org/story/17/11/16/0050243/twitter-bans-removes-verified-status-of-white-supremacists?sdsrc=popbyskidbtmprev">Twitter Bans, Removes Verified Status of White Supremacists</a>
2430 </li>
2431
2432
2433 <li>
2434 <span class="cmntcnt"><span class="slant"></span><span>705<span class="hide"> comments</span></span></span><a href="//tech.slashdot.org/story/18/02/15/2255242/pro-gun-russian-bots-flood-twitter-after-parkland-shooting?sdsrc=popbyskidbtmprev">Pro-Gun Russian Bots Flood Twitter After Parkland Shooting</a>
2435 </li>
2436
2437
2438 <li>
2439 <span class="cmntcnt"><span class="slant"></span><span>682<span class="hide"> comments</span></span></span><a href="//tech.slashdot.org/story/17/11/19/043243/i-see-things-differently-james-damore-on-his-autism-and-the-google-memo?sdsrc=popbyskidbtmprev">'I See Things Differently': James Damore on his Autism and the Google Memo</a>
2440 </li>
2441
2442
2443 </ul>
2444 </div>
2445 </section>
2446 <aside class="grid_8 st">
2447 <section class="grid_24 f">
2448 <div>
2449 <h5 class="tlnav"><a href="//tech.slashdot.org/story/18/09/06/205221/ive-seen-the-future-of-consumer-ai-and-it-doesnt-have-one?sdsrc=nextbtmnext">next</a></h5>
2450 <div class="grid_24">
2451
2452
2453 <span class="grid_7 tcenter"><img src="//a.fsdn.com/sd/topics/ai_64.png" width="64" height="64" alt="AI"></span>
2454
2455 <p class="grid_12"><a href="//tech.slashdot.org/story/18/09/06/205221/ive-seen-the-future-of-consumer-ai-and-it-doesnt-have-one?sdsrc=nextbtmprev">'I've Seen the Future of Consumer AI, and it Doesn't Have One'</a></p>
2456 <span class="grid_5 tcenter comments"><span class="cmntcnt_large fleft"><span class="slant"></span><span>97<span class="hide"> comments</span></span></span></span>
2457
2458 </div>
2459 </div>
2460 </section>
2461 <section class="grid_24">
2462 <div>
2463 <h5 class="tlnav"><a href="//games.slashdot.org/story/18/09/06/1921222/eve-online-studio-acquired-by-korean-mmo-maker?sdsrc=prevbtmprev">previous</a></h5>
2464 <div class="grid_24">
2465
2466 <span class="grid_7 tcenter"><img src="//a.fsdn.com/sd/topics/business_64.png" width="64" height="64" alt="Businesses"></span>
2467
2468 <p class="grid_12"><a href="//games.slashdot.org/story/18/09/06/1921222/eve-online-studio-acquired-by-korean-mmo-maker?sdsrc=prevbtmprev">'Eve Online' Studio Acquired By Korean MMO Maker</a></p>
2469
2470 <span class="grid_5 tcenter comments"><span class="cmntcnt_large fleft"><span class="slant"></span><span>57<span class="hide"> comments</span></span></span></span>
2471 </div>
2472 </div>
2473 </section>
2474 </aside>
2475 </div>
2476 <div id="taboola-below-article-text-links"></div>
2477 <script type="text/javascript">
2478 window._taboola = window._taboola || [];
2479 _taboola.push({
2480 mode: 'text-links-a',
2481 container: 'taboola-below-article-text-links',
2482 placement: 'Below Article Text Links',
2483 target_type: 'mix'
2484 });
2485 </script>
2486
2487
2488 </section>
2489 </div>
2490 </div>
2491 <div class="row top-space">
2492
2493
2494 <div class="grid_24">
2495 <!-- 728px ad -->
2496
2497 <div class="adwrap">
2498 <div id='div-gpt-ad-728x90_c'><script type='text/javascript'>
2499 googletag.cmd.push(function(){
2500 googletag.display('div-gpt-ad-728x90_c');});</script></div>
2501 </div>
2502 <!-- end 728px ad -->
2503 <!-- Slashdot Deals 6 Best Sellers -->
2504 <div class="row deals-footer">
2505 <div class="units-8 indent-2 deals-wrapper">
2506 <div class="deals-header"><h1>Slashdot Top Deals</h1></div>
2507 <div id="deals-output">
2508 <script id="deals-template" type="text/x-handlebars-template">
2509 {{#each deal}}
2510 <div class="deal">
2511 <a href="{{urlPath permalink}}?&utm_source=slashdot.org&utm_medium=dealfeed-footerfeed&utm_campaign={{slug}}" target="_blank">
2512 <img src="{{main_image}}" alt="" />
2513 </a>
2514 <p class="title"><a href="{{urlPath permalink}}?&utm_source=slashdot.org&utm_medium=dealfeed-footerfeed&utm_campaign={{slug}}" target="_blank">{{title}}</a></p>
2515 <p class="deal-price">{{centConversion price_in_cents}}</p>
2516 </div>
2517 {{/each}}
2518 </script>
2519 </div>
2520 </div>
2521 </div>
2522 <script>
2523 if ( isAdBlockActive ) {
2524 $.getScript( "//a.fsdn.com/sd/js/scripts/min/deals-min.js", function(){
2525 runDealsWidget();
2526 });
2527 }
2528 </script>
2529
2530 <!-- End Slashdot Deals 6 Best Sellers -->
2531 </div>
2532 </div>
2533 </div>
2534 </div>
2535 <!-- SMACKS: END COMMENTS SECTION -->
2536 </div>
2537 <!-- SMACKS: END COMMENTS CONTAINER -->
2538
2539
2540
2541
2542 <script type="text/javascript">
2543
2544 $(function(){
2545 $('#firehose-filter').
2546 focus(function(event){
2547 gFocusedText = this;
2548 }).
2549 blur(function(event){
2550 if ( gFocusedText === this ) {
2551 gFocusedText = null;
2552 }
2553 });
2554
2555
2556 apply_updates_when( 'at-end', true);
2557 });
2558 </script>
2559
2560
2561 <!-- body end --><!-- footer type=current begin -->
2562
2563 </section>
2564
2565
2566
2567
2568 <footer id="fhft" class="grid_24 nf aoc">
2569 <div id="logo_nf" class="fleft">
2570 <a href="//slashdot.org"><span>Slashdot</span></a>
2571 </div>
2572 <nav role="firehose footer">
2573
2574
2575
2576
2577
2578
2579
2580 <span class="ind"></span><a class="btn first" href="//tech.slashdot.org/comments.pl?sid=12580412&amp;op=reply&amp;threshold=1&amp;commentsort=0&amp;mode=thread&amp;pid=" onclick="D2.replyTo(0); return false;">Post</a>
2581
2582 <a class="btn hide" id="footer_moderate_button">Moderate</a>
2583 <a class="btn hide" id="footer_moderatorhelp_button">Moderator Help</a>
2584 <a class="btn hide" id="footer_delete_button" title="Checked comments will be deleted.">Delete</a>
2585 <script>
2586 (function($){
2587 var old_moderate_btn = $("#discussion_moderate_button");
2588 if (old_moderate_btn.length) {
2589 var moderate_btn = $("#footer_moderate_button");
2590 moderate_btn.click(
2591 function(){old_moderate_btn.click()}
2592 );
2593 moderate_btn.removeClass('hide');
2594 }
2595
2596 var old_moderatorhelp_btn = $("#discussion_moderatorhelp_button");
2597 if (old_moderatorhelp_btn.length) {
2598 var moderatorhelp_btn = $("#footer_moderatorhelp_button");
2599 moderatorhelp_btn.click(
2600 function(){old_moderatorhelp_btn.click()}
2601 );
2602 moderatorhelp_btn.attr(
2603 'href', old_moderatorhelp_btn.attr('href')
2604 );
2605 moderatorhelp_btn.removeClass('hide');
2606 }
2607
2608 var old_delete_btn = $("#discussion_delete_button");
2609 if (old_delete_btn.length) {
2610 var delete_btn = $("#footer_delete_button");
2611 delete_btn.click(
2612 function(){old_delete_btn.click()}
2613 );
2614 delete_btn.removeClass('hide');
2615 }
2616
2617 $('#discussion_buttons').addClass('hide');
2618 })(Slash.jQuery); // (function($){
2619 </script>
2620 <ul class="fleft">
2621
2622 <li class="fleft selected">
2623 <span class="nbutton btn hide link reset" id="more_comments_button">
2624 <a href="#" onclick="D2.ajaxFetchComments(0,1); return false">
2625 <span id="more_comments_num_a" class="hide">Get more comments</span>
2626 </a>
2627 </span>
2628 </li>
2629
2630
2631 <li class="fleft">
2632 <span class="loadedcommentcnt">32</span> of <span class="totalcommentcnt">32</span> loaded
2633 </li>
2634
2635 </ul>
2636
2637 <script type="text/javascript">D2.finishLoading()</script>
2638
2639
2640
2641
2642 <ul class="fright submitstory">
2643 <li class="fright">
2644 <a href="/submit">Submit<span class="opt"> Story</span></a>
2645 </li>
2646 </ul>
2647 </nav>
2648
2649
2650
2651 </footer>
2652 <section class="bq">
2653 <blockquote class="msg grid_24" cite="https://slashdot.org">
2654 <p>The hardest part of climbing the ladder of success is getting through
2655 the crowd at the bottom.</p>
2656 <span class="slant"></span>
2657 </blockquote>
2658 </section>
2659 <footer id="ft" class="grid_24">
2660 <nav class="grid_10" role="footer">
2661 <ul>
2662 <li><a href="//slashdot.org/faq">FAQ</a></li>
2663 <li><a href="//slashdot.org/archive.pl">Story Archive</a></li>
2664 <li><a href="//slashdot.org/hof.shtml">Hall of Fame</a></li>
2665 <li><a href="http://slashdotmedia.com/advertising-and-marketing-services/">Advertising</a></li>
2666 <li><a href="http://slashdotmedia.com/terms-of-use/">Terms</a></li>
2667 <li><a href="http://slashdotmedia.com/privacy-statement/">Privacy Statement</a></li>
2668 <li id='eu_privacy' style='display:none'><a href="#" title="Privacy Choices" onclick="bizx.cmp.promptConsent();return false;">Privacy Choices</a></li>
2669 <li><a href="http://slashdotmedia.com/opt-out-choices/">Opt-out Choices</a></li>
2670 <li><a href="//slashdot.org/faq/slashmeta.shtml">About</a></li>
2671 <li><a href="mailto:feedback@slashdot.org">Feedback</a></li>
2672 <li><a href="#" onclick="set_mobile_pref('mobile',1);return false;">Mobile View</a></li>
2673 <li><a href="//slashdot.org/blog">Blog</a></li>
2674 </ul>
2675 </nav>
2676 <script>
2677 if (window.is_euro_union) {
2678 document.getElementById('eu_privacy').style.display = 'inline';
2679 }
2680 </script>
2681 <br>
2682
2683 <div class="grid_14 tright tm">Trademarks property of their respective owners. Comments owned by the poster. <span class="nobr">Copyright &copy; 2018 SlashdotMedia. All Rights Reserved.</span></div>
2684 </footer>
2685
2686
2687 <div class="overlay"></div>
2688 <div class="modal-box">
2689 <a href="#" id="close-modal">Close</a>
2690 <article class="modal-content">
2691 </article>
2692 <footer>
2693 </div>
2694
2695
2696
2697
2698 <div id="modal_cover" class="hide" onclick="hide_modal_box(); return false;"></div>
2699 <div id="modal_box" class="hide">
2700 <div id="modal_box_content"></div>
2701 <header class="n">
2702 <span class="fadeout"></span>
2703 <span class="fadeoutfade"></span>
2704 <span class="pf"><a class="ico close" onclick="hide_modal_box(); return false;" href="#"><span>Close</span></a></span>
2705 <h3 class="pf"><div id="logo"><a href="//slashdot.org">Slashdot</a></div><span id="preference_title"></span></h3>
2706 </header>
2707 </div>
2708
2709 <!-- CCM Tag -->
2710 <script type="text/javascript">
2711 if (!window.is_euro_union) {
2712 (function () {
2713 /*global _ml:true, window */
2714 _ml = window._ml || {};
2715 _ml.eid = '771';
2716
2717 var s = document.getElementsByTagName('script')[0], cd = new Date(), mltag = document.createElement('script');
2718 mltag.type = 'text/javascript'; mltag.async = true;
2719 mltag.src = '//ml314.com/tag.aspx?' + cd.getDate() + cd.getMonth() + cd.getFullYear();
2720 s.parentNode.insertBefore(mltag, s);
2721 })();
2722 }
2723 </script>
2724 <!-- End CCM Tag -->
2725
2726 <script type="text/javascript">
2727 window.google_analytics_uacct = "UA-32013-5";
2728
2729 var _gaq = _gaq || [];
2730
2731
2732
2733
2734
2735 _gaq.push(['_setAccount', 'UA-36136016-1']);
2736 _gaq.push(['b._setAccount', 'UA-32013-5']);
2737 _gaq.push(['_setDomainName', '.slashdot.org']);
2738 _gaq.push(['b._setDomainName', '.slashdot.org']);
2739
2740
2741 _gaq.push(['_addIgnoredRef', 'slashdot.org']);
2742 _gaq.push(['b._addIgnoredRef', 'slashdot.org']);
2743
2744
2745
2746 _gaq.push(['_setCustomVar', 1, 'User Type', 'Anon', 3]);
2747 _gaq.push(['b._setCustomVar', 1, 'User Type', 'Anon', 3]);
2748
2749 _gaq.push(['_setCustomVar', 2, 'Page','article2', 3]);
2750 _gaq.push(['b._setCustomVar', 2, 'Page','article2', 3]);
2751
2752
2753
2754
2755
2756 // track beta behavior for user
2757 var betamatches = document.cookie.match(/betagroup=(-?\d+)/);
2758
2759 if(betamatches && betamatches[1]) {
2760 if(betamatches[1] == -1) {
2761 _gaq.push(['_setCustomVar', 3, 'Beta-Usage','opt-out', 3]);
2762 } else {
2763 _gaq.push(['_setCustomVar', 3, 'Beta-Usage','unredirected', 3]);
2764 }
2765 }
2766
2767
2768
2769 _gaq.push(['_trackPageview']);
2770 _gaq.push(['b._trackPageview']);
2771 _gaq.push(['_trackPageLoadTime']);
2772 _gaq.push(['b._trackPageLoadTime']);
2773
2774
2775 if (!window.is_euro_union) {
2776 (function() {
2777 var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
2778 ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
2779 var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
2780 })();
2781 }
2782 </script>
2783
2784 <!-- CCM GA Push -->
2785 <script>
2786 if (typeof _ml !== 'undefined' && _ml.us) {
2787 if (_ml.us.tp && _ml.us.tp.length > 0) {
2788 ga('set', 'dimension2', _ml.us.tp[0]);
2789 }
2790 if (_ml.us.pc && _ml.us.pc.length > 0) {
2791 ga('set', 'dimension7', _ml.us.pc[0]);
2792 }
2793 ga('set', 'dimension3', _ml.us.ind);
2794 ga('set', 'dimension4', _ml.us.cr);
2795 ga('set', 'dimension5', _ml.us.cs);
2796 ga('set', 'dimension6', _ml.us.dm);
2797 ga('set', 'dimension8', _ml.us.sn);
2798 }
2799 </script>
2800
2801 <!-- Sticky Ads -->
2802 <script type="text/javascript">
2803 var topBannerViewed = false;
2804 if($('#div-gpt-ad-728x90_a').length > 0 && window.outerWidth >= 1070 && !isAdBlockActive){
2805 $(window).scroll(function(){
2806 var y = $(document).scrollTop();
2807 var z = y + window.outerHeight;
2808 var navOffset = 0;
2809 var offset = [
2810 $('.nav-wrap').outerHeight(true),
2811 $('.nav-secondary-wrap').outerHeight(true)
2812 ];
2813 for(row in offset){
2814 if(offset[row]) navOffset = navOffset + parseInt(offset[row]);
2815 }
2816 $('.adwrap-unviewed').each(function(){
2817 var cls = 'adwrap-sticky';
2818 var toggleCls = 'adwrap';
2819 //$('.banner-wrapper').css('height', $('.banner-contain').outerHeight());
2820 if($(this).hasClass('railad')) {
2821 if(topBannerViewed){
2822 var topPixels = $(this).offset().top;
2823 navOffset += $('.adwrap').outerHeight();
2824 if(y >= topPixels && y >= navOffset){
2825 $('#slashboxes').css('top', 0).css('position','fixed').css('right',13);
2826 } else {
2827 $('#slashboxes').removeAttr('style');
2828 }
2829 }
2830 return;
2831 }
2832 var topPixels = $(this).offset().top;
2833 if(y >= topPixels && y >= navOffset){
2834 $(this).addClass(cls);
2835 $(this).removeClass('adwrap');
2836 if(cls == 'adwrap-sticky') { //top banner
2837 topBannerViewed = false;
2838 $('#slashboxes').css('top',$(this).outerHeight() || 0).css('position','fixed').css('right',13);
2839 }
2840 if(topBannerViewed) {
2841 console.log('hereeee');
2842 $('#slashboxes').css('top', 0).css('position','fixed').css('right',13);
2843 }
2844 }else{
2845 $(this).removeClass(cls);
2846 $(this).addClass(toggleCls);
2847 $('#slashboxes').removeAttr('style');
2848 }
2849 });
2850 if($('.adwrap-viewed-banner').length > 0){
2851 topBannerViewed = true;
2852 $('.adwrap-viewed-banner').removeClass('adwrap-unviewed').removeClass('adwrap-sticky').addClass('adwrap');
2853 }
2854 if($('.adwrap-viewed-railad').length > 0){
2855 $('.adwrap-viewed-railad').removeClass('adwrap-unviewed').removeClass('adwrap-railad-sticky');
2856 $('#slashboxes').removeAttr('style');
2857 }
2858 });
2859 }
2860 </script>
2861
2862 <!-- Piwik -->
2863 <script type="text/javascript">
2864 var _paq = _paq || [];
2865 _paq.push(["setCookieDomain", "*.slashdot.org"]);
2866 _paq.push(['trackPageView']);
2867 _paq.push(['enableLinkTracking']);
2868 function initPiwikAndNels() {
2869 (function() {
2870 var u="//analytics.slashdotmedia.com/";
2871 _paq.push(['setTrackerUrl', u+'sd.php']);
2872 _paq.push(['setSiteId', 40]);
2873 var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
2874 g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'sd.js'; s.parentNode.insertBefore(g,s);
2875 })();
2876
2877 if(window.location.pathname == '/'){
2878 var nelId = (location.search.split('nel_id=')[1] || '').split('&')[0];
2879 var url = '/ajax.pl?op=nel';
2880 if(nelId){
2881 url += '&nel_id='+nelId;
2882 }
2883 $.ajax({
2884 url: url,
2885 success: function(html){
2886 $('#firehoselist article').eq(1).after(html);
2887 }
2888 });
2889 }
2890 //announcement NEL
2891 if(document.getElementById('announcementText')){
2892 $('#announcementText').hide();
2893 var hlUrl = '/ajax.pl?op=hl_nel';
2894 if(nelId){
2895 hlUrl += '&nel_id='+nelId;
2896 }
2897 $.ajax({
2898 url: hlUrl,
2899 success: function(html){
2900 if(html.length < 10){
2901 $('#announcementText').show();
2902 return;
2903 }
2904 $('#announcementText').html(html).show();
2905 },
2906 error: function () {
2907 $('#announcementText').show();
2908 }
2909 });
2910 }
2911 }
2912 bizx.cmp.ifConsent('publisher', ['storage', 'measurement'], initPiwikAndNels);
2913 </script>
2914
2915
2916 <script type="text/javascript">
2917 _linkedin_data_partner_id = "113712";
2918 </script><script type="text/javascript">
2919 if (!window.is_euro_union) {
2920 (function(){var s = document.getElementsByTagName("script")[0];
2921 var b = document.createElement("script");
2922 b.type = "text/javascript";b.async = true;
2923 b.src = "https://snap.licdn.com/li.lms-analytics/insight.min.js";
2924 s.parentNode.insertBefore(b, s);})();
2925 }
2926 </script>
2927 <noscript>
2928 <img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=113712&fmt=gif" />
2929 </noscript>
2930
2931 <!-- Datonics -->
2932 <script async type="text/javascript" src="//ads.pro-market.net/ads/scripts/site-143573.js"></script>
2933 <script id="after-content" type="text/javascript">
2934 (function( $, fn, console ){
2935 $ && fn && $(function(){ fn($, console); });
2936 })(window.jQuery, window.pageload_done, window.console);
2937 </script>
2938
2939 <script type='text/javascript'>
2940 if(!document.location.href.match(/source=autorefresh/)) {
2941 document.write('<img src="//slashdot.org/images/js.gif?257">');
2942 }
2943 </script>
2944 <noscript>
2945 <img src="//slashdot.org/images/njs.gif?8">
2946 </noscript>
2947 <div class="busy genericspinner hide"><span>Working...</span></div>
2948 <script>
2949 if(typeof(Storage)!=="undefined"){
2950 window.scrollTo(0,sessionStorage.scrollPos);
2951 $(window).scroll(function () {
2952 //You've scrolled this much:
2953 sessionStorage.scrollPos = $(window).scrollTop();
2954 });
2955 }
2956 $(function(){
2957 $('a').click(function(){
2958 delete sessionStorage.scrollPos;
2959 })
2960 });
2961 // window.onbeforeunload = function () {
2962 // console.log('bakc button clicked');
2963 // delete sessionStorage.scrollPos;
2964 // }
2965 window.onpopstate=function() {
2966 delete sessionStorage.scrollPos;
2967 }
2968 </script>
2969
2970
2971
2972 <!-- 1x1 story page -->
2973 <div id='div-gpt-ad-1x1'><script type='text/javascript'>
2974 googletag.cmd.push(function(){
2975 googletag.display('div-gpt-ad-1x1');});</script></div>
2976
2977
2978 <script type="text/javascript">
2979 if (!window.is_euro_union) {
2980 window._taboola = window._taboola || [];
2981 _taboola.push({flush: true});
2982 }
2983 </script>
2984
2985 </body>
2986 </html>
2987
2988
2989 <!-- footer type=current end -->
Gopher news scrapper