:: Re: [DNG] ..are we still good to go…
Top Page
Delete this message
Reply to this message
Author: Rick Moen
Date:  
To: dng
Subject: Re: [DNG] ..are we still good to go? Ransomware threats on git repos in El Reg 4 days ago
Quoting Arnt Karlsen (arnt@???):

> ..are we still good to go? Ransomware threats on git repos in El Reg:
> https://www.theregister.co.uk/2019/05/03/git_ransomware_bitcoin/
> https://security.stackexchange.com/questions/209448/gitlab-account-hacked-and-repo-wiped
> https://www.bitcoinabuse.com/reports/1ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA


Memos from Captain Obvious: 1. Don't leave security-sensitive credentials
sitting around in publicly accessible .git subdirectories on publicly
accessible servers. 2. When using a distributed SCM such as git, use it
in distributed fashion such that full contents including all metadata
exist in multiple places. Otherwise, if you need to take seriously
feeble extortion demands because you haplessly have no backups of your
repos, people are likely to laugh and point. 3. Don't take El Reg
seriously on anything relevant to security.


(Where's Rick, May 8-20 edition: San Francisco, Copenhagen, Nice, St.
Tropez, Cannes, Monte Carlo, Calvi, Bonifacio, Port Ercole, Rome,
Copenhagen, San Francisco. Catch him, and win valuable prizes.)

-- 
Cheers,                          "I am not a vegetarian because I love animals; 
Rick Moen                        I am a vegetarian because I hate plants."
rick@???                                    -- A. Whitney Brown
McQ! (4x80)