Originally posted by birdie
View Post
Announcement
Collapse
No announcement yet.
PHP's Git Server Compromised, Now Switching To GitHub
Collapse
X
-
-
I wonder which government agency did the hack. North Korea? Russia? USA?
Good thing there's some sort of audit going on.
Leave a comment:
-
Originally posted by skeevy420 View PostWhen you work construction and you're doing something at a house in the woods miles from civilization, 1, you agree to that beforehand, 2, you can choose to drive your happy ass to a gas station in lieu of pooping in the woods,
When the pimply faced teenagers at Taco Bell fail to cook your lunch properly and you get a surprise case of the sudden shits later, you should never "choose to drive" yourself to the gas station over pooping in the woods you're already standing in. If you make it to the gas station, great, but if you don't, then what are you gonna do??
This isn't about saving time or cost cutting -- it's about being properly prepared for an emergency. It is far more sanitary and safer to poop in the woods (or a suitable bag, pee in a bottle, etc) than unsuccessfully driving to a gas station when duty calls. Prepare yourself in advance for this often unspoken and unfortunate situation. Carry a roll of toilet paper, some water/sanitizer, a bag/bottle/shovel, etc every time you are in a situation that may not have a restroom handy at all times. It's the smart and responsible thing to do.
My hat's off to those brave men and women working through the pandemic at Amazon, especially the ones smart enough to think about these problems in advance and do the right things to keep everything safe and sanitary.Last edited by ed31337; 29 March 2021, 09:54 PM.
Leave a comment:
-
Originally posted by darkcoder View PostIs sad that the 1st solution most companies or OS foundations opt these days is to move to the cloud when they got issues or get compromised.
Is not like Microsoft or any other company services haven’t been hacked or taken offline due to issues, both Exchange and Sharepoint coming to my mind.
Leave a comment:
-
I do not see any good or bad in that, it's a service provided by one of the largest software companies at the moment, it's free, and the source was open anyway. And Microsoft uses it themselves, so they do have an interest to keep it maintained, stable and secure.
Everything can and will eventually be breached. Even the Pentagon was by a british guy with Authism interested in UFOs.
If Microsoft should decide to change their stance on the platforms usage and payment models, moving to another provider isn't even close to as hard as it used to be.
I have no preference personally, and currently use GitLab at work and mostly github privately. As long as it's free for open source and you do not give up any rights by using it... I'm fine with that.
I wish github provided an open source version,
- Likes 1
Leave a comment:
-
Originally posted by birdie View Post
In all fairness Microsoft has been managing security updates recently quite well and I haven't heard that their infrastructure has been compromised lately or ever.
Meanwhile Open Source projects get compromised on a monthly basis if not more often.
Perhaps you need to see the world as it is, not as you believe it is.
GitHub tech stack: https://stackshare.io/github/github
- Likes 2
Leave a comment:
-
Originally posted by birdie View PostI've given you a decent number of open source projects which have been breached recently and your argument is "keep researching"? LMAO, your argumentation skills are truly stellar.
So, keep researching.
Originally posted by linuxgeex View Post
That might be true if M$ had a decent track record when it comes to security lol. So now they've moved to a platform which is a much fatter, juicier target, and they still don't know what the original attack vector was. Hilarious. So if it's simply their private keys which are compromised and they don't fix their security culture, then they are doomed to repeat the same compromise.
Edit: I tweaked my original post. I feel I had mistakenly given Microsoft some credit when they are basically a danger to our industry. I also believe they are out of their depth with GitHub and their incompetence will show sooner rather than later.Last edited by kpedersen; 29 March 2021, 04:24 PM.
- Likes 2
Leave a comment:
-
Originally posted by kpedersen View PostLets have a dumb naive comment on how putting all your eggs in someone elses server (especially Microsoft's) is a good idea.
Edit: Oh, birdie beat me to it
Now Microsoft is the only malicious entity that can sabotage the PHP source.
- Likes 1
Leave a comment:
-
Originally posted by birdie View Post
In all fairness Microsoft has been managing security updates recently quite well and I haven't heard that their infrastructure has been compromised lately or ever.
Meanwhile Open Source projects get compromised on a monthly basis if not more often.
Perhaps you need to see the world as it is, not as you believe it is.
Originally posted by birdie View PostSomeone is again deleting my comments even though I've long stopped with personal attacks. Sigh. OK, I'm out of this discussion.
- Likes 3
Leave a comment:
Leave a comment: