Based in San Francisco Bay Area, Securesql is a blog by John Menerick. His insights dissect complex systems, offering a masterclass in cyber guardianship through expert analysis and cutting-edge protective strategies.

Airing one's dirty development laundry - You are doing it wrong

John Menerick

I recieved a lovely google alert this weekend.  

http://www.pastebay.net/1046168

Even with the most secret of secrets, the private key to a public / private key pair, entities manage to show their secrets to the world.  Human's err.  

 

Kinda reminds me of digging through development oriented copy/paste services: IE  http://pastebin.com/search?cx=partner-pub-4339714761096906%3A1qhz41g8k4m&cof=FORID%3A10&ie=UTF-8&q=username+password&sa.x=0&sa.y=0&sa=Search&siteurl=http%3A%2F%2Fpastebin.com%2F to find juicy credentials.

 You would be surprised what one would find in Web Services debugging information.... 

http://pastebin.com/search?cx=partner-pub-4339714761096906%3A1qhz41g8k4m&cof=FORID%3A10&ie=UTF-8&q=wsdl+username&sa.x=0&sa.y=0&sa=Search&siteurl=http%3A%2F%2Fpastebin.com%2F

 

Great Git security story and suggested work arounds

Star Wars based argument: distributive systems vs. a monolithic application