Slashdot Mirror

← Back to Stories (view on slashdot.org)

AWS Urges Devs To Scrub Secret Keys From GitHub

Posted by timothy on Sunday March 23, 2014 @09:01PM from the key-is-under-the-mat dept.

An anonymous reader writes "GitHub contains thousands of 'secret keys', which are stored in plain text and can be used by miscreants to access AWS accounts and either run up huge bills or even delete/damage the users files. Amazon is urging users of the coding community site to clean up their act."

1 of 109 comments (clear)

Min score:

Reason:

Sort:

Re:Opensource and web services keys by Richard_at_work · 2014-03-24 00:03 · Score: 3, Informative

That's not a problem for the developer of the application, that's a problem for whomever is providing the hosted instance of their code. If a "normal non-technical user" is deploying the code, then they should equally be able to solve the problem of third party webservice keys etc where they are required.