Slashdot Mirror

← Back to Stories (view on slashdot.org)

EFF: Wider Use of HTTPS Could Have Prevented Attack Against GitHub

Posted by timothy on Thursday April 2, 2015 @02:54AM from the one-day-one-day dept.

itwbennett writes The attack against GitHub was enabled by someone tampering with regular website traffic to unrelated Chinese websites, all of which used a JavaScript analytics and advertising related tool from Baidu. Somewhere on China's network perimeter, that analytics code was swapped out for code that transparently sent data traffic to GitHub. The reason GitHub's adversaries were able to swap out the code is because many of the Chinese websites weren't encrypting their traffic.

1 of 48 comments (clear)

Min score:

Reason:

Sort:

EFF Link by gQuigs · 2015-04-02 03:20 · Score: 5, Informative

https://www.eff.org/deeplinks/...