Git ransom campaign incident report - May 2019
- Date: Wed, 15 May 2019 13:49:11 -0400
- From: Martin Langhoff <martin.langhoff@xxxxxxxxx>
- Subject: Git ransom campaign incident report - May 2019
Spotted this on the internet...
Haven't hacked on git for a while, and I am not affiliated with any of
the stakeholders. However, reading it, I wanted to slam my head on the
IIRC, git will sanely store a password elsewhere if it gets to prompt
for it. Should we be trying to unpack usernames/passwords from HTTP
urls, and DTRT with them?
Are there other ways this could be made better?
- ask interesting questions ~ http://linkedin.com/in/martinlanghoff
- don't be distracted ~ http://github.com/martin-langhoff
by shiny stuff