Am I missing something "we will make your code public" the entire point of github is to be open source. And I'm guessing the vast majority of users if not every single one has the data backed up on their own computers/servers. What a stupid fucking "hack".
the public/private question is answered by another goat, bit I wanted to comment on how weak this attack is. every developer who clones a repo to work on has the entire copy of the code and all commit messages. that means that someone has the last state the repo was in, even if that work wasn't yet pushed to the repo. Repo gone? no big deal, let's make a new repo, change where the remotes direct to and push code.
making the code public is really the only threat, which may be a big deal to some organizations.
4 comments
0 u/HorseIsDead 05 May 2019 02:44
Am I missing something "we will make your code public" the entire point of github is to be open source. And I'm guessing the vast majority of users if not every single one has the data backed up on their own computers/servers. What a stupid fucking "hack".
0 u/ABastionOfFreeSpeech 05 May 2019 03:20
You can have a private GitHub repo by paying for an account, and some small businesses have that as their only code source.
0 u/seattlethrowaway 05 May 2019 03:50
the public/private question is answered by another goat, bit I wanted to comment on how weak this attack is. every developer who clones a repo to work on has the entire copy of the code and all commit messages. that means that someone has the last state the repo was in, even if that work wasn't yet pushed to the repo. Repo gone? no big deal, let's make a new repo, change where the remotes direct to and push code.
making the code public is really the only threat, which may be a big deal to some organizations.
0 u/cantaloupe6 05 May 2019 04:33
Exactly... seems lame