It’s official GitHub sold us out, so what are the alternatives? You could switch to GitLab or BitBucket and wait till Microsoft or others buying them and get in an infinite loop, or you create your own Server! A small group of members started already an own Repo, sadly it was already too late because MS is already in discussion with GitHub since 2007, but the idea was really funny.
Microsoft is said to be in serious talks about a possible acquisition of GitHub, currently the largest source-code repository in the world. A report by Business Insider suggests the Redmond giant has been in talks regarding a buyout for years now but that the discussions have heated up recently, possibly owing to the impending departure of GitHub CEO Chris Wanstrath.
Github was hit by the biggest DDoS attack ever recorded on Wednesday. According to Akamai Prolexic the attack peaked at 1.35 Tbps and this attack utilized memcached servers that return 50 times the data to the IP spoofed address of the victim.
Good news for all security friends out there, GitHub the well-known code-publishing platform just dropped support for weak crypto defaults, their Weak cryptographic standards removal notice which already was posted a while back – states that as of yesterday all of the weak cryptos are now fully removed.
For those who wonder how GitHub’s Two-Factor-Auth ‘style 2’ codes work, there is an article which explains the basic mechanism. It will explain the magic from getting the QR code to getting a spinning 6-digit pin code. Like magic,… like magic.
I recently found a good project which summarize your own GitHub chart. You can also check someone else account but the request amount is limited, because the API doesn’t allow more than 50 requests per hour.
Shameless self-advertising (sorry!) but I want you guys show a little project I designed which might help to improve your overall security setup. The list is basically designed to show and give people the possibility to check their systems or applications against known leaks, threats or other data leaks.
The list is open source and everyone can contribute. That’s the power of the crowd, so it’s up to you but at the end it might help other people to stay a little bit more secure if you contribute. Of course you got a good feeling because you did something useful! 🧙
How does it helps without showing any solutions?
The goal isn’t to make a ‘secure your OS/app’ list or a guide which shows to avoid xyz threats. Such guides are mostly outdated very soon or already the moment you write them – it’s more that you visit the mentioned links and fix it yourself. Let’s say you want to check if your VPN is leaking your DNS or not, then you click on e.g. dnsleaktestwhich shows you the needed information if you’re affected by this leak. The page might shows you the workarounds to solve the issue or you need to do your own research.
But how does it help? Because research is important you might find and learn a lot of more than just visiting a page itself. You mostly forget things if you only re-do someone else tutorial and at the end you haven’t learned anything except to follow given instructions.
Privacy Online Test And Resource Compendium (GitHub)