LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Github compromised, or not?!

Github compromised, or not?!

Posted Mar 5, 2012 13:57 UTC (Mon) by clugstj (subscriber, #4020)
In reply to: Github compromised, or not?! by epa
Parent article: Github compromised

But in this case, it appears that he got pissed off at the "experts in that language" (rails) and took it out on "real users" (github). Not at all a nice thing to do.

(Log in to post comments)

Github compromised, or not?!

Posted Mar 5, 2012 14:33 UTC (Mon) by sorpigal (subscriber, #36106) [Link]

Seems more like he took it out on the expert's issue tracker, which just happens to be run by someone else. A kind of an in-your-face way to make your point, but very effective.

Github compromised, or not?!

Posted Mar 8, 2012 22:06 UTC (Thu) by bronson (subscriber, #4806) [Link]

And very necessary because Rails doesn't actually host anything itself. If you're going to demonstrate a trivial attack on Rails, you're going to have to select one of the many sites that use rails.

In this case, just demonstrating the attack is pointless because the docs already say, "don't do that." Homakov needed conclusive evidence that even good Rails programmers miss the docs sometimes.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds