22 Mar 2019


Over 100,000 GitHub Repos Have Leaked API or Cryptographic Keys

A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with thousands of new repositories leaking new secrets on a daily basis. From a report: The scan was the object of academic research carried out by a team from the North Carolina State University (NCSU), and the study's results have been shared with GitHub, which acted on the findings to accelerate its work on a new security feature called Token Scanning, currently in beta. The NCSU study is the most comprehensive and in-depth GitHub scan to date and exceeds any previous research of its kind. NCSU academics scanned GitHub accounts for a period of nearly six months, between October 31, 2017, and April 20, 2018, and looked for text strings formatted like API tokens and cryptographic keys.

Share on Google+

Read more of this story at Slashdot.

22 Mar 2019 2:42pm GMT

feedYahoo News - Latest News & Headlines

The World Depends on GPS. These Are the Airmen Who Protect It.

The World Depends on GPS. These Are the Airmen Who Protect It.Popular Mechanics goes to source for the straight story on what it takes to operate the GPS navigation system and how the game is changing as the militarization of space heats up.

22 Mar 2019 2:34pm GMT

Emilia Clarke's Aneurysms Almost Killed Her—Women Need to Know the Risks

Emilia Clarke's Aneurysms Almost Killed Her—Women Need to Know the RisksBrain aneurysms are silent and often fatal, and women are 1.5 times more likely to develop them than men. Here's what you need to know.

22 Mar 2019 2:07pm GMT

Here's What Can Happen to Your Body If You Skip Spring Cleaning

Here's What Can Happen to Your Body If You Skip Spring CleaningAll that dust and pet dander can impact your respiratory and immune systems in a big way.

22 Mar 2019 2:02pm GMT


Most Bitcoin Trading Faked by Unregulated Exchanges, Study Finds

Up to 95% of all reported trading in bitcoin is artificially created by unregulated exchanges, according to a new study [PDF], raising fresh doubts about the nascent market following a steep decline in prices over the past year. From a report: Fraudulent trading volume has dogged cryptocurrency trading for years, but the extent of the market manipulation has been difficult to determine. Bitwise Asset Management said its analysis of trading activity at 81 exchanges over four days in March indicates that the actual market for bitcoin is far smaller than previously thought. The San Francisco-based company submitted its research to the U.S. Securities and Exchange Commission with an application to launch a bitcoin-based exchange-traded fund. The study, made public Thursday, is an attempt to alleviate the agency's longstanding concerns that a bitcoin ETF would leave investors exposed to fraud and market manipulation. Bitwise's fund, if approved, would be based upon the 5% of trading it considers legitimate, said Matthew Hougan, Bitwise's head of global research. That volume comes from 10 regulated exchanges that can verify that their trading data and customers are real. This slice of the market, he said, is well regulated, transparent and efficient. "I hope everyone sees there is a real market for bitcoin," he said.

Share on Google+

Read more of this story at Slashdot.

22 Mar 2019 2:00pm GMT

feedArs Technica

You can help “rescue” weather data from the 1860s

UK project aims to build record of past storms to help project future ones.

22 Mar 2019 1:33pm GMT

Fast and fun, but flawed: The Acura RDX reviewed

This sporty crossover is all kinds of fun to drive, even if if feels like a beta sometimes.

22 Mar 2019 1:12pm GMT

Dashcam video shows Tesla steering toward lane divider—again

Tesla Dashcam video highlights weakness of Tesla's testing regime.

22 Mar 2019 1:02pm GMT


Facebook Knew of Cambridge Analytica Data Misuse Earlier Than Reported

An anonymous reader quotes a report from The Guardian: Facebook employees were aware of concerns about "improper data-gathering practices" by Cambridge Analytica months before the Guardian first reported, in December 2015, that the political consultancy had obtained data on millions from an academic. The concerns appeared in a court filing by the attorney general for Washington DC and were subsequently confirmed by Facebook. The new information "could suggest that Facebook has consistently mislead [sic]" British lawmakers "about what it knew and when about Cambridge Analytica," tweeted Damian Collins, the chair of the House of Commons digital culture media and sport select committee (DCMS) in response to the court filing. In a statement, a company spokesperson said: "Facebook absolutely did not mislead anyone about this timeline." After publication of this article, the spokesperson acknowledged that Facebook employees heard rumors of data scraping by Cambridge Analytica in September 2015. The spokesperson said that this was a "different incident" from Cambridge Analytica's acquisition of a trove of data about as many as 87 million users that has been widely reported on for the past year. "In September 2015 employees heard speculation that Cambridge Analytica was scraping data, something that is unfortunately common for any internet service," the spokesperson said. "In December 2015, we first learned through media reports that Kogan sold data to Cambridge Analytica, and we took action. Those were two different things." The filing raised questions about when Facebook first learned about the misuse of personal data by Cambridge Analytica, the now defunct political consultancy.

Share on Google+

Read more of this story at Slashdot.

22 Mar 2019 1:00pm GMT