Techly NewsGet the app

Get the latest tech news

Data From Deleted GitHub Repos May Not Actually Be Deleted, Researchers Claim


Thomas Claburn reports via The Register: Researchers at Truffle Security have found, or arguably rediscovered, that data from deleted GitHub repositories (public or private) and from deleted copies (forks) of repositories isn't necessarily deleted. Joe Leon, a security researcher with the outfit, s...

And he proposed a new term to describe the alleged vulnerability: Cross Fork Object Reference (CFOR). According to Leon, this scenario came up last week with the submission of a critical vulnerability report to a major technology company involving a private key for an employee GitHub account that had broad access across the organization. We are aware of this report and have validated that this is expected and documented behavior inherent to how fork networks work.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of data

data

Photo of researchers

researchers

Photo of deleted GitHub repos

deleted GitHub repos

Related news:

News photo

How to Stop Elon Musk From Training His AI On Your Data

News photo

X is training Grok AI on your data—here’s how to stop it

News photo

Elon Musk's X now trains Grok on your data by default - here's how to opt out

« Funtoo Linux is shutting down
Apex Surplus – A movie industry props and parts source »