from Hacker News

In major goof, Uber stored sensitive database key on public GitHub page

by correctifier on 3/2/15, 8:05 PM with 5 comments

  • by SoMuchToGrok on 3/2/15, 8:52 PM

    Uber needs to accept responsibility and live with their mistake.

    "Intruders"? Uber gave their permission when they uploaded the key to a public service (...a key to a publicly accessible database, nonetheless). Doesn't matter if it was accidental...Uber doesn't have the right to inconvenience another company (GitHub) with a subpoena because of their own mistake.

  • by mikestew on 3/2/15, 8:48 PM

    "The contents of these internal database files are closely guarded by Uber,"

    Mmm, the evidence suggests otherwise.

  • by jwise0 on 3/2/15, 9:24 PM

    The thing that I find particularly notable here is not that they stuck the key on GitHub, but that they are trying to subpoena GitHub for a list of everyone who accessed the gists in question. If allowed to do that, then that sets a precedent that's worth considering...

  • by cruelfate on 3/4/15, 3:02 AM

    I don't get the dearth of coverage to this negligence. Company valued at $40B advertises it's crypto key and the world yawns.

  • by sriram_malhar on 3/3/15, 9:38 AM

    "Goof". Is that what they are calling this nowadays?