GitHub’s source code was leaked on GitHub last night… sort of

By admin 4 years ago

GitHub wasn’t actually compromised, despite appearances to the contrary. …

The source code leak disappeared from GitHub itself very quickly—and didn't stay up on web.archive.org for very long after that.

The source code leak disappeared from GitHub itself very quickly—and didn’t stay up on web.archive.org for very long after that.
Jim Salter

reader comments

27 with 23 posters participating, including story author

Last night, developer and privacy activist Resynth1943 announced that GitHub’s source code had been leaked on GitHub itself, in GitHub’s own DMCA repository. It’s going to take some unpacking to talk about that, but first things first—this isn’t as big a deal as it might seem.

GitHub Enterprise Server != GitHub.com

Shortly after Resynth1943—who seems to have broken the news and described the code as having “just been leaked” by an unknown individual—reshared the announcement on Hacker News, GitHub CEO Nat Friedman showed up at HN to provide some context.

According to Friedman, the upload in question was actually of GitHub Enterprise Server, not the GitHub website itself. While the two share a considerable volume of code, the distinction is significant. Part of that significance is that GitHub itself was not actually hacked.

While neither GitHub nor GitHub Enterprise Server are open source code, GitHub Enterprise Server source code is routinely shipped to customers, though usually in a stripped-down and obfuscated format. According to Friedman, GitHub accidentally supplied some customers a complete and non-obfuscated tarball of GHES a couple of months ago; this is the code that was dumped into GitHub’s public DMCA repository.

Grinding a DMCA-related axe

It seems likely that the “unknown individual” Resynth1943 referenced uploaded the leaked source code largely out

Continue reading – Article source

Similar Posts:

Related Posts: