status meeting notes are up

Now we have this theregister.com/2021/11/18/firefox_cookies_github

why would anyone post there cookies.sqlite database on github?

why would ya wanna use github ? when the evil M$$$$ owns it

because it is better than GitLab

and it's free including issue tracknig

GiggityHub and GiggityLab are both terrible, also heavily influenced by Silly Valley

"Thousands of Firefox users accidentally commit login cookies on GitHub"

...and why is this GitHub's fault!?

as much as I hate SV and modern tech, PEBKAC is no reason to shoot the mesenger

but hey, clickbait!

"Aidan Marlin, a security engineer at London-based rail travel service Trainline, alerted The Register to the public availability of these files after reporting his findings through HackerOne and being told by a GitHub representative that "credentials exposed by our users are not in scope for our Bug Bounty program.""

ah, a sekuritah researcher

stopped taking those guys seriously since Spectre/Meltdown and Ryzenfail

all they want is spotlight to get hired by a SV giant

> Marlin acknowledges that affected GitHub users deserve some blame for failing to prevent their cookies.sqlite databases from being included when they committed code and pushed it to their public repositories. "But there are nearly 4.5k hits for this dork, so I think GitHub has a duty of care as well," he said, adding that he's alerted the UK Information Commissioner's Office because...

...personal information is at stake.

once again, WHY is GitHub's fault that their users are dumb!?

do people actually backup their home directories over Git to a public service!?!?!?

tomman: kind of my thought exactly but must be some kind of thing we need to understant that enticed popele to do something this stupid.

thye fact that gitub says not my fault i won't help seems not the correct answer should have been not my fault but i will try if i can to assist in figuring out how this happened would be a more useful approach.

something incredibly stupid/silly must be happening for someone to commit his/her/its/whatever cookies.sqlite (or anything private - could be a spreadsheet with all their website passwords) to a public git repo

And if we put measures in force to prevent people from doing that, not only you screw up with people with legitimate needs (say: carefully curated test cases), and of course, the paranoid nutters will scream "GitHub is spying on MEEEEE!!!"

dealing with stupid is dangerous

tomman bug seems to be github related they should be trying to thelpin what must have started from gitub to entice idiots to act so stupidly.

the we are not heping in trying to figure this out is what I blame github for.

.,

i posted this elsewhere... mmnt.ru/int/get?st=cookies.sqlite

i guess i can get hired now ;-)