An academic study of GitHub found that more than 100,000 of the web service’s code repositories contain publicly accessible authentication secrets such as API and cryptographic keys, while thousands of new secrets are leaked each day.
North Carolina State University researchers Michael Meli, Matthew McNiece (also from Cisco Systems) and Bradley Reaves detail their findings in a paper published last month in conjunction with the 2019 Network and Distributed Systems Security Symposium.
The researchers combined two approaches to identify the leaked secrets. The first methodology involved querying a GitHub a repository search engine API for nearly six months, from Oct. 31, 2017 through April 20, 2018. The second technique involved using BigQuery, a web service that enables analysis of massive datasets, to query a weekly snapshot of GitHub activity on April 4, 2018. According to the paper, the former method is a real-time means of discovering 99 percent of newly “committed” (i.e. saved on GitHub) files that contain secrets within them, while the latter produces a snapshot covering 13 percent of all GitHub public repositories.
Please register to continue.
Already registered? Log in.
Once you register, you’ll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.