undefined | Better HN

0 pointssoulofmischief7y ago0 comments

But in one case, damage is mitigated because the sys admins didn't assume everyone is infallible and strictly adheres to protocol.

0 pointssoulofmischief7y ago0 comments

But in one case, damage is mitigated because the sys admins didn't assume everyone is infallible and strictly adheres to protocol.

0 comments

5 comments · 2 top-level

danharaj7y ago· 2 in thread

The correct way to deal with fallibility in this situation is to make it feasible to change secrets when they leak, not pretend they weren't leaked.

soulofmischiefOP7y ago

That doesn't prevent someone from not following protocol.

_II__II_7y ago

It's not their job to prevent that.

1 more reply

wybiral7y ago· 1 in thread

Is it mitigated? Once it's leaked you can't force everyone who may have captured it to delete it. So GitHub deleting it doesn't solve the problem.

soulofmischiefOP7y ago

The definition of mitigation is to make something less severe. Yes, GitHub making this policy as clear as possible and allowing controls to toggle it per-repository or per-account mitigates the problem.

j / k navigate · click thread line to collapse

0 comments

5 comments · 2 top-level

danharaj7y ago· 2 in thread

The correct way to deal with fallibility in this situation is to make it feasible to change secrets when they leak, not pretend they weren't leaked.

soulofmischiefOP7y ago

That doesn't prevent someone from not following protocol.

_II__II_7y ago

It's not their job to prevent that.

1 more reply

wybiral7y ago· 1 in thread

Is it mitigated? Once it's leaked you can't force everyone who may have captured it to delete it. So GitHub deleting it doesn't solve the problem.

soulofmischiefOP7y ago

j / k navigate · click thread line to collapse