https://jordan-wright.com/blog/tags/github/Recent content in Github on Jordan WrightHugoen-usTue, 30 Dec 2014 00:00:00 +0000https://jordan-wright.com/blog/2014/12/30/why-deleting-sensitive-information-from-github-doesnt-save-you/Tue, 30 Dec 2014 00:00:00 +0000https://jordan-wright.com/blog/2014/12/30/why-deleting-sensitive-information-from-github-doesnt-save-you/<img src="https://jordan-wright.com/blog/images/headers/harvest_github.png" alt="" class="pure-img" > <p>So you accidentally committed a password or API key to Github. <em><strong>Ouch.</strong></em></p> <p>&ldquo;No problem!&rdquo;, you think, &ldquo;I&rsquo;ll just follow Github&rsquo;s helpful information on <a href="https://help.github.com/articles/remove-sensitive-data/">how to delete sensitive information</a> and I&rsquo;ll be fine!&rdquo;</p> <p>Just today, I saw a <a href="http://www.devfactor.net/2014/12/30/2375-amazon-mistake/">great article</a> detailing one developer&rsquo;s experience with committing sensitive information to Github. Unfortunately, this article missed the main point. In this post, I&rsquo;m going to show exactly how hackers <em>instantly</em> harvest information committed to public Github repositories, and why deleting this information doesn&rsquo;t solve the problem.</p>