Not what they were looking for
New GitHub search faces technical difficulties following privacy outcry
ambitious new search
feature on code hosting site GitHub has been plagued by
technical and security problems after a high-profile launch earlier
Initial reaction to the new search infrastructure, which live-indexes every line of code hosted on the site, was positive.
However, many were soon
pointing out that private passwords and security keys
accidentally uploaded to GitHub were now easy to find.
At the time of writing, GitHub’s search function has been experiencing technical difficulties for over 17 hours, preventing searching of code (but not repositories or users). It is unknown if this downtime is related to the controversy surrounding exposed private details, or simply teething troubles. (Update: Zach Holman of GitHub told JAXenter via Twitter that "they have nothing to do with each other".)
Also unknown is whether GitHub can find a method to prevent this information from showing up in search results. In the meantime, those wishing to remove sensitive information from their existing repositories should check out this handy guide.
It’s the first blot on GitHub’s otherwise stainless record (besides frequent outages), which include successful launches of its Gist snippet-hosting system, ‘command box’ functions and pretty graphs. Last year it received a whopping $100m investment from Andreessen Horowitz, and more recently passed the three million user mark.
This event serves as another example of just how dangerous powerful search tools can be in the wrong hands. Last week, Facebook’s search tool was similarly criticised for making it easy to find potentially incriminating personal information that was already publicly available.