[colemickens]

I suspect that many more employees at Twitter have access to the logs, than have access to a super computer and pasword hashes.

I know I wouldn't trust my password with the number of people that have easy access to logs at other large(ish) tech companies.

I really can't imagine why "we didn't have to" was included in that tweet, at all. What other flaps like this have occurred that exposed my creds or personal data to large numbers of employees, that they didn't have and didn't choose to tell us about?

[cbhl]

Even if true, best practice is to strictly restrict access to and create audit trails for reading raw logs from production.

Ideally, you'd only need to read raw logs tied to a test account, or, maybe your own personal accounts.

Stack traces and exceptions and the like can be anonymized and collated.

[tptacek]

More employees at virtually every major web company have access to instances (and thus instance memory) than have access to supercomputer clusters, too. Every mainstream popular web application is fed a constant high-volume feed of plaintext passwords, right there in memory (or, in typical TLS termination environments, on the wire) to be read by a persistent attacker.

[colemickens]

That's true for nearly every single internet facing service, no? A compromise resulting in point-in-time access to traffic is a bit different than a bug that creates a persisted historical record of every single user who signed in for a period.

Maybe I miss the point behind this comparison? I guess I'd understand more if I thought the number of folks with node access and log access were in the same magnitude at Twitter, or if the TLS stack persisted data over time.