|
|
|
|
|
|
by faeriechangling
1181 days ago
|
|
|
While their reaction is more likely to cause a security breach, consider the psychology. If the key was breached and Github just didn't know it, then a breach happened, then only Github would be to blame. If Github rotates its key, and somebody suffers a MITM attack, the blame is more diffuse. Why didn't they verify the key out of band? |
|
|