DIT112-V20 / group-01

MIT License
1 stars 3 forks source link

Possible problematic security issue #53

Closed RuthgerD closed 4 years ago

RuthgerD commented 4 years ago

Somehow private keys have been uploaded and merged into master which is something you really do not want to have on the public internet :worried:

I'm not sure if these keys are actually valid but wanted to bring it up anyways just in case.

Wifi key: https://github.com/DIT112-V20/group-01/blob/df67cfaeab9f6176ec6ad4fc6305539b1d47c956/manualCon/manualCon.ino#L11

Firebase private key: https://github.com/DIT112-V20/group-01/blob/df67cfaeab9f6176ec6ad4fc6305539b1d47c956/manualCon/manualCon.ino#L18

ghost commented 4 years ago

@RuthgerD thank you for pointing it out mate. We'll fix this now. 👍

AeroStun commented 4 years ago

You probably want to ask @platisd if it would be possible to force-push over master to erase these keys from the git history

platisd commented 4 years ago

You probably want to ask @platisd if it would be possible to force-push over master to erase these keys from the git history

Those keys should be considered compromised, so force-pushing does not actually solve anything. They should be both changed (at least the firebase one) and not version controlled any more. (I can help with that instead).