Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

And as a double FYI this means a force push does not permanently delete sensitive data! Beware. Rotate that API key, even if it's a pain in the arse.


This is a lesser understood corollary of my comment :). Thanks for calling it out ;)


That goes for any time you send data to a third party or over a channel you don't control. Compromised is compromised. There is no going back.

I hate things like "email recall" in Outlook or deleting messages in Teams etc because it trains normies into thinking you can recover from a compromise.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: