Hacker News new | past | comments | ask | show | jobs | submit login

I got downvoted for saying you should never store secrets in version control. Insane. I think some sophomores from /r/programmerhumor may be visiting.



I hope it's just people trying to cover for Adafruit.. which is fair enough and I get that. They have done way more good than this little hiccup - but it's so important to not play around with real PPI data or be exposing that or secrets to version control.


PD and secrets are not the same thing. You can be following all technical best practices regarding secret management and still fuck this one up.

You got downvoted because storing encrypted secrets is fine.


> storing encrypted secrets is fine

Only until/unless the encryption is broken. I wouldn’t store long-lived secrets even encrypted in a public place.


"You got downvoted because storing encrypted secrets is fine."

Storing where?


... in version control. The response is intended to be read in context of the sentences above it.


The security and integrity of data shouldn't rely on itself to prove such.. imagine trying to store a checksum within the data it represents for instance.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: