@timewarp@lemmy.world Great, thank you!
@timewarp@lemmy.world
I'm pretty sure this is some kind of spam, because I can't think of any legitimate reason for thousands of co-authors to be listed on a single commit. But just for kicks, any ideas how I might go about checking if the repo was renamed?
Hey infosec peeps, anyone got an inside scoop on what's going on with these bogus co-authored commit tags on GitHub? The attackerDOS/B repo has been taken down, so I can't look at the commits that I supposedly co-authored. I have FIDO2 MFA on my account, so I'm reasonably certain that no one could have actually committed code to this repo under my account, but I'm also not super familiar with how co-authoring works.
#InfoSec #CyberSecurity #GitHub #attackerDOS
@breadsmasher@lemmy.world
Great question! "Need" probably isn't the right word. "Strongly desire" or "greatly prefer" would more accurate.
The reason is that I have lots of different devices with different port types. Some of my newer devices only have USB-C ports, while my older devices only have USB-A ports, and I'd really like to have just "one key to rule them all," so to speak.
I know that I could buy a little USB-A/C adapter dongle and keep that on the same keychain with the MFA key, but that introduces a degree of fragility that I'd prefer to avoid if possible.
That being said, if I found a hardware MFA key with all of the features I listed except for USB-C, then I'd happily accept the dongle compromise, because most of my devices (even the old ones) support Bluetooth, so I'd still have that as a backup option in case the dongle fails.
#MFA #2FA #fido #fido2 #fido3 #NFC #USB #USBc #USBa #dongle #Biometric #Fingerprint #YubiCo #YubiKey #Bluetooth #CyberSecurity #InfoSec
@Tyoda@lemm.ee yeah, that's kinda what I figured might be happening, but I thought I should still ask the experts, just in case. I used to work in cybersecurity, but that was back in the #Sasser worm era (IYKYK ๐ ), so I'm more than a little rusty.