Comment on DOGE staffer with access to Americans' personal data leaked private xAI API key | TechCrunch
pinball_wizard@lemmy.zip 1 week ago
“…checked [an API key] into GitHub…”
Ouch. But who hasn’t?
“Elez removed the key from his GitHub but the key itself was not revoked, allowing continued access to the AI models.”
Okay, that’s deeply bad…Maybe has no idea how API keys, or the Internet works…? Definitely lacks security advisors (or has them and ignored them).
ExtremeDullard@lemmy.sdf.org 1 week ago
I haven’t. Committing keys in git repos is beyond sloppy. Whoever does it needs to be fired immediately.