Try "ssh http://whoami.filippo.io " now think "What if that server automatically grabbed key and logged into work." Today's bug: baaaaaaaad.
@sean_a_cassidy They then use a public-key-to-Github-account reverse lookup and try your private key on any site they can find from Github.
-
-
@sean_a_cassidy This all happens in milliseconds without any human intervention required. Someone may get pinged when they get a new shell. -
@patio11 thanks for the summary. This is a very interesting bug!
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.