cross-posted from: https://lemmy.bleh.au/post/1311371

Binance Code and Internal Passwords Exposed on GitHub for Months

Comment

I hope nobody loses their shirt over this.

Summary

• Sensitive data exposed: Internal code, infrastructure diagrams, passwords, and other technical information were publicly accessible on GitHub for months.
• Source unclear: Unclear if an outside hacker or Binance employee accidentally uploaded the data.
• Potential risk: Information could be used by attackers to compromise Binance systems, though Binance claims "negligible risk".
• Data details: Included code related to passwords and multi-factor authentication, diagrams of internal infrastructure, and apparent production system passwords.
• Binance response: Initially downplayed the leak, later acknowledged data was theirs but downplayed risk.
• Current status: Data removed from GitHub via copyright takedown request.
• Unclear if any malicious actors accessed the data.

Charles elaborates on the state of decentralized twitter and verified tweets.

I’ve been thinking lately about the concept of the fediverse and repurposing it toward the goal of creating a free and open, decentralized, federated network of vendors that run instances or groups of vendors that run one instance together. These instances would broadcast inventory updates to each node that they federate with. It would start off niche and gain traction that way before branching out into other retail types.

Is this a feasible idea? Has any pulled this off? Wayfair, Amazon, Shopify, and Etsy are already suffering from enshittification. Someone needs to take the inventory out of the walled gardens and back into the customer’s hands. I shouldn’t have to rely on Google to find products I want. There are vendors that want to sell me stuff nearby…it’s just a problem of connecting the user to the content..and this seems like a no-brainer.

I’d love to have a discussion about this. I am seriously considering creating a rolling fork of Lemmy that would maintain parity but also add this functionality but I want to talk to experts and weigh the pros and cons before embarking on such an ambitious project.

edit: I also started a community ( https://infosec.pub/c/federated_inventory ) dedicated to the discussion of this idea. I'm trying to get vendors in a budding local industry to fund the creation of this system, which would branch out into all retail industries eventually along with the network effect.

Join us for a year-end celebration on Essential Cardano 360!

As 2023 comes to a close, we're taking a journey through some of the highlights that made this year truly remarkable for the Cardano ecosystem.

From the groundbreaking research at IOG to the launch of transformative projects from an array of builders, Cardano has seen unprecedented growth and success throughout the year. We'll be revisiting key moments, acknowledging the contributions of the Cardano community, and highlighting the achievements that shaped the age of Voltaire.

From Valentine Upgrade, Wanchain's launch of the first cross-chain bridge, and global CIP-1694 workshops to Rare Evo, Cardano Summit and recent Cardano Ballot - let’s relive it all.

As we bid farewell to 2023, we're excited about what the future holds for Cardano. From governance advancements to technological developments, the journey continues. We extend our gratitude to the Cardano360 show viewers, contributors, and the entire Cardano community for your support. Wishing everyone happy holidays from the IOG team! 🎉

“This is the first major milestone in a series of iterations that’s going to evolve and grow Midnight from testnet to mainnet. What’s really exciting is we are at a point that we can have a frank conversation about the development model of Midnight. This is just the beginning.”

– Charles Hoskinson, CEO, IOG

EDWARD SAID (1935-2003). Palestinian-born intellectual and world-famous literary critic. Author of 'Orientalism' and 'The Question of Palestine'. Professor of English Literature at Columbia University, NYC until his death in September 2003. From the BBC series 'Exiles'. See http://en.wikipedia.org/wiki/Edward_Said

cross-posted from: https://infosec.pub/post/4512931

https://nitter.net/ergo_platform/status/1720491727914463662

Again, your inconsistencies with implementations and practice are hurting your data accuracy, period...and from the outcry of others on our previous post, it's clear it is widespread.

Take @ethereum and @PancakeSwap in the below chart, blue line is market cap. Their 1:1 chain migrations had minimal effect. Now, look at #Ergo in the beginning, clearly #CMC's method of data display here is showing something that is not.

Read about Ergo's early days here and EFYT: docs.ergoplatform.com/mining…

CMC argues that it was a 1:1 swap, however...the total supply was drastically different, and they are ignoring that.

Total Supply EFYT: 1,970,945 Erg: 97,739,924 The ratio here is almost 50:1

To anyone interested in accurate data, the chart should look similar to the blue market cap line in the picture below for Ergo.

• @coingecko's solution was to start from mainnet.

Solution: Fix the chart according to total supply ratio, or, start from mainnet and link to the EFYT chart in a note above the current chart.

Inaccurate data can have a massive effect on adoption and their "first look" of a project as well as devs and businesses looking to purchase CMC's data feeds. Let's get it fixed!

https://nitter.net/ergo_platform/status/1720821527363338449?s=46&t=unlmaZgiDE_T6t5A5mx21Q

You’ve now made a statement to other projects who want accurate data on #CMC: “Don’t question us, or we will make it worse”. Your updated note on our chart is a clear sign you prefer “don’t you dare correct us” rather than have data that is represented with accuracy.

Your lack of understanding of total supply in relation to a 1:1 migration is downright worrisome.

Please reflect our data properly. To clear up twisting our words for their benefit and their unprofessionalism, here is the full support chain: checkvist.com/p/dxdsOg9cQr7f…

#cryptocurrency, @IOHK_Charles , @RichardMcCrackn , @cardano_whale , @SpectrumLabs_ , @nonkyc_exchange , @RosenBridge_erg we need your help to fight the bully. Please help us find a louder voice so that #CMC knows they can’t push around projects, even demanding money, as they see fit.

Previous suggestion: vxtwitter.com/ergo_platform/…

A post in the Cardano forum alerted me to the existence of this Matrix community, centered around Cardano.

I’ll put a link in the sidebar, as I feel that this Matrix room is one of the only instances of FOSS technologies being used for community discussion in the Cardano ecosystem besides this one.

It kind of blows my mind how dependent on centralized, closed-source technologies a community centered around a decentralized, open source technology is.