top | item 39222160 (no title) fierro | 2 years ago >The one service token and three accounts were not rotated because mistakenly it was believed they were unused.This odd to me - unused credentials should probably be deleted, not rotated. discuss order hn newest pbhjpbhj|2 years ago This smells weird, surely? I'd be looking at who chose not to rotate those particular credentials.1: "what are these accounts?"2: "oh they're unused, they don't even appear in the logs"1: "we should rotate them"2: "no, let's keep those rando accounts with the old credentials, the ones we think might be compromised ... y' know, for reasons"? pphysch|2 years ago More likely: "no one has any idea what these old credentials do, so let's not touch them and potentially break everything" load replies (2) mparnisari|2 years ago Agreed. This whole post reads as "I'm the victim" but they don't admit on the one mistake that snowballed unknown|2 years ago [deleted]
pbhjpbhj|2 years ago This smells weird, surely? I'd be looking at who chose not to rotate those particular credentials.1: "what are these accounts?"2: "oh they're unused, they don't even appear in the logs"1: "we should rotate them"2: "no, let's keep those rando accounts with the old credentials, the ones we think might be compromised ... y' know, for reasons"? pphysch|2 years ago More likely: "no one has any idea what these old credentials do, so let's not touch them and potentially break everything" load replies (2)
pphysch|2 years ago More likely: "no one has any idea what these old credentials do, so let's not touch them and potentially break everything" load replies (2)
mparnisari|2 years ago Agreed. This whole post reads as "I'm the victim" but they don't admit on the one mistake that snowballed unknown|2 years ago [deleted]
pbhjpbhj|2 years ago
1: "what are these accounts?"
2: "oh they're unused, they don't even appear in the logs"
1: "we should rotate them"
2: "no, let's keep those rando accounts with the old credentials, the ones we think might be compromised ... y' know, for reasons"
?
pphysch|2 years ago
mparnisari|2 years ago
unknown|2 years ago
[deleted]