incident
I have accidentally found that an known account with active, owner and posting keys have been pushed to official github branch for steem-python a few weeks back.
It has been deleted, but the source control records everything including deletion the whole file. Gareth Nelson commented:
wtf is a WIF for a known account doing in here? bye
It is an unwise practice to store keys/account information directly in the Python source code. And the account owner has obviously changed his keys after this incident.
The incident can be viewed here.
With no offence to point out the developer’s mistakes, the main purpose is to what we can learn the lessons from this incident. So I have removed mentioning the developer.
A SteemIt Development Incident – SteemIt
A SteemIt Development Incident – SteemIt
You may also like: SteemIt 开发团队把一个70级的大鱼帐号拿来当测试 – 泄露钥匙,有惊无险
–EOF (The Ultimate Computing & Technology Blog) —
Last Post: Upgrade the Steemit/Wechat RSS Server
Next Post: Why You Should Go to an Interview Every Year?