
Ask HN: Do you trust GitHub security? - unclebucknasty
I&#x27;m seeking a Git host and CodeCommit is too unruly to configure (auth on the client side doesn&#x27;t play well with NetBeans).<p>Considered Github, but they don&#x27;t encrypt at rest, claiming that doing so wouldn&#x27;t increase security, since an attacker who had root access to the box would also have encryption keys. This seems wildly disingenuous for a number of reasons. But, in general, my thinking is that encryption at rest is always more secure.<p>Do you trust Github&#x27;s security (network and otherwise) and do you buy that at-rest encryption isn&#x27;t more secure?
======
atmosx
Setting up a private git repo is easy[1] and a web interface with OpenVPN only
access on a VPS. I've done it for a small team in the past.

I don't know your use case so I might be wrong, but I believe your mistrust in
Github and Bitbucket is unjustified.

As far as encryption schemes go, everything depends on what or who you're
trying to avoid.

[1] [https://www.convalesco.org/articles/2009/07/24/how-to-set-
up...](https://www.convalesco.org/articles/2009/07/24/how-to-set-up-a-
personal-git-repository-in-10-minutes/)

~~~
unclebucknasty
Thanks for the pointer. It adds another option though, of course, I prefer to
go with a managed service. Would really like AWS, as our infrastructure is
already there, they encrypt at rest, and it's very affordable. Unfortunately,
they don't support Netbeans and their integration with IAM makes config
clunky.

It's not so much a mistrust of Github from a malice perspective, as believing
they should encrypt files that may be sensitive at rest, given that they are
hosting other people's data. It just seems a potential security hole.

------
JoachimSchipper
Encryption-at-rest help all that much, no.

What do you need and what are you worried about? A local git repo backed up to
Tarsnap is pretty secure and unlikely to lose your data, but may not fit your
needs.

~~~
unclebucknasty
Thanks. Need versioning and backup for local code, plus the ability to add
remote devs to the team as needed.

Mainly concerned about a plaintext version of our configuration info, third-
party api access keys, etc. hanging out in a repo somewhere. Whether via
malicious internal staff or straight-up hacking, I would rather the files be
encrypted.

~~~
JoachimSchipper
If you're planning to work with minimally-vetted freelancers or otherwise need
to consider malicious internal stuff, strongly consider injecting sensitive
data like database passwords via e.g. environment variables instead of storing
them in the repository at all. Rails etc. should make this easy. (Of course,
your system administrator can still read that data, but that's pretty much
unavoidable.)

(This is a best - and common - practice for exactly the reasons you hint at.)

~~~
unclebucknasty
Thanks for the feedback.

