Is it a good idea to check created_at != updated_at ? People update public keys ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		homakov on March 7, 2012 \| parent \| context \| favorite \| on: SSH Key Audit on Github (required) Is it a good idea to check created_at != updated_at ? People update public keys very rarely. I would even say NEVER. Just make an sql against your table to see what are the most possibly are malicious keys. (i see no reason to update timestamps doing 'the trick'. I believe attackers didn't)

aparadja on March 8, 2012 [–]

The vulnerability probably also allowed the attacker to edit the created_at and updated_at columns in the ssh key table.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact