Troubling yet Good News from GitHub


GitHub has been scanning source code for some time now for API tokens.  The troubling part is that they have found one billion tokens locked in the collective source code.  What is good about it is that GitHub partners get notified so the exposed tokens are removed from circulation and prevents more break-ins.  I have gotten one of these messages from stupid mistakes I have done and they are very professional and not judgmental at all.  It made me think about my software design and how I can make it more secure.

Keys are tied to users, this means that the developer or organization could get into trouble and not the hacker.  I would rather not have conversations with the authorities over something this simple to prevent.

For more information on the program, click the link below.

GitHub Token Scanning—one billion tokens identified and five new partners

CDI Tutorials


Here are three articles that explain how to use CDI.  I am posting them as much for me as anyone who wants to learn about CDI

CDI Dependency Injection

CDI Dependency Injection – Tutorial II – Annotation Processing and Plugins – Java EE

CDI AOP Tutorial: Java Standard Method Interception Tutorial – Java EE