• About Us
  • Contact Us
  • Terms & Conditions
  • Privacy Policy
Technology Hive
  • Home
  • Technology
  • Artificial Intelligence (AI)
  • Cyber Security
  • Machine Learning
  • More
    • Deep Learning
    • AI in Healthcare
    • AI Regulations & Policies
    • Business
    • Cloud Computing
    • Ethics & Society
No Result
View All Result
  • Home
  • Technology
  • Artificial Intelligence (AI)
  • Cyber Security
  • Machine Learning
  • More
    • Deep Learning
    • AI in Healthcare
    • AI Regulations & Policies
    • Business
    • Cloud Computing
    • Ethics & Society
No Result
View All Result
Technology Hive
No Result
View All Result
Home Technology

Copilot exposes private GitHub pages, some removed by Microsoft

Linda Torries – Tech Writer & Digital Trends Analyst by Linda Torries – Tech Writer & Digital Trends Analyst
February 28, 2025
in Technology
0
Copilot exposes private GitHub pages, some removed by Microsoft
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

There’s No Putting Toothpaste Back in the Tube

Developers frequently embed security tokens, private encryption keys, and other sensitive information directly into their code, despite best practices that have long called for such data to be inputted through more secure means. This potential damage worsens when this code is made available in public repositories, another common security failing. The phenomenon has occurred over and over for more than a decade.

A Partial Fix, Not a Permanent Solution

Lasso, a security research group, recently investigated Microsoft’s fix for a critical issue with its Copilot AI. The fix involved cutting off access to a special Bing user interface, once available at cc.bingj.com, to the public. However, the fix didn’t appear to clear the private pages from the cache itself. As a result, the private information was still accessible to Copilot, which would make it available to the Copilot user who asked.

Although Bing’s cached link feature was disabled, cached pages continued to appear in search results. This indicated that the fix was a temporary patch and while public access was blocked, the underlying data had not been fully removed.

When we revisited our investigation of Microsoft Copilot, our suspicions were confirmed: Copilot still had access to the cached data that was no longer available to human users. In short, the fix was only partial, human users were prevented from retrieving the cached data, but Copilot could still access it.

Private Repositories, Public Problems

The Lasso researchers found that simply making a repository private isn’t enough. Once exposed, credentials are irreparably compromised. The only recourse is to rotate all credentials. This advice still doesn’t address the problems resulting when other sensitive data is included in repositories that are switched from public to private.

Microsoft incurred legal expenses to have tools removed from GitHub after alleging they violated a raft of laws, including the Computer Fraud and Abuse Act, the Digital Millennium Copyright Act, the Lanham Act, and the Racketeer Influenced and Corrupt Organizations Act. Company lawyers prevailed in getting the tools removed. To date, Copilot continues to undermine this work by making the tools available anyway.

Conclusion

It’s clear that simply making a repository private isn’t enough to protect sensitive data. Developers must take steps to input sensitive information securely and avoid including it in public repositories. Additionally, large language models like Copilot must be designed to respect privacy and security, rather than undermining it.

FAQs

  • What is Copilot? Copilot is a large language model developed by Microsoft that can be used to generate text and complete tasks.
  • What is a repository? A repository is a collection of files and data stored on a server or database.
  • Why are private repositories important? Private repositories are important because they contain sensitive information that should not be publicly accessible.
  • What can I do to protect my data? To protect your data, you should input sensitive information securely and avoid including it in public repositories. Additionally, you should use large language models like Copilot responsibly and ensure they are designed to respect privacy and security.
Previous Post

9 Ways AI Can Boost Your Retail Business

Next Post

All I Want for Christmas Is to Help You

Linda Torries – Tech Writer & Digital Trends Analyst

Linda Torries – Tech Writer & Digital Trends Analyst

Linda Torries is a skilled technology writer with a passion for exploring the latest innovations in the digital world. With years of experience in tech journalism, she has written insightful articles on topics such as artificial intelligence, cybersecurity, software development, and consumer electronics. Her writing style is clear, engaging, and informative, making complex tech concepts accessible to a wide audience. Linda stays ahead of industry trends, providing readers with up-to-date analysis and expert opinions on emerging technologies. When she's not writing, she enjoys testing new gadgets, reviewing apps, and sharing practical tech tips to help users navigate the fast-paced digital landscape.

Related Posts

Google Generates Fake AI Podcast From Search Results
Technology

Google Generates Fake AI Podcast From Search Results

by Linda Torries – Tech Writer & Digital Trends Analyst
June 13, 2025
Meta Invests  Billion in Scale AI to Boost Disappointing AI Division
Technology

Meta Invests $15 Billion in Scale AI to Boost Disappointing AI Division

by Linda Torries – Tech Writer & Digital Trends Analyst
June 13, 2025
Drafting a Will to Avoid Digital Limbo
Technology

Drafting a Will to Avoid Digital Limbo

by Linda Torries – Tech Writer & Digital Trends Analyst
June 13, 2025
AI Erroneously Blames Airbus for Fatal Air India Crash Instead of Boeing
Technology

AI Erroneously Blames Airbus for Fatal Air India Crash Instead of Boeing

by Linda Torries – Tech Writer & Digital Trends Analyst
June 12, 2025
AI Chatbots Tell Users What They Want to Hear
Technology

AI Chatbots Tell Users What They Want to Hear

by Linda Torries – Tech Writer & Digital Trends Analyst
June 12, 2025
Next Post
All I Want for Christmas Is to Help You

All I Want for Christmas Is to Help You

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Articles

The AI Hype Index

The AI Hype Index

March 26, 2025
Comparing QWQ-32B and DeepSeek-R1 Performance

Comparing QWQ-32B and DeepSeek-R1 Performance

March 11, 2025
Forcing the SOC to Change Its Approach

Forcing the SOC to Change Its Approach

February 25, 2025

Browse by Category

  • AI in Healthcare
  • AI Regulations & Policies
  • Artificial Intelligence (AI)
  • Business
  • Cloud Computing
  • Cyber Security
  • Deep Learning
  • Ethics & Society
  • Machine Learning
  • Technology
Technology Hive

Welcome to Technology Hive, your go-to source for the latest insights, trends, and innovations in technology and artificial intelligence. We are a dynamic digital magazine dedicated to exploring the ever-evolving landscape of AI, emerging technologies, and their impact on industries and everyday life.

Categories

  • AI in Healthcare
  • AI Regulations & Policies
  • Artificial Intelligence (AI)
  • Business
  • Cloud Computing
  • Cyber Security
  • Deep Learning
  • Ethics & Society
  • Machine Learning
  • Technology

Recent Posts

  • Best Practices for AI in Bid Proposals
  • Artificial Intelligence for Small Businesses
  • Google Generates Fake AI Podcast From Search Results
  • Technologies Shaping a Nursing Career
  • AI-Powered Next-Gen Services in Regulated Industries

Our Newsletter

Subscribe Us To Receive Our Latest News Directly In Your Inbox!

We don’t spam! Read our privacy policy for more info.

Check your inbox or spam folder to confirm your subscription.

© Copyright 2025. All Right Reserved By Technology Hive.

No Result
View All Result
  • Home
  • Technology
  • Artificial Intelligence (AI)
  • Cyber Security
  • Machine Learning
  • AI in Healthcare
  • AI Regulations & Policies
  • Business
  • Cloud Computing
  • Ethics & Society
  • Deep Learning

© Copyright 2025. All Right Reserved By Technology Hive.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?