• About Us
  • Contact Us
  • Terms & Conditions
  • Privacy Policy
Technology Hive
  • Home
  • Technology
  • Artificial Intelligence (AI)
  • Cyber Security
  • Machine Learning
  • More
    • Deep Learning
    • AI in Healthcare
    • AI Regulations & Policies
    • Business
    • Cloud Computing
    • Ethics & Society
No Result
View All Result
  • Home
  • Technology
  • Artificial Intelligence (AI)
  • Cyber Security
  • Machine Learning
  • More
    • Deep Learning
    • AI in Healthcare
    • AI Regulations & Policies
    • Business
    • Cloud Computing
    • Ethics & Society
No Result
View All Result
Technology Hive
No Result
View All Result
Home Technology

Copilot exposes private GitHub pages, some removed by Microsoft

Linda Torries – Tech Writer & Digital Trends Analyst by Linda Torries – Tech Writer & Digital Trends Analyst
February 28, 2025
in Technology
0
Copilot exposes private GitHub pages, some removed by Microsoft
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

There’s No Putting Toothpaste Back in the Tube

Developers frequently embed security tokens, private encryption keys, and other sensitive information directly into their code, despite best practices that have long called for such data to be inputted through more secure means. This potential damage worsens when this code is made available in public repositories, another common security failing. The phenomenon has occurred over and over for more than a decade.

A Partial Fix, Not a Permanent Solution

Lasso, a security research group, recently investigated Microsoft’s fix for a critical issue with its Copilot AI. The fix involved cutting off access to a special Bing user interface, once available at cc.bingj.com, to the public. However, the fix didn’t appear to clear the private pages from the cache itself. As a result, the private information was still accessible to Copilot, which would make it available to the Copilot user who asked.

Although Bing’s cached link feature was disabled, cached pages continued to appear in search results. This indicated that the fix was a temporary patch and while public access was blocked, the underlying data had not been fully removed.

When we revisited our investigation of Microsoft Copilot, our suspicions were confirmed: Copilot still had access to the cached data that was no longer available to human users. In short, the fix was only partial, human users were prevented from retrieving the cached data, but Copilot could still access it.

Private Repositories, Public Problems

The Lasso researchers found that simply making a repository private isn’t enough. Once exposed, credentials are irreparably compromised. The only recourse is to rotate all credentials. This advice still doesn’t address the problems resulting when other sensitive data is included in repositories that are switched from public to private.

Microsoft incurred legal expenses to have tools removed from GitHub after alleging they violated a raft of laws, including the Computer Fraud and Abuse Act, the Digital Millennium Copyright Act, the Lanham Act, and the Racketeer Influenced and Corrupt Organizations Act. Company lawyers prevailed in getting the tools removed. To date, Copilot continues to undermine this work by making the tools available anyway.

Conclusion

It’s clear that simply making a repository private isn’t enough to protect sensitive data. Developers must take steps to input sensitive information securely and avoid including it in public repositories. Additionally, large language models like Copilot must be designed to respect privacy and security, rather than undermining it.

FAQs

  • What is Copilot? Copilot is a large language model developed by Microsoft that can be used to generate text and complete tasks.
  • What is a repository? A repository is a collection of files and data stored on a server or database.
  • Why are private repositories important? Private repositories are important because they contain sensitive information that should not be publicly accessible.
  • What can I do to protect my data? To protect your data, you should input sensitive information securely and avoid including it in public repositories. Additionally, you should use large language models like Copilot responsibly and ensure they are designed to respect privacy and security.
Previous Post

9 Ways AI Can Boost Your Retail Business

Next Post

All I Want for Christmas Is to Help You

Linda Torries – Tech Writer & Digital Trends Analyst

Linda Torries – Tech Writer & Digital Trends Analyst

Linda Torries is a skilled technology writer with a passion for exploring the latest innovations in the digital world. With years of experience in tech journalism, she has written insightful articles on topics such as artificial intelligence, cybersecurity, software development, and consumer electronics. Her writing style is clear, engaging, and informative, making complex tech concepts accessible to a wide audience. Linda stays ahead of industry trends, providing readers with up-to-date analysis and expert opinions on emerging technologies. When she's not writing, she enjoys testing new gadgets, reviewing apps, and sharing practical tech tips to help users navigate the fast-paced digital landscape.

Related Posts

AI-Generated Band Unknowingly Grooves Half a Million Spotify Users
Technology

AI-Generated Band Unknowingly Grooves Half a Million Spotify Users

by Linda Torries – Tech Writer & Digital Trends Analyst
June 30, 2025
Anthropic Revives Flash Game Spirit for AI Era
Technology

Anthropic Revives Flash Game Spirit for AI Era

by Linda Torries – Tech Writer & Digital Trends Analyst
June 27, 2025
Reddit CEO pledges site will remain “written by humans and voted on by humans”
Technology

Reddit CEO pledges site will remain “written by humans and voted on by humans”

by Linda Torries – Tech Writer & Digital Trends Analyst
June 26, 2025
Google Introduces Gemini AI Features on Chromebooks
Technology

Google Introduces Gemini AI Features on Chromebooks

by Linda Torries – Tech Writer & Digital Trends Analyst
June 24, 2025
Ted Cruz Faces Resistance from Fellow Republicans on State AI Laws
Technology

Ted Cruz Faces Resistance from Fellow Republicans on State AI Laws

by Linda Torries – Tech Writer & Digital Trends Analyst
June 23, 2025
Next Post
All I Want for Christmas Is to Help You

All I Want for Christmas Is to Help You

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Articles

Balancing AI in Education

Balancing AI in Education

April 30, 2025
Google Aims to Make AI Invisible by Integrating it into Everything

Google Aims to Make AI Invisible by Integrating it into Everything

May 21, 2025
Google Cloud partners with Deutsche Telekom and Vodafone Italy on AI and cloud transformation

Google Cloud partners with Deutsche Telekom and Vodafone Italy on AI and cloud transformation

March 6, 2025

Browse by Category

  • AI in Healthcare
  • AI Regulations & Policies
  • Artificial Intelligence (AI)
  • Business
  • Cloud Computing
  • Cyber Security
  • Deep Learning
  • Ethics & Society
  • Machine Learning
  • Technology
Technology Hive

Welcome to Technology Hive, your go-to source for the latest insights, trends, and innovations in technology and artificial intelligence. We are a dynamic digital magazine dedicated to exploring the ever-evolving landscape of AI, emerging technologies, and their impact on industries and everyday life.

Categories

  • AI in Healthcare
  • AI Regulations & Policies
  • Artificial Intelligence (AI)
  • Business
  • Cloud Computing
  • Cyber Security
  • Deep Learning
  • Ethics & Society
  • Machine Learning
  • Technology

Recent Posts

  • AI-Generated Band Unknowingly Grooves Half a Million Spotify Users
  • Robots Jump Higher and Land Safely with AI Assistance
  • CNIL’s New AI and GDPR Recommendations
  • MIT and Mass General Brigham launch joint seed program to accelerate innovations in health
  • Anthropic Revives Flash Game Spirit for AI Era

Our Newsletter

Subscribe Us To Receive Our Latest News Directly In Your Inbox!

We don’t spam! Read our privacy policy for more info.

Check your inbox or spam folder to confirm your subscription.

© Copyright 2025. All Right Reserved By Technology Hive.

No Result
View All Result
  • Home
  • Technology
  • Artificial Intelligence (AI)
  • Cyber Security
  • Machine Learning
  • AI in Healthcare
  • AI Regulations & Policies
  • Business
  • Cloud Computing
  • Ethics & Society
  • Deep Learning

© Copyright 2025. All Right Reserved By Technology Hive.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?