Yes, hosting providers need rate limiting mitigations in place. GitHub's is call... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ethomson on Oct 12, 2017 \| parent \| context \| favorite \| on: Exploding Git Repositories Yes, hosting providers need rate limiting mitigations in place. GitHub's is called gitmon (at least unofficially), and you can learn more at https://m.youtube.com/watch?v=f7ecUqHxD7o Visual Studio Team Services has a fundamentally different architecture, but we do some similar mechanisms despite that. (I should do some talks about it - but it's always hard to know how much to say about your defenses lest it give attackers clever new ideas!)

corobo on Oct 13, 2017 [–]

> how much to say about your defenses lest it give attackers clever new ideas

attackers will try clever new ideas anyway if their less clever old ideas don't work :P

Sean1708 on Oct 13, 2017 | [–]

How does the saying go? Something like "security through obscurity isn't security"?

ethomson on Oct 15, 2017 | | [–]

It's not security through obscurity. It's defense in depth.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact