Reply to post:

Chinese dev jailed and fined for posting DJI's private keys on Github

Zilla

Exactly. Developers like this should never ever have access to the production SSL certificates or private keys.

The fact he had access shows how terrible DJIs internal development practises are. It's shocking.

These days private keys are held securely in systems which do not allow casually exporting. Instead they are packaged up and deployed securely when required.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon