Security

5018 readers

1 users here now

Confidentiality Integrity Availability

founded 4 years ago

MODERATORS

[email protected]

525

Amazon storing classified US government documents improperly (lemmy.ml)

submitted 7 months ago by [email protected] to c/[email protected]

78 comments fedilink hide all child comments

https://wetdry.world/@ari/112230288896956003

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 61 points 7 months ago (8 children)

I work in a HIPAA-covered industry and if our AWS and GCP buckets are insecure that's on us. Fuck Amazon, but a hammer isn't responsible for someone throwing it through a window and a cloud storage bucket isn't responsible for the owner putting secret shit in it and then enabling public access.

[–] [email protected] 2 points 7 months ago* (last edited 7 months ago) (3 children)

What kills me about S3 is that the use cases for publicly accessing S3 contents over HTTP have got to be vanishingly small compared to every other use of the service. I appreciate there's legacy baggage here but I seriously wonder why Amazon hasn't retired public S3 and launched a distinct service or control for this that's harder to screw up.

[–] [email protected] 2 points 7 months ago

Wouldn't say so, loads of people and organisations use it as a pseudo-CDN of sorts AFAIK

load more comments (2 replies)

load more comments (6 replies)