Oh, Bucket! AWS in S3 status-checking tool free-for-all Amazon Web Services has signalled it's still worried about poorly configured buckets in its Simple Storage Service (S3) by making one of the tools to manage them free. AWS suffered last year after a rash of data leaks caused by customers who had improperly configured their S3 storage. It's an easy mistake to make because the …
@Claptrap314
To be fair to Amazon, the free tools have always been more than sufficient to protect against mis-configured buckets. Both in terms of being able to set them up correctly in the first place, and make API queries to validate configuration.
The paid-now-free tool was nothing but an idiot tax for reactive resolution of poor configurations made those sorts of idiots who should have probably been never allowed to go anywhere near a cloud service API in the first place because they are incapable to proactively applying the settings correctly in the first place.
The AWS bucket settings are not rocket science for heavens sake. Leaky configurations are pure sloppiness on the part of the bucket's creator.
Well, there has always been a conflict between ease of use and security when it comes to computing. Cloud computing providers sold their model as a way to escape dealing with those nasty on-premises computing environments. And when you combine cloud computing with self-service access to anyone with a credit card, what could go wrong? Consumers of cloud computing don't pay attention to securing their information assets in the cloud. And when they don't pay attention to security, everyone on the public internet winds up with access to their data sitting in an improperly configured S3 bucket. Surprise, surprise! At least AWS is trying to make it clear you are doing it wrong! Better late than never.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
