BREAKING: Person of interest in Brown University shooting found dead of a self-inflicted gunshot wound

IE 11 is not supported. For an optimal experience visit our site on another browser.

Users Leave Amazon Secure Storage Wide Open

Catch up with NBC News Clone on today's hot topic: Wbna51372930 - Breaking News | NBC News Clone. Our editorial team reformatted this story for clarity and speed.

A fairly serious security risk has appeared on Amazon Simple Storage Service (S3), this one borne of carelessness rather than malice. S3 is a paid cloud-storage service that Amazon offers specifically for businesses and developers.
/ Source: TechNewsDaily
By Marshall Honorof

A fairly serious security risk has appeared on Amazon Simple Storage Service (S3), this one borne of carelessness rather than malice. S3 is a paid cloud-storage service that Amazon offers specifically for businesses and developers.

While S3's "buckets" (directories that users can organize to store content on Amazon's cloud servers) are supposed to be private, users can set them to be public — a problematic decision, since nearly 2,000 public folders contained 126 billion accessible files, full of personal photos and sensitive sales data.

Public buckets are problematic for two reasons. If files are available for download, the risks are obvious: Anyone can access whatever you store there. This is admittedly pretty harmless if your bucket is just a repository for your funny Internet memes, but not so smart if you are storing a work-in-progress novel, personal photos or business credentials.

Even if your files are protected, public buckets reveal file names. This does not pose as much of a threat, but if you list customer names or dates of client interactions, it's easy to see how public buckets could still prove risky.

Users with public buckets did not exhibit much discretion in what they posted. A study from the Security Street blog found personal photos, sales records, traffic data, employee information, program source code and a multitude of passwords. Many users marked files "confidential" or "private," but then left them available for download anyway. [See also: 10 Profound Innovations Ahead ]

The fix for this one is extremely simple, but responsibility still falls on the user's shoulders, not Amazon's. By default, all files uploaded to S3 are private, which means that users have, at one point or another, changed permissions on files or entire directories. Revoking permission and restricting it to just a few users will keep files secure. Amazon also recommends encrypting sensitive files.

Many security threats arise from oversights in a system's programming or from dedicated hackers out to make a quick buck. Still, everyday users would be wise to remember Bill Vaughan's famous maxim: "To err is human, to really foul things up requires a computer."

Follow Marshall Honorof . Follow us  Facebook  or .

Marshall Honorof

NBC News Clone will keep curating essential reads for you — simplified and optimized.

×
AdBlock Detected!
Please disable it to support our content.

Related Articles

Donald Trump Presidency Updates - Politics and Government | NBC News Clone | Inflation Rates 2025 Analysis - Business and Economy | NBC News Clone | Latest Vaccine Developments - Health and Medicine | NBC News Clone | Ukraine Russia Conflict Updates - World News | NBC News Clone | Openai Chatgpt News - Technology and Innovation | NBC News Clone | 2024 Paris Games Highlights - Sports and Recreation | NBC News Clone | Extreme Weather Events - Weather and Climate | NBC News Clone | Hollywood Updates - Entertainment and Celebrity | NBC News Clone | Government Transparency - Investigations and Analysis | NBC News Clone | Community Stories - Local News and Communities | NBC News Clone