this post was submitted on 02 May 2024
21 points (95.7% liked)
Cybersecurity
5971 readers
382 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The lead of s3 actually did indicate that they are planning changes in response to that article. Hopefully we see a change there soon.
Edit: found the link
thank pasta. this 'security through obscurity' policy is freakin me out
Totally agree. I have a close friend that works at AWS (although not anywhere close to s3) and this article was making the rounds internally. I know people have been upset about this, but it genuinely just sounds like one of those edge cases they overlooked until it was exposed. It sucks, but any developer has a good story of a time they've done it. Hopefully they get a fix out soon.