Skip to main content
  1. Home
  2. Computing
  3. News

Did Amazon’s storage cloud burst?

By

amazon web service cloud

Here’s a useful tip we hope everybody would remember always: when opening new online accounts on any website or service, start off by setting it to private (and don’t change any default settings right away) – that way, accidentally leaking information that’s supposedly inaccessible is far less likely to happen (there are always security breaches, but that’s another story). That’s a lesson many business owners and developers may have to learn the hard way since Net Security uncovered that some of Amazon’s S3 data buckets were vulnerable, leaving almost 126 billion files unprotected.

Recommended Videos

Will Vandevanter, a security researcher at Rapid7, was the one who discovered the potential issue. In his blog post on Net Security detailing his findings, he says that out of 40,000 visible files that he sampled – 126 billion is too high a number to completely study – the types of data that were accessed included source code for a video game owned by a mobile game developer, database backups that have no encryption, spreadsheets containing employee information, affiliate tracking results, sales records from a car dealership, and personal user information from a social media service. Although 60 percent of exposed files were images, various social media sites were revealed to be guilty of leaving user-uploaded photo and video content unprotected.

Related

Users backup their files into S3, where it is sorted into “buckets” that are given their own URLs. Much like setting up permissions to a folder with files on your computer’s home directory, users can fix access settings on the bucket (folder) or the files individually.

If there’s one thing Vandevanter’s report proves, it’s that it’s very easy to find out if a bucket has public access or not – a quick enter of a public bucket’s URL will list the first thousand files found within.

Don’t blame Amazon for this, though; this is not their fault but rather “a misconfiguration caused by the owner of the bucket,” says Vandevanter. By default, Amazon S3 buckets are set to private unless the user modifies it to allow public access.

In addition to publishing an advisory on proper data protection to help their users, Amazon is also “putting measures in place to proactively identify misconfigured files and buckets moving forward” as a response to Vandevanter’s probe, according to The Verge.

Editors' Recommendations

Topics
Jam Kotenko
Jam Kotenko
Former Digital Trends Contributor
When she's not busy watching movies and TV shows or traveling to new places, Jam is probably on Facebook. Or Twitter. Or…
Save on Apple MacBook Air, Microsoft Surface Laptop 3 at Amazon for Black Friday
A MacBook Air 2020 open on a wooden table.

Now is the ideal time to snap up a stylish and classy new MacBook Air or Microsoft Surface Laptop 3 with big discounts emerging already thanks to early Black Friday deals. Both laptops are enjoying a price cut right now as part of the many Amazon Black Friday deals we're seeing show up already. While we expect to see even more Black Friday MacBook deals and Black Friday Microsoft Surface deals soon,  these two are a great starting point for the many people who want to make their purchase now in case stock sells out.
Microsoft Surface Laptop 3 -- $800, was $1,000

With a mighty $200 price cut, this is a terrific time to buy the Microsoft Surface Laptop 3. It has an Intel Core i5 processor, 8GB of memory, and 128GB of SSD storage. On top of that is a 13.5-inch touchscreen that's sure to make your work more flexible. The latest model, you get to enjoy a thin and light design with a weight of only 2.79 pounds. It looks great, too, with a clean and elegant design. Best of all, the laptop promises to be up to two times faster than previous Microsoft Surface laptops with an 11.5-hour battery life, so you won't run out of juice at a pivotal moment. Fast charging also ensures you can get up to an 80% charge in about an hour making it a fantastically portable device.

Read more
8 products on sale now that won’t be cheaper on Prime Day 2020
Amazon Prime Day packages

Can't wait for Prime Day 2020 to begin? If you're looking for great deals, you can start now! We've tracked down eight products on sale that we just can't see being any cheaper on the big day. All these products are the latest technology and some are only a couple of weeks old, so seeing discounts on them already is a big deal. If you're worried that something might end up cheaper on Prime Day, you can always order it now, avoid opening the item, then return it for a full refund after buying it for less on Prime Day. Honestly though? We can't see this happening. Snap up these great deals today while there's still stock.
Fitbit Charge 3 -- $100, was $150

With a huge price cut of $50, the Fitbit Charge 3 is perfect if you've been eyeing activity trackers but couldn't make up your mind. This wristband will monitor everything from the daily steps you make, the calories you burn, as well as your heart rate every step of the day. It's swim-proof and water-resistant so you won't have to worry about taking it off at the gym or in the water, plus you can choose for it to track over 15 different forms of exercise, depending on how you love to work up a sweat. It also tracks how well you're sleeping. Reduced to just $100, this is the ideal time to jump on board the Fitbit train.

Read more
The best cloud storage options to support your small business

If you've got limited physical hard drive space or you simply want to keep your files safely backed up elsewhere, cloud storage is a huge help. When it comes to small business, such data and files is even more valuable. After all, it's bad enough if you lose personal photos or information, but losing vital data in your business could cost you a lot of time and money, as well as potentially your reputation.

We've checked out the best cloud storage services for your small business, looking at what's best depending on the size of your company, as well as any potential requirements you might have for how your data is accessed such as end-to-end encryption or two-factor authentication. We've also looked at some cloud services which offer free storage for a limited time, or up to a certain amount of space. Products like Apple's iCloud service, OneDrive, and Google Drive often provide some free cloud storage to get you started with their services.

Read more