Did Amazon’s storage cloud burst?

amazon web service cloud

Here’s a useful tip we hope everybody would remember always: when opening new online accounts on any website or service, start off by setting it to private (and don’t change any default settings right away) – that way, accidentally leaking information that’s supposedly inaccessible is far less likely to happen (there are always security breaches, but that’s another story). That’s a lesson many business owners and developers may have to learn the hard way since Net Security uncovered that some of Amazon’s S3 data buckets were vulnerable, leaving almost 126 billion files unprotected.

Will Vandevanter, a security researcher at Rapid7, was the one who discovered the potential issue. In his blog post on Net Security detailing his findings, he says that out of 40,000 visible files that he sampled – 126 billion is too high a number to completely study – the types of data that were accessed included source code for a video game owned by a mobile game developer, database backups that have no encryption, spreadsheets containing employee information, affiliate tracking results, sales records from a car dealership, and personal user information from a social media service. Although 60 percent of exposed files were images, various social media sites were revealed to be guilty of leaving user-uploaded photo and video content unprotected.

Users backup their files into S3, where it is sorted into “buckets” that are given their own URLs. Much like setting up permissions to a folder with files on your computer’s home directory, users can fix access settings on the bucket (folder) or the files individually.

If there’s one thing Vandevanter’s report proves, it’s that it’s very easy to find out if a bucket has public access or not – a quick enter of a public bucket’s URL will list the first thousand files found within.

Don’t blame Amazon for this, though; this is not their fault but rather “a misconfiguration caused by the owner of the bucket,” says Vandevanter. By default, Amazon S3 buckets are set to private unless the user modifies it to allow public access.

In addition to publishing an advisory on proper data protection to help their users, Amazon is also “putting measures in place to proactively identify misconfigured files and buckets moving forward” as a response to Vandevanter’s probe, according to The Verge.


Here's how to convert a Kindle book to PDF using your desktop or the web

Amazon's Kindle is one of the best ebook readers on the market, but it doesn't make viewing proprietary files on other platforms any easier. Here's how to convert a Kindle book to PDF using either desktop or web-based applications.

This list of PlayStation 4 exclusives puts its competitors to shame

The PlayStation 4's game library and incredible selection of exclusive games could make anyone with an Xbox One or Nintendo Switch think twice. Here's our list of the latest and greatest PS4 exclusives.

Convert your PDFs into convenient Word documents with Adobe or a free option

PDF files are great, but few document types are as malleable as those specific to Microsoft Word. Here's how to convert a PDF file into a Word document, whether you prefer to use Adobe's software suite or a freemium alternative.

Need to combine a PDF? Here's how to get it done on both Windows and Mac

Sometimes juggling multiple files at once is more of a hassle than a convenience, especially when a single file would do. This quick guide will teach you how to combine PDF files on Windows, MacOS, or with online tools.

It's not all free money. Here's what to know before you try to mine Bitcoin

Mining Bitcoin today is harder than it used to be, but if you have enough time, money, and cheap electricity, you can still turn a profit. Here's how to get started mining Bitcoin at home and in the cloud.

Need a free alternative to Adobe Illustrator? Here are our favorites

Photoshop and other commercial tools can be expensive, but drawing software doesn't need to be. This list of the best free drawing software is just as powerful as some of the more expensive offerings.
Emerging Tech

Awesome Tech You Can’t Buy Yet: camera with A.I. director, robot arm assistant

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it sure is fun to gawk!

What is fixed wireless 5G? Here’s everything you need to know

Here's fixed wireless 5G explained! Learn what you need to know about this effective new wireless technology, when it's available, how much it costs, and more. If you're thinking about 5G, this guide can help!

Fix those internet dead zones by turning an old router into a Wi-Fi repeater

Is there a Wi-Fi dead zone in your home or office? A Wi-Fi repeater can help. Don't buy a new one, though. Here is how to extend Wi-Fi range with another router you have lying around.

Heal your wrist aches and pains with one of these top ergonomic mice

If you have a growing ache in your wrist, it might be worth considering ergonomic mice alternatives. But which is the best ergonomic mouse for you? One of these could be the ticket to the right purchase for you.

These are the best indie games you can get on PC right now

Though many indie games now come to consoles as well, there's still a much larger selection on PC. With that in mind, we've created a list of the best indie games for PC, with an emphasis on games that are only available on PC.

Want a MacBook that will last all day on a single charge? Check these models out

Battery life is one of the most important factors in buying any laptop, especially MacBooks. Their battery life is typically average, but there are some standouts. Knowing which MacBook has the best battery life can be rather useful.

Want a Dell laptop with an RTX 2060? Cross the new XPS 15 off your list

The next iteration of Dell's XPS 15 laptop won't come with an option for an RTX 2060, according to Alienware's Frank Azor. You could always opt for a new Alienware m15 or m17 instead.

Always have way too many tabs open? Google Chrome might finally help

Google is one step closer to bringing tab groups to its Chrome browser. The feature is now available in Google's Chrome Canady build with an early implementation that can be enabled through its flag system.