back to article Amazon slaps automatic encryption on S3 data

Amazon has taken the hint regarding security of its cloud-based Simple Storage Service (S3) and updated it so that all newly added objects are encrypted by default. The move comes after the cloud giant announced new default bucket security settings in December. S3 – initally known as the Simple Storage Service – was the first …

  1. Anonymous Coward
    Anonymous Coward

    A secure solution

    We have made the encryption vastly more secure and more complicated to use

    You will now have to put magic root-access-to-everything keys in all your scripts cos you can't work out how to access the encrypted data

    You will inevitably leave these keys in Javascript on your website / check them into your public github

    1. Muira

      Re: A secure solution

      "You will now have to put magic root-access-to-everything keys in all your scripts"

      No you won't. This change has no impact on clients uploading to, or downloading from, S3. If you have permission for an object, SSE-S3 is transparent to you.

  2. Anonymous Coward
    Anonymous Coward

    Secured data? -- it's as secure as the AWS persistent key!!!!!

    Quote: "...256-bit AES for each new object..."

    Quote (Wikipedia): "The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data."

    Now about the storage which AWS uses for that PERSISTENT AES KEY.....how secure is THAT storage?

    I think we should be told!!

    1. Phil O'Sophical Silver badge

      Re: Secured data? -- it's as secure as the AWS persistent key!!!!!

      Well, the user will have to choose a passphrase to protect it. I'm sure noone would use something like PassPhrase1

      1. An_Old_Dog Silver badge

        default passphrase / more-seriously however ...

        Perhaps there is an Amazon default passphrase, too: "default". :->

        But more-seriously, however, many security "problems" are due to unorganised, poorly-organised, or simply non-existant data/security models used in the construction of computer security systems. And, frequently people doen't recognize an idea or model is bad until it's widely-used and the users give their negative feedback, at which point there's too much corporate pain (== perceived or real lost profits) for the corp to go back and fix it (and even harder, to provide a migration path).

      2. Ken Shabby

        Re: Secured data? -- it's as secure as the AWS persistent key!!!!!

        Oh sh…

      3. FrogsAndChips Silver badge

        Re: Secured data? -- it's as secure as the AWS persistent key!!!!!

        There won't be any passphrase to choose, the process will be fully managed by AWS and transparently for the users.

  3. Ashto5

    Really?

    I thought it would have been the default setting from day 1

    1. runt row raggy

      Re: Really?

      in 2006? I'm pretty sure priorities were different then.

      1. Yet Another Anonymous coward Silver badge

        Re: Really?

        What threat/scenario does having it encrypted protect you against?

        Someone stealing drives out of Amazon's data center and able to find your data

        Someone stealing your login credentials but not your encryption key

        Someone at Amazon having illegal access to your data but not having access to your keys or a master reset key?

        1. Nate Amsden

          Re: Really?

          The way I believe most object storage works on the backend is blocks are replicated between nodes. So even if someone were to get their hands on unencrypted drives that were used for S3 for some nodes they'd only get partial bits of data, maybe a determined attacker could get something useful out of those partial bits but it would be a PITA.

          Same reason I have never had a concern about not running encrypted at rest on 3PAR, if someone got a "pre failed" disk from one of my arrays, they'd just have random 1GB chunks of filesystems. Maybe you get lucky and find something useful but for anyone willing to go to those lengths they'd have to be very determined and there are probably much easier ways to compromise security. Of course there are industries/audit processes that require encryption at rest just for the checkbox.

          1. FrogsAndChips Silver badge

            Re: Really?

            Of course there are industries/audit processes that require encryption at rest just for the checkbox.

            Indeed, that's the only practical benefit of S3-SSE, boxticking at no cost.

          2. Steve Button Silver badge

            Re: Really?

            Those "random 1GB chunks" could contain a fair number of compromising photos, banking details, passwords or other personal information. Unless all that data is truly public, you should be encrypting it at rest. And whoever puts those random chunks together is not going to be doing it by hand.

  4. Anonymous Coward
    Anonymous Coward

    Secure? -- According To Which So-Called Expert.........

    Personally, I quite like the idea (no pun intended!) of using private encryption BEFORE stuff of mine gets into any public service.

    Link: https://github.com/yago-123/chacha20-cipher

    Same comment applies to peer-to-peer messaging.

    Link: https://cryptography.io/en/latest/hazmat/primitives/asymmetric/dh/

    In either case......MY encryption is all that third parties will be able to read. I know....my problem....but the snoops also get a headache or three!

    Just saying!!

  5. Missing Semicolon Silver badge
    Facepalm

    Entirely pointless

    Aside from ticking the box.

    Data loss from AWS is by the compromise (or absence!) of access keys for the API, not by some system-level access of the underlying storage.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like