Reply to post: S3

Silk road adviser caught, Kaspersky sues Dutch paper, and Vietnam's tech clampdown

Michael Hoffmann Silver badge


Am I missing something about all these S3 fiascos?

Just how do you DO that? You have to actively make a bucket or object public, S3 will bitch at you "are you certain?" and then it constantly has a reminder/warning "blabla you have public buckets/objects, this is not secure, you may want to reconsider blabla".

That's in the console obviously, but frankly I have the nagging suspicion that those who commit these blunders would be out of their depth using CLI/SDK anyway.

So, just how incompetent are your cloud monkeys that this happens all the time? Is that a rhetorical question?

Yes, your static website has to be public, but does anybody use that for anything but error failover with a few HTML pages?

Bucket policies, IAM policies... there's bloody wizards that do hand-holding for the CLI/JSON impaired!

Just don't get it.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon