User: you charge me when people make unauthorised requests to an S3 bucket?
AWS: yes of course
User: but
AWS: working as intended
User: but
AWS: thank you for your money
*innocent configuration oversight*
"If all those misconfigured systems were attempting to back up their data into my S3 bucket, why not just let them do so? I opened my bucket for public writes and collected over 10GB of data within less than 30 seconds. Of course, I can’t disclose whose data it was. But it left me amazed at how an innocent configuration oversight could lead to a dangerous data leak!"
This is so infuriating. Not only that devs use some magic packets with default configuration and produce data loss, but also that the managers require the devs to produce results asap. That's how such mess happens. #devlive #agile #rapid #prototype
