Learn More
Resend Email
56
Worst security bug/feature you've seen?
Week 25 Group Rant
igokith
7y

My coworker shared account keys of Amazon aws on a public repo at Github. Took me around 3 days to find out and about 20 ec2 instances were created and running by a hacker...

undefined

wk25
Favorite
Ranter
Comments
  • 2
    7y
    Ouch! Doesn't github warn you about keys nowadays?
  • 3
    7y
    @Charmgoggles Im not sure. Maybe my colleague overlooked it. But amazon emailed us and gave us a link to the specific file that contains the keys.
  • 7
    7y
    I've been there. Actually wrote a long rant about it here. Except I was the clown that actually leaked the keys
  • 0
    7y
    Ouch. Why not use private repo's?
  • 5
    7y
    How sweet of the hacker to not delete your instances.
  • 0
    7y
    @mcraz well then people would notice faster, so it's a bad idea
Related Rants
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment