If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Slashdot)   So a "fundamental problem" with Windows could allow anyone with a little coding knowledge to copy data from Amazon Web Services. Hosting providers everywhere reach for the Pepto-Bismol   (slashdot.org) divider line 13
    More: Interesting, AWs, Windows, flaw, Pepto Bismol, Amazon, Sam, user ID  
•       •       •

3413 clicks; posted to Geek » on 11 Sep 2013 at 10:20 AM (1 year ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



Voting Results (Smartest)
View Voting Results: Smartest and Funniest

2013-09-11 10:40:55 AM
4 votes:
Concern Trolling by a Linux fanboi.  Nothing new here.
2013-09-11 10:40:33 AM
3 votes:
People that have physical access to your data have physical access to your data?
2013-09-11 10:25:24 AM
3 votes:
What is this derp? Yes, you can take a harddrive from windows and mount it in Linux and get most everything out unless you encrypt it. DUH!.

The argument here is that a Amazon employee could easily steal your data.

Duh.
2013-09-11 10:50:48 AM
2 votes:
Maybe the dumbest, fud article I've seen in a while.

"This just in, you can do what you want with your own machines!"
2013-09-11 10:40:23 AM
2 votes:
If you don't encrypt it yourself with your own key, generated by software you personally understand, it's not safe.  The end.
2013-09-11 10:36:15 AM
2 votes:
I was able to do this with my own volumes, but I don't have access to other users' volumes. An employee at Amazon, however, could potentially have that access, and therefore could reproduce these steps. Or what about the government and the NSA? If they can get a copy of the volume, they could go to town on your data.

Nevermind.
2013-09-11 10:30:30 AM
2 votes:
Wait.  Wait.  Waitwaitwait.

Administrators have administrative access?

My mind is farking blown.
2013-09-11 12:21:00 PM
1 votes:
Keeping in mind that Slashdot isn't loading for me, so I'm just basing this off what everyone's saying in the comments.

1) If the attacker has physical access, you are owned.  End of Story.  No ifs, ands, or buts.
2) Yes, the administrator employees at Amazon have access to your accounts and data.  I work at a Big Data startup, and yes, if we so desired, we could totally screw with you.  However, because we like eating food, and we aren't that stupid, we don't.
rpm
2013-09-11 12:13:19 PM
1 votes:

zedster: rpm: serial_crusher: itsdan: This is nothing. Every single web hosting company hands over all your website's html codes when asked for them. No warrant or anything.

$(document).mousedown(function(ev){ if(ev.which == 3) { alert("Right clicking is disabled on this website."); }});

[i2.kym-cdn.com image 273x234]

wget

[i0.kym-cdn.com image 639x483]

this curls my blood


Don't worry, the feeling is ethereal.
2013-09-11 11:27:48 AM
1 votes:

Pharque-it: The fundamental problem with Windows is MicroSoft.


You forgot to change the s in Microsoft into a dollar sign.
2013-09-11 11:17:44 AM
1 votes:

itsdan: This is nothing. Every single web hosting company hands over all your website's html codes when asked for them. No warrant or anything.


$(document).mousedown(function(ev){ if(ev.which == 3) { alert("Right clicking is disabled on this website."); }});

i2.kym-cdn.com
2013-09-11 10:59:40 AM
1 votes:
Anyone with local access and time can eventually access your data, the attack is OS agnostic, news at 11


//yes with good crypto that time increases well beyond a life time assuming no major break in quantum computing
///Much like bank vaults, crypto should be measured in hours to crack instead of assume unbreakable
2013-09-11 10:55:47 AM
1 votes:
I like how he went on about running things through psexec, as if you can do that as a normal user (which would obviously be Really Bad), and then suddenly said "Oh, you need to have an administrator account to run psexec".
 
Displayed 13 of 13 comments

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report