Reply to post: Re: 'is it the default'...

Yet another AWS config fumble: Time Warner Cable exposes 4 million subscriber records

Anonymous Coward
Anonymous Coward

Re: 'is it the default'...

No, it is not the default for S3 buckets. The default setting is that only the owner has read-write access; no one else has any access. You must intentionally change a setting for an S3 bucket to be world-readable.

In fact, if you have world-readable S3 buckets in your AWS account, AWS periodically sends you remind-o-grams, asking if that's what you really want.

So it's unclear why there's so much desire here to place blame on AWS. Misconfigured security settings is absolutely a customer problem.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020