Educause Security Discussion mailing list archives
Cloud hosting services reusing stale images with previous owners' credentials
From: "Manjak, Martin" <mmanjak () ALBANY EDU>
Date: Thu, 10 Nov 2011 20:59:14 +0000
Nice article on how commodity computing is still in need of standards. The deficiencies are similar to renting a car that has open recall items, or has never been cleaned after previous usage. Only in this case, think of unpatched virtual images, or re-used images that still retain credentials and keys from previous users. http://www.infoworld.com/t/cloud-computing/sloppy-use-amazon-cloud-can-expose-users-hacking-178575?page=0,0&source=IFWNLE_nlt_sec_2011-11-10 Martin Manjak CISSP, GIAC GSEC-G Information Security Officer University at Albany MSC 209 518/437-3813 The University at Albany will never ask you to reveal your password. Please ignore all such requests.
Current thread:
- Cloud hosting services reusing stale images with previous owners' credentials Manjak, Martin (Nov 10)