Forgot your password?
typodupeerror
This discussion has been archived. No new comments can be posted.

AWS Urges Devs To Scrub Secret Keys From GitHub

Comments Filter:
  • by QuasiSteve (2042606) on Monday March 24, 2014 @04:55AM (#46562137)

    Wouldn't the Streisand Effect in this context imply that more developers are going to be placing their AWS/API keys in plain view?

    I think you're more referring to the effect of full disclosure, where by making it public you end up not just notifying the potential victims (if they're even awake) but also a not statistically insignificant amount of script kiddies - thus instead of having the effect of less exploited victims, you end up getting more. At least initially - in the long run it should be the other way around.

    I seem to remember this having been a story before, though, so they should have been warned in the past.. or known better regardless.
    Ah, yes: http://it.slashdot.org/story/1... [slashdot.org]

  • by Richard_at_work (517087) <richardprice AT gmail DOT com> on Monday March 24, 2014 @07:03AM (#46562439)

    That's not a problem for the developer of the application, that's a problem for whomever is providing the hosted instance of their code. If a "normal non-technical user" is deploying the code, then they should equally be able to solve the problem of third party webservice keys etc where they are required.

Any sufficiently advanced technology is indistinguishable from a rigged demo.

Working...