Become a fan of Slashdot on Facebook


Forgot your password?
This discussion has been archived. No new comments can be posted.

AWS Urges Devs To Scrub Secret Keys From GitHub

Comments Filter:
  • by QuasiSteve (2042606) on Monday March 24, 2014 @05:55AM (#46562137)

    Wouldn't the Streisand Effect in this context imply that more developers are going to be placing their AWS/API keys in plain view?

    I think you're more referring to the effect of full disclosure, where by making it public you end up not just notifying the potential victims (if they're even awake) but also a not statistically insignificant amount of script kiddies - thus instead of having the effect of less exploited victims, you end up getting more. At least initially - in the long run it should be the other way around.

    I seem to remember this having been a story before, though, so they should have been warned in the past.. or known better regardless.
    Ah, yes: []

  • by Richard_at_work (517087) <richardprice AT gmail DOT com> on Monday March 24, 2014 @08:03AM (#46562439)

    That's not a problem for the developer of the application, that's a problem for whomever is providing the hosted instance of their code. If a "normal non-technical user" is deploying the code, then they should equally be able to solve the problem of third party webservice keys etc where they are required.

fortune: cannot execute. Out of cookies.