I do research about open #s3 buckets in my free time and report them to who ever could be responsible.
Here is a little extract from my penpal relationship with #aws #security. One of those bucket is fixed, all others are open. We are still waiting for a Bingo or Amazon to fix a second bucket.
I am always surprised by these open buckets. It's my understanding that you have to go out of your way to open them up.
But what I don't get is why can't you just tip the FBI or some other Government agency, and they send a notice to AWS and have them locked up and logs pulled to see the damage.
Clearly, these companies don't care about the data, so it should be forced onto them. Sick of this crap.
This really should be called "The Bucket List".
The aim being for organisations and businesses not to be on this particular one 🙂
bucketchallenge
INIT_6
CSDUMMI
Simon Zerafa