
Senators want FTC probe into AMZN server security [pdf] - hannibalhorn
https://www.wyden.senate.gov/imo/media/doc/102419%20Wyden%20Warren%20Letter%20to%20FTC%20RE%20Amazon%20Capital%20One%20Hack.pdf
======
mr_overalls
This seems ridiculous. Wasn't the issue a misconfiguration of the Capital One
webapp, and not a problem with the cloud?

~~~
hannibalhorn
Definitely - requiring a an extra header to access instance metadata on
169.254.169.254 does makes it harder for this kind of thing to happen, and is
indeed what GCP does, but would obviously be a breaking change. Probably not
merited by one customer with a misconfigured firewall.

Calling AWS "defective cloud computing services" seems technologically inept,
to be generous...

