• deegeese@sopuli.xyz
    link
    fedilink
    arrow-up
    116
    ·
    6 months ago

    “By design” AWS bills project owners for unauthorized calls to the public S3 API.

    So what I’m reading from this is you can do a billing attack on anything hosted in AWS so long as you know one of their bucket names.

    • bamboo@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      53
      ·
      6 months ago

      Seriously, now that this is more widely known, it’ll for sure be taken advantage of a lot, to the point AWS will begrudgingly protect their customers once the damage is done.