itwbennett writes "Amazon's Web Services is so easy to use that customers create virtual machines without following Amazon's 'very detailed' security guidelines, says Thomas Schneider, a postdoctoral researcher in the System Security Lab of Technische Universität Darmstadt. Most notably, Schneider and his fellow researchers found that the private keys used to authenticate with services such as the Elastic Compute Cloud (EC2) or the Simple Storage Service (S3) were publicly published in Amazon Machine Images (AMIs), which are pre-configured operating systems and application software used to create virtual machines. '[Customers] just forgot to remove their API keys from machines before publishing,' Schneider said."
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's now on IFTTT. Check it out! Check out the new SourceForge HTML5 Internet speed test! ×