Attached: 1 image
As it turns out, Volkswagen has been collecting extensive geo data from all their electric cars and made them available online in an AWS bucket. Almost 10TB of geo traces from 15 MiO cars. Amazing detail and patterns. This is why I don't want a smart car 🤯 https://events.ccc.de/congress/2024/hub/en/event/wir-wissen-wo-dein-auto-steht-volksdaten-von-volkswagen/ #Volksdaten
Bucket names are often committed to GitHub. It used to be that bucket names could be published but ever since the blog post of the guy getting fucked by people polling his bucket due to an open source project typo made others realize that bucket names should probably be secrets.
There are bots that will just monitor all public commits to github, gitlab, etc. for AWS credentials and other strings like that. And as soon as they are found they will start to abuse them.
Bucket names are often committed to GitHub. It used to be that bucket names could be published but ever since the blog post of the guy getting fucked by people polling his bucket due to an open source project typo made others realize that bucket names should probably be secrets.
There are bots that will just monitor all public commits to github, gitlab, etc. for AWS credentials and other strings like that. And as soon as they are found they will start to abuse them.
Was it this one?: https://medium.com/@maciej.pocwierz/how-an-empty-s3-bucket-can-make-your-aws-bill-explode-934a383cb8b1