Warning: Some posts on this platform may contain adult material intended for mature audiences only. Viewer discretion is advised. By clicking ‘Continue’, you confirm that you are 18 years or older and consent to viewing explicit content.
This was actually because a small developer picked the name of their new S3 bucket that happened to collide with a default name of an open source package. Over one weekend they racked up $1300 charges and thousands of users attempted to upload to their bucket. Every call failed (invalid api key) but the developer was still charged.
I don’t buy it. Unauthorized access attempts are a constant on the internet in general, and in AWS endpoints in particular. When anyone exposes an endpoint, it’s a matter of minutes until it starts to get prodded by security scanners. I worked on a project where it’s endpoints were routinely targeted by random people running FLOSS security scanners resulting in thousands of requests that were blocked either by rate-limiting or bad/lack of credentials. I don’t believe that a single invoice of $1k would trigger such a sudden and massive change of heart, when accidental costs in AWS easily reach orders of magnitude above that price tag.
This was actually because a small developer picked the name of their new S3 bucket that happened to collide with a default name of an open source package. Over one weekend they racked up $1300 charges and thousands of users attempted to upload to their bucket. Every call failed (invalid api key) but the developer was still charged.
Wild.
Here’s the sauce
I don’t buy it. Unauthorized access attempts are a constant on the internet in general, and in AWS endpoints in particular. When anyone exposes an endpoint, it’s a matter of minutes until it starts to get prodded by security scanners. I worked on a project where it’s endpoints were routinely targeted by random people running FLOSS security scanners resulting in thousands of requests that were blocked either by rate-limiting or bad/lack of credentials. I don’t believe that a single invoice of $1k would trigger such a sudden and massive change of heart, when accidental costs in AWS easily reach orders of magnitude above that price tag.