June 20, 2011, 2:59 PM —
This is a process problem that makes it too easy for users to shoot themselves in the foot. Sure, those who bought web services should know better, but that doesn't mean Amazon bears no responsibility to make it easier to secure the site ... By putting this 100% on the customer fails to acknowledge that the problem is not necessarily people, but the process.
Researchers in Germany have found abundant security problems within Amazon's cloud-computing services due to its customers either ignoring or forgetting published security tips.
Amazon offers computing power and storage using its infrastructure via its Web Services division. The flexible platform allows people to quickly roll out services and upgrade or downgrade according to their needs.
Thomas Schneider, a postdoctoral researcher in the System Security Lab of Technische Universität Darmstadt, said on Monday that Amazon's Web Services is so easy to use that a lot of people create virtual machines without following the security guidelines.
"These guidelines are very detailed," he said.
In what they termed was the most critical discovery, the researchers found that the private keys used to authenticate with services such as the Elastic Compute Cloud (EC2) or the Simple Storage Service (S3) were publicly published in Amazon Machine Images (AMIs), which are pre-configured operating systems and application software used to create virtual machines.
Those keys shouldn't be there. "They [Customers] just forgot to remove their API keys from machines before publishing," Schneider said.
But the consequences could be expensive: With those keys, an interloper could start up services on EC2 or S3 using the customer's keys and create "virtual infrastructure worth several thousands of dollars per day at the expense of the key holder," according to the researchers.
The researchers looked at some 1,100 AMIs and found another common problem: One-third of those AMIs contained SSH (Secure Shell) host keys or user keys.
SSH is a common tool used to log into and manage a virtual machine. But unless the host key is removed and replaced, every other instance derived from that image will use the same key. This can cause severe security problems, such as the possibility of impersonating the instance and launching phishing attacks.