Wednesday, November 18, 2009

EC2 Vulnerability?

Academic research suggests attack vectors for cloud computing applications.

see: http://www.technologyreview.com/computing/23792/

Seems like a cloud should not leak, even implicitly, structural information about configuration, etc... Also seems like there are reasonable approaches to plug these types of leaks, but the larger point is that there are surely many ways to attack cloud-based services, and creative security researchers (and hackers) will find them.

No comments: