Hacker News Comments on
AWS re:Invent 2021 - Locks without keys: AWS and confidentiality
AWS Events
·
Youtube
·
3
HN points
·
2
HN comments
- This course is unranked · view top recommended courses
Hacker News Stories and Comments
All the comments and stories posted to Hacker News that reference this video.I ran across this video from a distinguished engineer at AWS: https://www.youtube.com/watch?app=desktop&v=4J8REvs7zaYRecent and worth a watch.
A very shortsighted take. Sure, yes "they" can do whatever they want.But even in the world you are imagining where AWS is peeking at customer's data willy-nilly, I have to imagine you don't believe that every tech support representative should have default access to every AWS customer's storage data, do you?
Even a dishonest unethical company that created backdoors for its employees would surely gate their backdoors.
This change (a mistaken one that was rolled back immediately) would have given the keys through the front door to presumably thousand low-level employees.
BTW, AWS spends a long time talking about how verifiably they do not have access to customer data. If you're interested in crypto (otherwise not sure why you are referencing it here), this kind of thing should be right up your alley: https://www.youtube.com/watch?v=4J8REvs7zaY
⬐ _3u10AWS has regions in China, they verifiably DO have access to your data.They also have regions in the US where they verifiably DO have access to your data.
Both points of access are verifiable by their compliance with the law in those countries ensuring that the government can access that data.
If you use their CA or EU locations it’s conceivable that they’ve developed separate software that actually protects your data but I would hazard a guess that they use the same backdoored software there once it has been sufficiently beta tested in us-east-1