You could secure it using an IAM user with credentials but then those credentials would be available on all vehicles.
If the vehicles had direct access to S3, maybe that's why the bucket was public? But you could also just leave it available to the public.
But if that was the design, you should sweep the bucket on a regular basis to make sure there aren't any objects over x hours old or something like that.
Bucket names are often committed to GitHub. It used to be that bucket names could be published but ever since the blog post of the guy getting fucked by people polling his bucket due to an open source project typo made others realize that bucket names should probably be secrets.
There are bots that will just monitor all public commits to github, gitlab, etc. for AWS credentials and other strings like that. And as soon as they are found they will start to abuse them.
The default for net new buckets is actually very strict.
But it's that strictness that makes devs just to open it up to everyone and not learn proper IAM syntax.
The unfortunate part is that AWS made rules and privileges so nuanced and detailed that it makes people want to make everything public and deal with it "later".
Oh are the try guys back?
Costco is one of the very few for profit publicly traded companies that seem to have their head on straight.
If you haven't already, listen to Acquired's episode on Costco.
One of my favorite quotes that I'm going to butcher: raising prices is like a drug. Once you start doing it, it's hard to stop. We choose to find value and savings the hard way and to keep our prices competitive. Raising prices is the last thing we do.
Baby Orange is making it damn near impossible for us to have any decent relations with any nation other than Russia and Israel.
Which, if I had to guess, is the point of Agent Cheeto and his handler.
I'm clutching my pearls as I type this.
The National Defense Authorization Act passed both the House and Senate in recent weeks after months of negotiating between Democrats and Republicans. One issue in the bill was a measure to ban the military’s insurance Tricare from covering some gender-affirming care treatments. Other issues that were, however, struck from the final bill included restrictions on abortion access and DEI initiatives in the military.
Biden said that he and his administration “strongly opposes” restrictions on gender-affirming care for trans youth in a statement released after he signed the bill.
If I had to guess, this was a tightly negotiated funding package which of course the Republican controlled House shoved down Democrat throats because otherwise it couldn't move through the Senate.
Biden shouldn't have signed it but the Democrats shouldn't have bent over and taken it either.
"We don't want to be told what to do. We only want to tell other people what to do."
- every conservative
"Those other people didn't earn it...like us. They are lazy welfare mommas. They need to pull themselves up by their bootstraps, like we did."
- your in-laws probably
I had a friend back a few years ago who was an H1B and it's fucking exploitive. They made him work off his visa. And since his visa is tied to his job he couldn't leave it. The place was toxic af.
The company was very much abusing H1B visas but unless someone at the company spoke up, it's just business.
Which is it?!
This headline came up in my news feed, from a very dubious source so I decided to investigate.
Headline after headline, many from identical sources, about how Walmart and Bank of America are either going to stop taking $1 bills or keep accepting them. The headlines read like a FUD article and I refuse to click through to read the details.
I can't find a reputable news source for this story so I'm assuming it's fake news.
It shouldn't be this easy to manipulate news feeds.
Which is exactly what some conservative said when his account was diverified.
These people don't realize that the same concentric cone of fascism that they loved and voted for just targeted them.